VirtualBox

Ticket #1875 (closed defect: fixed)

Opened 6 years ago

Last modified 6 years ago

Linux 2.6.26.* crashes at boot (kernel panic) -> fixed in 2.0.2

Reported by: oxmosys Owned by:
Priority: major Component: other
Version: VirtualBox 1.6.2 Keywords:
Cc: Guest type: other
Host type: other

Description

Current ubuntu intrepid alpha 3 release crashes at start with a kernel panic under VBox 1.6.2 when VT-x is not enabled.

 http://cdimage.ubuntu.com/releases/intrepid/alpha-3/  https://bugs.launchpad.net/ubuntu/intrepid/+source/linux/+bug/246067

Change History

comment:1 Changed 6 years ago by frank

A Debian guy found out that things improve a lot if the following changeset is removed from the Linux kernel sources:  http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e587cadd8f47e202a30712e2906a65a0606d5865

comment:2 Changed 6 years ago by ColinKing

Ubuntu 2.6.26: Adding printk debug to text_poke_early on a non-SMP virtualised machine stops the bug happening. Any indication this bug could be a VirtualBox problem when modifying executable code?

void *text_poke_early(void *addr, const void *opcode, size_t len) {

unsigned long flags;

printk("text_poke_early: %p..%p\n",addr,addr+len);

local_irq_save(flags);

....

Colin King.

comment:3 Changed 6 years ago by frank

No, this sounds like a Linux bug, see my previous comment. Adding the instruction printk you change the timing.

comment:4 Changed 6 years ago by ColinKing

OK - this convinces me to commit some time to dig into this deeper.

comment:5 Changed 6 years ago by lcapitulino

This issue has been discussed by Linux kernel people in the following thread:

 http://lkml.org/lkml/2008/8/20/359

They think that this is a virtualbox bug...

Frank, are you a virtualbox developer? Isn't this easier to debug on the virtualbox side? What can I do to help you debbug this?

comment:6 Changed 6 years ago by ColinKing

I've dug a bit deeper, and I have some more information to add to this bug report.

By adding control code to apply_paravirt() in arch/x86/kernel/alternative.c I've been able to selectively turn on and off the code that patches parts of the kernel. The bug occurs when vprintk is patched. This is repeatable at the same region of patched code.

Below is a disassembly of vprintk, look for the " patching occurs after here" annotation to show roughly where the patched code is applied.

Not sure if that helps.

Colin



00000850 <vprintk>:
     850:	55                   	push   %ebp
     851:	89 e5                	mov    %esp,%ebp
     853:	57                   	push   %edi
     854:	56                   	push   %esi
     855:	53                   	push   %ebx
     856:	83 ec 60             	sub    $0x60,%esp
     859:	e8 fc ff ff ff       	call   85a <vprintk+0xa>
     85e:	a1 04 00 00 00       	mov    0x4,%eax
     863:	89 45 ac             	mov    %eax,-0x54(%ebp)
     866:	51                   	push   %ecx
     867:	52                   	push   %edx
     868:	ff 15 04 00 00 00    	call   *0x4
     86e:	5a                   	pop    %edx
     86f:	59                   	pop    %ecx
     870:	89 45 b0             	mov    %eax,-0x50(%ebp)
     873:	51                   	push   %ecx
     874:	52                   	push   %edx
     875:	ff 15 0c 00 00 00    	call   *0xc
     87b:	5a                   	pop    %edx
     87c:	59                   	pop    %ecx
     87d:	a1 70 00 00 00       	mov    0x70,%eax
     882:	64 8b 15 00 00 00 00 	mov    %fs:0x0,%edx
     889:	89 55 b4             	mov    %edx,-0x4c(%ebp)
     88c:	39 c2                	cmp    %eax,%edx
     88e:	0f 84 9c 02 00 00    	je     b30 <vprintk+0x2e0>
     894:	b8 0c 00 00 00       	mov    $0xc,%eax
     899:	e8 fc ff ff ff       	call   89a <vprintk+0x4a>
     89e:	8b 4d b4             	mov    -0x4c(%ebp),%ecx
     8a1:	89 0d 70 00 00 00    	mov    %ecx,0x70
     8a7:	8b 0d e4 00 02 00    	mov    0x200e4,%ecx
     8ad:	85 c9                	test   %ecx,%ecx
     8af:	0f 85 33 02 00 00    	jne    ae8 <vprintk+0x298>
     8b5:	31 db                	xor    %ebx,%ebx
     8b7:	ba 00 04 00 00       	mov    $0x400,%edx
     8bc:	b8 00 01 02 00       	mov    $0x20100,%eax
     8c1:	8b 4d 0c             	mov    0xc(%ebp),%ecx
     8c4:	89 0c 24             	mov    %ecx,(%esp)
     8c7:	8b 4d 08             	mov    0x8(%ebp),%ecx
     8ca:	e8 fc ff ff ff       	call   8cb <vprintk+0x7b>
     8cf:	01 d8                	add    %ebx,%eax
     8d1:	89 45 bc             	mov    %eax,-0x44(%ebp)
     8d4:	0f b6 05 00 01 02 00 	movzbl 0x20100,%eax
     8db:	84 c0                	test   %al,%al
     8dd:	0f 84 a5 00 00 00    	je     988 <vprintk+0x138>
     8e3:	8d 5d c2             	lea    -0x3e(%ebp),%ebx
     8e6:	bf 00 01 02 00       	mov    $0x20100,%edi
     8eb:	89 5d a8             	mov    %ebx,-0x58(%ebp)
     8ee:	eb 65                	jmp    955 <vprintk+0x105>
     8f0:	3c 3c                	cmp    $0x3c,%al
     8f2:	0f 84 78 01 00 00    	je     a70 <vprintk+0x220>
     8f8:	b8 3c 00 00 00       	mov    $0x3c,%eax
     8fd:	e8 0e f8 ff ff       	call   110 <emit_log_char>
     902:	0f b6 45 ac          	movzbl -0x54(%ebp),%eax
     906:	83 c0 30             	add    $0x30,%eax
     909:	0f be c0             	movsbl %al,%eax
     90c:	e8 ff f7 ff ff       	call   110 <emit_log_char>
     911:	b8 3e 00 00 00       	mov    $0x3e,%eax
     916:	e8 f5 f7 ff ff       	call   110 <emit_log_char>
     91b:	8b 35 38 00 00 00    	mov    0x38,%esi
     921:	83 45 bc 03          	addl   $0x3,-0x44(%ebp)
     925:	c7 05 74 00 00 00 00 	movl   $0x0,0x74
     92c:	00 00 00 
     92f:	85 f6                	test   %esi,%esi
     931:	0f 85 99 00 00 00    	jne    9d0 <vprintk+0x180>
     937:	0f b6 07             	movzbl (%edi),%eax
     93a:	84 c0                	test   %al,%al
     93c:	74 4a                	je     988 <vprintk+0x138>
     93e:	0f be c0             	movsbl %al,%eax
     941:	e8 ca f7 ff ff       	call   110 <emit_log_char>
     946:	80 3f 0a             	cmpb   $0xa,(%edi)
     949:	74 24                	je     96f <vprintk+0x11f>
     94b:	83 c7 01             	add    $0x1,%edi
     94e:	0f b6 07             	movzbl (%edi),%eax
     951:	84 c0                	test   %al,%al
     953:	74 33                	je     988 <vprintk+0x138>
     955:	8b 15 74 00 00 00    	mov    0x74,%edx
     95b:	85 d2                	test   %edx,%edx
     95d:	75 91                	jne    8f0 <vprintk+0xa0>
     95f:	0f b6 07             	movzbl (%edi),%eax
     962:	0f be c0             	movsbl %al,%eax
     965:	e8 a6 f7 ff ff       	call   110 <emit_log_char>
     96a:	80 3f 0a             	cmpb   $0xa,(%edi)
     96d:	75 dc                	jne    94b <vprintk+0xfb>
     96f:	83 c7 01             	add    $0x1,%edi
     972:	0f b6 07             	movzbl (%edi),%eax
     975:	c7 05 74 00 00 00 01 	movl   $0x1,0x74
     97c:	00 00 00 
     97f:	84 c0                	test   %al,%al
     981:	75 d2                	jne    955 <vprintk+0x105>
     983:	90                   	nop    
     984:	8d 74 26 00          	lea    0x0(%esi,%eiz,1),%esi
     988:	e8 fc ff ff ff       	call   989 <vprintk+0x139>
     98d:	31 f6                	xor    %esi,%esi
     98f:	85 c0                	test   %eax,%eax
     991:	0f 84 11 01 00 00    	je     aa8 <vprintk+0x258>
     997:	c7 05 70 00 00 00 ff 	movl   $0xffffffff,0x70
     99e:	ff ff ff 
     9a1:	b8 0c 00 00 00       	mov    $0xc,%eax
     9a6:	ff 15 10 00 00 00    	call   *0x10
     9ac:	85 f6                	test   %esi,%esi
     9ae:	74 05                	je     9b5 <vprintk+0x165>
     9b0:	e8 fc ff ff ff       	call   9b1 <vprintk+0x161>
**** patching occurs after here 
     9b5:	8b 45 b0             	mov    -0x50(%ebp),%eax
     9b8:	51                   	push   %ecx
     9b9:	52                   	push   %edx
     9ba:	ff 15 08 00 00 00    	call   *0x8
     9c0:	5a                   	pop    %edx
     9c1:	59                   	pop    %ecx
     9c2:	8b 45 bc             	mov    -0x44(%ebp),%eax
     9c5:	83 c4 60             	add    $0x60,%esp
     9c8:	5b                   	pop    %ebx
     9c9:	5e                   	pop    %esi
     9ca:	5f                   	pop    %edi
     9cb:	5d                   	pop    %ebp
     9cc:	c3                   	ret    
     9cd:	8d 76 00             	lea    0x0(%esi),%esi
     9d0:	a1 70 00 00 00       	mov    0x70,%eax
     9d5:	e8 fc ff ff ff       	call   9d6 <vprintk+0x186>
     9da:	89 45 a4             	mov    %eax,-0x5c(%ebp)
     9dd:	31 c0                	xor    %eax,%eax
     9df:	85 d2                	test   %edx,%edx
     9e1:	89 d1                	mov    %edx,%ecx
     9e3:	74 1c                	je     a01 <vprintk+0x1b1>
     9e5:	b8 83 4b 04 00       	mov    $0x44b83,%eax
     9ea:	c1 ea 09             	shr    $0x9,%edx
     9ed:	f7 e2                	mul    %edx
     9ef:	c1 ea 07             	shr    $0x7,%edx
     9f2:	69 c2 00 ca 9a 3b    	imul   $0x3b9aca00,%edx,%eax
     9f8:	29 c1                	sub    %eax,%ecx
     9fa:	89 c8                	mov    %ecx,%eax
     9fc:	89 d1                	mov    %edx,%ecx
     9fe:	c1 e9 00             	shr    $0x0,%ecx
     a01:	89 c6                	mov    %eax,%esi
     a03:	bb 00 ca 9a 3b       	mov    $0x3b9aca00,%ebx
     a08:	8b 45 a4             	mov    -0x5c(%ebp),%eax
     a0b:	89 f2                	mov    %esi,%edx
     a0d:	f7 f3                	div    %ebx
     a0f:	89 d6                	mov    %edx,%esi
     a11:	89 ca                	mov    %ecx,%edx
     a13:	89 c1                	mov    %eax,%ecx
     a15:	b8 d3 4d 62 10       	mov    $0x10624dd3,%eax
     a1a:	f7 e6                	mul    %esi
     a1c:	89 4c 24 08          	mov    %ecx,0x8(%esp)
     a20:	8d 75 c2             	lea    -0x3e(%ebp),%esi
     a23:	c7 44 24 04 05 00 00 	movl   $0x5,0x4(%esp)
     a2a:	00 
     a2b:	c1 ea 06             	shr    $0x6,%edx
     a2e:	89 54 24 0c          	mov    %edx,0xc(%esp)
     a32:	8d 55 c2             	lea    -0x3e(%ebp),%edx
     a35:	89 14 24             	mov    %edx,(%esp)
     a38:	e8 fc ff ff ff       	call   a39 <vprintk+0x1e9>
     a3d:	01 c6                	add    %eax,%esi
     a3f:	3b 75 a8             	cmp    -0x58(%ebp),%esi
     a42:	89 45 b8             	mov    %eax,-0x48(%ebp)
     a45:	76 18                	jbe    a5f <vprintk+0x20f>
     a47:	8d 5d c2             	lea    -0x3e(%ebp),%ebx
     a4a:	8d b6 00 00 00 00    	lea    0x0(%esi),%esi
     a50:	0f be 03             	movsbl (%ebx),%eax
     a53:	83 c3 01             	add    $0x1,%ebx
     a56:	e8 b5 f6 ff ff       	call   110 <emit_log_char>
     a5b:	39 f3                	cmp    %esi,%ebx
     a5d:	72 f1                	jb     a50 <vprintk+0x200>
     a5f:	8b 4d b8             	mov    -0x48(%ebp),%ecx
     a62:	01 4d bc             	add    %ecx,-0x44(%ebp)
     a65:	e9 cd fe ff ff       	jmp    937 <vprintk+0xe7>
     a6a:	8d b6 00 00 00 00    	lea    0x0(%esi),%esi
     a70:	0f b6 47 01          	movzbl 0x1(%edi),%eax
     a74:	3c 2f                	cmp    $0x2f,%al
     a76:	0f 8e 7c fe ff ff    	jle    8f8 <vprintk+0xa8>
     a7c:	3c 37                	cmp    $0x37,%al
     a7e:	0f 8f 74 fe ff ff    	jg     8f8 <vprintk+0xa8>
     a84:	80 7f 02 3e          	cmpb   $0x3e,0x2(%edi)
     a88:	0f 85 6a fe ff ff    	jne    8f8 <vprintk+0xa8>
     a8e:	0f be c0             	movsbl %al,%eax
     a91:	83 c7 03             	add    $0x3,%edi
     a94:	83 e8 30             	sub    $0x30,%eax
     a97:	89 45 ac             	mov    %eax,-0x54(%ebp)
     a9a:	83 6d bc 03          	subl   $0x3,-0x44(%ebp)
     a9e:	e9 55 fe ff ff       	jmp    8f8 <vprintk+0xa8>
     aa3:	90                   	nop    
     aa4:	8d 74 26 00          	lea    0x0(%esi,%eiz,1),%esi
     aa8:	8b 5d b4             	mov    -0x4c(%ebp),%ebx
     aab:	0f a3 1d 00 00 00 00 	bt     %ebx,0x0
     ab2:	19 c0                	sbb    %eax,%eax
     ab4:	85 c0                	test   %eax,%eax
     ab6:	75 22                	jne    ada <vprintk+0x28a>
     ab8:	a1 00 00 00 00       	mov    0x0,%eax
     abd:	85 c0                	test   %eax,%eax
     abf:	75 0e                	jne    acf <vprintk+0x27f>
     ac1:	eb 52                	jmp    b15 <vprintk+0x2c5>
     ac3:	90                   	nop    
     ac4:	8d 74 26 00          	lea    0x0(%esi,%eiz,1),%esi
     ac8:	8b 40 34             	mov    0x34(%eax),%eax
     acb:	85 c0                	test   %eax,%eax
     acd:	74 46                	je     b15 <vprintk+0x2c5>
     acf:	f6 40 28 10          	testb  $0x10,0x28(%eax)
     ad3:	90                   	nop    
     ad4:	8d 74 26 00          	lea    0x0(%esi,%eiz,1),%esi
     ad8:	74 ee                	je     ac8 <vprintk+0x278>
     ada:	be 01 00 00 00       	mov    $0x1,%esi
     adf:	90                   	nop    
     ae0:	e9 b2 fe ff ff       	jmp    997 <vprintk+0x147>
     ae5:	8d 76 00             	lea    0x0(%esi),%esi
     ae8:	ba 40 00 00 00       	mov    $0x40,%edx
     aed:	b8 00 01 02 00       	mov    $0x20100,%eax
     af2:	c7 05 e4 00 02 00 00 	movl   $0x0,0x200e4
     af9:	00 00 00 
     afc:	bb 22 00 00 00       	mov    $0x22,%ebx
     b01:	e8 fc ff ff ff       	call   b02 <vprintk+0x2b2>
     b06:	ba de 03 00 00       	mov    $0x3de,%edx
     b0b:	b8 22 01 02 00       	mov    $0x20122,%eax
     b10:	e9 ac fd ff ff       	jmp    8c1 <vprintk+0x71>
     b15:	b8 4c 00 00 00       	mov    $0x4c,%eax
     b1a:	31 f6                	xor    %esi,%esi
     b1c:	c7 05 14 00 00 00 00 	movl   $0x0,0x14
     b23:	00 00 00 
     b26:	e8 fc ff ff ff       	call   b27 <vprintk+0x2d7>
     b2b:	e9 67 fe ff ff       	jmp    997 <vprintk+0x147>
     b30:	8b 1d 00 00 00 00    	mov    0x0,%ebx
     b36:	85 db                	test   %ebx,%ebx
     b38:	74 64                	je     b9e <vprintk+0x34e>
     b3a:	a1 00 00 00 00       	mov    0x0,%eax
     b3f:	8b 0d 10 00 00 00    	mov    0x10,%ecx
     b45:	39 c8                	cmp    %ecx,%eax
     b47:	78 14                	js     b5d <vprintk+0x30d>
     b49:	8b 15 00 00 00 00    	mov    0x0,%edx
     b4f:	8d 81 b8 0b 00 00    	lea    0xbb8(%ecx),%eax
     b55:	39 d0                	cmp    %edx,%eax
     b57:	0f 89 37 fd ff ff    	jns    894 <vprintk+0x44>
     b5d:	a1 00 00 00 00       	mov    0x0,%eax
     b62:	c7 05 0c 00 00 00 00 	movl   $0x0,0xc
     b69:	00 00 00 
     b6c:	c7 05 4c 00 00 00 00 	movl   $0x0,0x4c
     b73:	00 00 00 
     b76:	c7 05 50 00 00 00 01 	movl   $0x1,0x50
     b7d:	00 00 00 
     b80:	a3 10 00 00 00       	mov    %eax,0x10
     b85:	c7 05 54 00 00 00 54 	movl   $0x54,0x54
     b8c:	00 00 00 
     b8f:	c7 05 58 00 00 00 54 	movl   $0x54,0x58
     b96:	00 00 00 
     b99:	e9 f6 fc ff ff       	jmp    894 <vprintk+0x44>
     b9e:	c7 05 e4 00 02 00 01 	movl   $0x1,0x200e4
     ba5:	00 00 00 
     ba8:	c7 45 bc 00 00 00 00 	movl   $0x0,-0x44(%ebp)
     baf:	e9 01 fe ff ff       	jmp    9b5 <vprintk+0x165>
     bb4:	8d b6 00 00 00 00    	lea    0x0(%esi),%esi
     bba:	8d bf 00 00 00 00    	lea    0x0(%edi),%edi

comment:7 Changed 6 years ago by sandervl73

  • Summary changed from Linux 2.6.26.* crashes at boot (kernel panic) to Linux 2.6.26.* crashes at boot (kernel panic) -> fixed in 2.0.2

Should be fixed now. It was indeed a VirtualBox problem. The recompiler didn't notice the instruction modifications made by the paravirtops part.

comment:8 Changed 6 years ago by sandervl73

  • Status changed from new to closed
  • Resolution set to fixed
Note: See TracTickets for help on using tickets.

www.oracle.com
ContactPrivacy policyTerms of Use