Menu
▾
▴
Re: [Freemint-discuss] XaAES often crashes during boot after a reboot
|
From: Jo E. S. <jo...@on...> - 2025-08-24 20:08:21
|
This is great news :) I can finally set the fastboot-flag on mint.prg again :D Have updated to the latest build on my Falcon, will test on the Milan later ("later" as in "maybe this year").
Jo Even
On Sat, 23 Aug 2025 01:07:22 +0200, "Miro Kropáček" <mir...@gm...> wrote:
>> This took some time to track down but it should be fixed now:
>> https://github.com/freemint/freemint/commit/a7befbe369f4560020a0fd884bd53c6acf545fd2
>> .
>>
>> Introduced after FreeMiNT 1.18 release and worked totally by chance even
>> with clear memory (route_get() got 0x00000000 there which was interpreted
>> as any IP address while 0x55555555 made it crash sooner or later).
>>
>> Interestingly, after this fix I see following lines in the log:
>>
>> pid 5 (aesthred): if_send(lo): >= HWTYPE_NONE
>> pid 5 (aesthred): route_get: daddr = 0xC0A80002
>> pid 5 (aesthred): route_get: try: mask=0xFFFFFFFF daddr=0xC0A80002
>> net=0xC0A80002
>> *pid 5 (aesthred): igmp_input: bad checksum from 0xC0A80002 8 0xC0A80002*
>>
>> Not sure how or why, it could be some bug in Alan's IGMP implementation.
>> Seems harmless (as it's related to the localhost routing) but perhaps
>> should be investigated at some point.
>>
>> Btw the reason why the crashes happened at various places (gluestik, bash,
>> xaaes, ...) is that this code was executed from FreeMiNT's timer
>> (scheduler), i.e. within an interrupt. Basically igmp_tmr -> igmp_timeout
>> -> igmp_send -> ip_send. Also, sometimes the kernel was able to recover
>> from the first (and following) crashes and let the system boot as far as
>> the desktop.
>>
>> On Wed, 20 Aug 2025 at 00:29, Miro Kropáček wrote:
>>
>> > A bit of progress on this one. I have noticed that the crash occurs just
>> > after allocating 32 KiB of (kernel) memory and that happens only at one
>> > place:
>> > https://github.com/freemint/freemint/blob/244fa78f65e823ce540ee70b42e994d60d2fed42/sys/sockets/buf.c#L69C17-L69C31.
>> > And indeed, when adding
>> >
>> > memset(new, 0, BUF_BLOCK_SIZE);
>> >
>> > just after the kmalloc(), the crashes are gone (still with Jo Even's
>> > memset.prg).
>> >
>> > However, it's not so simple. When replacing the memset with:
>> >
>> > new->dstart = NULL;
>> > new->dend = NULL;
>> > new->next = NULL;
>> > new->prev = NULL;
>> > new->link3 = NULL;
>> > new->info = 0;
>> >
>> > i.e. basically zeroing out all other elements in
>> > https://github.com/freemint/freemint/blob/master/sys/sockets/buf.h#L17,
>> > the crash still occurs. So the uninitialised content is actually inside
>> > "data", used by buf_alloc, buf_reserve and buf_clone, basically just
>> > forwarding the problem one layer higher.
>> >
>> > So further investigation is still needed.
>> >
>>
>>
>> --
>> http://mikro.atari.org >> _______________________________________________
>> Freemint-discuss mailing list
>> Fre...@li...
>> https://lists.sourceforge.net/lists/listinfo/freemint-discuss
|
