RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1260341 - [RHEL7.1] win7-64 guest failed to reboot with BSOD "Error Code: 0x0000001E"
Summary: [RHEL7.1] win7-64 guest failed to reboot with BSOD "Error Code: 0x0000001E"
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.2
Hardware: x86_64
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Vadim Rozenfeld
QA Contact: Yiqian Wei
URL:
Whiteboard:
Depends On: 1204453 1238569
Blocks: 1401400
TreeView+ depends on / blocked
 
Reported: 2015-09-06 03:35 UTC by Xueqiang Wei
Modified: 2017-11-16 23:59 UTC (History)
23 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1238569
Environment:
Last Closed: 2017-11-16 23:59:15 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
dump analysis (3.85 KB, text/plain)
2015-09-07 10:30 UTC, Xueqiang Wei
no flags Details
dump analysis (20.16 KB, text/plain)
2015-09-09 09:10 UTC, Xueqiang Wei
no flags Details

Comment 1 Xueqiang Wei 2015-09-06 03:42:28 UTC
Version-Release number of selected component:
Host:
# uname -r
3.10.0-229.15.1.el7_1.1227871.x86_64
# rpm -q qemu-kvm-rhev
qemu-kvm-rhev-2.1.2-23.el7_1.9

Guest:
Win7.x86_64.sp1


cpu info:
processor	: 31
vendor_id	: AuthenticAMD
cpu family	: 21
model		: 1
model name	: AMD Opteron(TM) Processor 6272                 
stepping	: 2
microcode	: 0x600063d
cpu MHz		: 2099.992
cache size	: 2048 KB
physical id	: 1
siblings	: 16
core id		: 7
cpu cores	: 8
apicid		: 79
initial apicid	: 47
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc extd_apicid amd_dcm aperfmperf pni pclmulqdq monitor ssse3 cx16 sse4_1 sse4_2 popcnt aes xsave avx lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs xop skinit wdt lwp fma4 nodeid_msr topoext perfctr_core perfctr_nb arat cpb hw_pstate npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
bogomips	: 4199.76
TLB size	: 1536 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 48 bits physical, 48 bits virtual
power management: ts ttp tm 100mhzsteps hwpstate cpb

Comment 3 Xueqiang Wei 2015-09-06 08:30:28 UTC
I'm trying to reproduce this issue on latest kernel and qemu-kmv-rhev.

If hit it, will generate a complete memory crash dump file.

Comment 4 Xueqiang Wei 2015-09-07 10:29:02 UTC
reproduce on: kernel-3.10.0-313.el7.x86_64, qemu-kvm-rhev-2.3.0-22.el7

How reproducible:
3/35


the dmp analysis:


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols

Microsoft (R) Windows Debugger Version 6.3.9600.16520 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Administrator\Desktop\Memory.dmp]
Kernel Summary Dump File: Only kernel address space is available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (16 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17514.amd64fre.win7sp1_rtm.101119-1850
Machine Name:
Kernel base = 0xfffff800`02666000 PsLoadedModuleList = 0xfffff800`028abe90
Debug session time: Mon Sep  7 11:09:07.500 2015 (UTC + 8:00)
System Uptime: 0 days 0:00:31.906
Loading Kernel Symbols
...............................................................
.......................................................
Loading User Symbols

Loading unloaded module list
....
The context is partially valid. Only x86 user-mode context is available.
The wow64exts extension must be loaded to access 32-bit state.
.load wow64exts will do this if you haven't loaded it already.
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {0, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

16.12: kd:x86> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: 0000000000000000, The exception code that was not handled
Arg2: 0000000000000000, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0x1E

CURRENT_IRQL:  0

ANALYSIS_VERSION: 6.3.9600.16520 (debuggers(dbg).140127-0329) amd64fre

LAST_CONTROL_TRANSFER:  from 0000000000000000 to 0000000000000000

STACK_TEXT:  
00000000 00000000 00000000 00000000 00000000 0x0


STACK_COMMAND:  kb

SYMBOL_NAME:  ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME:  Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP:  0

IMAGE_VERSION:  

BUCKET_ID:  INVALID_KERNEL_CONTEXT

FAILURE_BUCKET_ID:  INVALID_KERNEL_CONTEXT

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:invalid_kernel_context

FAILURE_ID_HASH:  {ef5f68ed-c19c-e34b-48ec-8a37cd6f3937}

Followup: MachineOwner
---------

Comment 5 Xueqiang Wei 2015-09-07 10:30:25 UTC
Created attachment 1070937 [details]
dump analysis

Comment 6 Vadim Rozenfeld 2015-09-08 00:26:45 UTC
(In reply to Xueqiang Wei from comment #5)
> Created attachment 1070937 [details]
> dump analysis

Can you please share a couple of crash dump files? We have one under http://fileshare.englab.nay.redhat.com/pub/section2/images_backup/rhel7/bug1238569/ . but unfortunately it is not enough for tracing the problem.

Thanks,
Vadim.

Comment 7 Xueqiang Wei 2015-09-08 02:24:20 UTC
(In reply to Vadim Rozenfeld from comment #6)
> (In reply to Xueqiang Wei from comment #5)
> > Created attachment 1070937 [details]
> > dump analysis
> 
> Can you please share a couple of crash dump files? We have one under
> http://fileshare.englab.nay.redhat.com/pub/section2/images_backup/rhel7/
> bug1238569/ . but unfortunately it is not enough for tracing the problem.
> 
> Thanks,
> Vadim.


dump file:
http://fileshare.englab.nay.redhat.com/pub/section2/images_backup/rhel7/bug1260341/Memory.dmp

Comment 8 Xueqiang Wei 2015-09-08 02:29:19 UTC
I downgrade to qemu-kvm-rhev-2.1.2-23.el7 to try, also hit this issue.

Comment 9 Vadim Rozenfeld 2015-09-09 03:21:51 UTC
Thanks,
Unfortunately, there is still no kernel-mode part in this dump.
Can we try applying a hot-fix from https://support.microsoft.com/en-us/kb/2528507
and try to acquire a new crash dump?

Best regards,
Vadim.

Comment 10 Xueqiang Wei 2015-09-09 09:07:16 UTC
(In reply to Vadim Rozenfeld from comment #9)
> Thanks,
> Unfortunately, there is still no kernel-mode part in this dump.
> Can we try applying a hot-fix from
> https://support.microsoft.com/en-us/kb/2528507
> and try to acquire a new crash dump?
> 
> Best regards,
> Vadim.


after install a hot-fix from https://support.microsoft.com/en-us/kb/2528507 ,
reproduce this issue on: kernel-3.10.0-315.el7.x86_64, qemu-kvm-rhev-2.3.0-22.el7

the dump file:
http://fileshare.englab.nay.redhat.com/pub/section2/images_backup/rhel7/bug1260341/Memory_02.dmp


the dmp analysis:

************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols

Microsoft (R) Windows Debugger Version 6.3.9600.16520 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Administrator\Desktop\Memory.dmp]
Kernel Summary Dump File: Only kernel address space is available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (16 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17591.amd64fre.win7sp1_gdr.110407-1603
Machine Name:
Kernel base = 0xfffff800`02859000 PsLoadedModuleList = 0xfffff800`02a9e650
Debug session time: Wed Sep  9 16:11:57.156 2015 (UTC + 8:00)
System Uptime: 0 days 0:00:36.453
Loading Kernel Symbols
...............................................................
................................................
Loading User Symbols

Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {0, 0, 0, 0}

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************
Probably caused by : ntkrnlmp.exe ( nt!KiKernelCalloutExceptionHandler+e )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: 0000000000000000, The exception code that was not handled
Arg2: 0000000000000000, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception

Debugging Details:
------------------

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0x1E

PROCESS_NAME:  System

CURRENT_IRQL:  2

ANALYSIS_VERSION: 6.3.9600.16520 (debuggers(dbg).140127-0329) amd64fre

DPC_STACK_BASE:  FFFFF8800314EFB0

EXCEPTION_RECORD:  fffff880031479c8 -- (.exr 0xfffff880031479c8)
ExceptionAddress: fffff800028db8e2 (nt!SwapContext_PatchXRstor)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

TRAP_FRAME:  fffff88003147a70 -- (.trap 0xfffff88003147a70)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000004 rbx=0000000000000000 rcx=fffff88003147cc0
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800028db8e2 rsp=fffff88003147c00 rbp=fffff88003147c70
 r8=0000000000000000  r9=0000000000000000 r10=0000000000002000
r11=fffffa8003cac89c r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na pe nc
nt!SwapContext_PatchXRstor:
fffff800`028db8e2 0fae29          xrstor  [rcx]
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff800028d06be to fffff800028d8cd0

STACK_TEXT:  
fffff880`03146aa8 fffff800`028d06be : fffffa80`04c7e820 00000000`00000000 fffff880`03147220 fffff800`02904890 : nt!KeBugCheck
fffff880`03146ab0 fffff800`0290455d : fffff800`02adf314 fffff800`02a20030 fffff800`02859000 fffff880`031479c8 : nt!KiKernelCalloutExceptionHandler+0xe
fffff880`03146ae0 fffff800`02903335 : fffff800`02a200fc fffff880`03146b58 fffff880`031479c8 fffff800`02859000 : nt!RtlpExecuteHandlerForException+0xd
fffff880`03146b10 fffff800`029143b1 : fffff880`031479c8 fffff880`03147220 fffff880`00000000 fffffa80`03d31040 : nt!RtlDispatchException+0x415
fffff880`031471f0 fffff800`028d8382 : fffff880`031479c8 fffff880`0311f180 fffff880`03147a70 fffff880`0312a2c0 : nt!KiDispatchException+0x135
fffff880`03147890 fffff800`028d6c8a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2
fffff880`03147a70 fffff800`028db8e2 : 00000000`05e84f71 fffff880`0311f180 fffff880`03147c70 fffff880`0312a2c0 : nt!KiGeneralProtectionFault+0x10a
fffff880`03147c00 fffff800`028d0add : fffff880`0311f180 fffff880`0312a2c0 00000000`00000000 fffff800`029fbf40 : nt!SwapContext_PatchXRstor
fffff880`03147c40 00000000`00000000 : fffff880`03148000 fffff880`03142000 fffff880`03147c00 00000000`00000000 : nt!KiIdleLoop+0x10d


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!KiKernelCalloutExceptionHandler+e
fffff800`028d06be 90              nop

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!KiKernelCalloutExceptionHandler+e

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4d9e9517

IMAGE_VERSION:  6.1.7601.17591

FAILURE_BUCKET_ID:  X64_0x1E_nt!KiKernelCalloutExceptionHandler+e

BUCKET_ID:  X64_0x1E_nt!KiKernelCalloutExceptionHandler+e

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:x64_0x1e_nt!kikernelcalloutexceptionhandler+e

FAILURE_ID_HASH:  {31b31670-23d4-78dd-b3a6-d5566ed846e6}

Followup: MachineOwner
---------

Comment 11 Xueqiang Wei 2015-09-09 09:10:09 UTC
Created attachment 1071643 [details]
dump analysis

Comment 12 Amnon Ilan 2015-09-09 12:48:45 UTC
*** Bug 1238569 has been marked as a duplicate of this bug. ***

Comment 13 Suqin Huang 2015-09-10 05:37:52 UTC
Hi Amnon, 
bug 1238569 is for qemu-kvm,
this bug is for qemu-kvm-rhev,
do we need to re-open bug 1238569.

Thanks
Suqin

Comment 17 Xueqiang Wei 2015-12-29 02:52:16 UTC
Hi Vadim,

In Comment 10, I acquire a new crash dump. if the new dump is complete?


Best Regards
Xueqiang Wei

Comment 18 Vadim Rozenfeld 2017-11-14 11:12:33 UTC
is it still reproducible on rhel7.5 ?

Thanks,
Vadim.

Comment 19 Yiqian Wei 2017-11-15 10:27:00 UTC
(In reply to Vadim Rozenfeld from comment #18)
> is it still reproducible on rhel7.5 ?

  I had tested 100 times by auto and manually on the latest version and didn't reproduce this bug.

host version:
qemu-kvm-rhev-2.10.0-6.el7.x86_64
kernel-3.10.0-784.el7.x86_64
virtio-win-1.9.3-1.el7.noarch
guest:win7_64

Test steps:
1.boot up win7 64bit guest
2.reboot guest for 100 times

Test results:
reboot the guest for 100 times and didn't hit the blackscreen.


Additional info:
1)manually cli:
/usr/libexec/qemu-kvm \
    -name 'vm-1' \
    -M rhel6.6.0  \
    -nodefaults  \
    -vga qxl \
    -device AC97,bus=pci.0,addr=03  \
    -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1,server,nowait \
    -mon chardev=qmp_id_qmpmonitor1,mode=control  \
    -chardev socket,id=qmp_id_catch_monitor,path=/tmp/monitor-catch_monitor-1,server,nowait \
    -mon chardev=qmp_id_catch_monitor,mode=control  \
    -chardev socket,id=serial_id_serial0,path=/tmp/serial-serial0,server,nowait \
    -device isa-serial,chardev=serial_id_serial0  \
    -chardev socket,id=seabioslog_id,path=/tmp/seabios-2,server,nowait \
    -device isa-debugcon,chardev=seabioslog_id,iobase=0x402 \
    -device ich9-usb-uhci1,id=usb1,bus=pci.0,addr=04 \
    -drive id=drive_image1,if=none,cache=none,snapshot=off,aio=native,file=/home/kvm_autotest_root/images/win7-64-sp1-virtio.qcow2 \
    -device virtio-blk-pci,id=image1,drive=drive_image1,bootindex=0,bus=pci.0,addr=05 \
    -device virtio-net-pci,mac=9a:a5:a6:a7:a8:a9,id=net0,vectors=4,netdev=hostnet0,bus=pci.0,addr=06  \
    -netdev tap,id=hostnet0,vhost=on   \
    -m 16384  \
    -smp 8,maxcpus=8,cores=4,threads=1,sockets=2  \
    -cpu 'Opteron_G4',hv_relaxed \
    -drive id=drive_cd1,if=none,snapshot=off,media=cdrom,file=/usr/share/virtio-win/virtio-win-1.9.3.iso \
    -device ide-drive,id=cd1,drive=drive_cd1,bootindex=1,bus=ide.0,unit=0 \
    -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1  \
    -spice port=5930,disable-ticketing  \
    -rtc base=localtime,clock=host,driftfix=slew  \
    -boot menu=on \
    -enable-kvm  \
    -monitor stdio \

2)host cpuinfo:
processor	: 15
vendor_id	: AuthenticAMD
cpu family	: 21
model		: 2
model name	: AMD Opteron(tm) Processor 6320
stepping	: 0
microcode	: 0x600084f
cpu MHz		: 2800.000
cache size	: 2048 KB
physical id	: 1
siblings	: 8
core id		: 3
cpu cores	: 4
apicid		: 71
initial apicid	: 39
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl nonstop_tsc extd_apicid amd_dcm aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 popcnt aes xsave avx f16c lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs xop skinit wdt lwp fma4 tce nodeid_msr tbm topoext perfctr_core perfctr_nb cpb hw_pstate vmmcall bmi1 arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
bogomips	: 5585.37
TLB size	: 1536 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 48 bits physical, 48 bits virtual
power management: ts ttp tm 100mhzsteps hwpstate cpb eff_freq_ro

Comment 20 Vadim Rozenfeld 2017-11-16 23:59:15 UTC
Thanks a lot.
Closing the issue.

Best regards,
Vadim.


Note You need to log in before you can comment on or make changes to this bug.