Opened 10 years ago
Closed 10 years ago
#12928 closed defect (fixed)
Crash Host OS when trying to boot on special ISO => Fixed in SVN
| Reported by: | Mattias Ryrlén | Owned by: | |
|---|---|---|---|
| Component: | other | Version: | VirtualBox 4.3.10 |
| Keywords: | Crash, Kernel OPS | Cc: | |
| Guest type: | Linux | Host type: | all |
Description
We have created a ISO containing CentOS 6.5 and custom rpm:s for our product. Trying to boot on the following OS:es and it just crash the OS
Tested with old versions of VirtualBox and Latest (4.3.10)
The ISO we tested with can be downloaded from: http://repos.op5.com/ISO/public_beta/op5-System-6.5-public_beta-20140408-2329.iso
OS:
OSX Mavericks = Crash, automatic reboot of OS OSX Mountain Lion = Crash, automatic reboot of OS Windows 7 = Bluescreen ArchLinux = Kernel OPS Fedora 20 = Kernel OPS
Logs: ArchLinux:
Apr 09 08:42:41 anton-t430s kernel: BUG: unable to handle kernel NULL pointer dereference at (null) Apr 09 08:42:41 anton-t430s kernel: IP: [< (null)>] (null) Apr 09 08:42:41 anton-t430s kernel: PGD 1e1daa067 PUD 209989067 PMD 0 Apr 09 08:42:41 anton-t430s kernel: Oops: 0010 [#1] PREEMPT SMP Apr 09 08:42:41 anton-t430s kernel: Modules linked in: iptable_filter ip_tables x_tables nfsd auth_rpcgss oid_registry nfs_acl hid_logitech_dj usbhid hid iTCO Apr 09 08:42:41 anton-t430s kernel: soundcore e1000e evdev mei_me ptp shpchp mei pps_core processor vboxnetflt(O) vboxnetadp(O) vboxdrv(O) nfs lockd sunrpc f Apr 09 08:42:41 anton-t430s kernel: CPU: 2 PID: 14987 Comm: EMT Tainted: G O 3.13.8-1-ARCH #1 Apr 09 08:42:41 anton-t430s kernel: Hardware name: LENOVO 2356LNG/2356LNG, BIOS G7ET60WW (2.02 ) 09/11/2012 Apr 09 08:42:41 anton-t430s kernel: task: ffff8800a490ec00 ti: ffff8801bbf02000 task.ti: ffff8801bbf02000 Apr 09 08:42:41 anton-t430s kernel: RIP: 0010:[<0000000000000000>] [< (null)>] (null) Apr 09 08:42:41 anton-t430s kernel: RSP: 0018:ffff8801bbf03cb8 EFLAGS: 00010292 Apr 09 08:42:41 anton-t430s kernel: RAX: 00000000fffff99a RBX: 0000000000000000 RCX: 0000000000000000 Apr 09 08:42:41 anton-t430s kernel: RDX: 0000000000000000 RSI: 00000000fffffe98 RDI: ffffc9001a799000 Apr 09 08:42:41 anton-t430s kernel: RBP: 0000000000000000 R08: ffff8801bbf03b88 R09: ffff8801bbf03c70 Apr 09 08:42:41 anton-t430s kernel: R10: 00007f46e819aa80 R11: 0000000000000000 R12: 0000000000000000 Apr 09 08:42:41 anton-t430s kernel: R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 Apr 09 08:42:41 anton-t430s kernel: FS: 00007f46f0af8700(0000) GS:ffff88023e280000(0000) knlGS:0000000000000000 Apr 09 08:42:41 anton-t430s kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Apr 09 08:42:41 anton-t430s kernel: CR2: 0000000000000000 CR3: 0000000126c02000 CR4: 00000000001427e0 Apr 09 08:42:41 anton-t430s kernel: Stack: Apr 09 08:42:41 anton-t430s kernel: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 Apr 09 08:42:41 anton-t430s kernel: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 Apr 09 08:42:41 anton-t430s kernel: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 Apr 09 08:42:41 anton-t430s kernel: Call Trace: Apr 09 08:42:41 anton-t430s kernel: Code: Bad RIP value. Apr 09 08:42:41 anton-t430s kernel: RIP [< (null)>] (null) Apr 09 08:42:41 anton-t430s kernel: RSP <ffff8801bbf03cb8> Apr 09 08:42:41 anton-t430s kernel: CR2: 0000000000000000 Apr 09 08:42:41 anton-t430s kernel: ---[ end trace db12f6dbbe8f5757 ]---
Windows:
Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7601.2.1.0.256.48 Locale ID: 1053 Additional information about the problem: BCCode: d1 BCP1: FFFFF88007DF4000 BCP2: 0000000000000002 BCP3: 0000000000000001 BCP4: FFFFF88009A576DA OS Version: 6_1_7601 Service Pack: 1_0 Product: 256_1
OSX: See attached log
Attachments (3)
Change History (17)
by , 10 years ago
by , 10 years ago
| Attachment: | WER-49265-0.sysdata.xml added |
|---|
comment:1 by , 10 years ago
It seems that all the files in isolinux/ was 404 html pages, yes, this is not correct but it shouldn't crash the Host OS.
follow-up: 7 comment:3 by , 10 years ago
To me it looks like the ISO image is invalid. I've downloaded the image (md5sum: a04a0fbd024e02dfd5ee3f71b404cf49) and saw that several vital files have bogus content, for example grub.conf (some HTML "not found"), same for vmlinuz. So this ISO image will not boot. And I was also not able to reproduce the problem. However, another developer was able to reproduce the host crash and we are trying to find out the different between our both configs.
comment:4 by , 10 years ago
I have reproduced the crash. It was on my Ubuntu 13.04 machine. I am trying to dig into and debug it.
follow-up: 6 comment:5 by , 10 years ago
Now I can't reproduce the crash anymore. VM hangs but the host doesn't crash (Ubuntu 13, Windows 7). May be my crash wasn't provoked by this broken ISO. Would you provide some actual information about your current state of this issue?
comment:6 by , 10 years ago
Replying to VVP:
Would you provide some actual information about your current state of this issue?
What state is required besides the kernel stack traces, the windows dump and sysdata files and the vbox log file?
comment:7 by , 10 years ago
Replying to frank:
To me it looks like the ISO image is invalid. I've downloaded the image (md5sum: a04a0fbd024e02dfd5ee3f71b404cf49) and saw that several vital files have bogus content, for example grub.conf (some HTML "not found"), same for vmlinuz. So this ISO image will not boot. And I was also not able to reproduce the problem. However, another developer was able to reproduce the host crash and we are trying to find out the different between our both configs.
Yes, the ISO is invalid. But no matter how broken an ISO is, it shouldn't be possible to crash the host OS.
comment:8 by , 10 years ago
A smaller iso (20MB) which is sufficient to reproduce the problem is available at http://www.mjo.se/tmp/broken.iso md5sum 3f02e378f22e532a31c7bf0fdf3c4ca3
comment:9 by , 10 years ago
I'm not sure what more info me and mfalkvidd can provide, could you please specify?
The problem still exist.
comment:10 by , 10 years ago
To reproduce the issue at will, just start any VM with the --debug command line parameter. The VM loads in paused state. Execute the following commands in the VBoxDbg console:
stop
Now unpause the VM. Execute some more VBoxDbg commands:
eb fe05b 6f r si = ffff t t
The host crash stack (Windows 8.1 x64), on an AMD test machine (4.3.14 sources):
VMMR0!memcpy [C:\work_x64\vbox\src\VBox\Runtime\common\string\memcpy.asm @ 36] VMMR0!PGMPhysRead( struct VM * pVM = 0xffffe000`c4bdb000, unsigned int64 GCPhys = 0xffff, void * pvBuf = 0xffffd001`d79b75b0, unsigned int64 cbRead = 1)+0x2c1 [c:\work_x64\vbox\src\vbox\vmm\vmmall\pgmallphys.cpp @ 2267] VMMR0!PGMPhysReadGCPtr( struct VMCPU * pVCpu = 0xffffe000`c4bf6000, void * pvDst = 0xffffd001`d79b75b0, unsigned int64 GCPtrSrc = 0xffff, unsigned int64 cb = 2)+0x27c [c:\work_x64\vbox\src\vbox\vmm\vmmall\pgmallphys.cpp @ 3314] VMMR0!iomRamRead( struct VMCPU * pVCpu = 0xffffe000`c4bf6000, void * pDest = 0xffffd001`d79b75b0, unsigned int64 GCSrc = 0xffff, unsigned int cb = 2)+0x33 [c:\work_x64\vbox\src\vbox\vmm\vmmall\iomallmmio.cpp @ 680] VMMR0!IOMInterpretOUTSEx( struct VM * pVM = 0xffffe000`c4bdb000, struct VMCPU * pVCpu = 0xffffe000`c4bf6000, struct CPUMCTXCORE * pRegFrame = 0xffffe000`c4bf6b40, unsigned int uPort = 0x600, unsigned int uPrefix = 0, DISCPUMODE enmAddrMode = DISCPUMODE_16BIT (0n1), unsigned int cbTransfer = 2)+0x355 [c:\work_x64\vbox\src\vbox\vmm\vmmall\iomallmmio.cpp @ 2347] VMMR0!hmR0SvmExitIOInstr( struct VMCPU * pVCpu = 0xffffe000`c4bf6000, struct CPUMCTX * pCtx = 0xffffe000`c4bf6940, struct SVMTRANSIENT * pSvmTransient = 0xffffd001`d79b7708)+0x274 [c:\work_x64\vbox\src\vbox\vmm\vmmr0\hmsvmr0.cpp @ 4459] VMMR0!hmR0SvmHandleExit( struct VMCPU * pVCpu = 0xffffe000`c4bf6000, struct CPUMCTX * pCtx = 0xffffe000`c4bf6940, struct SVMTRANSIENT * pSvmTransient = 0xffffd001`d79b7708)+0xb0 [c:\work_x64\vbox\src\vbox\vmm\vmmr0\hmsvmr0.cpp @ 3242] VMMR0!SVMR0RunGuestCode( struct VM * pVM = 0xffffe000`c4bdb000, struct VMCPU * pVCpu = 0xffffe000`c4bf6000, struct CPUMCTX * pCtx = 0xffffe000`c4bf6940)+0x45e [c:\work_x64\vbox\src\vbox\vmm\vmmr0\hmsvmr0.cpp @ 3193] VMMR0!HMR0RunGuestCode( struct VM * pVM = 0xffffe000`c4bdb000, struct VMCPU * pVCpu = 0xffffe000`c4bf6000)+0x2b [c:\work_x64\vbox\src\vbox\vmm\vmmr0\hmr0.cpp @ 1532] VMMR0!vmmR0CallRing3SetJmpEx+0xb2 [C:\work_x64\vbox\src\VBox\VMM\VMMR0\VMMR0JmpA-amd64.asm @ 132] ...
comment:11 by , 10 years ago
We think we found and fixed this problem. Could you install this test build to verify? Thank you!
comment:12 by , 10 years ago
Tested with VirtualBox-4.3.15-95634-Win.exe on Windows 7 Pro (Version 6.1 Build 7601: Service Pack 1). The host does not crash anymore.
comment:13 by , 10 years ago
| Summary: | Crash Host OS when trying to boot on special ISO → Crash Host OS when trying to boot on special ISO => Fixed in SVN |
|---|
sysdata from a windows 7 machine