[Pkg-virtualbox-devel] Bug#611861: virtualbox-ose: general protection fault after g_abExecMemory on a xen domU

Timo Juhani Lindfors timo.lindfors at iki.fi
Wed Feb 2 23:25:02 UTC 2011 

Package: virtualbox-ose
Version: 3.2.10-dfsg-1
Severity: normal

I tried to use virtualbox on a xen domU but it caused a general
protection fault:

[1668899.860029] tap1: no IPv6 routers present
[1670426.400491] br0: port 2(tap1) entering disabled state
[1670426.412252] br0: port 2(tap1) entering disabled state
[1674996.276699] warning: `VirtualBox' uses 32-bit capabilities (legacy support in use)
[1675047.499378] vboxdrv: Trying to deactivate the NMI watchdog permanently...
[1675047.499383] vboxdrv: Successfully done.
[1675047.499385] vboxdrv: Found 4 processor cores.
[1675047.500045] VBoxDrv: dbg - g_abExecMemory=ffffffffa017c6c0
[1675047.500153] vboxdrv: fAsync=0 offMin=0x84a offMax=0x3f71
[1675047.500796] vboxdrv: TSC mode is 'synchronous', kernel timer mode is 'normal'.
[1675047.500805] vboxdrv: Successfully loaded version 3.2.10_OSE (interface 0x00140001).
[1675514.298848] general protection fault: 0000 [#1] SMP
[1675514.298867] last sysfs file: /sys/devices/system/cpu/cpu3/online
[1675514.298871] CPU 0
[1675514.298875] Modules linked in: vboxnetadp vboxnetflt vboxdrv tcp_diag inet_diag ext2 tun nls_utf8 isofs nls_base iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 iptable_filter ip_tables x_tables binfmt_misc fuse nfs lockd fscache nfs_acl auth_rpcgss sunrpc bridge stp loop evdev pcspkr ext3 jbd mbcache dm_mod xen_netfront xen_blkfront [last unloaded: stap_27c90217d4dade632344ca523a9b0f83_17490]
[1675514.298926] Pid: 13117, comm: VirtualBox Not tainted 2.6.32-5-amd64 #1
[1675514.298930] RIP: e030:[<ffffc90000a54975>]  [<ffffc90000a54975>] 0xffffc90000a54975
[1675514.298938] RSP: e02b:ffff880069911ce0  EFLAGS: 00010282
[1675514.298942] RAX: 000000008000003b RBX: ffffc90000a8b340 RCX: 0000000000000000
[1675514.298946] RDX: ffffc90000a8b340 RSI: 0000000000000000 RDI: ffffc90000a8b000
[1675514.298950] RBP: ffff880069911d38 R08: 000000000001ad00 R09: ffffc90000a8b000
[1675514.298955] R10: ffffc90000a8b000 R11: ffffffff81152c80 R12: ffff88002dc69290
[1675514.298959] R13: 0000000000000206 R14: 00007f885b692bb0 R15: ffffffffa0306950
[1675514.298965] FS:  00007f885b693710(0000) GS:ffff880003682000(0000) knlGS:0000000000000000
[1675514.298970] CS:  e033 DS: 0000 ES: 0000 CR0: 000000008005003b
[1675514.298974] CR2: 00007f8869d74de4 CR3: 0000000079728000 CR4: 0000000000000664
[1675514.298978] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[1675514.298983] DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
[1675514.298988] Process VirtualBox (pid: 13117, threadinfo ffff880069910000, task ffff88000199a350)
[1675514.298992] Stack:
[1675514.298995]  ffffc90000a547d2 000000000000e033 ffffffffa0190d8f 636e795373736500
[1675514.299002] <0> 0000000000000b3f ffffffff8100dc35 00ffffff8100e242 636e795373736500
[1675514.299010] <0> ffff88006ec16810 ffff88002dc69290 00000000c0305687 ffff880069911d78
[1675514.299019] Call Trace:
[1675514.299027]  [<ffffffffa0190d8f>] ? g_abExecMemory+0x146cf/0x180000 [vboxdrv]
[1675514.299035]  [<ffffffff8100dc35>] ? xen_force_evtchn_callback+0x9/0xa
[1675514.299042]  [<ffffffffa0191205>] g_abExecMemory+0x14b45/0x180000 [vboxdrv]
[1675514.299048]  [<ffffffff8100dc35>] ? xen_force_evtchn_callback+0x9/0xa
[1675514.299053]  [<ffffffff8100e242>] ? check_events+0x12/0x20
[1675514.299059]  [<ffffffff81152c80>] ? cap_file_ioctl+0x0/0x3
[1675514.299064]  [<ffffffff8100e242>] ? check_events+0x12/0x20
[1675514.299072]  [<ffffffffa016cee6>] supdrvIOCtl+0x1240/0x2133 [vboxdrv]
[1675514.299078]  [<ffffffff810e7cad>] ? __kmalloc+0x12f/0x141
[1675514.299083]  [<ffffffff8100e242>] ? check_events+0x12/0x20
[1675514.299091]  [<ffffffffa0170fbd>] ? rtR0MemAlloc+0x88/0xb8 [vboxdrv]
[1675514.299099]  [<ffffffffa0170fbd>] ? rtR0MemAlloc+0x88/0xb8 [vboxdrv]
[1675514.299106]  [<ffffffffa0169319>] ? VBoxDrvLinuxIOCtl+0x116/0x191 [vboxdrv]
[1675514.299112]  [<ffffffff81048027>] ? finish_task_switch+0x44/0xaf
[1675514.299118]  [<ffffffff810fa68e>] ? vfs_ioctl+0x21/0x6c
[1675514.299122]  [<ffffffff810fabdc>] ? do_vfs_ioctl+0x48d/0x4cb
[1675514.299127]  [<ffffffff8100e242>] ? check_events+0x12/0x20
[1675514.299132]  [<ffffffff810fac6b>] ? sys_ioctl+0x51/0x70
[1675514.299137]  [<ffffffff81010b42>] ? system_call_fastpath+0x16/0x1b
[1675514.299141] Code: 88 06 00 00 48 83 e0 70 42 8b 8c 02 68 0a 00 00 23 4a 20 09 c8 0b 42 24 0f 22 e0 42 8b 84 02 50 0a 00 00 83 e0 04 0d 3b 00 00 80 <0f> 22 c0 42 0f 01 94 02 70 03 00 00 42 8b ac 02 20 03 00 00 b8
[1675514.299201] RIP  [<ffffc90000a54975>] 0xffffc90000a54975
[1675514.299207]  RSP <ffff880069911ce0>
[1675514.299219] ---[ end trace f60b712c70b93946 ]---
[1675519.737380] hostname[13131] general protection ip:7ff31a82a134 sp:7fff99f2ea40 error:0 in ld-2.11.2.so[7ff31a829000+1e000]
[1675519.825499] hostname[13135] general protection ip:7f13cb247134 sp:7fff3d20d180 error:0 in ld-2.11.2.so[7f13cb246000+1e000]
[1675519.836461] cat[13139] general protection ip:7efff11f6134 sp:7ffffc75f180 error:0 in ld-2.11.2.so[7efff11f5000+1e000]

More info:
1) I used gdb to disassemble the "Code: " part:

Dump of assembler code for function f:
0x0000000000600860 <f+0>:        88 06  mov    %al,(%rsi)
0x0000000000600862 <f+2>:        00 00  add    %al,(%rax)
0x0000000000600864 <f+4>:        48 83 e0 70    and    $0x70,%rax
0x0000000000600868 <f+8>:        42 8b 8c 02 68 0a 00 00        mov    0xa68(%rdx,%r8,1),%ecx
0x0000000000600870 <f+16>:       23 4a 20       and    0x20(%rdx),%ecx
0x0000000000600873 <f+19>:       09 c8  or     %ecx,%eax
0x0000000000600875 <f+21>:       0b 42 24       or     0x24(%rdx),%eax

0x0000000000600878 <f+24>:       0f 22 e0       mov    %rax,%cr4

0x000000000060087b <f+27>:       42 8b 84 02 50 0a 00 00        mov    0xa50(%rdx,%r8,1),%eax
0x0000000000600883 <f+35>:       83 e0 04       and    $0x4,%eax
0x0000000000600886 <f+38>:       0d 3b 00 00 80 or     $0x8000003b,%eax
0x000000000060088b <f+43>:       0f 22 c0       mov    %rax,%cr0
0x000000000060088e <f+46>:       42 0f 01 94 02 70 03 00 00     lgdt   0x370(%rdx,%r8,1)
0x0000000000600897 <f+55>:       42 8b ac 02 20 03 00 00        mov    0x320(%rdx,%r8,1),%ebp
0x000000000060089f <f+63>:       b8 00 00 00 00 mov    $0x0,%eax
End of assembler dump.

Hypothesis: %cr4 is a privileged register and can not be accessed from
a paravirtualized xen domU?

If running under xen is not support could you add a check for xen to
the virtualbox kernel modules?

2) The upstream bug for this seems to be  http://www.virtualbox.org/ticket/2383



-- System Information:
Debian Release: 6.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=fi_FI (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash

Versions of packages virtualbox-ose depends on:
ii  adduser                 3.112+nmu2       add and remove users and groups
ii  libc6                   2.11.2-7         Embedded GNU C Library: Shared lib
ii  libcurl3                7.21.0-1         Multi-protocol file transfer libra
ii  libgcc1                 1:4.4.5-8        GCC support library
ii  libpng12-0              1.2.44-1         PNG library - runtime
ii  libpython2.6            2.6.6-8+b1       Shared Python runtime library (ver
ii  libsdl1.2debian         1.2.14-6.1       Simple DirectMedia Layer
ii  libssl0.9.8             0.9.8o-4         SSL shared libraries
ii  libstdc++6              4.4.5-8          The GNU Standard C++ Library v3
ii  libvncserver0           0.9.7-2+b1       API to write one's own vnc server
ii  libx11-6                2:1.3.3-4        X11 client-side library
ii  libxcursor1             1:1.1.10-2       X cursor management library
ii  libxext6                2:1.1.2-1        X11 miscellaneous extension librar
ii  libxml2                 2.7.8.dfsg-2     GNOME XML library
ii  libxmu6                 2:1.0.5-2        X11 miscellaneous utility library
ii  libxt6                  1:1.0.7-1        X11 toolkit intrinsics library
ii  python                  2.6.6-3+squeeze5 interactive high-level object-orie
ii  python-central          0.6.16+nmu1      register and build utility for Pyt
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

Versions of packages virtualbox-ose recommends:
ii  libgl1-mesa-glx [libgl1]   7.7.1-4       A free implementation of the OpenG
ii  libqt4-opengl              4:4.6.3-4     Qt 4 OpenGL module
ii  libqtcore4                 4:4.6.3-4     Qt 4 core module
ii  libqtgui4                  4:4.6.3-4     Qt 4 GUI module
ii  virtualbox-ose-dkms        3.2.10-dfsg-1 x86 virtualization solution - kern
ii  virtualbox-ose-qt          3.2.10-dfsg-1 x86 virtualization solution - Qt b

Versions of packages virtualbox-ose suggests:
ii  libasound2                   1.0.23-2.1  shared library for ALSA applicatio
ii  libpulse0                    0.9.21-3+b1 PulseAudio client libraries
ii  vde2                         2.2.3-3     Virtual Distributed Ethernet
pn  virtualbox-guest-additions   <none>      (no description available)

-- no debconf information

More information about the Pkg-virtualbox-devel mailing list