[vbox-dev] another vhd snapshot discard crash bug

Huihong Luo huisinro at yahoo.com
Sun Jun 21 19:44:41 PDT 2009 

Seems similar to the prev one, need to check pszFilename of the following. The stack trace has more info.
 
static int vhdLocatorUpdate(PVHDIMAGE pImage, PVHDPLE pLocator, const char *pszFilename)
{
switch (RT_BE2H_U32(pLocator->u32Code))
{
case VHD_PLATFORM_CODE_WI2R:
/* Update plain relative name. */
cb = (uint32_t)strlen(pszFilename);  <====== crash here NULL pointer
}
 
> VBoxDDU.dll!vhdLocatorUpdate(VHDIMAGE * pImage=0x029c5fa0, VHDParentLocatorEntry * pLocator=0x024bf7a0, const char * pszFilename=0x00000000)  Line 280 + 0x8 bytes C++
  VBoxDDU.dll!vhdDynamicHeaderUpdate(VHDIMAGE * pImage=0x00000000)  Line 375 + 0xb bytes C++
  VBoxDDU.dll!vhdFlush(void * pBackendData=0x029c5fa0)  Line 1183 C++
  VBoxDDU.dll!vhdClose(void * pBackendData=0x029c5fa0, bool fDelete=false)  Line 884 + 0x6 bytes C++
  VBoxDDU.dll!VDCloseAll(VBOXHDD * pDisk=0x029ac1c8)  Line 2351 + 0xe bytes C++
  VBoxDDU.dll!VDDestroy(VBOXHDD * pDisk=0x029ac1c8)  Line 916 C++
  VBoxSVC.exe!HardDisk::taskThread(RTTHREADINT * thread=0x00000000, void * pvUser=0x009ac9e8)  Line 4084 + 0xa bytes C++
  VBoxSVC.exe!HardDisk::Task::runNow()  Line 220 C++
  VBoxSVC.exe!HardDisk::mergeTo(HardDisk::MergeChain * aChain=0x01f32370, ComObjPtr<Progress,ComStrongRef> * aProgress=0x01f34c38, bool aWait=true)  Line 2848 + 0x9 bytes C++
  VBoxSVC.exe!HardDisk::discard(ComObjPtr<Progress,ComStrongRef> & aProgress={...}, HardDisk::MergeChain * aChain=0x01f32370)  Line 2252 + 0xe bytes C++
  VBoxSVC.exe!SessionMachine::discardSnapshotHandler(SessionMachine::DiscardSnapshotTask & aTask={...})  Line 10592 C++
  VBoxSVC.exe!SessionMachine::DiscardSnapshotTask::handler()  Line 8249 + 0x9 bytes C++
  VBoxSVC.exe!SessionMachine::taskHandler(RTTHREADINT * __formal=0x01e63618, void * pvUser=0x01f34c30)  Line 11420 C++


--- On Wed, 6/10/09, Huihong Luo <huisinro at yahoo.com> wrote:


From: Huihong Luo <huisinro at yahoo.com>
Subject: vhd format not stable?
To: vbox-dev at virtualbox.org
Date: Wednesday, June 10, 2009, 4:52 PM







It seems VHD format is not stable as VDI. VBoxSVC.exe pretty much always crashes when a snapshot is being discarded. I am running an XP guest on Vista host. The VHD's capacity is over 100G.
 
If you look at the following stack, the crash was caused by
pImage->pszParentFilename is NULL inside 
static int vhdDynamicHeaderUpdate(PVHDIMAGE pImage) in VHDHDDCore.cpp
 
I used the very recent SVN source.
 
//////////
vboxsvc.exe crash stack:
 
VBoxRT.dll!RTPathFilename(const char * pszPath=0x00000000)  Line 240 C++
  VBoxDDU.dll!vhdDynamicHeaderUpdate(VHDIMAGE * pImage=0x00000000)  Line 362 + 0x12 bytes C++
  VBoxDDU.dll!vhdFlush(void * pBackendData=0x01c2caf0)  Line 1157 C++
  VBoxDDU.dll!vhdClose(void * pBackendData=0x01c2caf0, bool fDelete=false)  Line 880 + 0x6 bytes C++
  VBoxDDU.dll!VDClose(VBOXHDD * pDisk=0x01e0e218, bool fDelete=false)  Line 2268 C++
  VBoxSVC.exe!HardDisk::taskThread(RTTHREADINT * thread=0x00000000, void * pvUser=0x00e0e2b8)  Line 4063 + 0xb bytes C++
  VBoxSVC.exe!HardDisk::Task::runNow()  Line 220 C++
  VBoxSVC.exe!HardDisk::mergeTo(HardDisk::MergeChain * aChain=0x01c2cfe0, ComObjPtr<Progress,ComStrongRef> * aProgress=0x01e06fe8, bool aWait=true)  Line 2844 + 0x9 bytes C++
  VBoxSVC.exe!HardDisk::discard(ComObjPtr<Progress,ComStrongRef> & aProgress={...}, HardDisk::MergeChain * aChain=0x01c2cfe0)  Line 2248 + 0xe bytes C++
  VBoxSVC.exe!SessionMachine::discardSnapshotHandler(SessionMachine::DiscardSnapshotTask & aTask={...})  Line 10584 C++
  VBoxSVC.exe!SessionMachine::DiscardSnapshotTask::handler()  Line 8251 + 0x9 bytes C++
  VBoxSVC.exe!SessionMachine::taskHandler(RTTHREADINT * __formal=0x01c32108, void * pvUser=0x01e06fe0)  Line 11412 C++
  VBoxRT.dll!rtThreadMain(RTTHREADINT * pThread=0x01c32108, unsigned int NativeThread=4312, const char * pszThreadName=0x01c32170)  Line 635 + 0xa bytes C++
  VBoxRT.dll!rtThreadNativeMain(void * pvArgs=0x01c32108)  Line 106 + 0xb bytes C++
  msvcr80.dll!__endthreadex()  + 0x3b bytes 
  msvcr80.dll!__endthreadex()  + 0xc7 bytes 
  kernel32.dll!@BaseThreadInitThunk at 12()  + 0x12 bytes 
  ntdll.dll!___RtlUserThreadStart at 8()  + 0x27 bytes 
  ntdll.dll!__RtlUserThreadStart at 8()  + 0x1b bytes 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.virtualbox.org/pipermail/vbox-dev/attachments/20090621/95e37acb/attachment-0001.html

More information about the vbox-dev mailing list