Bug 963105

Summary: win2k8-R2 guest BSOD with error 0x50 during installing cygwin
Product: Red Hat Enterprise Linux 6 Reporter: lijin <lijin>
Component: virtio-winAssignee: Yvugenfi <yvugenfi>
Status: CLOSED CURRENTRELEASE QA Contact: Virtualization Bugs <virt-bugs>
Severity: urgent Docs Contact:
Priority: medium    
Version: 6.5CC: acathrow, bcao, bsarathy, dfleytma, dyasny, lijin, qzhang
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-05-21 07:32:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description lijin 2013-05-15 07:20:00 UTC 
Description of problem:
win2K8R2 guest BSOD with error code 0x50,I did not do any particular action,it happened when guest was installing software:cygwin.
After system_reset I re-install the cygwin and did not hit the issue.

Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux Server release 6.4 (Santiago)
kernel-2.6.32-369.el6.x86_64
qemu-kvm-rhev-0.12.1.2-2.359.el6.x86_64
virtio-win-prewhql-0.1-60
seabios-0.6.1.2-27.el6.x86_64
vgabios-0.6b-3.7.el6.noarch

How reproducible:
only once

Steps to Reproduce:
1.boot a win2k8-R2 guest with following command:
/usr/libexec/qemu-kvm -M rhel6.4.0 -m 6G -smp 8,cores=8 -cpu cpu64-rhel6,+x2apic,+sep -usbdevice tablet -drive file=bug-956882-win2k8-R2-nic1.raw,format=raw,if=none,id=drive-virtio0,boot=on,cache=none,werror=stop,rerror=stop -device ide-drive,drive=drive-virtio0,id=virtio-blk-pci0,bootindex=1 -boot c -rtc base=localtime,clock=host,driftfix=slew -no-kvm-pit-reinjection -chardev socket,id=111a,path=/tmp/w2k8-R2-ni,server,nowait -mon chardev=111a,mode=readline -name w2k8-R2-nic1 -global PIIX4_PM.disable_s3=0 -netdev tap,sndbuf=0,id=hostnet1,vhost=on,script=/etc/qemu-ifup,downscript=no -device virtio-net-pci,netdev=hostnet1,id=net1,mac=00:52:12:16:56:48,bus=pci.0 -global PIIX4_PM.disable_s4=0 -monitor stdio -vnc :1 -vga cirrus

2.install the netkvm drive
3.install cygwin on the guest
  
Actual results:
guest got BSOD during step3

Expected results:
guest works fine,no BSOD happened.

Additional info:
Comment 1 lijin 2013-05-15 07:21:25 UTC 
the windbg info as following:

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced.  This cannot be protected by try-except,
it must be protected by a Probe.  Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff6bc5004af10, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8000147dc5b, If non-zero, the instruction address which referenced the bad memory
	address.
Arg4: 0000000000000005, (reserved)

Debugging Details:
------------------


READ_ADDRESS:  fffff6bc5004af10 

FAULTING_IP: 
nt!MiAgeWorkingSet+1d1
fffff800`0147dc5b 488b19          mov     rbx,qword ptr [rcx]

MM_INTERNAL_CODE:  5

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x50

PROCESS_NAME:  System

CURRENT_IRQL:  0

TRAP_FRAME:  fffff880023397c0 -- (.trap 0xfffff880023397c0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000007ffffffff8 rbx=0000000000000000 rcx=fffff6bc5004af10
rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8000147dc5b rsp=fffff88002339950 rbp=007fffbc5004af10
 r8=0000000000000000  r9=fffff80001617bc0 r10=0000000000000005
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na pe cy
nt!MiAgeWorkingSet+0x1d1:
fffff800`0147dc5b 488b19          mov     rbx,qword ptr [rcx] ds:fffff6bc`5004af10=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff8000143dc6f to fffff80001493640

STACK_TEXT:  
fffff880`02339658 fffff800`0143dc6f : 00000000`00000050 fffff6bc`5004af10 00000000`00000000 fffff880`023397c0 : nt!KeBugCheckEx
fffff880`02339660 fffff800`0149176e : 00000000`00000000 fffff6bc`5004af10 00000000`00000000 00000980`00000000 : nt! ?? ::FNODOBFM::`string'+0x44891
fffff880`023397c0 fffff800`0147dc5b : fffffa80`000002c9 00000000`0000011d fffff880`00000000 00000000`000007ff : nt!KiPageFault+0x16e
fffff880`02339950 fffff800`0147e8cf : fffff800`01617bc0 fffff800`00000001 00000000`00000001 fffff880`02339bb0 : nt!MiAgeWorkingSet+0x1d1
fffff880`02339b00 fffff800`0147e206 : 00000000`000004b2 00000000`00000000 fffffa80`00000000 00000000`00000007 : nt!MiProcessWorkingSets+0x1d3
fffff880`02339b80 fffff800`0147e6c3 : 00000000`00000008 fffff880`02339c10 00000000`00000001 fffffa80`00000000 : nt!MmWorkingSetManager+0x6e
fffff880`02339bd0 fffff800`01730cce : fffffa80`067048e0 00000000`00000080 fffffa80`06698450 00000000`00000001 : nt!KeBalanceSetManager+0x1c3
fffff880`02339d40 fffff800`01484fe6 : fffff880`01e5d180 fffffa80`067048e0 fffff880`01e680c0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`02339d80 00000000`00000000 : fffff880`0233a000 fffff880`02334000 fffff880`02339700 00000000`00000000 : nt!KxStartSystemThread+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!MiAgeWorkingSet+1d1
fffff800`0147dc5b 488b19          mov     rbx,qword ptr [rcx]

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  nt!MiAgeWorkingSet+1d1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

DEBUG_FLR_IMAGE_TIMESTAMP:  4ce7951a

IMAGE_NAME:  memory_corruption

FAILURE_BUCKET_ID:  X64_0x50_nt!MiAgeWorkingSet+1d1

BUCKET_ID:  X64_0x50_nt!MiAgeWorkingSet+1d1

Followup: MachineOwner
---------
Comment 4 lijin 2013-05-20 07:54:51 UTC 
retest with build 61,did not hit this issue,guest works well,no BSOD happened.