Host panics with pre-2.6.20 kernels when using hostif

[zippy]

This problem appears to be identical to #2827. All of the behavior reported in #2827 for 2.1.0 appears in 2.1.4 on CentOS 5.2 (2.6.18-92.1.13.el5) when launching Linux client VMs.

Hardware platform is Opteron 185, nForce 4.

No Vbox.log file generated prior to panic.

[firemeteor]

Similar situation also happens on Kernel 2.6.28.4 (with Intel GEM patch). The Virtualbox version I tried are OSE version 2.1.2 and Non-OSE version 2.1.4.

Here are some logs in kern.log. I can not distinguish which belongs 2.1.2 and which belongs 2.1.4.

1)

Feb 17 13:24:31 Hasim kernel: BUG: unable to handle kernel paging request at ffffffa3
Feb 17 13:24:31 Hasim kernel: IP: [<fa4b22aa>] vboxNetFltLinuxXmitTask+0xfa/0x170 [vboxnetflt]

2)

Feb 17 13:53:24 Hasim kernel: BUG: unable to handle kernel NULL pointer dereference at 00000128
Feb 17 13:53:24 Hasim kernel: IP: [<f8bced51>] 0xf8bced51
Feb 17 13:53:24 Hasim kernel: *pde = 00000000 
Feb 17 13:53:24 Hasim kernel: Oops: 0000 [#1] SMP 
Feb 17 13:53:24 Hasim kernel: last sysfs file: /sys/class/net/eth0/statistics/collisions
Feb 17 13:53:24 Hasim kernel: Modules linked in: tun vboxnetflt vboxdrv parport_pc lp parport autofs4 fuse 
loop gspca_zc3xx gspca_main videodev v4l1_compat usbhid snd_hda_intel snd_pcm snd_seq snd_timer snd_seq_device
 snd ohci1394 soundcore snd_page_alloc r8169 ieee1394 uhci_hcd e1000e 8250_pnp 8250 serial_core
Feb 17 13:53:24 Hasim kernel:
Feb 17 13:53:24 Hasim kernel: Pid: 8, comm: events/1 Not tainted (2.6.28.4 #1)         
Feb 17 13:53:24 Hasim kernel: EIP: 0060:[<f8bced51>] EFLAGS: 00010212 CPU: 1
Feb 17 13:53:24 Hasim kernel: EIP is at 0xf8bced51
Feb 17 13:53:24 Hasim kernel: EAX: f706df20 EBX: f23b2110 ECX: 00000001 EDX: 00000128
Feb 17 13:53:24 Hasim kernel: ESI: 00000000 EDI: 00000000 EBP: f706dee8 ESP: f706de90
Feb 17 13:53:24 Hasim kernel: DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
Feb 17 13:53:24 Hasim kernel: Process events/1 (pid: 8, ti=f706c000 task=f704db80 task.ti=f706c000)
Feb 17 13:53:24 Hasim kernel: Stack:
Feb 17 13:53:24 Hasim kernel: f713f060 00000000 00000ccd c27debc0 f704dbac f704dbac 0011bb0e 00000001
Feb 17 13:53:24 Hasim kernel: f23b2110 c27debfc 32d84334 00000005 00000ccd 00000000 f704db80 c27debc0
Feb 17 13:53:24 Hasim kernel: f704dbac c27debfc 00000282 f23b2110 00000000 00000001 f706df08 f8bcf1b1
Feb 17 13:53:24 Hasim kernel: Call Trace:
Feb 17 13:53:24 Hasim kernel: [<c0101d96>] __switch_to+0x186/0x190
Feb 17 13:53:24 Hasim kernel: [<f8aa6185>] vboxNetFltLinuxForwardSegment+0x85/0xb0 [vboxnetflt]
Feb 17 13:53:24 Hasim kernel: [<c03a32cb>] schedule+0x25b/0x800
Feb 17 13:53:24 Hasim kernel: [<c012f6a7>] lock_timer_base+0x27/0x60
Feb 17 13:53:24 Hasim kernel: [<f8aa626a>] vboxNetFltLinuxXmitTask+0xba/0x170 [vboxnetflt]
Feb 17 13:53:24 Hasim kernel: [<f8aa61b0>] vboxNetFltLinuxXmitTask+0x0/0x170 [vboxnetflt]

3)

Feb 17 16:01:48 Hasim kernel: BUG: unable to handle kernel NULL pointer dereference at 000001a8
Feb 17 16:01:48 Hasim kernel: IP: [<f9362bb6>] 0xf9362bb6
Feb 17 16:01:48 Hasim kernel: *pde = 00000000 
Feb 17 16:01:48 Hasim kernel: Oops: 0000 [#1] SMP 
Feb 17 16:01:48 Hasim kernel: last sysfs file: /sys/devices/system/cpu/cpu1/online
Feb 17 16:01:48 Hasim kernel: Modules linked in: vboxnetflt vboxdrv nls_cp437 vfat fat usb_storage nls_iso8859_1 
nls_utf8 cifs tun parport_pc lp parport autofs4 fuse loop gspca_zc3xx gspca_main videodev v4l1_compat usbhid 
snd_hda_intel snd_pcm e1000e r8169 snd_seq snd_timer snd_seq_device uhci_hcd snd ohci1394 8250_pnp ieee1394 soundcore
 8250 snd_page_alloc serial_core [last unloaded: vboxdrv]
Feb 17 16:01:48 Hasim kernel:
Feb 17 16:01:48 Hasim kernel: Pid: 7, comm: events/0 Not tainted (2.6.28.4 #1)         
Feb 17 16:01:48 Hasim kernel: EIP: 0060:[<f9362bb6>] EFLAGS: 00010216 CPU: 0
Feb 17 16:01:48 Hasim kernel: EIP is at 0xf9362bb6
Feb 17 16:01:48 Hasim kernel: EAX: f706bf20 EBX: 00000000 ECX: 00000001 EDX: 000001a8
Feb 17 16:01:48 Hasim kernel: ESI: 000000d6 EDI: 00000000 EBP: f706bee8 ESP: f706be40
Feb 17 16:01:48 Hasim kernel: DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
Feb 17 16:01:48 Hasim kernel: Process events/0 (pid: 7, ti=f706a000 task=f704d810 task.ti=f706a000)
Feb 17 16:01:48 Hasim kernel: Stack:
Feb 17 16:01:48 Hasim kernel: 00000000 00000000 00000000 f60b4001 c0260cfd 00000000 00000000 00000000
Feb 17 16:01:48 Hasim kernel: 00000000 00000001 00000000 f20bd01c f6921390 00000001 00000000 00000000
Feb 17 16:01:48 Hasim kernel: 00000000 00000001 f69cc110 f82d2d1d 00000000 c02defee 00000739 c27d5bc0
Feb 17 16:01:48 Hasim kernel: Call Trace:
Feb 17 16:01:48 Hasim kernel: [<c0260cfd>] n_tty_receive_buf+0x58d/0xf90
Feb 17 16:01:48 Hasim kernel: [<f82d2d1d>] ohci_irq_handler+0x4d/0x8e0 [ohci1394]
Feb 17 16:01:48 Hasim kernel: [<c02defee>] ehci_irq+0x2e/0x1e0
Feb 17 16:01:48 Hasim kernel: [<c011bb0e>] update_curr+0x15e/0x190
Feb 17 16:01:48 Hasim kernel: [<f9180185>] vboxNetFltLinuxForwardSegment+0x85/0xb0 [vboxnetflt]
Feb 17 16:01:48 Hasim kernel: [<c03a32cb>] schedule+0x25b/0x800
Feb 17 16:01:48 Hasim kernel: [<c012f6a7>] lock_timer_base+0x27/0x60
Feb 17 16:01:48 Hasim kernel: [<f918026a>] vboxNetFltLinuxXmitTask+0xba/0x170 [vboxnetflt]
Feb 17 16:01:48 Hasim kernel: [<f91801b0>] vboxNetFltLinuxXmitTask+0x0/0x170 [vboxnetflt]

[frank]

firemeteor: What Linux distribution is that? And how easy to reproducible is that panic? Does it just occur during VM start like with zippy?

[frank]

zippy, is your host i386 or x86_64?

[frank]

We cannot reproduce the problem. Using the latest CentOS kernel (2.6.18-92.1.22 / i386). Host interface works fine, regardless if PCNet or E1000 is chosen as guest network adapter.

[firemeteor]

frank: I'm using Debian i386. But the kernel I use is a customized one, 2.6.28.4 from kernel.org plus the Intel gem patch (My G43 video chip requires it). Once I start a VM the panic happens and I have to reboot the system to make it stable. The guest is simply a bare machine without a guest os running.

I tried the OSE version 2.1.2 from the Debian repository and the 2.1.4 version from virtualbox.org. Both of them do not work for me. But if I use NAT networking, virtualbox is quite stable.

Tell me if other information is needed.

[zippy]

Replying to frank:

zippy, is your host i386 or x86_64?

x86_64

[aleksey]

zippy,

I installed CentOS 5.2 (2.6.18-92.el5) i386. Took the attached testvm.xml (removed the reference to the attached HD though). When I start VM it PXE boot shows up, no kernel panics. How do you get panic: simply starting VM, half way booting up the guest, or running some traffic?

[aleksey]

Could you also post the part of /var/log/kern.log just as firemeteor did? I'd like to know if it is the same problem you are experiencing.

[zippy]

aleksey,

When I opened the ticket I felt the description in #2827 was very close to the behavior I was seeing to just simply reference #2827. However, there are some differences between the behavior which I'm observing and that being reported by firemeteor. Some additional background info below. If you need other details, LMK.

• This is an x86_64 host:

  Linux yankee 2.6.18-92.1.13.el5 #1 SMP Wed Sep 24 19:32:05 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux
  

• This panic initially occurred after an upgrade from 2.0.6 -> 2.1.0. I subsequently rolled back to 2.0.6 and recovered my Machines and VDIs from backup.

• The panic which prompted me to open the ticket occurred after an upgrade from 2.0.6 -> 2.1.4. After opening the ticket, I again rolled back to 2.0.6 and recovered Machines/VDIs from backup.

• The HW being used here is a development system and I needed to preserve the existing guests, so I've installed a new instance of 2.1.0 from a pre-built RPM package (VirtualBox-2.1.4_42893_rhel5-1.x86_64.rpm) and configured a single 32-bit guest from a CentOS DVD ISO (CentOS-5.2-i386-bin-DVD.iso).

• All 32-bit guests build without issue as long as network Adapter 1 is attached to NAT.

• The network Adapter Type emulation is 82540EM

• The host panics as soon as the guest is launched with the network adapter attached to the active 'eth0' hostif.

• For whatever reason, the panic my system suffers doesn't produce a call trace. Output from kern.log below. The panic happens right after Feb 25 22:50:46 (but no traceback) and the subsequent power-cycle restart is the next event seen in the log.

Feb 25 22:43:07 yankee kernel: sky2 eth0: enabling interface
Feb 25 22:43:07 yankee kernel: sky2 eth0: ram buffer 48K
Feb 25 22:43:07 yankee kernel: ADDRCONF(NETDEV_UP): eth0: link is not ready
Feb 25 22:43:07 yankee kernel: sky2 eth0: Link is up at 100 Mbps, full duplex, flow control both
Feb 25 22:43:07 yankee kernel: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Feb 25 22:43:07 yankee kernel: Bluetooth: Core ver 2.10
Feb 25 22:43:07 yankee kernel: NET: Registered protocol family 31
Feb 25 22:43:07 yankee kernel: Bluetooth: HCI device and connection manager initialized
Feb 25 22:43:07 yankee kernel: Bluetooth: HCI socket layer initialized
Feb 25 22:43:07 yankee kernel: Bluetooth: L2CAP ver 2.8
Feb 25 22:43:07 yankee kernel: Bluetooth: L2CAP socket layer initialized
Feb 25 22:43:07 yankee kernel: Bluetooth: RFCOMM socket layer initialized
Feb 25 22:43:07 yankee kernel: Bluetooth: RFCOMM TTY layer initialized
Feb 25 22:43:07 yankee kernel: Bluetooth: RFCOMM ver 1.8
Feb 25 22:43:08 yankee kernel: Bluetooth: HIDP (Human Interface Emulation) ver 1.1
Feb 25 22:43:09 yankee kernel: vboxdrv: Trying to deactivate the NMI watchdog...
Feb 25 22:43:09 yankee kernel: vboxdrv: Successfully done.
Feb 25 22:43:09 yankee kernel: vboxdrv: Trying to deactivate the NMI watchdog permanently...
Feb 25 22:43:09 yankee kernel: vboxdrv: Found 2 processor cores.
Feb 25 22:43:09 yankee kernel: VBoxDrv: dbg - g_abExecMemory=ffffffff88657ac0
Feb 25 22:43:09 yankee kernel: vboxdrv: fAsync=1 offMin=0x364d offMax=0x364d
Feb 25 22:43:09 yankee kernel: vboxdrv: TSC mode is 'asynchronous', kernel timer mode is 'normal'.
Feb 25 22:43:09 yankee kernel: vboxdrv: Successfully loaded version 2.1.4 (interface 0x000a0009).
Feb 25 22:43:09 yankee kernel: VBoxNetFlt: dbg - g_abExecMemory=ffffffff887f9ce0
Feb 25 22:43:14 yankee kernel: eth0: no IPv6 routers present
Feb 25 22:50:46 yankee kernel: device eth0 entered promiscuous mode
Feb 25 22:52:49 yankee kernel: klogd 1.4.1, log source = /proc/kmsg started.
Feb 25 22:52:49 yankee kernel: Linux version 2.6.18-92.1.13.el5 (mockbuild@builder10.centos.org) (gcc version 4.1.2 20071124 (Red Hat 4.1.2-42)) #1 SMP Wed Sep 24 19:32:05 EDT 2008
Feb 25 22:52:49 yankee kernel: Command line: ro root=LABEL=/ rhgb quiet

[aleksey]

2.1.4 version with enabled debug messages

[aleksey]

Could you replace /usr/share/virtualbox/src/vboxnetflt/linux/VBoxNetFlt-linux.c with the one I've just attached? Then rebuild the modules with

/etc/init.d/vboxdrv setup

as root. You may also need to set the path to kernel sources

KERN_DIR=/usr/src/kernels/<your kernel version here>/
export KERN_DIR

The attached version enables debug tracing to system log (/var/log/messages most probably). Please, reproduce the problem and attach the resulting system log.

[firemeteor]

My syslog with debug information:

Feb 26 17:59:53 Hasim kernel: vboxdrv: Trying to deactivate the NMI watchdog permanently...
Feb 26 17:59:53 Hasim kernel: vboxdrv: Successfully done.
Feb 26 17:59:53 Hasim kernel: vboxdrv: Found 2 processor cores.
Feb 26 17:59:53 Hasim kernel: vboxdrv: fAsync=0 offMin=0x1c8 offMax=0x108d
Feb 26 17:59:53 Hasim kernel: vboxdrv: TSC mode is 'synchronous', kernel timer mode is 'normal'.
Feb 26 17:59:53 Hasim kernel: vboxdrv: Successfully loaded version 2.1.4 (interface 0x000a0009).
Feb 26 17:59:53 Hasim kernel: VBoxNetFltLinuxInit
Feb 26 17:59:53 Hasim kernel: VBoxNetFlt: Successfully started.
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxAttachToInterface: pThis=f6bca410 (eth0)
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxAttachToInterface: Device f6b50000(eth0) retained. ref=29
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxAttachToInterface: Got pDev=f6b50000 pThis=f6bca410 pThis->u.s.pDev=f6b50000
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxAttachToInterface: this=f6bca410: Packet handler installed.
Feb 26 18:01:34 Hasim kernel: VBoxNetFlt: attached to 'eth0' / %Rhxs
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxDeviceIsUp: no need to enable promiscuous mode on eth0 (0)
Feb 26 18:01:34 Hasim kernel: vboxNetFltOsInitInstance: this=f6bca410: Notifier installed.
Feb 26 18:01:34 Hasim kernel: vboxNetFltPortOsSetActive: pThis=f6bca410 (eth0), fActive=true
Feb 26 18:01:34 Hasim kernel: device eth0 entered promiscuous mode
Feb 26 18:01:34 Hasim kernel: vboxNetFltPortOsSetActive: enabled promiscuous mode on eth0 (1)
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxPacketHandler: pBuf=f13520c0 pSkbDev=f6b50000 pPacketType=f6bca484
Feb 26 18:01:34 Hasim kernel: ------------[ cut here ]------------
Feb 26 18:01:34 Hasim kernel: WARNING: at net/core/dev.c:1536 skb_gso_segment+0xf7/0x190()
Feb 26 18:01:34 Hasim kernel: Modules linked in: vboxnetflt vboxdrv nls_iso8859_1 nls_utf8 cifs tun parport_pc lp parport autofs4 fuse loop gspca_zc3xx gspca_main videodev v4l1_compat usbhid snd_hda_intel snd_pcm snd_seq snd_timer snd_seq_device snd ohci1394 uhci_hcd e1000e soundcore ieee1394 snd_page_alloc 8250_pnp 8250 r8169 serial_core [last unloaded: vboxdrv]
Feb 26 18:01:34 Hasim kernel: Pid: 7, comm: events/0 Not tainted 2.6.28.4 #1
Feb 26 18:01:34 Hasim kernel: Call Trace:
Feb 26 18:01:34 Hasim kernel: [<c0125baf>] warn_on_slowpath+0x5f/0xa0
Feb 26 18:01:34 Hasim kernel: [<c0114cbc>] ack_apic_level+0x6c/0x2a0
Feb 26 18:01:34 Hasim kernel: [<c0157ab8>] handle_IRQ_event+0x28/0x50
Feb 26 18:01:34 Hasim kernel: [<f8299d1d>] ohci_irq_handler+0x4d/0x8e0 [ohci1394]
Feb 26 18:01:34 Hasim kernel: [<c011bb0e>] update_curr+0x15e/0x190
Feb 26 18:01:34 Hasim kernel: [<c011d433>] dequeue_task_fair+0x33/0x1c0
Feb 26 18:01:34 Hasim kernel: [<c011bfce>] dequeue_task+0x6e/0x90
Feb 26 18:01:34 Hasim kernel: [<c03a32cb>] schedule+0x25b/0x800
Feb 26 18:01:34 Hasim kernel: [<c01694af>] refresh_cpu_vm_stats+0x6f/0xa0
Feb 26 18:01:34 Hasim kernel: [<c01366f0>] delayed_work_timer_fn+0x0/0x30
Feb 26 18:01:34 Hasim kernel: [<c0310bd7>] skb_gso_segment+0xf7/0x190
Feb 26 18:01:34 Hasim kernel: [<f8db0439>] vboxNetFltLinuxXmitTask+0xe9/0x150 [vboxnetflt]
Feb 26 18:01:34 Hasim kernel: [<f8db0350>] vboxNetFltLinuxXmitTask+0x0/0x150 [vboxnetflt]
Feb 26 18:01:34 Hasim kernel: [<c0135dfd>] run_workqueue+0x5d/0x110
Feb 26 18:01:34 Hasim kernel: [<c0135f38>] worker_thread+0x88/0xf0
Feb 26 18:01:34 Hasim kernel: [<c0139800>] autoremove_wake_function+0x0/0x50
Feb 26 18:01:34 Hasim kernel: [<c0135eb0>] worker_thread+0x0/0xf0
Feb 26 18:01:34 Hasim kernel: [<c0139509>] kthread+0x39/0x70
Feb 26 18:01:34 Hasim kernel: [<c01394d0>] kthread+0x0/0x70
Feb 26 18:01:34 Hasim kernel: [<c010415b>] kernel_thread_helper+0x7/0x1c
Feb 26 18:01:34 Hasim kernel: ---[ end trace 00552bf5356d5d82 ]---
Feb 26 18:01:34 Hasim kernel: BUG: unable to handle kernel paging request at ffffffa3
Feb 26 18:01:34 Hasim kernel: IP: [<f8db044a>] vboxNetFltLinuxXmitTask+0xfa/0x150 [vboxnetflt]
Feb 26 18:01:34 Hasim kernel: *pde = 00008067 *pte = 00000000 
Feb 26 18:01:34 Hasim kernel: Oops: 0000 [#1] SMP 
Feb 26 18:01:34 Hasim kernel: last sysfs file: /sys/class/net/eth0/statistics/collisions
Feb 26 18:01:34 Hasim kernel: Modules linked in: vboxnetflt vboxdrv nls_iso8859_1 nls_utf8 cifs tun parport_pc lp parport autofs4 fuse loop gspca_zc3xx gspca_main videodev v4l1_compat usbhid snd_hda_intel snd_pcm snd_seq snd_timer snd_seq_device snd ohci1394 uhci_hcd e1000e soundcore ieee1394 snd_page_alloc 8250_pnp 8250 r8169 serial_core [last unloaded: vboxdrv]
Feb 26 18:01:34 Hasim kernel:
Feb 26 18:01:34 Hasim kernel: Pid: 7, comm: events/0 Tainted: G        W  (2.6.28.4 #1)         
Feb 26 18:01:34 Hasim kernel: EIP: 0060:[<f8db044a>] EFLAGS: 00010286 CPU: 0
Feb 26 18:01:34 Hasim kernel: EIP is at vboxNetFltLinuxXmitTask+0xfa/0x150 [vboxnetflt]
Feb 26 18:01:34 Hasim kernel: EAX: ffffffa3 EBX: f706bf78 ECX: ffffffa3 EDX: ffffffa3
Feb 26 18:01:34 Hasim kernel: ESI: f1352480 EDI: 00000001 EBP: f6bca410 ESP: f706bf6c
Feb 26 18:01:34 Hasim kernel: DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
Feb 26 18:01:34 Hasim kernel: Process events/0 (pid: 7, ti=f706a000 task=f704d810 task.ti=f706a000)
Feb 26 18:01:34 Hasim kernel: Stack:
Feb 26 18:01:34 Hasim kernel: f6a64490 f706bf78 f6bca4a4 00000000 f6bca4b4 f700b400 f8db0350 f700b404
Feb 26 18:01:34 Hasim kernel: c0135dfd f700b404 f700b40c 0000007b 00000246 f700b40c f700b400 00000000
Feb 26 18:01:34 Hasim kernel: f700b404 c0135f38 00000000 f704d810 c0139800 f706bfc0 f706bfc0 f700b400
Feb 26 18:01:34 Hasim kernel: Call Trace:
Feb 26 18:01:34 Hasim kernel: [<f8db0350>] vboxNetFltLinuxXmitTask+0x0/0x150 [vboxnetflt]
Feb 26 18:01:34 Hasim kernel: [<c0135dfd>] run_workqueue+0x5d/0x110
Feb 26 18:01:34 Hasim kernel: [<c0135f38>] worker_thread+0x88/0xf0
Feb 26 18:01:34 Hasim kernel: [<c0139800>] autoremove_wake_function+0x0/0x50
Feb 26 18:01:34 Hasim kernel: [<c0135eb0>] worker_thread+0x0/0xf0
Feb 26 18:01:34 Hasim kernel: [<c0139509>] kthread+0x39/0x70
Feb 26 18:01:34 Hasim kernel: [<c01394d0>] kthread+0x0/0x70
Feb 26 18:01:34 Hasim kernel: [<c010415b>] kernel_thread_helper+0x7/0x1c
Feb 26 18:01:34 Hasim kernel: Code: 00 e8 2b 11 00 00 83 c4 10 5b 5e 5f 5d c3 8d 76 00 31 d2 89 f0 e8 a7 06 56 c7 89 c2 85 c0 75 0b eb 1e 8d b4 26 00 00 00 00 89 da <8b> 1a 89 f9 c7 02 00 00 00 00 89 e8 e8 25 fe ff ff 85 db 75 e9 
Feb 26 18:01:34 Hasim kernel: EIP: [<f8db044a>] vboxNetFltLinuxXmitTask+0xfa/0x150 [vboxnetflt] SS:ESP 0068:f706bf6c
Feb 26 18:01:34 Hasim kernel: ---[ end trace 00552bf5356d5d82 ]---
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxPacketHandler: pBuf=f1352000 pSkbDev=f6b50000 pPacketType=f6bca484
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxPacketHandler: pBuf=f10cd900 pSkbDev=f6b50000 pPacketType=f6bca484
Feb 26 18:01:34 Hasim kernel: vboxNetFltLinuxPacketHandler: pBuf=f10cdcc0 pSkbDev=f6b50000 pPacketType=f6bca484
Feb 26 18:01:35 Hasim kernel: vboxNetFltLinuxPacketHandler: pBuf=f10cd6c0 pSkbDev=f6b50000 pPacketType=f6bca484

The last line keeps repeating even after I rmmod vboxnetflt.

[zippy]

Replying to aleksey:

Could you replace /usr/share/virtualbox/src/vboxnetflt/linux/VBoxNetFlt-linux.c with the one I've just attached? Then rebuild the modules with

/etc/init.d/vboxdrv setup

as root. You may also need to set the path to kernel sources

KERN_DIR=/usr/src/kernels/<your kernel version here>/
export KERN_DIR

The attached version enables debug tracing to system log (/var/log/messages most probably). Please, reproduce the problem and attach the resulting system log.

My syslog output with debug VBoxNetFlt-linux.c

Feb 26 08:00:37 yankee ntpd[5142]: synchronized to 140.99.51.114, stratum 2
Feb 26 10:29:51 yankee kernel: VBoxDrv: dbg - g_abExecMemory=ffffffff88655ac0
Feb 26 10:29:51 yankee kernel: vboxdrv: fAsync=1 offMin=0xa117f6 offMax=0xa117f6
Feb 26 10:29:51 yankee kernel: vboxdrv: TSC mode is 'asynchronous', kernel timer mode is 'normal'.
Feb 26 10:29:51 yankee kernel: VBoxNetFlt: dbg - g_abExecMemory=ffffffff887f8020
Feb 26 10:29:51 yankee kernel: VBoxNetFltLinuxInit
Feb 26 10:29:51 yankee kernel: VBoxNetFlt: Successfully started.
Feb 26 10:34:51 yankee kernel: vboxNetFltLinuxAttachToInterface: pThis=ffff81011d0d2810 (eth0)
Feb 26 10:34:51 yankee kernel: vboxNetFltLinuxAttachToInterface: Device ffff81011b3ab000(eth0) retained. ref=58
Feb 26 10:34:51 yankee kernel: vboxNetFltLinuxAttachToInterface: Got pDev=ffff81011b3ab000 pThis=ffff81011d0d2810 pThis->u.s.pDev=ffff81011b3ab000
Feb 26 10:34:51 yankee kernel: vboxNetFltLinuxAttachToInterface: this=ffff81011d0d2810: Packet handler installed.
Feb 26 10:34:51 yankee kernel: VBoxNetFlt: attached to 'eth0' / %Rhxs
Feb 26 10:34:51 yankee kernel: vboxNetFltLinuxDeviceIsUp: no need to enable promiscuous mode on eth0 (0)
Feb 26 10:34:51 yankee kernel: vboxNetFltOsInitInstance: this=ffff81011d0d2810: Notifier installed.
Feb 26 10:34:51 yankee kernel: vboxNetFltPortOsSetActive: pThis=ffff81011d0d2810 (eth0), fActive=true
Feb 26 10:34:51 yankee kernel: device eth0 entered promiscuous mode
Feb 26 10:34:51 yankee kernel: vboxNetFltPortOsSetActive: enabled promiscuous mode on eth0 (1)

Panic occurs here, followed by power-cycle restart

Feb 26 10:39:03 yankee syslogd 1.4.1: restart.
Feb 26 10:39:03 yankee kernel: klogd 1.4.1, log source = /proc/kmsg started.
Feb 26 10:39:03 yankee kernel: Linux version 2.6.18-92.1.13.el5 (mockbuild@builder10.centos.org) (gcc version 4.1.2 20071124 (Red Hat 4.1.2-42)) #1 SMP Wed Sep 24 19:32:05 EDT 2008
Feb 26 10:39:03 yankee kernel: Command line: ro root=LABEL=/ rhgb quiet

[frank]

zippy, still no idea even after looking at your logs. Any chance that you update your host kernel to the latest CentOS kernel (-92.1.22.el5) and try again? Just to make sure that this problem is not host-kernel-related.

[zippy]

Replying to frank:

zippy, still no idea even after looking at your logs. Any chance that you update your host kernel to the latest CentOS kernel (-92.1.22.el5) and try again? Just to make sure that this problem is not host-kernel-related.

Ok, I upgraded to 2.6.18-92.1.22.el5, rebuilt the kernel module and as soon as I launched the client the host panics. Here's what was logged to kern.log:

--snip--
Mar  8 14:00:05 yankee kernel: eth0: no IPv6 routers present
Mar  8 14:01:34 yankee kernel: vboxdrv: Trying to deactivate the NMI watchdog...
Mar  8 14:01:34 yankee kernel: vboxdrv: Successfully done.
Mar  8 14:01:34 yankee kernel: vboxdrv: Trying to deactivate the NMI watchdog permanently...
Mar  8 14:01:34 yankee kernel: vboxdrv: Found 2 processor cores.
Mar  8 14:01:34 yankee kernel: VBoxDrv: dbg - g_abExecMemory=ffffffff88655ac0
Mar  8 14:01:34 yankee kernel: vboxdrv: fAsync=1 offMin=0x381cc offMax=0x381cc
Mar  8 14:01:34 yankee kernel: vboxdrv: TSC mode is 'asynchronous', kernel timer mode is 'normal'.
Mar  8 14:01:34 yankee kernel: vboxdrv: Successfully loaded version 2.1.4 (interface 0x000a0009).
Mar  8 14:01:34 yankee kernel: VBoxNetFlt: dbg - g_abExecMemory=ffffffff887f8020
Mar  8 14:01:34 yankee kernel: VBoxNetFltLinuxInit
Mar  8 14:01:34 yankee kernel: VBoxNetFlt: Successfully started.
Mar  8 14:03:39 yankee kernel: vboxNetFltLinuxAttachToInterface: pThis=ffff81011b47ca10 (eth0)
Mar  8 14:03:39 yankee kernel: vboxNetFltLinuxAttachToInterface: Device ffff81011cc5c800(eth0) retained. ref=27
Mar  8 14:03:39 yankee kernel: vboxNetFltLinuxAttachToInterface: Got pDev=ffff81011cc5c800 pThis=ffff81011b47ca10 pThis->u.s.pDev=ffff81011cc5c800
Mar  8 14:03:39 yankee kernel: vboxNetFltLinuxAttachToInterface: this=ffff81011b47ca10: Packet handler installed.
Mar  8 14:03:39 yankee kernel: VBoxNetFlt: attached to 'eth0' / %Rhxs
Mar  8 14:03:39 yankee kernel: vboxNetFltLinuxDeviceIsUp: no need to enable promiscuous mode on eth0 (0)
Mar  8 14:03:39 yankee kernel: vboxNetFltOsInitInstance: this=ffff81011b47ca10: Notifier installed.
Mar  8 14:03:39 yankee kernel: vboxNetFltPortOsSetActive: pThis=ffff81011b47ca10 (eth0), fActive=true
Mar  8 14:03:39 yankee kernel: device eth0 entered promiscuous mode
Mar  8 14:03:39 yankee kernel: vboxNetFltPortOsSetActive: enabled promiscuous mode on eth0 (1)
Mar  8 14:05:45 yankee kernel: klogd 1.4.1, log source = /proc/kmsg started.
Mar  8 14:05:45 yankee kernel: Linux version 2.6.18-92.1.22.el5 (mockbuild@builder10.centos.org) (gcc version 4.1.2 20071124 (Red Hat 4.1.2-42)) #1 SMP Tue Dec 16 11:57:43 EST 2008
Mar  8 14:05:45 yankee kernel: Command line: ro root=LABEL=/ rhgb quiet
Mar  8 14:05:45 yankee kernel: BIOS-provided physical RAM map:
Mar  8 14:05:45 yankee kernel:  BIOS-e820: 0000000000000000 - 000000000009c000 (usable)
Mar  8 14:05:45 yankee kernel:  BIOS-e820: 000000000009c000 - 00000000000a0000 (reserved)
---snip---

I'm gonna give this a try on a Xeon (vs. Opteron) just to see if it's repeatable over there...

[frank]

Yes, that would be great!

[zippy]

Replying to frank:

Yes, that would be great!

Ok, I tried this on a dual Xeon E5440 @ 2.83GHz stepping 06 (Sun Blade 6250) and the guest booted without issue. Same host OS (CentOS-5.2 x86_64, 2.6.18-92.1.22.el5) and same guest OS (CentOS-5.2 i386, 2.6.18-92.el5) as was used on the Opteron 185 (version 2.20.00). Identical hostif (eth0 using 82540EM) and grub entries on both systems:

title CentOS (2.6.18-92.1.22.el5)
        root (hd0,0)
        kernel /boot/vmlinuz-2.6.18-92.1.22.el5 ro root=LABEL=/ nmi_watchdog=0 quiet 
        initrd /boot/initrd-2.6.18-92.1.22.el5.img

No AMD-V instructions enabled on the Xeon E5440.

[frank]

Please check if the problem persists with VirtualBox 2.2.2. There was a small change in the netfilter code which could fix that problem (we were never able to reproduce it though).

[frank]

Should be a duplicate of #3926.