| Summary: | [virtio-win][vioinput]guest bsod[DRIVER_PAGE_FAULT_IN_FREED_SPECIAL_POOL (d5)] when run virtio-input whql jobs | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | lijin <lijin> | ||||
| Component: | virtio-win | Assignee: | Ladi Prosek <lprosek> | ||||
| virtio-win sub component: | virtio-win-prewhql | QA Contact: | Virtualization Bugs <virt-bugs> | ||||
| Status: | CLOSED ERRATA | Docs Contact: | |||||
| Severity: | high | ||||||
| Priority: | high | CC: | mtessun | ||||
| Version: | 7.3 | Keywords: | TestBlocker | ||||
| Target Milestone: | rc | ||||||
| Target Release: | 7.4 | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2017-08-01 12:53:08 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Bug Depends On: | |||||||
| Bug Blocks: | 1395265, 1401400 | ||||||
| Attachments: |
|
||||||
all virtio-input whql jobs pass with build 132,no bsod,so this issue has been fixed. Change status to veified Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2341 |
Created attachment 1214192 [details] win8-32 bsod screen shot Description of problem: Version-Release number of selected component (if applicable): virtio-win-prewhql-126 How reproducible: 1/1 Steps to Reproduce: 1.boot win8-32 guest with virtio-input device "-device virtio-tablet-pci,id=tablet0,serial=virtio-tablet": /usr/libexec/qemu-kvm -name 126INPWIN832NUD -enable-kvm -m 3G -smp 4 -uuid 9fcea28a-7801-48b7-8906-d606e15790a1 -nodefconfig -nodefaults -chardev socket,id=charmonitor,path=/tmp/126INPWIN832NUD,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime,driftfix=slew -boot order=cd,menu=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive file=126INPWIN832NUD,if=none,id=drive-ide0-0-0,format=raw,serial=mike_cao,cache=none -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=en_windows_8_enterprise_x86_dvd_917587.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -drive file=126INPWIN832NUD.vfd,if=none,id=drive-fdc0-0-0,format=raw,cache=none -global isa-fdc.driveA=drive-fdc0-0-0 -netdev tap,script=/etc/qemu-ifup,downscript=no,id=hostnet0 -device e1000,netdev=hostnet0,id=net0,mac=00:52:2a:56:fa:79,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=isa_serial0 -device usb-tablet,id=input0 -vnc 0.0.0.0:0 -vga cirrus -device virtio-tablet-pci,id=tablet0,serial=virtio-tablet -monitor stdio 2.submit whql jobs Actual results: guest bsod with DRIVER_PAGE_FAULT_IN_FREED_SPECIAL_POOL (d5) during following jobs: DF - PNP Rebalance Fail Restart Device Test (Certification) DF - Concurrent Hardware And Operating System (CHAOS) Test (Certification) DF - PNP Stop (Rebalance) Device Test (Certification) DF - PNP Rebalance Request New Resources Device Test (Certification) Expected results: job can pass,no bsod. Additional info: 1: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_PAGE_FAULT_IN_FREED_SPECIAL_POOL (d5) Memory was referenced after it was freed. This cannot be protected by try-except. When possible, the guilty driver's name (Unicode string) is printed on the bugcheck screen and saved in KiBugCheckDriver. Arguments: Arg1: 9b766fe4, memory referenced Arg2: 00000000, value 0 = read operation, 1 = write operation Arg3: 825cc57a, if non-zero, the address which referenced memory. Arg4: 00000000, (reserved) Debugging Details: ------------------ READ_ADDRESS: 9b766fe4 Special pool FAULTING_IP: vioinput+b57a 825cc57a 8b4714 mov eax,dword ptr [edi+14h] MM_INTERNAL_CODE: 0 IMAGE_NAME: vioinput.sys DEBUG_FLR_IMAGE_TIMESTAMP: 57ac6060 MODULE_NAME: vioinput FAULTING_MODULE: 825c1000 vioinput DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT BUGCHECK_STR: 0xD5 PROCESS_NAME: System CURRENT_IRQL: 0 ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre TRAP_FRAME: 871a8680 -- (.trap 0xffffffff871a8680) ErrCode = 00000000 eax=00000000 ebx=81ca2771 ecx=8cfe8fe4 edx=00026559 esi=8cfe8eb8 edi=9b766fd0 eip=825cc57a esp=871a86f4 ebp=871a8704 iopl=0 nv up ei pl nz na po nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010202 vioinput+0xb57a: 825cc57a 8b4714 mov eax,dword ptr [edi+14h] ds:0023:9b766fe4=???????? Resetting default scope LOCK_ADDRESS: 81a01e80 -- (!locks 81a01e80) Resource @ nt!PiEngineLock (0x81a01e80) Exclusively owned Contention Count = 14 Threads: 84f70c80-01<*> 1 total locks, 1 locks currently held PNP_TRIAGE: Lock address : 0x81a01e80 Thread Count : 1 Thread address: 0x84f70c80 Thread wait : 0xddb3 LAST_CONTROL_TRANSFER: from 819b257b to 81906cb0 STACK_TEXT: 871a858c 819b257b 00000050 9b766fe4 00000000 nt!KeBugCheckEx 871a85dc 81849585 00000000 9b766fe4 871a8680 nt! ?? ::FNODOBFM::`string'+0x31116 871a8668 8197d654 00000000 9b766fe4 00000000 nt!MmAccessFault+0x408 871a8668 825cc57a 00000000 9b766fe4 00000000 nt!KiTrap0E+0xdc WARNING: Stack unwind information not available. Following frames may be wrong. 871a8704 852c8270 00000000 64951058 0000011e vioinput+0xb57a 871a871c 852c7d0b 0000011e 00000001 871a8760 Wdf01000!FxPkgPnp::PnpReleaseHardware+0x32 871a872c 85285fc1 9b782ce8 9b782ce8 852d0a58 Wdf01000!FxPkgPnp::PnpEventStopped+0x11 871a8760 85285e78 9b782ce8 0000011e 9b782da4 Wdf01000!FxPkgPnp::PnpEnterNewState+0x139 871a8784 852842bc 871a87a8 9b782ce8 8bdeeee8 Wdf01000!FxPkgPnp::PnpProcessEventInner+0x1c1 871a87bc 852c3be2 9b782ce8 00000100 9b782ce8 Wdf01000!FxPkgPnp::PnpProcessEvent+0x142 871a87d0 85270b07 9b782ce8 871a87f0 8cfe8dfc Wdf01000!FxPkgPnp::_PnpStopDevice+0x25 871a87fc 85267bc2 8cff0e28 87970020 8cff0e28 Wdf01000!FxPkgPnp::Dispatch+0x1ad 871a8824 85267a33 87970020 8cff0e28 87970020 Wdf01000!FxDevice::Dispatch+0x155 871a8840 81ca1f4b 87970020 8cff0e28 8cff0e28 Wdf01000!FxDevice::DispatchWithLock+0x77 871a8860 81847a9f 81cb9565 8cff0f20 8cff0f44 nt!IovCallDriver+0x2e3 871a8874 81cb9565 871a889c 81cb9767 87970020 nt!IofCallDriver+0x62 871a887c 81cb9767 87970020 8cff0e28 8d48f588 nt!ViFilterIoCallDriver+0x10 871a889c 81ca1f4b 8d48f588 87970020 8d4ed3e0 nt!ViFilterDispatchPnp+0x6f 871a88bc 81847a9f 825d1030 8cff0f44 8cff0f68 nt!IovCallDriver+0x2e3 871a88d0 825d1030 00000000 8cff0e28 871a88fc nt!IofCallDriver+0x62 871a88e0 8b8b43a7 8d4ed3e0 8cff0e28 8cff0f68 mshidkmdf+0x1030 871a88fc 8b8bf802 8d4ed3e0 8cff0f68 8d4ed4ac HIDCLASS+0x13a7 871a8924 8b8bf9ef 8d4ed3e0 00000004 8cff0e28 HIDCLASS!HidNotifyPresence+0x4e31 871a8940 8b8bf41f 8d4ed4ac 8cff0e28 8cff0e28 HIDCLASS!HidNotifyPresence+0x501e 871a895c 8b8b40b5 8d4ed498 8d4ed3e0 8cff0e28 HIDCLASS!HidNotifyPresence+0x4a4e 871a8978 81ca1f4b 8d4ed3e0 8cff0e28 8cff0e28 HIDCLASS+0x10b5 871a8998 81847a9f 81cb9565 8cff0f8c 8cff0fb0 nt!IovCallDriver+0x2e3 871a89ac 81cb9565 871a89d4 81cb9767 8d4ed3e0 nt!IofCallDriver+0x62 871a89b4 81cb9767 8d4ed3e0 8cff0e28 973e6518 nt!ViFilterIoCallDriver+0x10 871a89d4 81ca1f4b 973e6518 8d4ed3e0 8ee360d8 nt!ViFilterDispatchPnp+0x6f 871a89f4 81847a9f 825da592 818939b3 8cff0e28 nt!IovCallDriver+0x2e3 871a8a08 825da592 8ee3f4d0 8ee360d8 8cff0e28 nt!IofCallDriver+0x62 871a8a48 825dcda5 8ee36020 8cff0e28 8cff0fb8 MSDMFilt+0x2592 871a8a60 825dbe8c 8ee36020 8cff0e28 8ee36020 MSDMFilt+0x4da5 871a8a88 81ca1f4b 8ee36020 8cff0e28 8cff0e28 MSDMFilt+0x3e8c 871a8aa8 81847a9f 81cb9565 8cff0fd4 8cff0ff8 nt!IovCallDriver+0x2e3 871a8abc 81cb9565 871a8ae4 81cb9767 8ee36020 nt!IofCallDriver+0x62 871a8ac4 81cb9767 8ee36020 8cff0e28 9615c7a8 nt!ViFilterIoCallDriver+0x10 871a8ae4 81ca1f4b 9615c7a8 8ee36020 9615c7a8 nt!ViFilterDispatchPnp+0x6f 871a8b04 81847a9f 81a7c0de 8cff1000 871a8b90 nt!IovCallDriver+0x2e3 871a8b18 81a7c0de 871a8b90 00000000 00000004 nt!IofCallDriver+0x62 871a8b4c 81bb3144 84f789f8 871a8b6c c00000bb nt!IopSynchronousCall+0x9c 871a8b90 81ba212b 00000004 84f789f8 84f79840 nt!IopQueryReconfiguration+0x7d 871a8bac 81ba210f 84f60710 84fb5008 84f79840 nt!PnpStopDeviceSubtree+0x32 871a8bc4 81ba210f 84f79840 84f7b008 84fb5008 nt!PnpStopDeviceSubtree+0x16 871a8bdc 81ba210f 84fb5008 84fa9008 84f7b008 nt!PnpStopDeviceSubtree+0x16 871a8bf4 81ba210f 84f7b008 00000000 89c4d5b0 nt!PnpStopDeviceSubtree+0x16 871a8c0c 81ba2549 84fa9008 00000000 84f60710 nt!PnpStopDeviceSubtree+0x16 871a8c48 81bb47b3 84f60710 00000000 00000000 nt!PnpRebalance+0xe3 871a8ca4 81bb2bec 84f60710 819ff7f8 00000000 nt!PnpReallocateResources+0x125 871a8cc4 8198dbec 85438928 819e64b8 84f70c80 nt!PiProcessResourceRequirementsChanged+0x9e 871a8d1c 81890854 00000000 84f70c80 00000000 nt! ?? ::FNODOBFM::`string'+0xb975 871a8d74 818d3415 00010000 44812a98 00000000 nt!ExpWorkerThread+0x111 871a8db0 8197f039 81890747 00010000 00000000 nt!PspSystemThreadStartup+0x4a 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19 STACK_COMMAND: kb FOLLOWUP_IP: vioinput+b57a 825cc57a 8b4714 mov eax,dword ptr [edi+14h] SYMBOL_STACK_INDEX: 4 SYMBOL_NAME: vioinput+b57a FOLLOWUP_NAME: MachineOwner FAILURE_BUCKET_ID: 0xD5_VRF_vioinput+b57a BUCKET_ID: 0xD5_VRF_vioinput+b57a ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0xd5_vrf_vioinput+b57a FAILURE_ID_HASH: {0d5cc045-c548-8bdd-4a29-8818ed97239c} Followup: MachineOwner ---------