Site Navigation

Date:      Fri, 5 Dec 2014 11:29:27 -0800
From:      Ron Thomas <ron@vopenhouse.ca>
To:        vbox@FreeBSD.org
Subject:   VBoxHeadless seg fault
Message-ID:  <CAHf5H2nGW8wJZdh7Zg8qSf7zdOAwNAsYFmROT71EG9ZHSXgxQw@mail.gmail.com>

---

next in thread | raw e-mail | index | archive | help

---

I'm trying to understand what is happening when this segfault occurs.  From
the user perspective it happens randomly.

In the code ptr is incremented by the size of VRDEORDERCODE which I think
pushes it out of bounds causing the other values to go out of bounds as
well?

Any help would be appreciated.

Ron

#uname -a
FreeBSD myhostname.someplace.com 9.2-RELEASE-p12 FreeBSD 9.2-RELEASE-p12
#0: Mon Sep 15 18:46:46 UTC 2014
root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC
amd64

# gdb `which VBoxHeadless` VBoxHeadless.core.save-1

(gdb) bt
#0  0x0000000808801f67 in VNCServerImpl::VRDEUpdate (hServer=0x808064500,
uScreenId=0, pvUpdate=0x824186562, cbUpdate=1702105)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/ExtPacks/VNC/VBoxVNC.cpp:823
#1  0x000000080616693f in ConsoleVRDPServer::SendUpdate (this=0x805813f00,
uScreenId=0, pvUpdate=0x824186562, cbUpdate=1702105)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Main/src-client/ConsoleVRDPServer.cpp:3795
#2  0x00000008061755a5 in Display::displayVBVAUpdateProcess
(pInterface=0x80bb89cb8, uScreenId=0, pCmd=0x824186562, cbCmd=1702105)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Main/src-client/DisplayImpl.cpp:4770
#3  0x00000008129264de in vbvaFlushProcess (uScreenId=0,
pVGAState=0x8072f0100, pPartialRecord=0x80b317b90, pVBVA=0x82413f000)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Devices/Graphics/DevVGA_VBVA.cpp:380
#4  0x00000008129268ac in vbvaFlush (pVGAState=0x8072f0100,
pCtx=0x80b317b48) at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Devices/Graphics/DevVGA_VBVA.cpp:462
#5  0x000000081292691d in VBVAUpdateDisplay (pVGAState=0x8072f0100) at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Devices/Graphics/DevVGA_VBVA.cpp:2492
#6  0x000000081285a679 in vgaPortUpdateDisplay (pInterface=0x807300e10) at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Devices/Graphics/DevVGA.cpp:4541
#7  0x000000080617d160 in Display::displayRefreshCallback
(pInterface=0x80bb89cb8)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Main/src-client/DisplayImpl.cpp:3872
#8  0x0000000812859f97 in vgaTimerRefresh (pDevIns=0x8072f0000,
pTimer=0x8006ce430, pvUser=0x8072f0100)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Devices/Graphics/DevVGA.cpp:5211
#9  0x00000008066e7c93 in tmR3TimerQueueRun (pVM=0x80067e000,
pQueue=0x8006b8890) at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/VMM/VMMR3/TM.cpp:2072
#10 0x00000008066f5dd9 in TMR3TimerQueuesDo (pVM=0x80067e000) at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/VMM/VMMR3/TM.cpp:1990
#11 0x000000080670da99 in vmR3HaltGlobal1Halt (pUVCpu=0x80ac02180,
fMask=540, u64Now=3630149027607711)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/VMM/VMMR3/VMEmt.cpp:685
#12 0x000000080670d25b in VMR3WaitHalted (pVM=0x80067e000,
pVCpu=0x80069e000, fIgnoreInterrupts=true)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/VMM/VMMR3/VMEmt.cpp:1104
#13 0x00000008065ea394 in EMR3ExecuteVM (pVM=0x80067e000,
pVCpu=0x80069e000) at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/VMM/VMMR3/EM.cpp:2562
#14 0x000000080670f66a in vmR3EmulationThreadWithId
(ThreadSelf=0x808093100, pUVCpu=0x80ac02180, idCpu=1)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/VMM/VMMR3/VMEmt.cpp:235
#15 0x000000080670f8ac in vmR3EmulationThread (ThreadSelf=0x808093100,
pvArgs=0x80ac02180) at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/VMM/VMMR3/VMEmt.cpp:62
#16 0x0000000801d88d78 in rtThreadMain (pThread=0x808093100,
NativeThread=34494825472, pszThreadName=0x8080939d8 "EMT-1")
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Runtime/common/misc/thread.cpp:712
#17 0x0000000801e6416d in rtThreadNativeMain (pvArgs=0x808093100) at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/Runtime/r3/posix/thread-posix.cpp:324
#18 0x000000080082ad34 in pthread_getprio () from /lib/libthr.so.3
#19 0x0000000000000000 in ?? ()

(gdb) frame 0
#0  0x0000000808801f67 in VNCServerImpl::VRDEUpdate (hServer=0x808064500,
uScreenId=0, pvUpdate=0x824186562, cbUpdate=1702105)
    at
/usr/ports/emulators/virtualbox-ose/work/VirtualBox-4.3.20/src/VBox/ExtPacks/VNC/VBoxVNC.cpp:823
823                         instance->mFrameBuffer[destx]     =
instance->mScreenBuffer[srcx + 2];

(gdb) list +
818                     // RGB to BGR
819                     for (srcx = srcy, destx = desty;
820                          destx < desty + order->w * VNC_SIZEOFRGBA;
821                          srcx += bpp, destx += VNC_SIZEOFRGBA)
822                     {
823                         instance->mFrameBuffer[destx]     =
instance->mScreenBuffer[srcx + 2];
824                         instance->mFrameBuffer[destx + 1] =
instance->mScreenBuffer[srcx + 1];
825                         instance->mFrameBuffer[destx + 2] =
instance->mScreenBuffer[srcx];
826                     }
827                 }

(gdb) info locals
srcx = 14680064
desty = 14419848
width = 1280
bpp = 4
joff = 479202
srcy = 14419848
destx = 14680064
ptr = 0x82418656e <Address 0x82418656e out of bounds>
instance = (VNCServerImpl *) 0x808064500
order = (VRDEORDERHDR *) 0x824186562

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHf5H2nGW8wJZdh7Zg8qSf7zdOAwNAsYFmROT71EG9ZHSXgxQw>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact