VirtualBox

Opened 10 days ago

Last modified 3 days ago

#22277 new defect

Bad address error on Linux write syscall on RHEL 9.4

Reported by: scampbell Owned by:
Component: shared folders Version: VirtualBox-7.1.4
Keywords: Cc:
Guest type: Linux Host type: Windows

Description

I have a shared folder (shared from Windows 11 host to RHEL 9.4 guest) that is mounted as filesystem type vboxsf: 

VM_Share on /mnt/vm_share type vboxsf (rw,nodev,relatime,iocharset=utf8,uid=0,gid=1000,dmode=0770,fmode=0770,tag=VBoxAutomounter)

While attempting to perform Native AOT compilation of a .NET project located on this shared folder from the Linux guest, I started receiving errors when attempting to write the executable to disk. Using strace, I narrowed this down to a write() syscall that is larger than a certain size. I wrote a test program in C to eliminate anything other than this syscall. 

#include <stdio.h>
#include <errno.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>

#define ONE_MB_BYTES 1048576

int do_write(char * filename, int num_bytes) {
	printf("Going to test %s\n", filename);

	int fd = open(filename, O_CREAT | O_WRONLY );
	if (fd == -1) {
		printf("\tCould not create/open file: errno %d - %s\n", errno, strerror(errno));
		return 1;
	}
	char *buffer = (char *)malloc(num_bytes);
	if(buffer == NULL) {
		printf("\tCould not malloc buffer sz: %d\n", num_bytes);
		return 4;
	}
	memset(buffer, 'A', num_bytes);
	buffer[num_bytes-1] = '\0';
	size_t written_bytes = write(fd, buffer, num_bytes);
	free(buffer);

	if (written_bytes == -1) {
		printf("\tError writing text: errno %d - %s\n", errno, strerror(errno));
		if(close(fd) == -1) {
			printf("\tError closing file: errno %d - %s\n", errno, strerror(errno));
		}
		return 2;
	}
	else if (written_bytes < num_bytes) {
		printf("\tWarning: Only %d of %d bytes written.\n", written_bytes, num_bytes);
	}

	if(close(fd) == -1) {
		printf("\tError closing file: errno %d - %s\n", errno, strerror(errno));
		return 3;
	}
	printf("\tTEST %s PASSED\n", filename);
	return 0;
}

int main(int argc, char ** argv) {
	do_write("test_1mb.txt", 1*ONE_MB_BYTES);
	do_write("test_2mb.txt", 2*ONE_MB_BYTES);
	do_write("test_4mb.txt", 4*ONE_MB_BYTES);
	do_write("test_5mb.txt", 5*ONE_MB_BYTES);
	do_write("test_6mb.txt", 6*ONE_MB_BYTES);
	do_write("test_7mb.txt", 7*ONE_MB_BYTES);
	do_write("test_8mb.txt", 8*ONE_MB_BYTES);
	do_write("test_16mb.txt", 16*ONE_MB_BYTES);
	do_write("test_32mb.txt", 32*ONE_MB_BYTES);
	do_write("test_64mb.txt", 64*ONE_MB_BYTES);
	return 0;
}

With this test program, the writes of size 8 MB and larger fail: 

Going to test test_1mb.txt
	TEST test_1mb.txt PASSED
Going to test test_2mb.txt
	TEST test_2mb.txt PASSED
Going to test test_4mb.txt
	TEST test_4mb.txt PASSED
Going to test test_5mb.txt
	TEST test_5mb.txt PASSED
Going to test test_6mb.txt
	TEST test_6mb.txt PASSED
Going to test test_7mb.txt
	TEST test_7mb.txt PASSED
Going to test test_8mb.txt
	Error writing text: errno 14 - Bad address
Going to test test_16mb.txt
	Error writing text: errno 14 - Bad address
Going to test test_32mb.txt
	Error writing text: errno 14 - Bad address
Going to test test_64mb.txt
	Error writing text: errno 14 - Bad address

Relevant strace output: 

write(1, "Going to test test_8mb.txt\n", 27Going to test test_8mb.txt
) = 27
openat(AT_FDCWD, "test_8mb.txt", O_WRONLY|O_CREAT, 000) = 3
mmap(NULL, 8392704, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb7ee1ff000
write(3, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"..., 8388608) = -1 EFAULT (Bad address)
munmap(0x7fb7ee1ff000, 8392704)         = 0
write(1, "\tError writing text: errno 14 - "..., 44	Error writing text: errno 14 - Bad address
) = 44
close(3)

I found ticket #22165, which appears very similar, so I attempted similar troubleshooting steps.

  • This only occurs on vboxsf shared folders. A pure Linux xfs file system on the Linux guest did not reproduce this.
  • Smaller writes do not exhibit this issue, only above a certain size (see output from test program above)
  • This does not reproduce with RHEL 9.2 or RHEL 9.3. All writes from 1 to 64 MB execute successfully on those kernels. (RHEL 9.2 kernel is 5.14.0-284.11.1.el9_2.x86_64. RHEL 9.3 kernel is 5.14.0-362.8.1.el9_3.x86_64. RHEL 9.4 kernel is 5.14.0-427.13.1.el9_4.x86_64)
  • This was also reproduceable with VirtualBox 6.1.50 and Guest Additions 6.1.50 with RHEL 9.4.

Change History (2)

comment:1 by galitsyn, 4 days ago

Hi scampbell,

Please attach VBox.log. I gave it a quick try with few Linux guests and do not see the issue on Linux host when running attached POC. I will give it a try with Windows host later on, but maybe VBox.log can shed more light already now.

UPD: Managed to reproduce w/ CentOS Stream 9 (5.14.0-547.el9.x86_64) guest on Linux host as well.

Last edited 4 days ago by galitsyn (previous) (diff)

comment:2 by scampbell, 3 days ago

Hi galitsyn,

Please let me know if you would still like the VBox.log since you were able to reproduce. Thanks.

Note: See TracTickets for help on using tickets.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette