VirtualBox

Ticket #2937 (closed defect: fixed)

Opened 11 months ago

Last modified 10 months ago

Windows Vista Host Blue screen crash from net filter -> fixed in SVN/2.1.2

Reported by: Steve Richards Assigned to:
Priority: blocker Component: network/hostif
Version: VirtualBox 2.1.0 Keywords:
Cc: Guest type: Linux
Host type: Windows

Description

VBOX Net Filter seemed to have caused a Windows Blue Screen.

I have attached the dump analysis below.

Microsoft (R) Windows Debugger Version 6.8.0004.0 X86 Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Windows\Minidump\Mini010109-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: c:\windows\symbols Executable search path is: Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe Windows Kernel Version 6002 (Service Pack 2.113) MP (2 procs) Free x86 compatible Product: WinNt?, suite: TerminalServer? SingleUserTS Kernel base = 0x82612000 PsLoadedModuleList? = 0x82729c70 Debug session time: Thu Jan 1 18:38:00.588 2009 (GMT-5) System Uptime: 1 days 11:32:07.904 Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe Loading Kernel Symbols ................................................................................................................................................................................................................................................. Loading User Symbols Loading unloaded module list ............ ******************************************************************************* * * * Bugcheck Analysis * * * *******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck? 1000007E, {c0000005, 9e671d08, f5b4fb80, f5b4f87c}

*** WARNING: Unable to verify timestamp for VBoxNetFlt.sys *** ERROR: Module load completed but symbols could not be loaded for VBoxNetFlt.sys

Probably caused by : VBoxNetFlt.sys ( VBoxNetFlt+2fcf )

Followup: MachineOwner?

0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * *******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Some common problems are exception code 0x80000003. This means a hard coded breakpoint or assertion was hit, but this system was booted /NODEBUG. This is not supposed to happen as developers should never have hardcoded breakpoints in retail code, but ... If this happens, make sure a debugger gets connected, and the system is booted /DEBUG. This will let us see why this breakpoint is happening. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: 9e671d08, The address that the exception occurred at Arg3: f5b4fb80, Exception Record Address Arg4: f5b4f87c, Context Record Address

Debugging Details:

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: +ffffffff9e671d08 9e671d08 f3a7 repe cmps dword ptr [esi],dword ptr es:[edi]

EXCEPTION_RECORD: f5b4fb80 -- (.exr 0xfffffffff5b4fb80) ExceptionAddress?: 9e671d08

ExceptionCode?: c0000005 (Access violation)

ExceptionFlags?: 00000000

NumberParameters?: 2

Parameter[0]: 00000000 Parameter[1]: 00000024

Attempt to read from address 00000024

CONTEXT: f5b4f87c -- (.cxr 0xfffffffff5b4f87c) eax=00000000 ebx=8ccf06d0 ecx=00000001 edx=00000006 esi=00000024 edi=8ac18108 eip=9e671d08 esp=f5b4fc48 ebp=f5b4fc6c iopl=0 nv up ei pl nz na po cy cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010203 9e671d08 f3a7 repe cmps dword ptr [esi],dword ptr es:[edi] ds:0023:00000024=???????? es:0023:8ac18108=51e81300 Resetting default scope

CUSTOMER_CRASH_COUNT: 1

PROCESS_NAME: @Fr‚Ú

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

READ_ADDRESS: 00000024

FAILED_INSTRUCTION_ADDRESS: +ffffffff9e671d08 9e671d08 f3a7 repe cmps dword ptr [esi],dword ptr es:[edi]

BUGCHECK_STR: 0x7E

DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE

LAST_CONTROL_TRANSFER: from 9e66e52b to 9e671d08

STACK_TEXT: WARNING: Frame IP not in any known module. Following frames may be wrong. f5b4fc6c 9e66e52b 8ccf06d0 f5b4fcd8 9946a978 0x9e671d08 f5b4fc84 9e66e682 00000000 00000001 9946a978 0x9e66e52b f5b4fcc0 9e66e962 00000000 f5b4fcd8 8ccf06d0 0x9e66e682 f5b4fce8 9e66f20c 8ccf06d0 00000001 9946a978 0x9e66e962 f5b4fd0c 8f2c6fcf 85703c88 9946a978 00000001 0x9e66f20c f5b4fd48 8f2c7101 925e6bcc 925e6b70 00000000 VBoxNetFlt+0x2fcf f5b4fd7c 827e2e13 925e6bcc 908b6716 00000000 VBoxNetFlt+0x3101 f5b4fdc0 826cadc6 8f2c7070 925e6bcc 00000000 ntCmGetSystemControlValues+0x8b f5b4fdcc 00000000 00000000 00000000 00000000 ntObQueryObjectAuditingByHandle+0x9b

FOLLOWUP_IP: VBoxNetFlt+2fcf 8f2c6fcf ?? ???

SYMBOL_STACK_INDEX: 5

SYMBOL_NAME: VBoxNetFlt+2fcf

FOLLOWUP_NAME: MachineOwner?

MODULE_NAME: VBoxNetFlt

IMAGE_NAME: VBoxNetFlt.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4948ccb9

STACK_COMMAND: .cxr 0xfffffffff5b4f87c ; kb

FAILURE_BUCKET_ID: 0x7E_BAD_IP_VBoxNetFlt+2fcf

BUCKET_ID: 0x7E_BAD_IP_VBoxNetFlt+2fcf

Followup: MachineOwner?

Attachments

Mini010109-01.dmp (140.2 kB) - added by Steve Richards on 2009-01-02 00:55:43.
blue screen minidumpe
Mini011709-01.dmp (80.0 kB) - added by trythis on 2009-01-19 13:59:11.
same issue as in #2937

Change History

2009-01-02 00:55:43 changed by Steve Richards

  • attachment Mini010109-01.dmp added.

blue screen minidumpe

2009-01-08 09:38:32 changed by sandervl73

  • priority changed from major to blocker.

Please try the attached build to see if the problem disappears. Unzip the file into a new directory, execute NetFltUninstall?.exe and then NetFltInstall?.exe. Thanks.

2009-01-08 10:44:06 changed by sandervl73

The attached driver is not sufficient. You'll need a complete new build to test this. If somebody is interested in trying that out, let me know. Thanks.

2009-01-10 05:33:05 changed by bbbbb1

I have the same issue so I would like to test it out. Please let me know how to download the new build.

2009-01-11 15:03:29 changed by sandervl73

We will hopefully be able to provide a new build next week as we've received feedback already that the problem is still present. We'll update you all asap.

2009-01-16 10:39:19 changed by frank

  • owner changed.
  • component changed from network to network/hostif.

2009-01-19 13:59:11 changed by trythis

  • attachment Mini011709-01.dmp added.

same issue as in #2937

2009-01-19 15:52:32 changed by trythis

i have / had the same issues and uninstalled vbox until new release is available.

2009-01-21 14:46:53 changed by sandervl73

  • status changed from new to closed.
  • resolution set to fixed.
  • summary changed from Windows Vista Host Blue screen crash from net filter to Windows Vista Host Blue screen crash from net filter -> fixed in SVN/2.1.2.

2009-01-21 19:20:02 changed by bbbbb1

I installed the 2.1.1 build and still get the system crash so I don't know how we can be sure it's fixed in 2.1.2?

2009-01-22 11:32:44 changed by sandervl73

The code that triggered the breakpoint has been removed. Try 2.1.2 please.

© 2009 Sun Microsystems, Inc.
ContactPrivacy policy