Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1167614

Summary:

win8.1.32 guest BSOD with error 'DRIVER_IRQL_NOT_LESS_OR_EQUAL' (netkvm.sys)

Product:

Red Hat Enterprise Linux 7

Reporter:

ShupingCui <scui>

Component:

virtio-win

Assignee:

Yvugenfi <yvugenfi>

Status:

CLOSED ERRATA

QA Contact:

Virtualization Bugs <virt-bugs>

Severity:

high

Docs Contact:

Priority:

high

Version:

7.1

CC:

coli, hhuang, huding, juzhang, knoel, lijin, michen, mrezanin, rbalakri, shuang, virt-maint, vrozenfe, xfu, xuhan, yvugenfi

Target Milestone:

Target Release:

---

Hardware:

Unspecified

OS:

Unspecified

Whiteboard:

Fixed_Not_Ship

Fixed In Version:

Doc Type:

Bug Fix

Doc Text:

NO_DOCS

Story Points:

---

Clone Of:

Environment:

Last Closed:

2015-11-24 08:46:49 UTC

Type:

Bug

Regression:

---

Mount Type:

---

Documentation:

---

CRM:

Verified Versions:

Category:

---

oVirt Team:

---

RHEL 7.3 requirements from Atomic Host:

Cloudforms Team:

---

Target Upstream Version:

Embargoed:

Attachments:

Description	Flags
bsod - DRIVER_IRQL_NOT_LESS_OR_EQUAL	none
bsod - BAD_POOL_HEADER	none
bsod - KMODE_EXCEPTION_NOT_HANDED	none
screenshot IRQL_NOT_LESS_OR_EQUAL	none
autoinstall xml	none

Description ShupingCui 2014-11-25 07:35:16 UTC

Description of problem:
win8.1.32 guest BSOD with error 'DRIVER_IRQL_NOT_LESS_OR_EQUAL' when do reboot

Version-Release number of selected component (if applicable):
# rpm -q qemu-kvm
qemu-kvm-1.5.3-79.el7.x86_64
# rpm -q seabios
seabios-1.7.5-6.el7.x86_64

virtio-win-prewhql-0.1-94

How reproducible:
50%

Steps to Reproduce:
1. boot win8.1.32 guest with virtio-scsi
/bin/qemu-kvm \
    -S  \
    -name 'virt-tests-vm1'  \
    -sandbox off  \
    -M pc  \
    -nodefaults  \
    -vga qxl  \
    -global qxl-vga.vram_size=33554432  \
    -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20141124-232553-GaXpwxcU,server,nowait \
    -mon chardev=qmp_id_qmpmonitor1,mode=control  \
    -chardev socket,id=serial_id_serial0,path=/tmp/serial-serial0-20141124-232553-GaXpwxcU,server,nowait \
    -device isa-serial,chardev=serial_id_serial0  \
    -chardev socket,id=seabioslog_id_20141124-232553-GaXpwxcU,path=/tmp/seabios-20141124-232553-GaXpwxcU,server,nowait \
    -device isa-debugcon,chardev=seabioslog_id_20141124-232553-GaXpwxcU,iobase=0x402 \
    -device ich9-usb-uhci1,id=usb1,bus=pci.0,addr=03 \
    -device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pci.0,addr=04 \
    -drive id=drive_image1,if=none,cache=none,snapshot=off,aio=native,file=/root/staf-kvm-devel/autotest-devel/client/tests/virt/shared/data/images/win8-32.1-virtio.qcow2 \
    -device scsi-hd,id=image1,drive=drive_image1 \
    -device virtio-net-pci,mac=9a:20:21:22:23:24,id=idqb8M69,vectors=4,netdev=idXd74TK,bus=pci.0,addr=05  \
    -netdev tap,id=idXd74TK,vhost=on,vhostfd=23,fd=22  \
    -m 32768  \
    -smp 16,maxcpus=16,cores=4,threads=2,sockets=2  \
    -cpu 'Opteron_G4',+sep,+kvm_pv_unhalt,hv_relaxed,hv_spinlocks=0x1fff,hv_vapic,hv_time \
    -drive id=drive_cd1,if=none,snapshot=off,aio=native,media=cdrom,file=/root/staf-kvm-devel/autotest-devel/client/tests/virt/shared/data/isos/windows/winutils.iso \
    -device scsi-cd,id=cd1,drive=drive_cd1 \
    -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1  \
    -spice port=3000,password=123456,addr=0,image-compression=auto_glz,zlib-glz-wan-compression=auto,streaming-video=all,agent-mouse=on,playback-compression=on,ipv4  \
    -rtc base=localtime,clock=host,driftfix=slew  \
    -boot order=cdn,once=c,menu=off \
    -enable-kvm

2. do reboot guest 20 times
3.

Actual results:
guest BSOD with error 'DRIVER_IRQL_NOT_LESS_OR_EQUAL'

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 00000098, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 91a73b12, address which referenced memory

Debugging Details:
------------------

*** ERROR: Module load completed but symbols could not be loaded for netkvm.sys
Page 5fa0 not present in the dump file. Type ".hh dbgerr004" for details

READ_ADDRESS:  00000098 

CURRENT_IRQL:  2

FAULTING_IP: 
netkvm+6b12
91a73b12 ff7018          push    dword ptr [eax+18h]

DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

BUGCHECK_STR:  AV

PROCESS_NAME:  MsMpEng.exe

ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre

DPC_STACK_BASE:  FFFFFFFF82E9D000

TRAP_FRAME:  82e9cc94 -- (.trap 0xffffffff82e9cc94)
ErrCode = 00000000
eax=00000080 ebx=880b61e8 ecx=880e0008 edx=880b621c esi=880e0008 edi=880b6008
eip=91a73b12 esp=82e9cd08 ebp=82e9cd34 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
netkvm+0x6b12:
91a73b12 ff7018          push    dword ptr [eax+18h]  ds:0023:00000098=????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from 81d6dca3 to 81d595f0

STACK_TEXT:  
82e9cbf0 81d6dca3 0000000a 00000098 00000002 nt!KiBugCheck2
82e9cbf0 91a73b12 0000000a 00000098 00000002 nt!KiTrap0E+0x1cf
WARNING: Stack unwind information not available. Following frames may be wrong.
82e9cd34 91a717a8 880e0001 880e0008 00000000 netkvm+0x6b12
82e9cd48 91a6fa54 880e0001 880b6008 00000040 netkvm+0x47a8
82e9cd68 91a789b9 880e0150 00000040 88099208 netkvm+0x2a54
82e9cd94 8b83ebb3 880e0008 00000000 00000000 netkvm+0xb9b9
82e9ce18 81c85a16 880cb27c 880cb000 00000000 ndis!ndisInterruptDpc+0x1b8
82e9ced0 81c85626 82e9cf18 00000000 00000000 nt!KiExecuteAllDpcs+0x216
82e9cff4 81d6e8ce 9e2c7b58 00000000 00000000 nt!KiRetireDpcList+0xf6
9e2c7b78 81d6b1e5 8bba9cc0 9e2c7c14 00000006 nt!KiDispatchInterrupt+0x2e
9e2c7b78 76cdb873 8bba9cc0 9e2c7c14 00000006 nt!KiUnexpectedInterruptTail+0x1f2
0a96d570 00000000 00000000 00000000 00000000 0x76cdb873


STACK_COMMAND:  kb

FOLLOWUP_IP: 
netkvm+6b12
91a73b12 ff7018          push    dword ptr [eax+18h]

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  netkvm+6b12

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: netkvm

IMAGE_NAME:  netkvm.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  546c575b

FAILURE_BUCKET_ID:  AV_netkvm+6b12

BUCKET_ID:  AV_netkvm+6b12

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:av_netkvm+6b12

FAILURE_ID_HASH:  {50f9e73d-d6ae-14cd-dbba-20331c823f88}

Followup: MachineOwner
---------




Expected results:
reboot guest successfully, and guest works well

Additional info:
Host cpu info:

processor	: 31
vendor_id	: AuthenticAMD
cpu family	: 21
model		: 1
model name	: AMD Opteron(TM) Processor 6274                 
stepping	: 2
microcode	: 0x6000626
cpu MHz		: 2199.996
cache size	: 2048 KB
physical id	: 1
siblings	: 16
core id		: 7
cpu cores	: 8
apicid		: 79
initial apicid	: 47
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc extd_apicid amd_dcm aperfmperf pni pclmulqdq monitor ssse3 cx16 sse4_1 sse4_2 popcnt aes xsave avx lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs xop skinit wdt lwp fma4 nodeid_msr topoext perfctr_core perfctr_nb arat cpb hw_pstate npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
bogomips	: 4399.77
TLB size	: 1536 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 48 bits physical, 48 bits virtual
power management: ts ttp tm 100mhzsteps hwpstate cpb

# free -m
              total        used        free      shared  buff/cache   available
Mem:          64379        1244       59173           8        3960       62500
Swap:         32191           0       32191

Comment 1 ShupingCui 2014-11-25 07:36:18 UTC

Created attachment 961041 [details]
bsod - DRIVER_IRQL_NOT_LESS_OR_EQUAL

Comment 3 ShupingCui 2014-11-25 07:44:10 UTC

Created attachment 961043 [details]
bsod - BAD_POOL_HEADER

Comment 4 ShupingCui 2014-11-25 07:44:34 UTC

Created attachment 961045 [details]
bsod - KMODE_EXCEPTION_NOT_HANDED

Comment 5 ShupingCui 2014-11-25 07:52:19 UTC

not found this bug on intel host now, and met the others bsod in comment 3 and comment 4, not sure whether it's a same issue.

Comment 7 Chengyou Liu 2014-11-26 09:33:01 UTC

Hit a similar problem IRQL_NOT_LESS_OR_EQUAL （netkvm.sys） when the first reboot during the installation of Win8.1 x86_64.

Should I report a new bug about this?

Package info:
qemu-kvm-1.5.3-81.el7.x86_64
kernel-3.10.0-205.el7.x86_64
virtio-win-prewhql-0.1-94
seabios-1.7.5-6.el7.x86_64

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000009, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
	bit 0 : value 0 = read operation, 1 = write operation
	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff8037fda389b, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS:  0000000000000009 

CURRENT_IRQL:  2

FAULTING_IP: 
hal!HalPutScatterGatherListV3+1b
fffff803`7fda389b 488b5708        mov     rdx,qword ptr [rdi+8]

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  dwm.exe

LAST_CONTROL_TRANSFER:  from fffff8037f76e7e9 to fffff8037f762ca0

SYMBOL_ON_RAW_STACK:  1

STACK_ADDR_RAW_STACK_SYMBOL: fffff80381f7d768

STACK_COMMAND:  dds FFFFF80381F7D768-0x20 ; kb

STACK_TEXT:  
fffff803`81f7d748  00000001
fffff803`81f7d74c  00000000
fffff803`81f7d750  01e87488
fffff803`81f7d754  ffffe000
fffff803`81f7d758  00000001
fffff803`81f7d75c  00000000
fffff803`81f7d760  0377bd44
fffff803`81f7d764  fffff800
fffff803`81f7d768  00000001
fffff803`81f7d76c  00000000
fffff803`81f7d770  00000000
fffff803`81f7d774  00000000
fffff803`81f7d778  7f76d03a
fffff803`81f7d77c  fffff803
fffff803`81f7d780  00000000
fffff803`81f7d784  00000000
fffff803`81f7d788  00c06bc0
fffff803`81f7d78c  ffffe000
fffff803`81f7d790  00e08100
fffff803`81f7d794  ffffe000
fffff803`81f7d798  81f7d780
fffff803`81f7d79c  fffff803
fffff803`81f7d7a0  00000000
fffff803`81f7d7a4  00000000
fffff803`81f7d7a8  01000000
fffff803`81f7d7ac  00001f80
fffff803`81f7d7b0  fffffffc
fffff803`81f7d7b4  00000000
fffff803`81f7d7b8  00c06bc0
fffff803`81f7d7bc  ffffe000
fffff803`81f7d7c0  0078f6c0
fffff803`81f7d7c4  ffffe000


FOLLOWUP_IP: 
netkvm+dd44
fffff800`0377bd44 4053            push    rbx

SYMBOL_NAME:  netkvm+dd44

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: netkvm

IMAGE_NAME:  netkvm.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  546c576e

FAILURE_BUCKET_ID:  X64_0xA_netkvm+dd44

BUCKET_ID:  X64_0xA_netkvm+dd44

Followup: MachineOwner
---------

Host info:
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                4
On-line CPU(s) list:   0-3
Thread(s) per core:    1
Core(s) per socket:    4
Socket(s):             1
NUMA node(s):          1
Vendor ID:             GenuineIntel
CPU family:            6
Model:                 60
Model name:            Intel(R) Xeon(R) CPU E3-1225 v3 @ 3.20GHz
Stepping:              3
CPU MHz:               3574.500
BogoMIPS:              6385.60
Virtualization:        VT-x
L1d cache:             32K
L1i cache:             32K
L2 cache:              256K
L3 cache:              8192K
NUMA node0 CPU(s):     0-3

Comment 8 Chengyou Liu 2014-11-26 09:35:13 UTC

Created attachment 961548 [details]
screenshot IRQL_NOT_LESS_OR_EQUAL

Comment 9 Chengyou Liu 2014-11-26 09:50:19 UTC

(In reply to Chengyou Liu from comment #7)
> Hit a similar problem IRQL_NOT_LESS_OR_EQUAL （netkvm.sys） when the first
> reboot during the installation of Win8.1 x86_64.
> 


100% reproducible when auto install with virtio-scsi.
One of the attached is the XML file for auto install.
CML:
/bin/qemu-kvm \
    -S  \
    -name 'virt-tests-vm1'  \
    -sandbox off  \
    -M pc  \
    -nodefaults  \
    -vga qxl  \
    -global qxl-vga.vram_size=33554432 \
    -device intel-hda,bus=pci.0,addr=03 \
    -device hda-duplex  \
    -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20141124-183656-dBm5yFlW,server,nowait \
    -mon chardev=qmp_id_qmpmonitor1,mode=control  \
    -chardev socket,id=serial_id_serial0,path=/tmp/serial-serial0-20141124-183656-dBm5yFlW,server,nowait \
    -device isa-serial,chardev=serial_id_serial0 \
    -device virtio-serial-pci,id=virtio_serial_pci0,bus=pci.0,addr=04  \
    -chardev socket,id=devvs,path=/tmp/virtio_port-vs-20141124-183656-dBm5yFlW,server,nowait \
    -device virtserialport,chardev=devvs,name=vs,id=vs,bus=virtio_serial_pci0.0  \
    -chardev socket,id=seabioslog_id_20141124-183656-dBm5yFlW,path=/tmp/seabios-20141124-183656-dBm5yFlW,server,nowait \
    -device isa-debugcon,chardev=seabioslog_id_20141124-183656-dBm5yFlW,iobase=0x402 \
    -device nec-usb-xhci,id=usb1,bus=pci.0,addr=05 \
    -device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pci.0,addr=06 \
    -drive id=drive_image1,if=none,cache=none,snapshot=off,aio=threads,file=/home/downwin8.qcow2 \
    -device scsi-hd,id=image1,drive=drive_image1 \
    -device virtio-net-pci,mac=9a:5c:5d:5e:5f:60,id=idhfW31x,vectors=4,netdev=idySlvJv,bus=pci.0,addr=07  \
    -netdev tap,id=idySlvJv,vhost=on  \
    -m 8192  \
    -smp 2,maxcpus=2,cores=1,threads=1,sockets=2  \
    -cpu 'SandyBridge',+sep,+kvm_pv_unhalt,hv_relaxed,hv_spinlocks=0x1fff,hv_vapic,hv_time \
    -drive id=drive_cd1,if=none,snapshot=off,aio=threads,media=cdrom,file=/home/autotest-devel/client/tests/virt/shared/data/isos/ISO/Win8.1/en_windows_8_1_enterprise_x64_dvd_2971902.iso \
    -device ide-cd,id=cd1,drive=drive_cd1,bus=ide.0,unit=0 \
    -drive id=drive_winutils,if=none,snapshot=off,aio=threads,media=cdrom,file=/home/autotest-devel/client/tests/virt/shared/data/isos/windows/winutils.iso \
    -device ide-cd,id=winutils,drive=drive_winutils,bus=ide.0,unit=1 \
    -drive id=drive_unattended,if=none,snapshot=off,aio=threads,media=cdrom,file=/home/autotest-devel/client/tests/virt/shared/data/images/win8.1-64/autoinstall.iso \
    -device ide-cd,id=unattended,drive=drive_unattended,bus=ide.1,unit=0 \
    -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1  \
    -spice port=3000,password=123456 \
    -rtc base=localtime,clock=host,driftfix=slew  \
    -boot order=cdn,once=d,menu=off \
    -enable-kvm \
-monitor stdio

Comment 10 Chengyou Liu 2014-11-26 09:51:20 UTC

Created attachment 961551 [details]
autoinstall xml

Comment 12 Chengyou Liu 2014-11-27 08:38:12 UTC

(In reply to Chengyou Liu from comment #9)
> (In reply to Chengyou Liu from comment #7)
> > Hit a similar problem IRQL_NOT_LESS_OR_EQUAL （netkvm.sys） when the first
> > reboot during the installation of Win8.1 x86_64.
> > 
> 
> 
> 100% reproducible when auto install with virtio-scsi.

Didn't hit this with qemu-kvm-1.5.3-81.el7.x86_64 and kernel-3.10.0-201.el7.x86_64.

But hit with qemu-kvm-1.5.3-81.el7.x86_64 and kernel-3.10.0-202.el7.x86_64.

Comment 13 Yossi Hindin 2014-11-30 16:06:44 UTC

The bug is fixed in commit b07fe167f53e03628c18772ec51b1d5dccce948c

Comment 14 lijin 2015-04-02 08:15:30 UTC

with build94,reboot guest 30+ times,hit 'DRIVER_IRQL_NOT_LESS_OR_EQUAL' once,hit 'KMODE_EXCEPTION_NOT_HANDED' once;
with build102,reboot guest 30+ times,guest works fine,no bsod

Comment 17 lijin 2015-07-17 07:24:09 UTC

change status to verified according to comment#14

Comment 19 errata-xmlrpc 2015-11-24 08:46:49 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2513.html