Hide Forgot
Created attachment 1218753 [details] WDF Logo Test-Final log Description of problem: [virtio-win][vioser][whql]BSOD when running job "WDF Logo Test-Final" w/ q35 on win2008-32 dump file refer to attachment Version-Release number of selected component (if applicable): virtio-win-prewhql-128 qemu-kvm-rhev-2.6.0-27.el7.x86_64 kernel-3.10.0-518.el7.x86_64 How reproducible: 2/2 Steps to Reproduce: 1. boot w/ "-M q35" and pcie device /usr/libexec/qemu-kvm -name 128SRLWIN832JTU -enable-kvm -m 3G -smp 4 -uuid 9c0b7b6e-9beb-44ea-b1a2-72e541349142 -nodefconfig -nodefaults -chardev socket,id=charmonitor,path=/tmp/128SRLWIN832JTU,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime,driftfix=slew -boot order=cd,menu=on -device piix3-usb-uhci,id=usb -drive file=128SRLWIN832JTU,if=none,id=drive-ide0-0-0,format=raw,serial=mike_cao,cache=none -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=en_windows_8_enterprise_x86_dvd_917587.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -drive file=128SRLWIN832JTU.vfd,if=floppy,id=drive-fdc0-0-0,format=raw,cache=none -netdev tap,script=/etc/qemu-ifup,downscript=no,id=hostnet0 -device e1000,netdev=hostnet0,id=net0,mac=00:52:4a:6e:12:1a -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=isa_serial0 -device usb-tablet,id=input0 -vnc 0.0.0.0:0 -vga cirrus -M q35 -device ioh3420,bus=pcie.0,id=root1.0,slot=1 -device virtio-serial-pci,id=serial0,bus=root1.0 -chardev socket,id=serialchardev0,path=/tmp/128SRLWIN832JTU_port0,server,nowait -device virtserialport,id=port0,chardev=serialchardev0,bus=serial0.0 2. run job "WDF Logo Test-Final" Actual results: BSOD Expected results: Pass Additional info: 1 It can pass w/ "-M pc" 2 can pass on win2008-64
******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 7E, {c0000005, 806f2848, 8dde35ac, 8dde32a8} Probably caused by : memory_corruption Followup: memory_corruption --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: 806f2848, The address that the exception occurred at Arg3: 8dde35ac, Exception Record Address Arg4: 8dde32a8, Context Record Address Debugging Details: ------------------ EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. FAULTING_IP: NDIS!ndisRegisterMiniportDriver+108 806f2848 f0000500000000 lock add byte ptr ds:[0],al EXCEPTION_RECORD: 8dde35ac -- (.exr 0xffffffff8dde35ac) ExceptionAddress: 806f2848 (NDIS!ndisRegisterMiniportDriver+0x00000108) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000001 Parameter[1]: 00000000 Attempt to write to address 00000000 CONTEXT: 8dde32a8 -- (.cxr 0xffffffff8dde32a8;r) eax=859ff670 ebx=0000019c ecx=859ff638 edx=00000000 esi=859ff7e0 edi=8dde36dc eip=806f2848 esp=8dde3674 ebp=8dde3694 iopl=0 nv up ei ng nz ac po nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00210292 NDIS!ndisRegisterMiniportDriver+0x108: 806f2848 f0000500000000 lock add byte ptr ds:[0],al ds:0023:00000000=?? Last set context: eax=859ff670 ebx=0000019c ecx=859ff638 edx=00000000 esi=859ff7e0 edi=8dde36dc eip=806f2848 esp=8dde3674 ebp=8dde3694 iopl=0 nv up ei ng nz ac po nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00210292 NDIS!ndisRegisterMiniportDriver+0x108: 806f2848 f0000500000000 lock add byte ptr ds:[0],al ds:0023:00000000=?? Resetting default scope DEFAULT_BUCKET_ID: CODE_CORRUPTION PROCESS_NAME: System CURRENT_IRQL: 0 ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. EXCEPTION_PARAMETER1: 00000001 EXCEPTION_PARAMETER2: 00000000 WRITE_ADDRESS: 00000000 FOLLOWUP_IP: NDIS!ndisRegisterMiniportDriver+108 806f2848 f0000500000000 lock add byte ptr ds:[0],al BUGCHECK_STR: 0x7E ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre LOCK_ADDRESS: 81972600 -- (!locks 81972600) Resource @ nt!PiEngineLock (0x81972600) Exclusively owned Threads: 8549a828-01<*> 1 total locks, 1 locks currently held PNP_TRIAGE: Lock address : 0x81972600 Thread Count : 1 Thread address: 0x8549a828 Thread wait : 0x1bd LAST_CONTROL_TRANSFER: from 81a13c87 to 8190bb0d STACK_TEXT: 8dde3694 806f2709 00000060 8dde36dc 00000060 NDIS!ndisRegisterMiniportDriver+0x108 8dde36bc 90c990f9 859ff7e0 8dde36dc 00000060 NDIS!NdisMRegisterMiniport+0x7f 8dde3740 819a9a68 859ff9d8 85a00000 8dde3a98 rasl2tp!DriverEntry+0xb6 8dde3924 819a1cec 00000000 8dde3900 8dde3954 nt!IopLoadDriver+0x805 8dde3968 81a112e1 8dbd3d38 00000001 8dbd3d24 nt!PipCallDriverAddDeviceQueryRoutine+0x309 8dde39a0 81a11611 00000001 8dde3a98 819a19e3 nt!RtlpCallQueryRegistryRoutine+0x28e 8dde3a0c 819a04f4 40000000 80000048 8dde3a40 nt!RtlQueryRegistryValues+0x31b 8dde3af0 8199fa27 00000000 8dde3d38 81970550 nt!PipCallDriverAddDevice+0x2ff 8dde3cec 8184a714 854733f8 8597b828 8dde3d38 nt!PipProcessDevNodeTree+0x15c 8dde3d44 818e3e22 00000000 00000000 8549a828 nt!PnpDeviceActionWorker+0x229 8dde3d7c 81a13c42 00000000 f8c3eb47 00000000 nt!ExpWorkerThread+0xfd 8dde3dc0 8187cefe 818e3d25 00000001 00000000 nt!PspSystemThreadStartup+0x9d 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 CHKIMG_EXTENSION: !chkimg -lo 50 -d !NDIS 806f2848-806f2859 18 bytes - NDIS!ndisRegisterMiniportDriver+108 [ 57 50 e8 bf 1f f2 ff 83:f0 00 05 00 00 00 00 0a ] 18 errors : !NDIS (806f2848-806f2859) MODULE_NAME: memory_corruption IMAGE_NAME: memory_corruption FOLLOWUP_NAME: memory_corruption DEBUG_FLR_IMAGE_TIMESTAMP: 0 MEMORY_CORRUPTOR: LARGE STACK_COMMAND: .cxr 0xffffffff8dde32a8 ; kb FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE BUCKET_ID: MEMORY_CORRUPTION_LARGE ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:memory_corruption_large FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c} Followup: memory_corruption ---------
Verified this issue with qemu-kvm-rhev-2.8.0-5.el7 under q35, it can be passed none bsod. kernel-3.10.0-612.el7.x86_64 qemu-kvm-rhev-2.8.0-5.el7 virtio-win-prewhql-128 Best Regards~ Peixiu Hou
change status to verified according to comment#3
Hi Amnon, Could you help to ack? Thanks
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2341