Bug 1260341 - [RHEL7.1] win7-64 guest failed to reboot with BSOD "Error Code: 0x0000001E"
[RHEL7.1] win7-64 guest failed to reboot with BSOD "Error Code: 0x0000001E"
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev (Show other bugs)
7.2
x86_64 Unspecified
high Severity high
: rc
: ---
Assigned To: Vadim Rozenfeld
Yiqian Wei
:
Depends On: 1204453 1238569
Blocks: 1401400
  Show dependency treegraph
 
Reported: 2015-09-05 23:35 EDT by Xueqiang Wei
Modified: 2017-11-16 18:59 EST (History)
23 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1238569
Environment:
Last Closed: 2017-11-16 18:59:15 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
dump analysis (3.85 KB, text/plain)
2015-09-07 06:30 EDT, Xueqiang Wei
no flags Details
dump analysis (20.16 KB, text/plain)
2015-09-09 05:10 EDT, Xueqiang Wei
no flags Details

  None (edit)
Comment 1 Xueqiang Wei 2015-09-05 23:42:28 EDT
Version-Release number of selected component:
Host:
# uname -r
3.10.0-229.15.1.el7_1.1227871.x86_64
# rpm -q qemu-kvm-rhev
qemu-kvm-rhev-2.1.2-23.el7_1.9

Guest:
Win7.x86_64.sp1


cpu info:
processor	: 31
vendor_id	: AuthenticAMD
cpu family	: 21
model		: 1
model name	: AMD Opteron(TM) Processor 6272                 
stepping	: 2
microcode	: 0x600063d
cpu MHz		: 2099.992
cache size	: 2048 KB
physical id	: 1
siblings	: 16
core id		: 7
cpu cores	: 8
apicid		: 79
initial apicid	: 47
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc extd_apicid amd_dcm aperfmperf pni pclmulqdq monitor ssse3 cx16 sse4_1 sse4_2 popcnt aes xsave avx lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs xop skinit wdt lwp fma4 nodeid_msr topoext perfctr_core perfctr_nb arat cpb hw_pstate npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
bogomips	: 4199.76
TLB size	: 1536 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 48 bits physical, 48 bits virtual
power management: ts ttp tm 100mhzsteps hwpstate cpb
Comment 3 Xueqiang Wei 2015-09-06 04:30:28 EDT
I'm trying to reproduce this issue on latest kernel and qemu-kmv-rhev.

If hit it, will generate a complete memory crash dump file.
Comment 4 Xueqiang Wei 2015-09-07 06:29:02 EDT
reproduce on: kernel-3.10.0-313.el7.x86_64, qemu-kvm-rhev-2.3.0-22.el7

How reproducible:
3/35


the dmp analysis:


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols

Microsoft (R) Windows Debugger Version 6.3.9600.16520 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Administrator\Desktop\Memory.dmp]
Kernel Summary Dump File: Only kernel address space is available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (16 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17514.amd64fre.win7sp1_rtm.101119-1850
Machine Name:
Kernel base = 0xfffff800`02666000 PsLoadedModuleList = 0xfffff800`028abe90
Debug session time: Mon Sep  7 11:09:07.500 2015 (UTC + 8:00)
System Uptime: 0 days 0:00:31.906
Loading Kernel Symbols
...............................................................
.......................................................
Loading User Symbols

Loading unloaded module list
....
The context is partially valid. Only x86 user-mode context is available.
The wow64exts extension must be loaded to access 32-bit state.
.load wow64exts will do this if you haven't loaded it already.
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {0, 0, 0, 0}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

16.12: kd:x86> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: 0000000000000000, The exception code that was not handled
Arg2: 0000000000000000, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0x1E

CURRENT_IRQL:  0

ANALYSIS_VERSION: 6.3.9600.16520 (debuggers(dbg).140127-0329) amd64fre

LAST_CONTROL_TRANSFER:  from 0000000000000000 to 0000000000000000

STACK_TEXT:  
00000000 00000000 00000000 00000000 00000000 0x0


STACK_COMMAND:  kb

SYMBOL_NAME:  ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME:  Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP:  0

IMAGE_VERSION:  

BUCKET_ID:  INVALID_KERNEL_CONTEXT

FAILURE_BUCKET_ID:  INVALID_KERNEL_CONTEXT

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:invalid_kernel_context

FAILURE_ID_HASH:  {ef5f68ed-c19c-e34b-48ec-8a37cd6f3937}

Followup: MachineOwner
---------
Comment 5 Xueqiang Wei 2015-09-07 06:30:25 EDT
Created attachment 1070937 [details]
dump analysis
Comment 6 Vadim Rozenfeld 2015-09-07 20:26:45 EDT
(In reply to Xueqiang Wei from comment #5)
> Created attachment 1070937 [details]
> dump analysis

Can you please share a couple of crash dump files? We have one under http://fileshare.englab.nay.redhat.com/pub/section2/images_backup/rhel7/bug1238569/ . but unfortunately it is not enough for tracing the problem.

Thanks,
Vadim.
Comment 7 Xueqiang Wei 2015-09-07 22:24:20 EDT
(In reply to Vadim Rozenfeld from comment #6)
> (In reply to Xueqiang Wei from comment #5)
> > Created attachment 1070937 [details]
> > dump analysis
> 
> Can you please share a couple of crash dump files? We have one under
> http://fileshare.englab.nay.redhat.com/pub/section2/images_backup/rhel7/
> bug1238569/ . but unfortunately it is not enough for tracing the problem.
> 
> Thanks,
> Vadim.


dump file:
http://fileshare.englab.nay.redhat.com/pub/section2/images_backup/rhel7/bug1260341/Memory.dmp
Comment 8 Xueqiang Wei 2015-09-07 22:29:19 EDT
I downgrade to qemu-kvm-rhev-2.1.2-23.el7 to try, also hit this issue.
Comment 9 Vadim Rozenfeld 2015-09-08 23:21:51 EDT
Thanks,
Unfortunately, there is still no kernel-mode part in this dump.
Can we try applying a hot-fix from https://support.microsoft.com/en-us/kb/2528507
and try to acquire a new crash dump?

Best regards,
Vadim.
Comment 10 Xueqiang Wei 2015-09-09 05:07:16 EDT
(In reply to Vadim Rozenfeld from comment #9)
> Thanks,
> Unfortunately, there is still no kernel-mode part in this dump.
> Can we try applying a hot-fix from
> https://support.microsoft.com/en-us/kb/2528507
> and try to acquire a new crash dump?
> 
> Best regards,
> Vadim.


after install a hot-fix from https://support.microsoft.com/en-us/kb/2528507 ,
reproduce this issue on: kernel-3.10.0-315.el7.x86_64, qemu-kvm-rhev-2.3.0-22.el7

the dump file:
http://fileshare.englab.nay.redhat.com/pub/section2/images_backup/rhel7/bug1260341/Memory_02.dmp


the dmp analysis:

************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols

Microsoft (R) Windows Debugger Version 6.3.9600.16520 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Administrator\Desktop\Memory.dmp]
Kernel Summary Dump File: Only kernel address space is available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (16 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17591.amd64fre.win7sp1_gdr.110407-1603
Machine Name:
Kernel base = 0xfffff800`02859000 PsLoadedModuleList = 0xfffff800`02a9e650
Debug session time: Wed Sep  9 16:11:57.156 2015 (UTC + 8:00)
System Uptime: 0 days 0:00:36.453
Loading Kernel Symbols
...............................................................
................................................
Loading User Symbols

Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {0, 0, 0, 0}

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************
Probably caused by : ntkrnlmp.exe ( nt!KiKernelCalloutExceptionHandler+e )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: 0000000000000000, The exception code that was not handled
Arg2: 0000000000000000, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception

Debugging Details:
------------------

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0x1E

PROCESS_NAME:  System

CURRENT_IRQL:  2

ANALYSIS_VERSION: 6.3.9600.16520 (debuggers(dbg).140127-0329) amd64fre

DPC_STACK_BASE:  FFFFF8800314EFB0

EXCEPTION_RECORD:  fffff880031479c8 -- (.exr 0xfffff880031479c8)
ExceptionAddress: fffff800028db8e2 (nt!SwapContext_PatchXRstor)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

TRAP_FRAME:  fffff88003147a70 -- (.trap 0xfffff88003147a70)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000004 rbx=0000000000000000 rcx=fffff88003147cc0
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800028db8e2 rsp=fffff88003147c00 rbp=fffff88003147c70
 r8=0000000000000000  r9=0000000000000000 r10=0000000000002000
r11=fffffa8003cac89c r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na pe nc
nt!SwapContext_PatchXRstor:
fffff800`028db8e2 0fae29          xrstor  [rcx]
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff800028d06be to fffff800028d8cd0

STACK_TEXT:  
fffff880`03146aa8 fffff800`028d06be : fffffa80`04c7e820 00000000`00000000 fffff880`03147220 fffff800`02904890 : nt!KeBugCheck
fffff880`03146ab0 fffff800`0290455d : fffff800`02adf314 fffff800`02a20030 fffff800`02859000 fffff880`031479c8 : nt!KiKernelCalloutExceptionHandler+0xe
fffff880`03146ae0 fffff800`02903335 : fffff800`02a200fc fffff880`03146b58 fffff880`031479c8 fffff800`02859000 : nt!RtlpExecuteHandlerForException+0xd
fffff880`03146b10 fffff800`029143b1 : fffff880`031479c8 fffff880`03147220 fffff880`00000000 fffffa80`03d31040 : nt!RtlDispatchException+0x415
fffff880`031471f0 fffff800`028d8382 : fffff880`031479c8 fffff880`0311f180 fffff880`03147a70 fffff880`0312a2c0 : nt!KiDispatchException+0x135
fffff880`03147890 fffff800`028d6c8a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2
fffff880`03147a70 fffff800`028db8e2 : 00000000`05e84f71 fffff880`0311f180 fffff880`03147c70 fffff880`0312a2c0 : nt!KiGeneralProtectionFault+0x10a
fffff880`03147c00 fffff800`028d0add : fffff880`0311f180 fffff880`0312a2c0 00000000`00000000 fffff800`029fbf40 : nt!SwapContext_PatchXRstor
fffff880`03147c40 00000000`00000000 : fffff880`03148000 fffff880`03142000 fffff880`03147c00 00000000`00000000 : nt!KiIdleLoop+0x10d


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!KiKernelCalloutExceptionHandler+e
fffff800`028d06be 90              nop

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!KiKernelCalloutExceptionHandler+e

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4d9e9517

IMAGE_VERSION:  6.1.7601.17591

FAILURE_BUCKET_ID:  X64_0x1E_nt!KiKernelCalloutExceptionHandler+e

BUCKET_ID:  X64_0x1E_nt!KiKernelCalloutExceptionHandler+e

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:x64_0x1e_nt!kikernelcalloutexceptionhandler+e

FAILURE_ID_HASH:  {31b31670-23d4-78dd-b3a6-d5566ed846e6}

Followup: MachineOwner
---------
Comment 11 Xueqiang Wei 2015-09-09 05:10:09 EDT
Created attachment 1071643 [details]
dump analysis
Comment 12 Amnon Ilan 2015-09-09 08:48:45 EDT
*** Bug 1238569 has been marked as a duplicate of this bug. ***
Comment 13 Suqin Huang 2015-09-10 01:37:52 EDT
Hi Amnon, 
bug 1238569 is for qemu-kvm,
this bug is for qemu-kvm-rhev,
do we need to re-open bug 1238569.

Thanks
Suqin
Comment 17 Xueqiang Wei 2015-12-28 21:52:16 EST
Hi Vadim,

In Comment 10, I acquire a new crash dump. if the new dump is complete?


Best Regards
Xueqiang Wei
Comment 18 Vadim Rozenfeld 2017-11-14 06:12:33 EST
is it still reproducible on rhel7.5 ?

Thanks,
Vadim.
Comment 19 Yiqian Wei 2017-11-15 05:27:00 EST
(In reply to Vadim Rozenfeld from comment #18)
> is it still reproducible on rhel7.5 ?

  I had tested 100 times by auto and manually on the latest version and didn't reproduce this bug.

host version:
qemu-kvm-rhev-2.10.0-6.el7.x86_64
kernel-3.10.0-784.el7.x86_64
virtio-win-1.9.3-1.el7.noarch
guest:win7_64

Test steps:
1.boot up win7 64bit guest
2.reboot guest for 100 times

Test results:
reboot the guest for 100 times and didn't hit the blackscreen.


Additional info:
1)manually cli:
/usr/libexec/qemu-kvm \
    -name 'vm-1' \
    -M rhel6.6.0  \
    -nodefaults  \
    -vga qxl \
    -device AC97,bus=pci.0,addr=03  \
    -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1,server,nowait \
    -mon chardev=qmp_id_qmpmonitor1,mode=control  \
    -chardev socket,id=qmp_id_catch_monitor,path=/tmp/monitor-catch_monitor-1,server,nowait \
    -mon chardev=qmp_id_catch_monitor,mode=control  \
    -chardev socket,id=serial_id_serial0,path=/tmp/serial-serial0,server,nowait \
    -device isa-serial,chardev=serial_id_serial0  \
    -chardev socket,id=seabioslog_id,path=/tmp/seabios-2,server,nowait \
    -device isa-debugcon,chardev=seabioslog_id,iobase=0x402 \
    -device ich9-usb-uhci1,id=usb1,bus=pci.0,addr=04 \
    -drive id=drive_image1,if=none,cache=none,snapshot=off,aio=native,file=/home/kvm_autotest_root/images/win7-64-sp1-virtio.qcow2 \
    -device virtio-blk-pci,id=image1,drive=drive_image1,bootindex=0,bus=pci.0,addr=05 \
    -device virtio-net-pci,mac=9a:a5:a6:a7:a8:a9,id=net0,vectors=4,netdev=hostnet0,bus=pci.0,addr=06  \
    -netdev tap,id=hostnet0,vhost=on   \
    -m 16384  \
    -smp 8,maxcpus=8,cores=4,threads=1,sockets=2  \
    -cpu 'Opteron_G4',hv_relaxed \
    -drive id=drive_cd1,if=none,snapshot=off,media=cdrom,file=/usr/share/virtio-win/virtio-win-1.9.3.iso \
    -device ide-drive,id=cd1,drive=drive_cd1,bootindex=1,bus=ide.0,unit=0 \
    -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1  \
    -spice port=5930,disable-ticketing  \
    -rtc base=localtime,clock=host,driftfix=slew  \
    -boot menu=on \
    -enable-kvm  \
    -monitor stdio \

2)host cpuinfo:
processor	: 15
vendor_id	: AuthenticAMD
cpu family	: 21
model		: 2
model name	: AMD Opteron(tm) Processor 6320
stepping	: 0
microcode	: 0x600084f
cpu MHz		: 2800.000
cache size	: 2048 KB
physical id	: 1
siblings	: 8
core id		: 3
cpu cores	: 4
apicid		: 71
initial apicid	: 39
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl nonstop_tsc extd_apicid amd_dcm aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 popcnt aes xsave avx f16c lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs xop skinit wdt lwp fma4 tce nodeid_msr tbm topoext perfctr_core perfctr_nb cpb hw_pstate vmmcall bmi1 arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
bogomips	: 5585.37
TLB size	: 1536 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 48 bits physical, 48 bits virtual
power management: ts ttp tm 100mhzsteps hwpstate cpb eff_freq_ro
Comment 20 Vadim Rozenfeld 2017-11-16 18:59:15 EST
Thanks a lot.
Closing the issue.

Best regards,
Vadim.

Note You need to log in before you can comment on or make changes to this bug.