Bug 1005667 - Windows guests fall into BSOD randomly with "virtio_ioport_write: unexpected address 0x13 value 0x1"
Windows guests fall into BSOD randomly with "virtio_ioport_write: unexpected ...
Status: CLOSED DUPLICATE of bug 852776
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: virtio-win (Show other bugs)
6.6
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Yan Vugenfirer
Virtualization Bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-09-09 02:20 EDT by Rogan Kyuseok Lee
Modified: 2013-09-10 04:18 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-09-10 04:18:24 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rogan Kyuseok Lee 2013-09-09 02:20:24 EDT
Description of problem:
Windows Server 2008 R2 VM suddenly falled into BSOD with the following errors. It obviously looks an issue related to virtio.

# cat /var/log/libvirt/qemu/TGW.log
 "virtio_ioport_write: unexpected address 0x13 value 0x1"

Version-Release number of selected component (if applicable):
virtio : netKVM : 60.63.103.2700
         virtstor : 60.63.103.2600
         serial : 52.63.103.3000 

How reproducible:
- Randomly

Steps to Reproduce:
1. 
2.
3.

Actual results:
- Windows guests crashed with MINIDUMP.

Expected results:
- No BSOD

Additional info:

RHEV 3.0 Environment :
  - kernel-2.6.32-279
  - vdsm-4.9-113.3.el6-3.x86_64

- Initial analysis of MINIDUMP --------------------------

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Administrator\Downloads\dump-20130820\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Server 2003 Kernel Version 3790 (Service Pack 2) MP (8 procs) Free x64
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 3790.srv03_sp2_rtm.070216-1710
Machine Name:
Kernel base = 0xfffff800`01000000 PsLoadedModuleList = 0xfffff800`011d5100
Debug session time: Tue Aug 20 21:54:40.148 2013 (UTC + 9:00)
System Uptime: 18 days 22:09:13.318
Loading Kernel Symbols
...............................................................
..................................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7efdf018).  Type ".hh dbgerr001" for details
Loading unloaded module list
..................................................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {80000003, fffff80001026d90, fffffadcbb063d50, 0}

Page d9dfc not present in the dump file. Type ".hh dbgerr004" for details
Page d9ec4 not present in the dump file. Type ".hh dbgerr004" for details
Probably caused by : afd.sys ( afd!AfdIssueDeviceControl+1a8 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 0000000080000003, Exception code that caused the bugcheck
Arg2: fffff80001026d90, Address of the instruction which caused the bugcheck
Arg3: fffffadcbb063d50, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------

Page d9dfc not present in the dump file. Type ".hh dbgerr004" for details
Page d9ec4 not present in the dump file. Type ".hh dbgerr004" for details

EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid

FAULTING_IP: 
nt!DbgBreakPoint+0
fffff800`01026d90 cc              int     3

CONTEXT:  fffffadcbb063d50 -- (.cxr 0xfffffadcbb063d50)
rax=0000000000000001 rbx=0000000000000000 rcx=2c3d01a433bd0000
rdx=00000000ffff0031 rsi=fffffadcdc561720 rdi=0000000000000000
rip=fffff80001026d90 rsp=fffffadcbb064568 rbp=fffffadcdff43510
 r8=00000000ffffffff  r9=0000000000000000 r10=0000000000000000
r11=0000000000000000 r12=fffffadcdce46050 r13=0000000000000018
r14=fffffadcbb064758 r15=0000000000000032
iopl=0         nv up ei ng nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00000282
nt!DbgBreakPoint:
fffff800`01026d90 cc              int     3
Resetting default scope

DEFAULT_BUCKET_ID:  DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  java.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffffadcbd814049 to fffff80001026d90

STACK_TEXT:  
fffffadc`bb064568 fffffadc`bd814049 : fffffadc`bd81dae0 00000000`ffff0068 00000000`ffffffff 00000000`00000000 : nt!DbgBreakPoint
fffffadc`bb064570 fffffadc`bd81049a : fffffadc`dc48da30 fffffadc`00000000 00000000`00000001 00000000`05f3f368 : afd!AfdIssueDeviceControl+0x1a8
fffffadc`bb064630 fffff800`01280111 : fffffadc`dc4a4bd0 fffffadc`dc4a4d78 00000000`00000001 00000000`00000000 : afd!AfdBind+0x59b
fffffadc`bb064a70 fffff800`0127fc16 : fffffadc`dcb6cfe0 00000000`00000304 00000000`00000001 00000000`00000000 : nt!IopXxxControlFile+0xa79
fffffadc`bb064b90 fffff800`0102e3fd : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtDeviceIoControlFile+0x56
fffffadc`bb064c00 00000000`78b23e48 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x3
00000000`05e5f098 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x78b23e48


FOLLOWUP_IP: 
afd!AfdIssueDeviceControl+1a8
fffffadc`bd814049 90              nop

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  afd!AfdIssueDeviceControl+1a8

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: afd

IMAGE_NAME:  afd.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  45d69cac

STACK_COMMAND:  .cxr 0xfffffadcbb063d50 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_afd!AfdIssueDeviceControl+1a8

BUCKET_ID:  X64_0x3B_afd!AfdIssueDeviceControl+1a8

Followup: MachineOwner
---------

1: kd> lmvm afd
start             end                 module name
fffffadc`bd7db000 fffffadc`bd828000   afd        (pdb symbols)          c:\symbols\afd.pdb\B2D9424B9FA24556A1870FA6A9CB06052\afd.pdb
    Loaded symbol image file: afd.sys
    Image path: \SystemRoot\System32\drivers\afd.sys
    Image name: afd.sys
    Timestamp:        Sat Feb 17 15:11:56 2007 (45D69CAC)
    CheckSum:         00048827
    ImageSize:        0004D000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

Note You need to log in before you can comment on or make changes to this bug.