You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff800024cb4d4, address which referenced memory
Debugging Details:
"KERNEL32.DLL" was not found in the image list.
Debugger will attempt to load "KERNEL32.DLL" at given base 00000000`00000000.
Please provide the full image name, including the extension (i.e. kernel32.dll)
for more reliable results.Base address and size overrides can be given as
.reload <image.ext>=,.
Unable to add module at 00000000`00000000
TRAP_FRAME: ffffd000261673f0 -- (.trap 0xffffd000261673f0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
rdx=ffffd000261675e0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800024cb4d4 rsp=ffffd00026167580 rbp=0000000000000000
r8=ffffd00026167601 r9=0000000000000000 r10=00000000c000000d
r11=ffffd000261677b0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
OVSExt!OvsDoDumpFlows+0xa0:
fffff800024cb4d4 488b18 mov rbx,qword ptr [rax] ds:0000000000000000=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff802dde5e7c6 to fffff802ddddbc90
…ition)
The BSOD occurred because the FilterAttach routine released the switch
context, while there were IRPs in processing.
The solution was to add a reference count to prevent premature deallocation of the
global switch context structure, gOvsSwitchContext.
Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Reported-at: openvswitch/ovs-issues#58
Acked-by: Eitan Eliahu <eliahue@vmware.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Providing stack trace and analysis of the issue:
kd> k
Child-SP RetAddr Call Site
ffffd000
26166af8 fffff802
dde5e7c6 nt!DbgBreakPointWithStatusffffd000
26166b00 fffff802
dde5e0d7 nt!KiBugCheckDebugBreak+0x12ffffd000
26166b60 fffff802
dddd51a4 nt!KeBugCheck2+0x8abffffd000
26167270 fffff802
ddde0be9 nt!KeBugCheckEx+0x104ffffd000
261672b0 fffff802
ddddf43a nt!KiBugCheckDispatch+0x69ffffd000
261673f0 fffff800
024cb4d4 nt!KiPageFault+0x23affffd000
26167580 fffff800
024cc3ef OVSExt!OvsDoDumpFlows+0xa0 [c:\work\ovs\datapath-windows\ovsext\flow.c @ 2015]ffffd000
261675e0 fffff800
024d134c OVSExt!_FlowNlDumpCmdHandler+0x197 [c:\work\ovs\datapath-windows\ovsext\flow.c @ 590]ffffd000
26167740 fffff800
024e128f OVSExt!InvokeNetlinkCmdHandler+0x6c [c:\work\ovs\datapath-windows\ovsext\datapath.c @ 952]ffffd000
26167770 fffff800
0053bc18 OVSExt!OvsDeviceControl+0x263 [c:\work\ovs\datapath-windows\ovsext\datapath.c @ 862]ffffd000
26167840 fffff802
de04f395 NDIS!ndisDummyIrpHandler+0x88ffffd000
26167870 fffff802
de04fd2a nt!IopXxxControlFile+0x845ffffd000
26167a20 fffff802
ddde08b3 nt!NtDeviceIoControlFile+0x56ffffd000
26167a90 00000000
775a2772 nt!KiSystemServiceCopyEnd+0x1300000000
009eee88 00000000
775a2371 wow64cpu!CpupSyscallStub+0x200000000
009eee90 00000000
775c323a wow64cpu!DeviceIoctlFileFault+0x3100000000
009eef40 00000000
775c317e wow64!RunCpuSimulation+0xa00000000
009eef90 00007ffb
c1ca6bd0 wow64!Wow64LdrpInitialize+0x17200000000
009ef4d0 00007ffb
c1ca6aa6 ntdll!_LdrpInitialize+0xd800000000
009ef540 00000000
00000000 ntdll!LdrInitializeThunk+0xekd> !analyze -v
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff800024cb4d4, address which referenced memory
Debugging Details:
"KERNEL32.DLL" was not found in the image list.
Debugger will attempt to load "KERNEL32.DLL" at given base 00000000`00000000.
Please provide the full image name, including the extension (i.e. kernel32.dll)
for more reliable results.Base address and size overrides can be given as
.reload <image.ext>=,.
Unable to add module at 00000000`00000000
READ_ADDRESS: 0000000000000000
CURRENT_IRQL: 2
FAULTING_IP:
OVSExt!OvsDoDumpFlows+a0 [c:\work\ovs\datapath-windows\ovsext\flow.c @ 2015]
fffff800`024cb4d4 488b18 mov rbx,qword ptr [rax]
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: ovs-vswitchd.e
ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) amd64fre
TRAP_FRAME: ffffd000261673f0 -- (.trap 0xffffd000261673f0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
rdx=ffffd000261675e0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800024cb4d4 rsp=ffffd00026167580 rbp=0000000000000000
r8=ffffd00026167601 r9=0000000000000000 r10=00000000c000000d
r11=ffffd000261677b0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
OVSExt!OvsDoDumpFlows+0xa0:
fffff800
024cb4d4 488b18 mov rbx,qword ptr [rax] ds:00000000
00000000=????????????????Resetting default scope
LAST_CONTROL_TRANSFER: from fffff802dde5e7c6 to fffff802ddddbc90
STACK_TEXT:
ffffd000
26166af8 fffff802
dde5e7c6 : 0000000000000000 00000000
00000000 ffffd00026166c60 fffff802
ddd83654 : nt!DbgBreakPointWithStatusffffd000
26166b00 fffff802
dde5e0d7 : 0000000000000003 ffffd000
26166c60 fffff802ddde3070 00000000
000000d1 : nt!KiBugCheckDebugBreak+0x12ffffd000
26166b60 fffff802
dddd51a4 : 0000000000000000 00000000
00000001 fffff6fb00000000 ffffd000
26e00000 : nt!KeBugCheck2+0x8abffffd000
26167270 fffff802
ddde0be9 : 000000000000000a 00000000
00000000 0000000000000002 00000000
00000000 : nt!KeBugCheckEx+0x104ffffd000
261672b0 fffff802
ddddf43a : 0000000000000000 00000000
00000000 ffffe00003cdbf00 ffffd000
261673f0 : nt!KiBugCheckDispatch+0x69ffffd000
261673f0 fffff800
024cb4d4 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : nt!KiPageFault+0x23affffd000
26167580 fffff800
024cc3ef : 0000000000010300 00000000
00000000 0000000000000002 ffffe000
03e35e90 : OVSExt!OvsDoDumpFlows+0xa0 [c:\work\ovs\datapath-windows\ovsext\flow.c @ 2015]ffffd000
261675e0 fffff800
024d134c : ffffe00000000001 ffffd000
261677a0 0000000000000004 fffff680
00000010 : OVSExt!_FlowNlDumpCmdHandler+0x197 [c:\work\ovs\datapath-windows\ovsext\flow.c @ 590]ffffd000
26167740 fffff800
024e128f : fffff800024de2c0 00000000
00010000 0000000000000000 fffff802
ddce5d64 : OVSExt!InvokeNetlinkCmdHandler+0x6c [c:\work\ovs\datapath-windows\ovsext\datapath.c @ 952]ffffd000
26167770 fffff800
0053bc18 : ffffe000020fa010 00000000
afc84402 ffffe000020f43b0 ffffe000
020fa010 : OVSExt!OvsDeviceControl+0x263 [c:\work\ovs\datapath-windows\ovsext\datapath.c @ 862]ffffd000
26167840 fffff802
de04f395 : ffffe000020fa010 00000000
00000001 ffffe00001851ac0 00000000
0000000e : NDIS!ndisDummyIrpHandler+0x88ffffd000
26167870 fffff802
de04fd2a : ffffd00026167a38 00000000
775a1f30 0000000000000001 00000000
00000000 : nt!IopXxxControlFile+0x845ffffd000
26167a20 fffff802
ddde08b3 : ffffe00003c9c080 ffffd000
001f0003 00000000009ee588 fffff802
00000001 : nt!NtDeviceIoControlFile+0x56ffffd000
26167a90 00000000
775a2772 : 00000000775a2371 00000023
7763b66c 0000000000000023 00000000
000000ff : nt!KiSystemServiceCopyEnd+0x1300000000
009eee88 00000000
775a2371 : 000000237763b66c 00000000
00000023 00000000000000ff 00000000
0112fd78 : wow64cpu!CpupSyscallStub+0x200000000
009eee90 00000000
775c323a : 0000000000000000 00000000
775a1503 0000000000000000 00000000
775c3420 : wow64cpu!DeviceIoctlFileFault+0x3100000000
009eef40 00000000
775c317e : 0000000000000000 00000000
00000000 00000000009efd30 00000000
009ef590 : wow64!RunCpuSimulation+0xa00000000
009eef90 00007ffb
c1ca6bd0 : 0000000000000000 00000000
00000000 000000007e2d4000 00000000
00000000 : wow64!Wow64LdrpInitialize+0x17200000000
009ef4d0 00007ffb
c1ca6aa6 : 00000000009ef590 00000000
00000000 0000000000000000 00000000
7e2d4000 : ntdll!_LdrpInitialize+0xd800000000
009ef540 00000000
00000000 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : ntdll!LdrInitializeThunk+0xeSTACK_COMMAND: kb
FOLLOWUP_IP:
OVSExt!OvsDoDumpFlows+a0 [c:\work\ovs\datapath-windows\ovsext\flow.c @ 2015]
fffff800`024cb4d4 488b18 mov rbx,qword ptr [rax]
FAULTING_SOURCE_LINE: c:\work\ovs\datapath-windows\ovsext\flow.c
FAULTING_SOURCE_FILE: c:\work\ovs\datapath-windows\ovsext\flow.c
FAULTING_SOURCE_LINE_NUMBER: 2015
FAULTING_SOURCE_CODE:
2011: ASSERT(KeGetCurrentIrql() == DISPATCH_LEVEL);
2012: OvsAcquireDatapathRead(datapath, &dpLockState, TRUE);
2013:
2014: head = &datapath->flowTable[rowIndex];
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: OVSExt!OvsDoDumpFlows+a0
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: OVSExt
IMAGE_NAME: OVSExt.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 54738f8a
BUCKET_ID_FUNC_OFFSET: a0
FAILURE_BUCKET_ID: AV_OVSExt!OvsDoDumpFlows
BUCKET_ID: AV_OVSExt!OvsDoDumpFlows
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_ovsext!ovsdodumpflows
FAILURE_ID_HASH: {c54c24d9-99fe-6cd5-9aec-e9bf0723059e}
Followup: MachineOwner
kd> ??&gOvsSwitchContext->datapath
struct _OVS_DATAPATH * 0xffffe000
03e35f08 +0x000 flowTable : (null) +0x008 nFlows : 0 +0x010 hits : 0x19bb3 +0x018 misses : 0xdb05 +0x020 lost : 0 +0x028 lock : 0xffffe000
018246d0 _NDIS_RW_LOCK_EXThe text was updated successfully, but these errors were encountered: