[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MiNT] XaAES regression in launch()

To: mint@lists.fishpool.fi
Subject: Re: [MiNT] XaAES regression in launch()
From: Vincent Rivière <vincent.riviere@freesbee.fr>
Date: Wed, 21 Nov 2012 02:02:30 +0100
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=0MautUUNKbAP8b+2vcD34UspAw6E4vBUhBLUX9p3LWU=; b=l8KQhLUUKrBzxq+fja77yMSGjNk7o4uE2i4EzP8/xvSUv+w2ut0VHRMEzShjrMOuH6 QbIl8DIagM9cZgcAYqV6tjoLEIE/fbUOfN3514nJEPOEV6n4NmvXgnDkBqENWestSTDU e1rWVrMgE9NHcDFoEYoJpHm9tTtyxDAIlKZSu5yE2tvhBb2KAVukBoPMp9iMlJ+DQCQ4 roZ8QwlFcwQ9h2OzxlpUIuNANib4RQDHWquDgX7lRS9JjS2aE+EJgujmFOOurFrvRDwZ oPKIIMlT8rbXn+dIbs2r4Vp6HpvwrLxRQh/WrQdKztr18Hk67JVB5s3aDIK/Pn9ecoS3 XWVQ==
In-reply-to: <op.wn3hrm1vofd6j1@nebbiolo>
List-help: <mailto:ecartis@lists.fishpool.fi?Subject=help>
List-id: <mint.lists.fishpool.fi>
List-owner: <mailto:tjhukkan@fishpool.fi>
List-post: <mailto:mint@lists.fishpool.fi>
List-subscribe: <mailto:mint-request@lists.fishpool.fi?Subject=subscribe>
List-unsubscribe: <mailto:mint-request@lists.fishpool.fi?Subject=unsubscribe>
References: <50A94E7D.8000005@freesbee.fr> <op.wnzpumxfofd6j1@nebbiolo> <op.wnzp93pnofd6j1@nebbiolo> <50AA0232.6060305@freesbee.fr> <50AA9486.50002@freesbee.fr> <op.wn1goyqzofd6j1@nebbiolo> <50AAAA3B.9020508@freesbee.fr> <50AABC07.9080005@freesbee.fr> <50AC0892.80907@freesbee.fr> <op.wn3hrm1vofd6j1@nebbiolo>
Sender: mint-bounce@lists.fishpool.fi
User-agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/17.0 Thunderbird/17.0

On 21/11/2012 00:20, Helmut Karlowski wrote:

Is teradesk run by xaaes.cnf (shell=)?


Yes.
But I use GEM=ROM, then I double-click xaloader.prg from the desktop.
I always do that, I think that should not matter.

First I would write a DBG at the beginning and return of draw_nesticon to
verify it is really not called directly.


I mistaken, it does not crash there.
Actually it crashes in the kernel, in sys/proc.c.
It seems to crash in sleep(), or more precisely in swap_in_curproc():

	save = m->save;
	for (shdw = m->shadow; shdw->save; shdw = shdw->shadow)
		assert (shdw != m);

Somewhere inside this, it crashes when accessing shdw->save because shdw isactually 'XBRA', which is totally bogus.

Do you say that the wrong RTE succeeds 2 times before it crashes?

No, I put an breakpoint on the crash location above, then swap_in_curproc()succeds 2 times before it crashes.

By looking at that swap_in_curproc() code, it is related to that MEMREGIONstuff, it this looks consistent with the other bug I experienced yesterday(kfree() complaining).

It's not necessarily caused by teradesk, disable everything (enable
memory-protection ;-))


I could disable TosWin2, which is not used in this scenarion.
About memory protection, it is still not supported on ColdFire.

What is around that XBRA-pointer?

It is not a pointer, I just see the 'XBRA' value inside a0, then it isaccessed with 16(a0). This is what causes the Bus Error.

Maybe it's a simple stack-overflow.


Maybe.

What about the kfree from your previous finding?

Some days kfree() complains, some other days I get a Bus Error instead.There is something random.

Today is Bus Error day, kfree() does not complain.

And once again this leads us to ARGV stuff, which seems to be tightly
related to that make_argv() function in XaAES...


I guess you're close ;-)


I've been fooled again >:o

That "=VGRA" presence just indicates that the program crashes on theTeraDesk user stack, no more.

but also sr which has the bogus value of 0x0000.

Fooled again, it seems that FreeMiNT starts users process with sr = 0x0000,so there is nothing wrong (to be verified). I suspect the FireBee to have noHBL, in that case sr may never change to 0x0300 (also to be verified).



So, next plans.

I have no idea about what that swap_in_curproc() is about. I will put debugtraces there, to try to see what is going wrong, and where that damn XBRAcould come from.

A memory overwrite somewhere (or stack overflow) is still the most probablecause of this trouble.


--
Vincent Rivière

Follow-Ups:
- Re: [MiNT] XaAES regression in launch()
  - From: Eero Tamminen <oak@helsinkinet.fi>

References:
- [MiNT] XaAES regression in launch()
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] XaAES regression in launch()
  - From: "Helmut Karlowski" <helmut.karlowski@ish.de>
- Re: [MiNT] XaAES regression in launch()
  - From: "Helmut Karlowski" <helmut.karlowski@ish.de>
- Re: [MiNT] XaAES regression in launch()
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] XaAES regression in launch()
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] XaAES regression in launch()
  - From: "Helmut Karlowski" <helmut.karlowski@ish.de>
- Re: [MiNT] XaAES regression in launch()
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] XaAES regression in launch()
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] XaAES regression in launch()
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] XaAES regression in launch()
  - From: "Helmut Karlowski" <helmut.karlowski@ish.de>

Prev by Date: Re: [MiNT] XaAES language detection via appl_getinfo()
Next by Date: Re: [MiNT] XaAES regression in launch()
Previous by thread: Re: [MiNT] XaAES regression in launch()
Next by thread: Re: [MiNT] XaAES regression in launch()
Index(es):
- Date
- Thread