Bug 990824

Summary: qemu guest windows 2008r2sp1 bsod(0x101)
Product: Red Hat Enterprise Linux 6 Reporter: lexer.wu
Component: qemu-kvmAssignee: Vadim Rozenfeld <vrozenfe>
Status: CLOSED NEXTRELEASE QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 6.3CC: areis, bcao, bsarathy, chayang, ederevea, jasowang, juzhang, lexer.wu, michele, michen, mkalinin, mkenneth, pbonzini, pneedle, qzhang, rbalakri, rhod, virt-maint, vrozenfe, yvugenfi
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-09-10 14:33:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description lexer.wu 2013-08-01 05:00:38 UTC 
Description of problem:
0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

CLOCK_WATCHDOG_TIMEOUT (101)
An expected clock interrupt was not received on a secondary processor in an
MP system within the allocated interval. This indicates that the specified
processor is hung and not processing interrupts.
Arguments:
Arg1: 0000000000000008, Clock interrupt time out interval in nominal clock ticks.
Arg2: 0000000000000000, 0.
Arg3: fffff8800205d180, The PRCB address of the hung processor.
Arg4: 0000000000000002, 0.

Debugging Details:
------------------


BUGCHECK_STR:  CLOCK_WATCHDOG_TIMEOUT_18_PROC

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  d

STACK_TEXT:  
fffff880`02bcae68 fffff800`016de8f9 : 00000000`00000101 00000000`00000008 00000000`00000000 fffff880`0205d180 : nt!KeBugCheckEx
fffff880`02bcae70 fffff800`016914b7 : 00000000`00000000 fffff800`00000002 00000000`0002625a 00001f80`01010000 : nt! ?? ::FNODOBFM::`string'+0x4e2e
fffff880`02bcaf00 fffff800`01c041c0 : 00000000`00000000 fffff880`02bcb0b0 fffff800`01c203c0 fffff800`00000000 : nt!KeUpdateSystemTime+0x377
fffff880`02bcb000 fffff800`01683233 : 00000000`0891bea6 fffff800`01c203c0 fffff800`017f9e80 00000000`00000020 : hal!HalpRtcClockInterrupt+0x130
fffff880`02bcb030 fffff800`016bd38b : fffff800`017f9e80 ffffa0da`00000001 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLock+0x163
fffff880`02bcb1c0 fffff800`0168c82c : 00000000`00000000 fffff880`02bcb308 00000000`000032d1 00000000`000016d2 : nt!KxFlushEntireTb+0x93
fffff880`02bcb200 fffff800`016a7061 : 00000000`00000000 fffffa00`00000000 00000000`00000001 fffffa80`00000124 : nt!KeFlushMultipleRangeTb+0x28c
fffff880`02bcb2d0 fffff800`016a9aac : 00000000`00000020 fffff880`02bcb440 fffff8a0`03b47000 00000000`00000001 : nt!MiFlushTbAsNeeded+0x1d1
fffff880`02bcb3e0 fffff800`017aff86 : 00000000`00020000 fffffa80`16fc5000 00000000`00000001 00000000`00000001 : nt!MiAllocatePagedPoolPages+0x4cc
fffff880`02bcb500 fffff800`016a77c0 : 00000000`00020000 fffffa80`16fc5000 00000000`00000001 fffff800`017af5b1 : nt!MiAllocatePoolPages+0x906
fffff880`02bcb640 fffff800`017b290e : 00000000`00000000 00000000`00000001 fffff8a0`00000000 00000000`00020000 : nt!ExpAllocateBigPool+0xb0
fffff880`02bcb730 fffff880`016a5c9d : fffff8a0`03b47000 fffffa80`17378880 00000000`6365734b fffffa80`00000000 : nt!ExAllocatePoolWithTag+0x82e
fffff880`02bcb820 fffff880`016a63ed : fffffa80`18d5b4c0 fffff800`0168eff3 fffffa80`20206f49 00000000`00000018 : cng!GatherRandomKey+0x3d
fffff880`02bcbbe0 fffff800`0197d0dd : 00000000`00000001 00000000`00000001 fffffa80`187110f0 fffffa80`17058040 : cng!scavengingWorkItemRoutine+0x3d
fffff880`02bcbc80 fffff800`01691021 : fffff800`01824200 fffff800`0197d001 fffffa80`17058000 fffffa80`17058040 : nt!IopProcessWorkItem+0x3d
fffff880`02bcbcb0 fffff800`0192332e : 00000000`00000000 fffffa80`17058040 00000000`00000080 fffffa80`17040b30 : nt!ExpWorkerThread+0x111
fffff880`02bcbd40 fffff800`01678666 : fffff880`029b0180 fffffa80`17058040 fffff880`029bb5c0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`02bcbd80 00000000`00000000 : fffff880`02bcc000 fffff880`02bc6000 fffff880`02bcb9e0 00000000`00000000 : nt!KxStartSystemThread+0x16


STACK_COMMAND:  kb

SYMBOL_NAME:  ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME:  Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP:  0

FAILURE_BUCKET_ID:  X64_CLOCK_WATCHDOG_TIMEOUT_18_PROC_ANALYSIS_INCONCLUSIVE

BUCKET_ID:  X64_CLOCK_WATCHDOG_TIMEOUT_18_PROC_ANALYSIS_INCONCLUSIVE

Followup: MachineOwner
---------

0: kd> ~2
2: kd> k
Child-SP          RetAddr           Call Site
00000000`29ed8a40 00000000`00000000 0x901f31a
2: kd> r
rax=10b38f0000001059 rbx=0000000000000000 rcx=00000000213a3290
rdx=0000000000001058 rsi=0000000000000360 rdi=0000000000000fff
rip=000000000901f31a rsp=0000000029ed8a40 rbp=00b38f0000000001
 r8=0000000000001058  r9=1000000000000000 r10=00000000240112e8
r11=0000000000000000 r12=00000000000020b0 r13=0000000024010290
r14=00000000213a2f90 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
cs=0033  ss=002b  ds=0000  es=0000  fs=0000  gs=0000             efl=00010206
0033:00000000`0901f31a ??              ???
2: kd> !thread
THREAD fffffa801854db60  Cid 0b90.0ebc  Teb: 000007fffff5a000 Win32Thread: 0000000000000000 RUNNING on processor 2
Not impersonating
DeviceMap                 fffff8a000008bc0
Owning Process            fffffa8018e52680       Image:         oracle.exe
Attached Process          N/A            Image:         N/A
Wait Start TickCount      784563         Ticks: 449 (0:00:00:07.015)
Context Switch Count      31             IdealProcessor: 0             
UserTime                  00:00:00.031
KernelTime                00:00:00.031
Win32 Start Address 0x0000000000401452
Stack Init fffff880053d4db0 Current fffff880053d4900
Base fffff880053d5000 Limit fffff880053cf000 Call 0
Priority 10 BasePriority 8 UnusualBoost 0 ForegroundBoost 0 IoPriority 2 PagePriority 5
Child-SP          RetAddr           : Args to Child                                                           : Call Site
00000000`29ed8a40 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x901f31a

Version-Release number of selected component (if applicable):


How reproducible:
LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin QEMU_AUDIO_DRV=spice /usr/libexec/qemu-kvm -S -M rhel6.3.0 -enable-kvm -m 30720 -smp 24,sockets=2,cores=6,threads=2 -name WIN2008-21 -uuid 78f3e884-5c50-4e77-ba06-a0d3517f0f7a -nodefconfig -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/WIN2008-21.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime -no-shutdown -device ich9-usb-ehci1,id=usb,bus=pci.0,a=pci.0,addr=0x6.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x6.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x4 -drive file=/data-center/72f56713-acea-457d-8b87-6f0d6999545c/6ae96d3e-a1b9-458d-af91-c8a7dfc5e88f/images/411e0d34-858c-4ddd-adcd-39095515bfc2/fa284a5a-5e66-4385-877f-a9d3c5e59ecf,if=none,id=drive-ide0-0-0,format=qcow2,cache=none -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -drive file=/data-center/72f56713-acea-457d-8b87-6f0d6999545c/6ae96d3e-a1b9-458d-af91-c8a7dfc5e88f/images/94a3da2b-7d28-47c6-a16f-7d1001c2c254/50281699-4ea6-42ba-8314-b48b89c00222,if=none,id=drive-ide0-0-1,format=qcow2,cache=none -device ide-drive,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -drive if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0,bootindex=2 -drive file=/var/vms/isos/virtio-win-1.1.16.vfd,if=none,id=drive-fdc0-0-0,readonly=on,format=raw -global isa-fdc.driveA=drive-fdc0-0-0 -netdev tap,fd=27,id=hostnet0,vhost=on,vhostfd=28 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=02:3f:c1:8d:e9:0a,bus=pci.0,addr=0x3,bootindex=3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev spicevmc,id=charchannel0,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 -chardev socket,id=charchannel1,path=/var/lib/libvirt/qemu/channels/WIN2008-21.com.redhat.rhev.vdsm,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel1,id=channel1,name=com.redhat.rhev.vdsm -device usb-tablet,id=input0 -spice port=5900,addr=0.0.0.0,disable-ticketing -vga qxl -global qxl-vga.vram_size=33554432 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -rtc-td-hackddr=0x6.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x6 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 Mike Cao 2013-08-01 07:03:07 UTC 
Hi,

Pls try to reproduce it with Microsoft enlightenment enabled?
eg: /usr/libexec/qemu-kvm -cpu nehalem,hv_relaxed XXX
Comment 3 Ademar Reis 2013-08-01 22:59:46 UTC 
Thanks for taking the time to enter a bug report with us. We appreciate
the feedback and look to use reports such as this to guide our efforts at
improving our products. That being said, we're not able to  guarantee the
timeliness or suitability of a resolution for issues entered here because this
is not a mechanism for requesting support.

If this issue is critical or in any way time sensitive, please raise a ticket
through your regular Red Hat support channels to make certain  it receives the
proper attention and prioritization to assure a timely resolution.

For information on how to contact the Red Hat production support team, please
visit: https://www.redhat.com/support/process/production/#howto

Setting NEEDINFO(reporter) because of the question from comment #2.
Comment 28 Ronen Hod 2014-09-10 14:33:38 UTC 
Closing this bug.
It happens due to a Windows watchdog that is not aware of the fact that it is running in a VM, and not on real hardware.
The use of hv_relaxed (libvirt's "<relaxed state='on'/>") solves it.
More recent versions of RHEL/RHEV are better in this respect.