Bug 1296633 - Installing virtio storage driver in Windows 2008 R2 causes bluescreen (STOP 7E in viostor.sys or vioscsi.sys)
Installing virtio storage driver in Windows 2008 R2 causes bluescreen (STOP 7...
Status: CLOSED NOTABUG
Product: Virtualization Tools
Classification: Community
Component: virtio-win (Show other bugs)
unspecified
Unspecified Windows
unspecified Severity high
: ---
: ---
Assigned To: Vadim Rozenfeld
Virtualization Bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-01-07 12:16 EST by Aaron C. de Bruyn
Modified: 2016-05-11 09:46 EDT (History)
16 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-04-08 03:25:48 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Aaron C. de Bruyn 2016-01-07 12:16:34 EST
Description of problem:
Asked to file the bug here from https://github.com/YanVugenfirer/kvm-guest-drivers-windows/issues/8

Version-Release number of selected component (if applicable):
ISO 0.1.112

How reproducible:
Every time

Steps to Reproduce:
1. Install Windows 2008 R2 VM using IDE drivers for both a 'system' and 'data' drive
2. Shutdown the VM, switch the 'data' drive to use virtio, boot VM.
3. Install latest virtio drivers via Device Manager in Windows.
4. Bluescreen occurs indicating a problem in viostore.sys
5. Rebooting causes a different bluescreen until the VM is powered off completely and re-started.  Then you get the original bluescreen once.
6. Switching the data drive back to IDE does not fix the problem.  You must shutdown the VM, mount the system disk image, search through it for *viostor*, delete all files found, then unmount and boot the VM again.
Comment 1 Vadim Rozenfeld 2016-01-07 13:09:29 EST
Li Jin, can we try reproducing this problem on rhel 7 ?

Thanks,
Vadim.
Comment 2 lijin 2016-01-10 21:24:46 EST
(In reply to Vadim Rozenfeld from comment #1)
> Li Jin, can we try reproducing this problem on rhel 7 ?
> 
> Thanks,
> Vadim.

should be duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=1292788
win7-64&win2008-64&win2008R2 all hit the same issue when install build 112 viostor driver
Comment 3 Nisim Simsolo 2016-01-11 05:21:08 EST
Possible workaround for this issue:
1. When using IDE interface, add another disk to VM with VirtIO interface.
2. Attach CD with virtio-win.iso to VM.
3. From console, navigate to device manager and install missing drivers, or browse CD manually and install vioscsi and viostor drivers.
4. Power off VM, change IDE disk interface to VirtIO.
5. Run VM.

VirtIO drivers used for this workaround: virtio-win-1.8.0-4
Comment 4 Ladi Prosek 2016-04-04 05:21:21 EDT
According to the BSOD screenshots, the crash occurs at viostor+0x802d (virtio-win 0.1.112, timestamp 1450246086) which is inside viostor!__security_init_cookie but not at an instruction boundary. Definitely not a dupe of #1292788.
Comment 5 Ladi Prosek 2016-04-06 04:06:02 EDT
Correction: the crash actually occurs at an int 3 in viostor!__security_init_cookie because the driver being loaded is targeted at Win8 (Win2008R2 driver would have a timestamp of 1450246519). Here's the entire function:

0000000140008000 mov rax, qword ptr [0x140006000] <-- driver expects security cookie from the OS here
0000000140008007 test rax, rax
000000014000800a je 0x140008026 <-- no cookie, failing fast
000000014000800c movabs rcx, 0x2b992ddfa232
0000000140008016 cmp rax, rcx
0000000140008019 je 0x140008026
000000014000801b not rax
000000014000801e mov qword ptr [0x140006008], rax
0000000140008025 ret 
0000000140008026
0000000140008026 0x140008026:
0000000140008026 mov ecx, 6
000000014000802b int 0x29 <-- new Win8 run-time assert, no-op on downlevel
000000014000802d int3 <-- BSOD
000000014000802e int3 
000000014000802f int3 

And an explanation of what changed in Win8:
http://hitcon.org/2012/download/0720A5_360.MJ0011_Reversing%20Windows8-Interesting%20Features%20of%20Kernel%20Security.pdf

Technically, this is NOTABUG but it would be nice to find a way to make Win8 drivers gracefully fail to install on downlevel.
Comment 6 Vadim Rozenfeld 2016-04-06 05:35:36 EDT
(In reply to Ladi Prosek from comment #5)
> Correction: the crash actually occurs at an int 3 in
> viostor!__security_init_cookie because the driver being loaded is targeted
> at Win8 (Win2008R2 driver would have a timestamp of 1450246519). Here's the
> entire function:
> 
> 0000000140008000 mov rax, qword ptr [0x140006000] <-- driver expects
> security cookie from the OS here
> 0000000140008007 test rax, rax
> 000000014000800a je 0x140008026 <-- no cookie, failing fast
> 000000014000800c movabs rcx, 0x2b992ddfa232
> 0000000140008016 cmp rax, rcx
> 0000000140008019 je 0x140008026
> 000000014000801b not rax
> 000000014000801e mov qword ptr [0x140006008], rax
> 0000000140008025 ret 
> 0000000140008026
> 0000000140008026 0x140008026:
> 0000000140008026 mov ecx, 6
> 000000014000802b int 0x29 <-- new Win8 run-time assert, no-op on downlevel
> 000000014000802d int3 <-- BSOD
> 000000014000802e int3 
> 000000014000802f int3 
> 
> And an explanation of what changed in Win8:
> http://hitcon.org/2012/download/0720A5_360.MJ0011_Reversing%20Windows8-
> Interesting%20Features%20of%20Kernel%20Security.pdf
> 
> Technically, this is NOTABUG but it would be nice to find a way to make Win8
> drivers gracefully fail to install on downlevel.

Funny, just added almost the same comment on the github :)
https://github.com/YanVugenfirer/kvm-guest-drivers-windows/issues/8

Thank you,
Vadim.
Comment 7 Ladi Prosek 2016-04-08 03:25:48 EDT
Closing as NOATBUG because this happens only with an unsupported driver-OS combination (Win8 driver on Win7 basically). The workaround is to point Device Manager to the right directory in the ISO, for example \viostor\2k8R2\amd64 for Windows Server 2008 R2.

Bug #1325078 tracks adding proper version information to driver .inf files so Windows will know which driver to install.
Comment 8 Ladi Prosek 2016-05-11 09:46:58 EDT
Edited the title because vioscsi.sys suffers from the exact same problem.

Note You need to log in before you can comment on or make changes to this bug.