[vbox-dev] VBoxTray crash bug

Huihong Luo huisinro at yahoo.com
Wed Nov 4 02:22:40 GMT 2009 

this crash seems to go away after I fixed 
VbglR3GetAdditionsVersion(), pls refer to my other email for more info
 
VbglR3GetAdditionsVersion() allocates lots of memory, and randomly corrupts certain area of memory when guest addition registry key is not present, i.e., with OSE additions

--- On Tue, 11/3/09, Huihong Luo <huisinro at yahoo.com> wrote:


From: Huihong Luo <huisinro at yahoo.com>
Subject: Re: [vbox-dev] VBoxTray crash bug
To: vbox-dev at virtualbox.org, "Andreas - Sun Microsystems" <pentagonik at sun.com>
Date: Tuesday, November 3, 2009, 2:21 AM







this one keeps crashing on me
 
You can test it like this:
 
(1) xp vm
(2) toggle to seamless mode, open IE
(3) trying to install Firefox
(4) move windows around, and let the vm to run for a while
 
I pretty much got crashes from vboxtray after 10 mins, always the case, and it crashed from exactly same place, that free() function. Perhaps, somewhere overrun the buffer. I double checked the code, seems to be quite perfectly ok. Could ExtEscape() overruns the buffer?
 
with debug build of vboxtray.exe, it seems to be better.
 
This bug makes seamless mode not usable at all.
 


--- On Tue, 10/27/09, Huihong Luo <huisinro at yahoo.com> wrote:


From: Huihong Luo <huisinro at yahoo.com>
Subject: Re: [vbox-dev] VBoxTray crash bug
To: vbox-dev at virtualbox.org, "Andreas - Sun Microsystems" <pentagonik at sun.com>
Date: Tuesday, October 27, 2009, 9:00 AM







very recent svn #23996
 
crash occured on seamless mode. I looked at the src code, seems to be very safe, kind of weird about this crash 

--- On Tue, 10/27/09, Andreas - Sun Microsystems <pentagonik at sun.com> wrote:


From: Andreas - Sun Microsystems <pentagonik at sun.com>
Subject: Re: [vbox-dev] VBoxTray crash bug
To: vbox-dev at virtualbox.org
Date: Tuesday, October 27, 2009, 6:39 AM


Huihong,

which exact VBox revision were you using? Please provide us more information so that we can reproduce it. Thanks!

-Andreas


Huihong Luo schrieb:
> a memory corruption error
>  ////////////////////////////////
> Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
> Copyright (c) Microsoft Corporation. All rights reserved.
> 
> 0:007> g
> (648.64c): Access violation - code c0000005 (!!! second chance !!!)
> eax=000004c8 ebx=00990000 ecx=7ffdf000 edx=00990608 esi=0098fd30 edi=009901f8
> eip=7c910717 esp=0012fadc ebp=0012fae8 iopl=0         nv up ei ng nz ac po cy
> cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000293
> ntdll!wcsncpy+0x198:
> 7c910717 f6460501        test    byte ptr [esi+5],1         ds:0023:0098fd35=??
> 
> WARNING: Stack unwind information not available. Following frames may be wrong.
> ntdll!wcsncpy+0x198
> ntdll!wcsncpy+0x2cd
> VBoxTray!free+0x6e [f:\dd\vctools\crt_bld\self_x86\crt\src\free.c @ 110]
> VBoxTray!VBoxSeamlessCheckWindows+0x170 [c:\virtualbox-dev\vbox\src\vbox\additions\winnt\vboxtray\vboxseamless.cpp @ 271]
> VBoxTray!VBoxServiceStart+0x31a [c:\virtualbox-dev\vbox\src\vbox\additions\winnt\vboxtray\vboxtray.cpp @ 455]
> VBoxTray!WinMain+0x60 [c:\virtualbox-dev\vbox\src\vbox\additions\winnt\vboxtray\vboxtray.cpp @ 549]
> VBoxTray!__tmainCRTStartup+0x177 [f:\dd\vctools\crt_bld\self_x86\crt\src\crt0.c @ 324]
> kernel32!RegisterWaitForInputIdle+0x49
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> vbox-dev mailing list
> vbox-dev at virtualbox.org
> http://vbox.innotek.de/mailman/listinfo/vbox-dev


_______________________________________________
vbox-dev mailing list
vbox-dev at virtualbox.org
http://vbox.innotek.de/mailman/listinfo/vbox-dev

-----Inline Attachment Follows-----


_______________________________________________
vbox-dev mailing list
vbox-dev at virtualbox.org
http://vbox.innotek.de/mailman/listinfo/vbox-dev

-----Inline Attachment Follows-----


_______________________________________________
vbox-dev mailing list
vbox-dev at virtualbox.org
http://vbox.innotek.de/mailman/listinfo/vbox-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.virtualbox.org/pipermail/vbox-dev/attachments/20091103/26b2c163/attachment.html>

More information about the vbox-dev mailing list