ebpf_link_get_info accesses attach_data without holding the lock #2312
Closed
Description
0: kd> k
*** Stack trace for last set context - .thread/.cxr resets it
# Child-SP RetAddr Call Site
00 ffff828f`1f651530 fffff801`e255b141 eBPFCore!ebpf_link_get_info+0x390 [E:\ebpf-for-windows\libs\execution_context\ebpf_link.c @ 462]
01 ffff828f`1f651710 fffff801`e25578a1 eBPFCore!_ebpf_core_find_matching_link+0x101 [E:\ebpf-for-windows\libs\execution_context\ebpf_core.c @ 1264]
02 ffff828f`1f651860 fffff801`e255cd28 eBPFCore!_ebpf_core_protocol_unlink_program+0x1a1 [E:\ebpf-for-windows\libs\execution_context\ebpf_core.c @ 1329]
03 ffff828f`1f6519a0 fffff801`e2553699 eBPFCore!ebpf_core_invoke_protocol_handler+0x288 [E:\ebpf-for-windows\libs\execution_context\ebpf_core.c @ 2423]
04 ffff828f`1f651a60 fffff806`601a8f93 eBPFCore!_ebpf_driver_io_device_control+0x8e9 [E:\ebpf-for-windows\ebpfcore\ebpf_drv.c @ 329]
05 (Inline Function) --------`-------- Wdf01000!FxIoQueueIoDeviceControl::Invoke+0x42 [minkernel\wdf\framework\shared\inc\private\common\FxIoQueueCallbacks.hpp @ 226]
06 ffff828f`1f651de0 fffff806`601a8960 Wdf01000!FxIoQueue::DispatchRequestToDriver+0x163 [minkernel\wdf\framework\shared\irphandlers\io\fxioqueue.cpp @ 3325]
07 ffff828f`1f651e80 fffff806`601a5d4e Wdf01000!FxIoQueue::DispatchEvents+0x520 [minkernel\wdf\framework\shared\irphandlers\io\fxioqueue.cpp @ 3125]
08 ffff828f`1f651f50 fffff806`601a77d7 Wdf01000!FxIoQueue::QueueRequest+0xae [minkernel\wdf\framework\shared\irphandlers\io\fxioqueue.cpp @ 2371]
09 (Inline Function) --------`-------- Wdf01000!FxPkgIo::DispatchStep2+0x5ac [minkernel\wdf\framework\shared\irphandlers\io\fxpkgio.cpp @ 469]
0a ffff828f`1f651fc0 fffff806`601a719d Wdf01000!FxPkgIo::DispatchStep1+0x627 [minkernel\wdf\framework\shared\irphandlers\io\fxpkgio.cpp @ 324]
0b ffff828f`1f652080 fffff806`601aa867 Wdf01000!FxPkgIo::Dispatch+0x5d [minkernel\wdf\framework\shared\irphandlers\io\fxpkgio.cpp @ 119]
0c (Inline Function) --------`-------- Wdf01000!DispatchWorker+0x6b [minkernel\wdf\framework\shared\core\fxdevice.cpp @ 1589]
0d (Inline Function) --------`-------- Wdf01000!FxDevice::Dispatch+0x89 [minkernel\wdf\framework\shared\core\fxdevice.cpp @ 1603]
0e ffff828f`1f6520e0 fffff806`5eb73b67 Wdf01000!FxDevice::DispatchWithLock+0x157 [minkernel\wdf\framework\shared\core\fxdevice.cpp @ 1447]
0f ffff828f`1f652140 fffff806`5f1c7f0a nt!IopfCallDriver+0x53 [minkernel\ntos\io\iomgr\iomgr.h @ 3394]
10 ffff828f`1f652180 fffff806`5ec2b301 nt!IovCallDriver+0x266 [minkernel\ntos\io\iomgr\ioverifier.c @ 589]
11 ffff828f`1f6521c0 fffff806`5ee1b4c8 nt!IofCallDriver+0x1fbca1 [minkernel\ntos\io\iomgr\iosubs.c @ 3157]
12 (Inline Function) --------`-------- nt!IoCallDriverWithTracing+0x2b [minkernel\ntos\io\iomgr\iomgr.h @ 1171]
13 (Inline Function) --------`-------- nt!IopCallDriverReference+0xbd [minkernel\ntos\io\iomgr\iomgr.h @ 4234]
14 ffff828f`1f652200 fffff806`5ee1b2c7 nt!IopSynchronousServiceTail+0x1a8 [minkernel\ntos\io\iomgr\internal.c @ 8878]
15 ffff828f`1f6522a0 fffff806`5ee1a646 nt!IopXxxControlFile+0xc67 [minkernel\ntos\io\iomgr\internal.c @ 11568]
16 ffff828f`1f6523e0 fffff806`5ec0fab5 nt!NtDeviceIoControlFile+0x56 [minkernel\ntos\io\iomgr\devctrl.c @ 110]
17 ffff828f`1f652450 00007ff8`ae48d1a4 nt!KiSystemServiceCopyEnd+0x25 [minkernel\ntos\ke\amd64\trap.asm @ 3469]
18 00000056`7e6ff098 00007ff8`abf0572b ntdll!ZwDeviceIoControlFile+0x14 [minkernel\ntdll\daytona\objfre\amd64\usrstubs.asm @ 235]
19 00000056`7e6ff0a0 00007ff8`ac735611 KERNELBASE!DeviceIoControl+0x6b [minkernel\kernelbase\filehops.c @ 3496]
1a 00000056`7e6ff110 00007ff8`8a68caa3 KERNEL32!DeviceIoControlImplementation+0x81 [clientcore\base\win32\client\filehops.c @ 157]
1b 00000056`7e6ff160 00000000`00000000 EbpfApi!Platform::DeviceIoControl+0x63 [E:\ebpf-for-windows\libs\thunk\windows\platform.cpp @ 50]