Windows 4.3.16 specifically for errors due to security

Discussions related to using VirtualBox on Windows hosts.
bird
Oracle Corporation
Posts: 127
Joined: 10. May 2007, 10:27

Re: Windows 4.3.16 specifically for errors due to security

Post by bird »

Hi all!

Test build #6: https://www.virtualbox.org/download/tes ... 68-Win.exe

This only adds better diagnostics (for figuring out evil handles).

@Mucky: Could you give the new build a spin and upload new VBoxStartup.log, please?

Enjoy,
bird.
Knut St. Osmundsen
Oracle Corporation
RyanSpooner
Posts: 2
Joined: 6. Oct 2014, 20:51

Re: Windows 4.3.16 specifically for errors due to security

Post by RyanSpooner »

Just a heads up that build #6 fixed my issue, my VMs now start (though I did have to update the extension pack).

Now if you could only just fix your VBoxWindowsAdditions installer so that it doesn't block installation on Windows 10 which from a driver perspective is identical to 8.1, I would be set...
frg
Posts: 88
Joined: 29. Sep 2013, 12:22

Re: Windows 4.3.16 specifically for errors due to security

Post by frg »

3D trouble with officially ATI 14.4 Windows XP Server 2003 XP64 drivers (they are unsigned):

https://www.virtualbox.org/ticket/13480

Please put a switch in the product to disable the hardening routines. They are nothing but trouble and break any suspect configuration they doens't know of. I can live with the risk

FRG
bird
Oracle Corporation
Posts: 127
Joined: 10. May 2007, 10:27

Re: Windows 4.3.16 specifically for errors due to security

Post by bird »

Hi All!

Test build #7 is a slightly special build to try find a heap problem that @rexcat is seeing. It's safe to play with, though. :-)

Here's test build #7: https://www.virtualbox.org/download/tes ... 81-Win.exe

@rexcat: Thanks for the process dump. Same problem and location as before. So, I've instrumented that code to better be able to debug it in build #7. Could please try it and provide me with a new minidump in case it still crashes? (No compatibility mods, just plain old, like in the previous annex 1 run.)

@docfxit: Thanks for the dumps. Your VM is working fine, from what I can tell. The guest is idling (HLT or MWAIT instruction). With VBoxHeadless you aren't supposed to see any windows (since 2+ years already).

@RyanSpooner: Test build #7 should include GAs that installs on windows 10.

Enjoy,
bird.
Knut St. Osmundsen
Oracle Corporation
Jacob Klein
Posts: 696
Joined: 20. Nov 2013, 01:07

Re: Windows 4.3.16 specifically for errors due to security

Post by Jacob Klein »

Test Build #7 is **NOT** working for my Windows 10 Technical Preview host anymore (whereas Test Build #6 was working just fine)
The process immediately crashes, and Windows Error Reporting kicks in.

Event Viewer shows the following event, in the Application folder of Windows Logs:

Faulting application name: VirtualBox.exe, version: 0.0.0.0, time stamp: 0x54369c17
Faulting module name: VBoxRT.dll, version: 0.0.0.0, time stamp: 0x54369c0c
Exception code: 0xc0000005
Fault offset: 0x0000000000013160
Faulting process id: 0x2088
Faulting application start time: 0x01cfe3de216af0a7
Faulting application path: C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
Faulting module path: C:\Program Files\Oracle\VirtualBox\VBoxRT.dll
Report Id: 5f2a966d-4fd1-11e4-95e6-00219bffaeeb
Faulting package full name:
Faulting package-relative application ID:


....
0xc0000005 is a NULL REFERENCE exception, right?
You broke it :) I hope you can fix it. I'll uninstall, and reinstall Test Build #6, in the meantime.
Last edited by Jacob Klein on 9. Oct 2014, 18:33, edited 1 time in total.
RelakS
Posts: 15
Joined: 15. Sep 2014, 09:53

Re: Windows 4.3.16 specifically for errors due to security

Post by RelakS »

Hehh, I just tried the build #6 again :)

As it is very late now here, I may download #7 tomorrow.

#6 however caused a Host BSOD (see picture attached), and a 0 byte long VBoxStartup.log.

Is there any other log file I could post here, and would show what goes wrong?
Attachments
BSOD.jpg
BSOD.jpg (82.88 KiB) Viewed 11170 times
ggmbira
Posts: 3
Joined: 23. Aug 2014, 08:14

Re: Windows 4.3.16 specifically for errors due to security

Post by ggmbira »

Virtualbox 4.3.17r96468 on windows 7 sp1. Comodo firewall 7.0.317799.4142

Have the same behaviour as in previous post viewtopic.php?f=6&t=63556&start=60#p298950
I installed version 4.3.17r96426 had some good 1-2 vm starts but today it stopped with the below error
I tried version 4.3.17r96468 but no cigar.

Failed to open a session for the virtual machine windows 8.1.
The virtual machine 'windows 8.1' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'D:\VirtualBox\Development\windows 8.1\Logs\VBoxStartup.log'.
Result Code: E_FAIL (0x80004005)
Component: Machine
Interface: IMachine {480cf695-2d8d-4256-9c7c-cce4184fa048}

Attaching good and bad logs.
Attachments
Good_Logs.rar
(51.6 KiB) Downloaded 134 times
Bad_Logs.rar
(30.74 KiB) Downloaded 137 times
bird
Oracle Corporation
Posts: 127
Joined: 10. May 2007, 10:27

Re: Windows 4.3.16 specifically for errors due to security

Post by bird »

@Jacob Klein: Thanks for the detailed report. Thanks to you I now have a idea where in the code the heap corruption @rexcat is seeing might be. I also have a reasonable good chance of reproducing it (installing win10). :-) (0xc0000005 (STATUS_ACCESS_VIOLATION) is not restricted to NULL pointer violations. In this case it was to a not present page places after a heap allocation in order to catch overruns.)

@RelakS: Looks like the immediate problem is in dgmaster.sys (probably https://digitalguardian.com/ ?). I've requested a trial from them, but I am less than certain they'll respond. Without either a crash dump from the BSOD on your system or a way to reproduce this locally, I don't know I can can work around what looks like bugs in dgmaster.sys. Could you check check C:\Windows\Minidump\ for a file with a creation time shortly after that BSOD occured? Please?

-bird
Knut St. Osmundsen
Oracle Corporation
drescherjm
Posts: 13
Joined: 30. Apr 2008, 22:44

Re: Windows 4.3.16 specifically for errors due to security

Post by drescherjm »

Thanks a lot. I have verified that Virtualbox 4.3.17r96468 works for me with Windows8.1 and Endpoint 12.1.4100.4126

John
rnewman
Posts: 37
Joined: 11. Sep 2014, 19:58

Re: Windows 4.3.16 specifically for errors due to security

Post by rnewman »

Windows 7 Professional SP1 64bit
TrendMicro OfficeScan 11.0.1454
Virtualbox 4.3.17 test build #6 & #7

Testbuild #6 causes the host to hang then reboot. Attachment #1 is the minidump created in /windows/minidump

Testbuild #7 doesn't start and produces an error that virtualbox.exe did not start correctly. Attachment #2 is the files created in /users/rnewman/appdata/local/temp
Attachments
VirtualBox-4.3.17-test7.zip
Attachment #2 - test build #7
(176.34 KiB) Downloaded 158 times
VirtualBox-4.3.17-test6.zip
Attachement #1 - test build #6
(30.83 KiB) Downloaded 143 times
Samaru
Posts: 3
Joined: 5. Oct 2014, 19:42

Re: Windows 4.3.16 specifically for errors due to security

Post by Samaru »

hi,

Just to update you. Test build #5 worked for me.
bird
Oracle Corporation
Posts: 127
Joined: 10. May 2007, 10:27

Re: Windows 4.3.16 specifically for errors due to security

Post by bird »

@rnewman: Thanks for the minidumps!! Thanks to your dump file, fixing that test build #7 was very easy. :)
Now, the BSOD dump with test build #6 was caused by c:\windows\system32\drivers\sakfile.sys, a file that seems to be part of Trend Micro's Data Loss Prevention Endpoint (formerly Leakproof), though they might be shipping it with other solutions for what I know. It's very clear what they're doing wrong - carelessly accessing user process memory without any __try...__except block - and I might be able to work around it. However to do that, it would be great if you could upload sakfile.sys (I cannot find your version anywhere) as it would help me unwind the stack probably and more easily see what VirtualBox.exe is doing, and thus where it needs fudging.

Cheers,
bird.
Knut St. Osmundsen
Oracle Corporation
Mucky
Posts: 4
Joined: 7. Oct 2014, 15:53

Re: Windows 4.3.16 specifically for errors due to security

Post by Mucky »

Hi bird,

sorry for my late reply. I've installed Test build #6, attached the VBoxStartup.log

Best
Mucky
bird wrote:Hi all!

Test build #6: https://www.virtualbox.org/download/tes ... 68-Win.exe

This only adds better diagnostics (for figuring out evil handles).

@Mucky: Could you give the new build a spin and upload new VBoxStartup.log, please?

Enjoy,
bird.
Attachments
VBoxStartup.zip
VBoxStartup.LOG
(11.75 KiB) Downloaded 136 times
bird
Oracle Corporation
Posts: 127
Joined: 10. May 2007, 10:27

Re: Windows 4.3.16 specifically for errors due to security

Post by bird »

Hi All!

Test build #8: https://www.virtualbox.org/download/tes ... 91-Win.exe

Following fixes since test build #7:
- Should fix the evil handle problem @Mucky was seeing with AVG.
- Fix for heap corruption seen by @rexcat for a long time and a few more with test build #7.

This does not yet even try to fix the BSOD issues reported by @rnewman and @RelakS. I'll post a new build with these after I've caught 3-4 hours sleep.

Cheers,
bird.
Knut St. Osmundsen
Oracle Corporation
Jacob Klein
Posts: 696
Joined: 20. Nov 2013, 01:07

Re: Windows 4.3.16 specifically for errors due to security

Post by Jacob Klein »

Test build #8, 4.3.17 r96491 ........ appears to be working fine for me on host Windows 10 Technical Preview.
Thank you,
Jacob
Locked