Bug 1130853 - [whql][balloon][rhel6]guest bsod with 7e code when running DF - PNP* jobs
Summary: [whql][balloon][rhel6]guest bsod with 7e code when running DF - PNP* jobs
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: virtio-win
Version: 7.1
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Gal Hammer
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks: 1113910 1131838
TreeView+ depends on / blocked
 
Reported: 2014-08-18 03:30 UTC by lijin
Modified: 2015-03-05 05:34 UTC (History)
10 users (show)

Fixed In Version: virtio-win-prewhql-0.1-90
Doc Type: Bug Fix
Doc Text:
Cause: guest bsod with 7e code when running DF - PNP* jobs Consequence: running WHQL DF - PNP* jobs on balloon driver will lead to triggering SYSTEM_THREAD_EXCEPTION_NOT_HANDLED Fix: Update balloon memory statistics only if status virtio-win queue is available. Result: WHQL DF - PNP* jobs on balloon driver can be passed witout BSOD.
Clone Of:
Environment:
Last Closed: 2015-03-05 05:34:35 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:0289 normal SHIPPED_LIVE virtio-win bug fix and enhancement update 2015-03-05 10:32:54 UTC

Description lijin 2014-08-18 03:30:21 UTC
Description of problem:
guest bsod with 7e code when running following jobs:
win8-32:
DF - PNP Rebalance Fail Restart Device Test (Certification)
DF - PNP Rebalance Request New Resources Device Test (Certification)
DF - PNP Surprise Remove Device Test (Certification)
DF - PNP Stop (Rebalance) Device Test (Certification)

win8-64:
DF - PNP Rebalance Request New Resources Device Test (Certification)
DF - PNP Surprise Remove Device Test (Certification)

Version-Release number of selected component (if applicable):
virtio-win-prewhql-88
qemu-kvm-rhev-0.12.1.2-2.428.el6.x86_64
kernel-2.6.32-486.el6.x86_64
seabios-0.6.1.2-28.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1.boot guest with:
/usr/libexec/qemu-kvm -name 088BLNWIN832GQF -enable-kvm -m 2G -smp 2
-uuid a9a69915-a245-4c5d-9087-3695619148a0 -nodefconfig -nodefaults
-chardev socket,id=charmonitor,path=/tmp/088BLNWIN832GQF,server,nowait
-mon chardev=charmonitor,id=monitor,mode=control -rtc
base=localtime,driftfix=slew -boot order=cd,menu=on -device
piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive
file=088BLNWIN832GQF,if=none,id=drive-ide0-0-0,format=raw,serial=mike_cao,cache=none
-device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0
-drive
file=en_windows_8_enterprise_x86_dvd_917587.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw
-device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0
-drive
file=088BLNWIN832GQF.vfd,if=none,id=drive-fdc0-0-0,format=raw,cache=none
-global isa-fdc.driveA=drive-fdc0-0-0 -netdev
tap,script=/etc/qemu-ifup,downscript=no,id=hostnet0 -device
rtl8139,netdev=hostnet0,id=net0,mac=00:52:08:03:0d:20,bus=pci.0,addr=0x3
-chardev pty,id=charserial0 -device
isa-serial,chardev=charserial0,id=isa_serial0 -device
usb-tablet,id=input0 -vnc 0.0.0.0:0 -vga cirrus -device
virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7
2.submit job in hck

Actual results:
guest bsod during test,job failed

Expected results:
no bsod,job can pass

Additional info:
the windbg info:
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8ca715c9, The address that the exception occurred at
Arg3: 82998964, Exception Record Address
Arg4: 82998530, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
balloon+15c9
8ca715c9 8b4804          mov     ecx,dword ptr [eax+4]

EXCEPTION_RECORD:  82998964 -- (.exr 0xffffffff82998964)
ExceptionAddress: 8ca715c9 (balloon+0x000015c9)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 00000004
Attempt to read from address 00000004

CONTEXT:  82998530 -- (.cxr 0xffffffff82998530)
eax=00000000 ebx=00001000 ecx=00000000 edx=82998a50 esi=8bebae30 edi=8ca73972
eip=8ca715c9 esp=82998a2c ebp=82998a64 iopl=0         nv up ei pl zr na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
balloon+0x15c9:
8ca715c9 8b4804          mov     ecx,dword ptr [eax+4] ds:0023:00000004=????????
Resetting default scope

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  00000004

READ_ADDRESS:  00000004 

FOLLOWUP_IP: 
balloon+15c9
8ca715c9 8b4804          mov     ecx,dword ptr [eax+4]

BUGCHECK_STR:  AV

DEFAULT_BUCKET_ID:  NULL_CLASS_PTR_DEREFERENCE

LAST_CONTROL_TRANSFER:  from 8ca7798e to 8ca715c9

STACK_TEXT:  
WARNING: Stack unwind information not available. Following frames may be wrong.
82998a64 8ca7798e 74145348 8bec0fa8 82998a9c balloon+0x15c9
82998a74 8504e075 60017060 8be9af98 8bffaee8 balloon+0x798e
82998a9c 8504de8d a0152e70 8bebad74 a0152e70 Wdf01000!FxPkgGeneral::OnClose+0xc8
82998abc 85046bc2 a0152e70 8756cd88 a0152e70 Wdf01000!FxPkgGeneral::Dispatch+0xc0
82998ae4 85046a33 8756cd88 a0152e70 8756cd88 Wdf01000!FxDevice::Dispatch+0x155
82998b00 8189cf4b 8756cd88 a0152e70 a0152e70 Wdf01000!FxDevice::DispatchWithLock+0x77
82998b20 81442a9f 818b4565 a0152f8c a0152fb0 nt!IovCallDriver+0x2e3
82998b34 818b4565 82998b5c 818b465c 8756cd88 nt!IofCallDriver+0x62
82998b3c 818b465c 8756cd88 a0152e70 8756cc28 nt!ViFilterIoCallDriver+0x10
82998b5c 8189cf4b 8756cce0 a0152e70 8756cb58 nt!ViFilterDispatchGeneric+0x5e
82998b7c 81442a9f 81aa7353 a0152fb0 a0152fd4 nt!IovCallDriver+0x2e3
82998b90 81aa7353 a0152e70 8756caa0 00000000 nt!IofCallDriver+0x62
82998ba8 81aa6074 8756caa0 a0152e70 8756caa0 MSDMFilt!FilterPassIrpWithRemoveLockAcquired+0x7d
82998bc8 8189cf4b 8756caa0 a0152e70 a0152e70 MSDMFilt!FilterClose+0x19c
82998be8 81442a9f 818b4565 a0152fd4 a0152ff8 nt!IovCallDriver+0x2e3
82998bfc 818b4565 82998c24 818b465c 8756caa0 nt!IofCallDriver+0x62
82998c04 818b465c 8756caa0 a0152e70 8756c7f0 nt!ViFilterIoCallDriver+0x10
82998c24 8189cf4b 8756c8a8 a0152e70 a0152e70 nt!ViFilterDispatchGeneric+0x5e
82998c44 81442a9f 8164cdd3 00000000 8a92a490 nt!IovCallDriver+0x2e3
82998c58 8164cdd3 8458fcf0 8a92a478 8a92a400 nt!IofCallDriver+0x62
82998c8c 819a7796 82998cac 8164ca2d 8a92a490 nt!IopDeleteFile+0xef
82998cac 8143e8f6 00000000 81aa8502 9fff8ff0 hal!KfLowerIrql+0x2c
82998cc0 8143e882 8a92a490 81aa8515 8756c7f0 nt!ObfDereferenceObjectWithTag+0x5c
82998cc8 81aa8515 8756c7f0 00000000 82998d1c nt!ObfDereferenceObject+0xd
82998cd8 8148b737 8756c7f0 9fff8ff0 815e14b8 MSDMFilt!FilterDerefFileObjectWorker+0x13
82998d1c 8148b854 9fffafd0 8459d600 00000000 nt!IopProcessWorkItem+0xa1
82998d74 814ce415 00010000 24c0daaf 00000000 nt!ExpWorkerThread+0x111
82998db0 8157a039 8148b747 00010000 00000000 nt!PspSystemThreadStartup+0x4a
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  balloon+15c9

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: balloon

IMAGE_NAME:  balloon.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  53d74aaa

STACK_COMMAND:  .cxr 0xffffffff82998530 ; kb

FAILURE_BUCKET_ID:  AV_VRF_balloon+15c9

BUCKET_ID:  AV_VRF_balloon+15c9

Followup: MachineOwner
---------

Comment 4 Gal Hammer 2014-08-18 12:51:07 UTC
Is the balloon's service is running on the guest during the HCK tests?

Comment 5 Mike Cao 2014-08-18 15:13:19 UTC
(In reply to Gal Hammer from comment #4)
> Is the balloon's service is running on the guest during the HCK tests?

No.

Comment 7 lijin 2014-09-01 01:59:52 UTC
test with virtio-win-prewhql-90,all jobs passed,no bsod,so this issue has been fixed.

package info:
virtio-win-prewhql-90
kernel-2.6.32-486.el6.x86_64
qemu-kvm-rhev-0.12.1.2-2.428.el6.x86_64
seabios-0.6.1.2-28.el6.x86_64
spice-server-0.12.4-9.el6.x86_64

Comment 8 Mike Cao 2014-09-01 05:17:06 UTC
Move status to Verified according to comment #7

Comment 12 errata-xmlrpc 2015-03-05 05:34:35 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0289.html


Note You need to log in before you can comment on or make changes to this bug.