Bug 968225

Summary: [whql][netkvm]win7-64 guest BSOD occurs (7E) when running NDIS MPE job
Product: Red Hat Enterprise Linux 6 Reporter: lijin <lijin>
Component: virtio-winAssignee: Yvugenfi <yvugenfi>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 6.5CC: acathrow, bcao, bsarathy, dfleytma, mdeng, qzhang
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Do not document. Regression between internal builds.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2013-11-22 00:12:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description lijin 2013-05-29 09:06:44 UTC 
Description of problem:
win7-64 guest get BSOD when running MPE job,this only happened on win7-64 guest,other OS did not hit this issue.

Version-Release number of selected component (if applicable):
kernel-2.6.32-358.el6.x86_64
qemu-kvm-rhev-0.12.1.2-2.359.el6.x86_64
seabios-0.6.1.2-27.el6.x86_64
virito-win-prewhql-62

How reproducible:
100%

Steps to Reproduce:
1.boot win7-64 guest:
/usr/libexec/qemu-kvm -M rhel6.4.0 -m 2G -smp 2,cores=2 -cpu cpu64-rhel6,+x2apic,+sep -usbdevice tablet -drive file=win7-64-OS-nic1.raw,format=raw,if=none,id=drive-virtio0,boot=on,cache=none,werror=stop,rerror=stop -device ide-drive,drive=drive-virtio0,id=virtio-blk-pci0,bootindex=1 -netdev tap,sndbuf=0,id=hostnet0,script=/etc/qemu-ifup,downscript=no -device e1000,netdev=hostnet0,mac=00:52:11:26:13:54,bus=pci.0,addr=0x4 -boot c -uuid 5742d3fc-866b-4d7e-9c18-1511e250ce91 -rtc base=localtime,clock=host,driftfix=slew -no-kvm-pit-reinjection -chardev socket,id=111a,path=/tmp/win7-64-nic1,server,nowait -mon chardev=111a,mode=readline -name win7-64-nic1 -netdev tap,sndbuf=0,id=hostnet1,vhost=on,script=/etc/qemu-ifup-private,downscript=no -device virtio-net-pci,netdev=hostnet1,id=net1,mac=00:52:12:18:56:46,bus=pci.0,addr=0x7 -global PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 -monitor stdio -vnc :1 -vga cirrus

2.submit the MPE job

Actual results:
guest bsod with 7E code

Expected results:
no bsod,job can pass

Additional info:
Comment 1 lijin 2013-05-29 09:12:36 UTC 
Created attachment 754268 [details]
win7-64 guest bsod dump file
Comment 2 lijin 2013-05-29 10:16:03 UTC 
0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffff80000003, The exception code that was not handled
Arg2: fffff800026d64d8, The address that the exception occurred at
Arg3: fffff88003861938, Exception Record Address
Arg4: fffff88003861190, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid

FAULTING_IP: 
nt!DebugPrompt+18
fffff800`026d64d8 c3              ret

EXCEPTION_RECORD:  fffff88003861938 -- (.exr 0xfffff88003861938)
ExceptionAddress: fffff800026d64d8 (nt!DebugPrompt+0x0000000000000018)
   ExceptionCode: 80000003 (Break instruction exception)
  ExceptionFlags: 00000000
NumberParameters: 1
   Parameter[0]: 0000000000000002

CONTEXT:  fffff88003861190 -- (.cxr 0xfffff88003861190)
rax=0000000000000002 rbx=fffffa8002a38b60 rcx=fffff88004d17220
rdx=fffff88003860044 rsi=fffffa8001846890 rdi=fffff88004d17265
rip=fffff800026d64d7 rsp=fffff88003861b78 rbp=fffff88003861c20
 r8=fffff88003861c08  r9=fffff88004d10002 r10=0000000000000000
r11=fffff88003861bc8 r12=fffffa8003f77a38 r13=fffff88004ced910
r14=0000000000000000 r15=fffff880009eaec0
iopl=0         nv up ei pl nz na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00000206
nt!DebugPrompt+0x17:
fffff800`026d64d7 cc              int     3
Resetting default scope

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0x7E

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION}  Breakpoint  A breakpoint has been reached.

EXCEPTION_PARAMETER1:  0000000000000002

LAST_CONTROL_TRANSFER:  from fffff80002762f2b to fffff800026d64d7

STACK_TEXT:  
fffff880`03861b78 fffff800`02762f2b : fffffa80`02a38b60 fffff800`0271a178 fffffa80`02a38b60 fffff880`04c0b541 : nt!DebugPrompt+0x17
fffff880`03861b80 fffff880`04c75fbf : fffffa80`0200b3c0 fffff880`04d20e00 fffff880`04d171c0 00000000`00000000 : nt!DbgPrompt+0x3b
fffff880`03861bd0 fffff880`04c981e9 : fffff880`00000001 fffff880`04d20e00 00000000`00000158 81010101`01010100 : ndprot62+0x75fbf
fffff880`03861c30 fffff880`04cc9249 : fffffa80`03f77a00 fffff880`00000001 fffff880`001b7740 fffff880`03861cc0 : ndprot62+0x981e9
fffff880`03861c70 fffff880`04ced967 : fffffa80`03f77a00 00000000`00000000 fffff880`0123acb0 00000000`00000000 : ndprot62+0xc9249
fffff880`03861cf0 fffff800`0297bcce : fffffa80`03f77a38 fffff800`0297bc74 00000000`00000010 00000000`00010286 : ndprot62+0xed967
fffff880`03861d40 fffff800`026cffe6 : fffff880`009e6180 fffffa80`02a38b60 fffffa80`020b4b60 fffff880`0123acb0 : nt!PspSystemThreadStartup+0x5a
fffff880`03861d80 00000000`00000000 : fffff880`03862000 fffff880`0385c000 fffff880`03860250 00000000`00000000 : nt!KiStartSystemThread+0x16


FOLLOWUP_IP: 
ndprot62+75fbf
fffff880`04c75fbf 8b442448        mov     eax,dword ptr [rsp+48h]

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  ndprot62+75fbf

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: ndprot62

IMAGE_NAME:  ndprot62.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  5049c617

STACK_COMMAND:  .cxr 0xfffff88003861190 ; kb

FAILURE_BUCKET_ID:  X64_0x7E_VRFOCA_ndprot62+75fbf

BUCKET_ID:  X64_0x7E_VRFOCA_ndprot62+75fbf

Followup: MachineOwner
---------
Comment 4 Min Deng 2013-08-09 05:14:58 UTC 
QE reproduced the issue on build 62 
   Verified the issue on build 66
   steps,
   1.Set up guest with qxl(build 17) installed
    Guest1,
    /usr/libexec/qemu-kvm -m 2G -smp 2,cores=2 -cpu cpu64-rhel6,+x2apic -usb -device usb-tablet -drive file=win7-32-nic1.raw,if=none,id=drive-ide0-0-0,werror=stop,rerror=stop,cache=none -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,sndbuf=0,id=hostnet0,vhost=on,script=/etc/qemu-ifup-private,downscript=no -device virtio-net-pci,netdev=hostnet0,mac=00:33:43:22:a2:21,bus=pci.0,addr=0x4,id=virtio-net-pci0 -netdev tap,sndbuf=0,id=hostnet2,script=/etc/qemu-ifup,downscript=no -device e1000,netdev=hostnet2,mac=00:23:23:23:41:12,bus=pci.0,addr=0x6 -uuid 7519b2bf-09d3-4037-ab80-934bebb549d8 -no-kvm-pit-reinjection -chardev socket,id=111a,path=/tmp/monitor-win7-32-nic1,server,nowait -mon chardev=111a,mode=readline -spice port=5931,disable-ticketing -vga qxl -name win7-32-nic1-66-HCK -rtc base=localtime,clock=host,driftfix=slew -global PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 -monitor stdio
     Guest2,/usr/libexec/qemu-kvm -m 2G -smp 2,cores=2 -cpu cpu64-rhel6,+x2apic -usb -device usb-tablet -drive file=win7-32-nic2.raw,if=none,id=drive-ide0-0-0,werror=stop,rerror=stop,cache=none -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,sndbuf=0,id=hostnet0,vhost=on,script=/etc/qemu-ifup-private,downscript=no -device virtio-net-pci,netdev=hostnet0,mac=00:23:a4:c2:32:21,bus=pci.0,addr=0x4,id=virtio-net-pci0 -netdev tap,sndbuf=0,id=hostnet2,script=/etc/qemu-ifup,downscript=no -device e1000,netdev=hostnet2,mac=00:42:34:34:41:12,bus=pci.0,addr=0x6 -uuid 2a24292e-901b-48cf-a18b-d33fa1f576fa -no-kvm-pit-reinjection -chardev socket,id=111a,path=/tmp/monitor-win7-32-nic2,server,nowait -mon chardev=111a,mode=readline -spice port=5932,disable-ticketing -vga qxl -name win7-32-nic2-66-HCK -rtc base=localtime,clock=host,driftfix=slew -global PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 -monitor stdio
   2.Submit MPE job to HCK
   Actual results,MPE job pass successfully 
   Expected results,MPE job can pass successfully.

 Base on above result,the issue has been fixed.thanks

Best Regards,
Min
Comment 5 Mike Cao 2013-08-09 07:16:04 UTC 
Move status to VERIFIED according to comment #4
Comment 8 errata-xmlrpc 2013-11-22 00:12:27 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1729.html