246856 – app-emulation/vmware-server-1.0.6.91891 - Kernel oops on start of virtual-machine

Bug 246856 - app-emulation/vmware-server-1.0.6.91891 - Kernel oops on start of virtual-machine

Summary: app-emulation/vmware-server-1.0.6.91891 - Kernel oops on start of virtual-mac...

Status:	RESOLVED TEST-REQUEST

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	x86 Linux

Importance:	High normal (vote)
Assignee:	Gentoo VMWare Bug Squashers [disabled]

URL:
Whiteboard:
Keywords:

Depends on:	CVE-2008-4915
Blocks:
	Show dependency tree

Reported:	2008-11-15 13:27 UTC by Vladimir
Modified:	2008-11-18 07:19 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vladimir 2008-11-15 13:27:57 UTC

When i try to start Virtual Machine 
i get the kernel oops:

[0]: VMCI: Driver initialized.
[0]: Module vmmon: registered with major=10 minor=165
[0]: Module vmmon: initialized
/dev/vmnet: open called by PID 0 ()
/dev/vmnet: hub 0 does not exist, allocating memory.
/dev/vmnet: port on hub 0 successfully opened
bridge-eth0: enabling the bridge
bridge-eth0: up
bridge-eth0: already up
bridge-eth0: attached
/dev/vmnet: open called by PID 0 ()
/dev/vmnet: hub 8 does not exist, allocating memory.
/dev/vmnet: port on hub 8 successfully opened
/dev/vmnet: open called by PID 0 ()
/dev/vmnet: hub 1 does not exist, allocating memory.
/dev/vmnet: port on hub 1 successfully opened
/dev/vmnet: open called by PID 0 ()
/dev/vmnet: port on hub 8 successfully opened
/dev/vmnet: open called by PID 0 ()
/dev/vmnet: port on hub 1 successfully opened
/dev/vmnet: open called by PID 0 ()
/dev/vmnet: port on hub 8 successfully opened
BUG: unable to handle kernel NULL pointer dereference at 00000f33
IP: [<c03eb834>] down_read+0x0/0xa
*pde = 00000000 
Oops: 0002 [#1] PREEMPT 
Modules linked in: vmnet(P) vmmon(P) snd_mixer_oss vboxdrv snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer nvidia(P) snd soundcore snd_page_alloc

Pid: 3839, comm: vmware-vmx Tainted: P         (2.6.25-gentoo-r8 #2)
EIP: 0060:[<c03eb834>] EFLAGS: 00013216 CPU: 0
EIP is at down_read+0x0/0xa
EAX: 00000f33 EBX: 0000000f ECX: f1685cb8 EDX: b7db1000
ESI: f16a6000 EDI: b7db1000 EBP: 000b7db1 ESP: f1685c8c
 DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
Process vmware-vmx (pid: 3839, ti=f1684000 task=f167f050 task.ti=f1684000)
Stack: f8b10fee f1685cb8 00000000 0000000d b7db1000 f16a6000 ffffffff 000b7db1 
       f8b114f2 005f3300 00000000 00000000 f16a6000 fffffffe b7db1000 f165f000 
       f8b23d07 000a8002 f14a3780 f165f000 000007d9 f8b0ddcb f7627980 b7db1000 
Call Trace:
 [<f8b10fee>] HostIF_WritePage+0x83/0x257 [vmmon]
 [<f8b114f2>] HostIF_LockPage+0x58/0x133 [vmmon]
 [<f8b23d07>] Vmx86_LockPage+0x3b/0x60 [vmmon]
 [<f8b0ddcb>] cleanup_module+0xc63/0x322d [vmmon]
 [<c01790a7>] __getblk+0x27/0x253
 [<c01b7e4c>] ext3_get_block+0x89/0xbd
 [<c0110b38>] kmap_atomic_prot+0x13/0x9b
 [<c017fb2c>] do_mpage_readpage+0x594/0x5b2
 [<c01b7dc3>] ext3_get_block+0x0/0xbd
 [<c01c0faf>] __ext3_journal_dirty_metadata+0x13/0x32
 [<c013f4c7>] add_to_page_cache+0x9e/0xb7
 [<f8b0ee0d>] cleanup_module+0x1ca5/0x322d [vmmon]
 [<c017fcd2>] mpage_readpages+0x94/0xba
 [<f8b0ff70>] cleanup_module+0x2e08/0x322d [vmmon]
 [<c0143a17>] __alloc_pages+0x5e/0x2b3
 [<c01b7436>] ext3_readpages+0x0/0x15
 [<c01b7436>] ext3_readpages+0x0/0x15
 [<c0145583>] __do_page_cache_readahead+0x15e/0x1d5
 [<c01b7dc3>] ext3_get_block+0x0/0xbd
 [<c013f37a>] find_lock_page+0x86/0x9e
 [<c014127c>] filemap_fault+0x22c/0x3be
 [<c0149d72>] __do_fault+0x2bb/0x2f3
 [<c014dcc0>] vma_link+0xd2/0xec
 [<c014e2f3>] mmap_region+0x2d4/0x38a
 [<c014b85b>] handle_mm_fault+0x258/0x54a
 [<c0167667>] vfs_ioctl+0x47/0x5d
 [<c01678df>] do_vfs_ioctl+0x262/0x279
 [<c03ed865>] do_page_fault+0x268/0x573
 [<c0167922>] sys_ioctl+0x2c/0x42
 [<c0103a82>] sysenter_past_esp+0x5f/0x85
 =======================
Code: 4b ff ff ff 31 d2 85 c0 75 19 8b 53 08 85 d2 74 0d 89 e0 e8 b0 c6 d3 ff 85 c0 89 c2 7e 05 ba fc fd ff ff 83 c4 48 89 d0 5b 5e c3 <ff> 00 79 05 e8 a7 08 00 00 c3 ba 01 00 ff ff 0f c1 10 85 d2 74 
EIP: [<c03eb834>] down_read+0x0/0xa SS:ESP 0068:f1685c8c
---[ end trace 195026bcb8ffc13c ]---


Reproducible: Always

Steps to Reproduce:
1.create New VM as New=>Other=>Other=>minimal hdd
2.Try to boot it
3.Check dmesg

Actual Results:  
kernel oops, VM not started

Expected Results:  
succesfully started VM with no oops

Portage 2.1.4.5 (default/linux/x86/2008.0/developer, gcc-4.1.2, glibc-2.6.1-r0, 2.6.25-gentoo-r8 i686)
=================================================================
System uname: 2.6.25-gentoo-r8 i686 Intel(R) Pentium(R) 4 CPU 3.20GHz
Timestamp of tree: Fri, 14 Nov 2008 15:45:02 +0000
ccache version 2.4 [disabled]
app-shells/bash:     3.2_p33
dev-java/java-config: 1.3.7, 2.1.6
dev-lang/python:     2.4.4-r14, 2.5.2-r7
dev-python/pycrypto: 2.0.1-r6
dev-util/ccache:     2.4-r7
dev-util/cmake:      2.4.6-r1
sys-apps/baselayout: 2.0.0
sys-apps/openrc:     0.2.5
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.61-r2
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.26
virtual/os-headers:  2.6.23-r3
ACCEPT_KEYWORDS="x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-march=pentium3 -O2 -pipe -fomit-frame-pointer -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-march=pentium3 -O2 -pipe -fomit-frame-pointer -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="collision-protect cvs digest distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms sign splitdebug strict unmerge-orphans userfetch userpriv usersandbox"
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo"
LANG="ru_RU.UTF-8"
LC_ALL=""
LDFLAGS="-Wl,-O1"
LINGUAS="ru"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X aalib acl acpi alsa apache2 berkdb bzip2 cairo cdr chroot cli cracklib crypt cups dbus dri dvd dvdr dvdread eds emboss encode esd evo fam firefox fontconfig fortran gdbm gif gnome gstreamer gtk gtk2 hal iconv isdnlog jpeg kde kdeenablefinal kerberos ldap libnotify lirc mad mailwrapper midi mikmod mp3 mpeg mudflap mysql ncurses nls nptl nptlonly ogg openal opengl openmp pam pcre pdf perl png ppds pppd python qt3 qt3support qt4 quicktime readline reflection samba scanner sdl session slang snmp spell spl ssl startup-notification svg sysfs tcpd tetex tiff truetype unicode usb userlocales vorbis win32codecs x86 xml xorg xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="ru" USERLAND="GNU" VIDEO_CARDS="vesa nv nvidia vga vmware"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY

Comment 1 Mike Auty (RETIRED) gentoo-dev

2008-11-17 10:23:56 UTC

Vmware-server-1.0.6 is out of date, bug 245941 is about stabilizing vmware-server-1.0.8.  Please give that version a try, and see if you're still getting the same issues.

Please also check that vmware-modules has been compiled using the same compiler as the kernel (and without LDFLAGS set) and also please try the modules again without vboxdrv loaded.

I'm going to mark the bug as TEST-REQUEST since I've asked you to try out a lot of different things.  Do please re-open the bug once you've got the results, and let me know if there's been any improvement.  Thanks...  5:)

Comment 2 Vladimir 2008-11-18 07:19:05 UTC

I upgraded to gentoo-sources 2.6.25-r9 and re-installed all vmware stuff. Now all ok. Removing vboxdrv gave no effect. I'm going to test vmware-server 1.0.8 though.

(In reply to comment #1)
> Vmware-server-1.0.6 is out of date, bug 245941 is about stabilizing
> vmware-server-1.0.8.  Please give that version a try, and see if you're still
> getting the same issues.
> 
> Please also check that vmware-modules has been compiled using the same compiler
> as the kernel (and without LDFLAGS set) and also please try the modules again
> without vboxdrv loaded.
> 
> I'm going to mark the bug as TEST-REQUEST since I've asked you to try out a lot
> of different things.  Do please re-open the bug once you've got the results,
> and let me know if there's been any improvement.  Thanks...  5:)
>