1112712 – [virtio-win][netkvm]win8.1 32bit BSOD when loading virtio-win-prewhql-0.1 driver & indirect_desc=off option of virtio-net-pci

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1112712 - [virtio-win][netkvm]win8.1 32bit BSOD when loading virtio-win-prewhql-0.1 driver & indirect_desc=off option of virtio-net-pci

Summary: [virtio-win][netkvm]win8.1 32bit BSOD when loading virtio-win-prewhql-0.1 dr...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	virtio-win
Sub Component:
Version:	7.0
Hardware:	x86_64
OS:	Windows
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Yvugenfi@redhat.com
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1113520
TreeView+	depends on / blocked

Reported:	2014-06-24 14:21 UTC by FuXiangChun
Modified:	2015-11-24 08:42 UTC (History)
CC List:	14 users (show)
Fixed In Version:	virtio-win-prewhql-0.1-87
Doc Type:	Bug Fix
Doc Text:	NO_DOCS
Clone Of:
Environment:
Last Closed:	2015-11-24 08:42:22 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2015:2513	0	normal	SHIPPED_LIVE	virtio-win bug fix and enhancement update	2015-11-24 13:38:38 UTC

Description FuXiangChun 2014-06-24 14:21:10 UTC

Description of problem:
Boot win8.1 32bit guest with -device virtio-net-pci,indirect_desc=off, then load  virtio-win-prewhql-0.1 driver inside guest.  guest show BSOD. QE will attach memdump file. 

Version-Release number of selected component (if applicable):
host:
qemu-kvm-1.5.3-60.el7_0.2.x86_64
3.10.0-123.4.2.el7.x86_64

guest driver:
virtio-win-prewhql-0.1-86

How reproducible:
100%

Steps to Reproduce:
1.qemu-kvm command line
/usr/libexec/qemu-kvm -M pc-i440fx-rhel7.0.0   -enable-kvm  -m 4096 -realtime mlock=off -smp 4,sockets=2,cores=2,threads=1,maxcpus=160 -monitor stdio -name test-all-qemu-kvm-option -uuid `uuidgen` -drive file=/mnt/win8.1-32.qcow2-bak,if=none,id=drive-virtio-disk,format=qcow2,cache=none,aio=native,werror=stop,rerror=stop,media=disk,snapshot=off,bus=1,unit=1 -device virtio-blk-pci,scsi=off,drive=drive-virtio-disk,id=virtio-disk,bus=pci.0,addr=0x7,bootindex=1,physical_block_size=512,logical_block_size=512,multifunction=on,event_idx=on,indirect_desc=on,vectors=16,x-data-plane=off,ioeventfd=on,serial=fuxc,discard_granularity=1,min_io_size=4096,opt_io_size=4096 -usbdevice tablet -usbdevice mouse  -netdev tap,id=hostnet0,vhost=on,script=/etc/qemu-ifup,downscript=no,ifname=fuxc-net -device virtio-net-pci,netdev=hostnet0,id=virtio-net-pci0,mac=00:01:02:03:04:05,bus=pci.0,addr=0x9,indirect_desc=off -vnc :1

2.load vrtio-net-pci driver inside guest.

3.

Actual results:
guest BSOD

Expected results:
load successfully

Additional info:
1.if indirect_desc=on, guest works well

2. As indirect_desc=off is default values. so set this bug severity & priority as High

Comment 2 Mike Cao 2014-06-25 02:41:50 UTC

Pls provide the dump file

Comment 4 Min Deng 2014-06-25 03:10:07 UTC

The bug only could be reproduced on win2k8-64 if adding  "indirect_desc=off" to the CLI explicitly.If remove it from CLI the bug could not be reproduced.

Comment 6 lijin 2014-06-25 03:26:23 UTC

with indirect_desc=off,QE can reproduce this issue on virtio-win-prewhql-86,***CANNOT***reproduce this issue on virtio-win-1.7.1-1.el7.noarch.

following is the win8.1-32 windbg info:
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8cc85120, The address that the exception occurred at
Arg3: 8be984e8, Exception Record Address
Arg4: 8be980b0, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
netkvm+1120
8cc85120 8b4808          mov     ecx,dword ptr [eax+8]

EXCEPTION_RECORD:  8be984e8 -- (.exr 0xffffffff8be984e8)
ExceptionAddress: 8cc85120 (netkvm+0x00001120)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 00000008
Attempt to read from address 00000008

CONTEXT:  8be980b0 -- (.cxr 0xffffffff8be980b0)
eax=00000000 ebx=8cc92674 ecx=850256e0 edx=00000000 esi=850256e0 edi=c000009a
eip=8cc85120 esp=8be98634 ebp=8be98634 iopl=0         nv up ei pl zr na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
netkvm+0x1120:
8cc85120 8b4808          mov     ecx,dword ptr [eax+8] ds:0023:00000008=????????
Resetting default scope

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  00000008

READ_ADDRESS:  00000008 

FOLLOWUP_IP: 
netkvm+1120
8cc85120 8b4808          mov     ecx,dword ptr [eax+8]

BUGCHECK_STR:  AV

DEFAULT_BUCKET_ID:  NULL_CLASS_PTR_DEREFERENCE

LAST_CONTROL_TRANSFER:  from 8cc8be3e to 8cc85120

STACK_TEXT:  
WARNING: Stack unwind information not available. Following frames may be wrong.
8be98634 8cc8be3e 00000000 85025008 8cc87b98 netkvm+0x1120
8be98654 8cc86def 85025008 00000000 85025008 netkvm+0x7e3e
8be9866c 8cc8e5bd 85025008 84f128a8 84f130e8 netkvm+0x2def
8be987ac 8948f3de 84f130e8 00000000 8be98878 netkvm+0xa5bd
8be987c8 894bd790 84f130e8 84f130e8 84f128a8 ndis!ndisMInvokeInitialize+0x24
8be98b54 8948db55 84f13eb0 19ad88b3 00000000 ndis!ndisMInitializeAdapter+0x4bd
8be98b80 8948da1a 8bbe6a66 00000000 00000000 ndis!ndisInitializeAdapter+0x43
8be98bb0 89490989 84ff1990 84f130e8 84f50620 ndis!ndisPnPStartDevice+0x72
8be98bd0 89490911 894908ed 84fc3040 84f50620 ndis!ndisStartDeviceSynchronous+0x4c
8be98be4 812fe611 84f50620 00000000 84fc3040 ndis!ndisStartDeviceWorkItem+0x24
8be98c30 8130c77a 00000000 924404c3 00000000 nt!ExpWorkerThread+0xff
8be98c70 81387fe1 812fe512 00000000 00000000 nt!PspSystemThreadStartup+0x58
8be98c7c 00000000 00000000 81382500 849f5500 nt!KiThreadStartup+0x15


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  netkvm+1120

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: netkvm

IMAGE_NAME:  netkvm.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  538f1b3c

STACK_COMMAND:  .cxr 0xffffffff8be980b0 ; kb

FAILURE_BUCKET_ID:  AV_netkvm+1120

BUCKET_ID:  AV_netkvm+1120

Followup: MachineOwner
---------

Comment 11 Mike Cao 2014-07-08 05:30:05 UTC

Pls verify this issue on virtio-win-prehwql-0.1-87

Comment 12 Shuang Yu 2014-07-09 08:19:54 UTC

Reproduced this issue on virtio-win-prewhql-0.1-86 version
Verified this issue on virtio-win-prewhql-0.1-87 verion

Steps:

1.qemu-kvm command line

/usr/libexec/qemu-kvm -M pc-i440fx-rhel7.0.0   -enable-kvm  -m 4096 -realtime mlock=off -smp 4,sockets=2,cores=2,threads=1,maxcpus=160 -monitor stdio -name test-all-qemu-kvm-option -uuid `uuidgen` -drive file=/mnt/win8.1-32.qcow2-bak,if=none,id=drive-virtio-disk,format=qcow2,cache=none,aio=native,werror=stop,rerror=stop,media=disk,snapshot=off,bus=1,unit=1 -device virtio-blk-pci,scsi=off,drive=drive-virtio-disk,id=virtio-disk,bus=pci.0,addr=0x7,bootindex=1,physical_block_size=512,logical_block_size=512,multifunction=on,event_idx=on,indirect_desc=on,vectors=16,x-data-plane=off,ioeventfd=on,serial=fuxc,discard_granularity=1,min_io_size=4096,opt_io_size=4096 -usbdevice tablet -usbdevice mouse  -netdev tap,id=hostnet0,vhost=on,script=/etc/qemu-ifup,downscript=no,ifname=fuxc-net -device virtio-net-pci,netdev=hostnet0,id=virtio-net-pci0,mac=00:01:02:03:04:05,bus=pci.0,addr=0x9,indirect_desc=off -vnc :1

2.qemu-kvm command line

/usr/libexec/qemu-kvm -M pc-i440fx-rhel7.0.0   -enable-kvm  -m 4096 -realtime mlock=off -smp 4,sockets=2,cores=2,threads=1,maxcpus=160 -monitor stdio -name test-all-qemu-kvm-option -uuid `uuidgen` -drive file=/mnt/win8.1-32.qcow2-bak,if=none,id=drive-virtio-disk,format=qcow2,cache=none,aio=native,werror=stop,rerror=stop,media=disk,snapshot=off,bus=1,unit=1 -device virtio-blk-pci,scsi=off,drive=drive-virtio-disk,id=virtio-disk,bus=pci.0,addr=0x7,bootindex=1,physical_block_size=512,logical_block_size=512,multifunction=on,event_idx=on,indirect_desc=on,vectors=16,x-data-plane=off,ioeventfd=on,serial=fuxc,discard_granularity=1,min_io_size=4096,opt_io_size=4096 -usbdevice tablet -usbdevice mouse  -netdev tap,id=hostnet0,vhost=on,script=/etc/qemu-ifup,downscript=no,ifname=fuxc-net -device virtio-net-pci,netdev=hostnet0,id=virtio-net-pci0,mac=00:01:02:03:04:05,bus=pci.0,addr=0x9,indirect_desc=on -vnc :1



Actual Results:
on virtio-win-prewhql-0.1-86  verion ,with the paramenter "indirect_desc=off" guest BSOD ; with the paramenter "indirect_desc=on" guest load the driver successfully.
on virtio-win-prewhql-0.1-87  verion ,with the paramenter "indirect_desc=off" guest load the driver successfullly ; with the paramenter "indirect_desc=on" guest load the driver successfully.

Based on above ,this issue has been reproduced on the virtio-win-prewhql 86,and has been verified on the virtio-win-prewhql 87 .

Comment 13 Mike Cao 2014-07-21 09:45:56 UTC

Move status to Verified according to comment #12

Comment 17 errata-xmlrpc 2015-11-24 08:42:22 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2513.html

Note You need to log in before you can comment on or make changes to this bug.