VirtualBox

Ticket #2177 (closed defect: fixed)

Opened 6 years ago

Last modified 6 years ago

Crash at shutdown (VBoxC.dll referencing null pointer)

Reported by: blackwingcat Owned by:
Priority: major Component: VM control
Version: VirtualBox 2.0.0 Keywords:
Cc: Guest type: Windows
Host type: Windows

Description

When guest os is shut down, VBoxC.dll crush on address +0x00026259 Look at this code. when it return value 0 with OLEAUT32.23 called , EAX become 0 and crush.

10026238 FF1574910510 call [OLEAUT32.dll!OLEAUT32.23]
1002623E 3BC3 cmp eax,ebx
10026240 7C07 jl L10026249
10026242 8B45A8 mov eax,[ebp-58h]
10026245 3BC3 cmp eax,ebx
10026247 7504 jnz L1002624D
10026249 L10026249:
10026249 33C0 xor eax,eax <- eax=0
1002624B EB06 jmp L10026253
1002624D L1002624D:
1002624D 8B4DE8 mov ecx,[ebp-18h]
10026250 8D04C8 lea eax,[eax+ecx*8]
10026253 L10026253:
10026253 8B9570FFFFFF mov edx,[ebp-00000090h]
10026259 8910 mov [eax],edx <-eax = 0 crash
1002625B 8B8D74FFFFFF mov ecx,[ebp-0000008Ch]
10026261 8D55EC lea edx,[ebp-14h]
10026264 894804 mov [eax+04h],ecx

Attachments

VBox.log Download (6.1 KB) - added by blackwingcat 6 years ago.
Session log

Change History

comment:1 Changed 6 years ago by blackwingcat

additional 2 addresses crash same reason.

1002620A 3BFB cmp edi,ebx
1002620C 7407 jz L10026215
1002620E 57 push edi
1002620F FF158C910510 call [OLEAUT32.dll!OLEAUT32.6]
10026215 L10026215:
10026215 8B4DA4 mov ecx,[ebp-5Ch]
10026218 3BCB cmp ecx,ebx
1002621A 7504 jnz L10026220
1002621C 33C0 xor eax,eax<- eax=0 and jmp to xxx26253 and crash on xx26259
1002621E EB33 jmp L10026253
10026220 L10026220:
10026220 8B45E8 mov eax,[ebp-18h]
10026223 3B4110 cmp eax,[ecx+10h]
10026226 7204 jc L1002622C
10026228 33C0 xor eax,eax<- eax=0 and jmp to xxx26253 and crash on xx26259
1002622A EB27 jmp L10026253
1002622C L1002622C:

comment:2 follow-up: ↓ 5 Changed 6 years ago by sandervl73

Assembly listings are all very nice, but it's more useful to start with basic information:

  • include your VBox.log of the crashing session
  • Which guest are you running?
  • How to reproduce? (just shutdown?)

comment:3 Changed 6 years ago by sandervl73

  • Priority changed from critical to major

comment:4 Changed 6 years ago by sandervl73

  • Summary changed from VBoxC.dll read address 0x00000000 to Crash at shutdown (VBoxC.dll referencing null pointer)

Changed 6 years ago by blackwingcat

Session log

comment:5 in reply to: ↑ 2 Changed 6 years ago by blackwingcat

It goes on to occure on XP Simplified-Chinese, when it is shut down after fail to save guest status.

comment:6 Changed 6 years ago by sandervl73

Please include the full session log. The one you attached is cut off.

How does it fail to save the guest state?

comment:7 Changed 6 years ago by sandervl73

  • Status changed from new to closed
  • Resolution set to fixed

Try again with 2.0.4 and reopen if necessary.

Note: See TracTickets for help on using tickets.

www.oracle.com
ContactPrivacy policyTerms of Use