Having to step in here to help you guys maintain technical accuracy -
MFeB is _not_ the tag for Access Protection.
That you can disable Access Protection and affect the MFeB pool tag memory usage is pertinent, but it's not a direct one-to-one mapping, FYI.
MFeB is used by our link driver to track token object data, which it allocates in response to items being created by other drivers (of which Access Protection's driver is one - but it is not the only one).
Thanks for the clarification!!!! As long as it directly affects its memory allocation, that's good enough for me for now.
I'm still reading through the thread but I am getting BSOD on one XP PC. I get the same error as kapaaian reported earlier about unable to allocate resources. The PC would fail pretty much every 20 hours or so. Sometimes the PC would reboot, other times it wouldn't. I have deployed the agent on 2 other XP machines, one that stays up 24/7 for 2 weeks before schedule reboot and they seem fine. I have deployed it to a win7 PC that is up 24/7 outside of patching and my win 10 (I leave it on pretty often) both so far no issues.
The Windows 10 and 7 systems (provided they both have access protection enabled) will eventually crash as well. It will just take much longer (possibly several weeks without a reboot).
You can either disable AP on the XP system until Patch 7 comes out, or better, upgrade the XP system to 7/8.1/10 and reboot it occasionally 🙂
I wish I could get past XP for those PC's but due to legacy software that is a no go. We have branches running XP (over 180 PC's) that we can't 'upgrade' from until the Point of Sales system is moved to the new vendor. I have no ETA on when that will happen.
I noticed alhaawi talked about Agent 5.0.2, would that cause the leaks as well? I am only deploying Agent 5.0.2 to our test PC's that are running VSE 8.8p6.
I don't know how to link to his post but this is what he said:
As you may know The MFeB tag comes within the installation of syscore 15.2.x , So it will be there if agent 5.02 is installed therefore you will have the memory leak even if you have vse 8.8 p4 and access protection blocking, so p7 will be good with agent 4.8. if you provide me with your contact i will send you a tool to show this issue if there is AP blcoking for agent 5.02 or vse p6 so you do not have to wait for customers feedback and speed up the fix.
Best regards
I noticed alhaawi talked about Agent 5.0.2, would that cause the leaks as well?
Yes, that is correct.
As long as VSE is installed, and it doesn't matter what version of VSE it is, when another product comes along and installs the 15.4.0.674 build of our driver code, then you now have the environment necessary for the leak. Plan to reboot often, or wait for Patch 7.
We've verified that Patch 7 will solve the leak (hooray ). However, our patch 7 release schedule is a bit up in the air at the moment (install problems reported against patch 6 we're trying to do something about with patch 7).
Thanks wwarren and kapaaian
New VSE is out.
1082074 | KB86124 | Issue: Non-page pool memory leak in pool tag MFeB occurs when Access Protection is enabled.Solution: This issue is planned for resolution in VSE 8.8 Patch 7. See the related article for details. |
https://kc.mcafee.com/corporate/index?page=content&id=KB84854
It's not marked as resolved though.
I found that there is sparse information regarding Patch 7 still and if it doesnt resolve the outstanding issues...they should of just sat on it until they resolved them to be honest.
wwarren can correct me if I'm wrong.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA