Discussion:
Bug reports regarding Innotek VirtualBox
Theo de Raadt
2008-03-07 21:35:58 UTC
Permalink
A few of us just spent some time again debugging an application level
problem ... and once again realized that the application was running
on OpenBSD inside the Innobox's VirtualBox VM.

Argh.

http://www.virtualbox.org/ticket/639

Sun owns InnoTek now because I think they wanted a VM product, but
the product is badly broken.

When that VM is running, we end up with bugs that make it quite
clear that cpu registers are being corrupted in some instances.

We don't know how other operating system products continue running
when the userland ecx register gets clobbered on a return from a page
fault, but at least people should be aware that there is likely some
security risk from running that product.

That VM does not emulate the x86 correctly, (either).
Sevan / Venture37
2008-03-07 22:00:29 UTC
Permalink
It seems f**ked no matter which platform you run on either side (guest or
host) on mac the kernel driver causes system panics & guests run dog slow.
They recently asked people from the FreeBSD community to contribute to make
the product run better on FreeBSD, this is the reply from one of the ports
maintainers:
http://lists.freebsd.org/pipermail/freebsd-ports/2008-March/047293.html

Sevan / Venture37
_________________________________________________________________
Get Hotmail on your mobile, text MSN to 63463!
http://mobile.uk.msn.com/pc/mail.aspx
Paul de Weerd
2008-03-07 22:50:07 UTC
Permalink
On Fri, Mar 07, 2008 at 02:35:58PM -0700, Theo de Raadt wrote:
| That VM does not emulate the x86 correctly, (either).

So are you interested in dmesgs from virtual machines ? I always (try
to) indicate that a certain dmesg or report is sent from a virtual
machine (and I really appreciate being able to run some virtual
OpenBSD machines on my company laptop (running OSX) to be able to test
ports and stuff like that), but in general do not send VM dmesgs to
***@.

Should we ?

Cheers,

Paul 'WEiRD' de Weerd
--
++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
Theo de Raadt
2008-03-07 23:01:27 UTC
Permalink
Post by Paul de Weerd
| That VM does not emulate the x86 correctly, (either).
So are you interested in dmesgs from virtual machines ? I always (try
to) indicate that a certain dmesg or report is sent from a virtual
machine (and I really appreciate being able to run some virtual
OpenBSD machines on my company laptop (running OSX) to be able to test
ports and stuff like that), but in general do not send VM dmesgs to
In the last while, approximately one third of x86 (i386/amd64) dmesg's
are from VM's.

This is annoying, because VM's to some extent make the base machines
so much more uniform, so these are not the best test results for us to
see. We've had to make changes to a lot of drivers to cope with the
VM's having bugs.

This massive move towards VM use is a worrying trend and I am scared
of the side effects we will face from so many people (essentially)
choosing to run 3 operating systems instead of 1 ... and doing this
when their guest choice is 'OpenBSD for security'. I really wonder
how people arrive at such a position... without logic or technological
understanding, I suppose.

Loading...