Crash in different places (using memguard 1.15)

A forum for general AmigaOS 4.x support questions that are not platform-specific
User avatar
Raziel
Posts: 1170
Joined: Sat Jun 18, 2011 4:00 pm
Location: a dying planet

Crash in different places (using memguard 1.15)

Post by Raziel »

memguard 1.15
AmigaOS4 FE Update 1
AmigaOne X1000

Hi there,

while i know it might as well be the fault or crash coming from memguard in this case, i tend to believe it's not, especially because of another crash that shows similar behaviour, but one step after the other

Be aware that your system *WILL* freeze to the point where you have to do a cold reboot

Steps to reproduce:

1) Start Memguard (1.15) - easy as that, just start it, use run if you like, but it's not essential
2) Find a free space on Workbench and click on the right mouse button to bring up ContextMenus

Instant *FREEZE* of input.device - no ContextMenus come up, no grimreaper coming up, but i was able to catch a partial serial debug (partial because after the last line everything coming from grimreaper was frozen aswell, funny enough catweasel was still sending it's "GRONKs") - see below

So, as i said above i'm not convinced that the crash comes from memguard, especially because there is ABADCAFE in register 8, which (as i learned from other bug reports) means an illegal mem access.
And, as we already have an illegal mem access in another bug updated just the other day dealing with ContextMenus, i'm convinced that memguard reveals the illegal memory access described there (bug item #9797 - illegal memory access from ContextMenus)

Maybe it's not Context Menus but input device, maybe the combination of both

Code: Select all

MemGuard 1.15 (2.1.2009) installed.
Dump of context at 0xDFFEF000
Trap type: DSI exception
Machine State (raw): 0x100000000200F030
Machine State (verbose): [Hyper] [ExtInt on] [User] [FPU on] [IAT on] [DAT on]
Instruction pointer: in module kernel+0x0001A638 (0x0201A638)
Crashed task: input.device (0x6FF3FA20)
DSI verbose error description: Access not found in hash or BAT (page fault)
Access was a store operation
 0: 02038DC0 6FE917D0 5441A00E 5B1F9B80 5B1F9FDC 00000000 000001D0 02973054
 8: 00000000 ABADCAFE ABADCAFE 00000004 33835595 CC8DAECE 000186A0 6FF635D6
16: 6FF635C8 6FF636BA 6FF636AC 00000000 000001D0 02950000 02950000 02806338
24: 02950000 DFFFEB94 02950000 5B1F9FDC 00000000 5B1F9FD0 02973054 DFFFEB50
CR: 93833995   XER: C000004A  CTR: 0201A614  LR: 02030874
DSISR: 42000000  DAR: ABADCB02

FP0 : FFF8000082004000 400199999999999A F5F5F5F5F5F5F5F5 0000000000000000
FP4 : FFFFFFFFFFFFFFFF 0000000000000000 0000000000000000 41E0000000000000
FP8 : 4060000000000000 433000000000001B 4040800000000000 4330000080000000
FP12: 4070000000000000 4330000080000A00 0000000000000000 0000000000000000
FP16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP20: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP24: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP28: 0000000000000000 0000000000000000 0000000000000000 8000000000000000
FPSCR: 82004000
HID0: 0x8000000000000000  HID1: 0x000000005CE993B1
HID4: 0x4400240000080180  HID5: 0x0000006600000080

V0 : 00000000000000000000000000000000 FF999999FF999999FF999999FF999999
V2 : 01010101FFDBDBDBFFDBDBDBFFDBDBDB 00000000000000000000000000000000
V4 : DA25DA25DA25DA25DA25DA25DA25DA25 FE01DA25FE01DA25FE01DA25FE01DA25
V6 : 00000000010101010202020203030303 FF000000FF000000FF000000FF000000
V8 : 001002120414061608180A1A0C1C0E1E FFDBDBDBFFDBDBDBFFDBDBDBFFDBDBDB
V10: 01000100010001000100010001000100 FF999999FF999999FF999999FF999999
V12: FF999999FF999999FF999999FF999999 FF999999FF999999FF999999FF999999
V14: FFDBDBDBFFDBDBDBFFDBDBDBFFDBDBDB FE01DA25FE01DA25FE01DA25FE01DA25
V16: DB25DB25DB25DB25DB25DB25DB25DB25 00000000000000000000000000000000
V18: FF01DB25FF01DB25FF01DB25FF01DB25 DA25DA25DA25DA25DA25DA25DA25DA25
V20: 00000000000000000000000000000000 00000000000000000000000000000000
V22: 00000000000000000000000000000000 00000000000000000000000000000000
V24: 00000000000000000000000000000000 00000000000000000000000000000000
V26: 00000000000000000000000000000000 00000000000000000000000000000000
V28: 00000000000000000000000000000000 00000000000000000000000000000000
V30: 00000000000000000000000000000000 00000000000000000000000000000000
VSCR: 00000000 VRSAVE: 00000000

Disassembly of crash site:
 0201A628: 7D234B78   mr                r3,r9
 0201A62C: 91440000   stw               r10,0(r4)
 0201A630: 81490000   lwz               r10,0(r9)
 0201A634: 81290004   lwz               r9,4(r9)
>0201A638: 912A0004   stw               r9,4(r10)
 0201A63C: 4E800020   blr
 0201A640: 38600000   li                r3,0
 0201A644: 4E800020   blr
 0201A648: 81230000   lwz               r9,0(r3)
 0201A64C: 81430004   lwz               r10,4(r3)

Kernel command line: SERIAL MUNGE DEBUGLEVEL=1

Registers pointing to code:
Last edited by Raziel on Tue Jan 03, 2017 4:50 pm, edited 1 time in total.
People are dying.
Entire ecosystems are collapsing.
We are in the beginning of a mass extinction.
And all you can talk about is money and fairytales of eternal economic growth.
How dare you!
– Greta Thunberg
User avatar
tonyw
AmigaOS Core Developer
AmigaOS Core Developer
Posts: 1479
Joined: Wed Mar 09, 2011 1:36 pm
Location: Sydney, Australia

Re: Crash in input.device (using memguard 1.15)

Post by tonyw »

The reason it is input.device that crashes is usually because input.device handles all user input - keyboard strokes, mouse clicks, etc. So whatever bad thing is happening, if it happens when the user does something, it shows up as input.device. If it (the bad thing) happens later, in the application that received the input, then that application will be the one that crashes.

I think your interpretation of the bad memory access is highly likely.
cheers
tony
User avatar
broadblues
AmigaOS Core Developer
AmigaOS Core Developer
Posts: 600
Joined: Sat Jun 18, 2011 2:40 am
Location: Portsmouth, UK
Contact:

Re: Crash in input.device (using memguard 1.15)

Post by broadblues »

Running Memguard (and I also have MUNGE on my command line) doesn't create a crash here when using RMB on the workbench.

BTW ABADCAFE means memeory that hasn't been initialsed.

DEADBEEF is meoery that has been accessed after it's been Freed()

If you can reproduce this repeatedly you should look at the serial output from Memguard to see what program allocated that memory.
User avatar
Raziel
Posts: 1170
Joined: Sat Jun 18, 2011 4:00 pm
Location: a dying planet

Re: Crash in input.device (using memguard 1.15)

Post by Raziel »

broadblues wrote:Running Memguard (and I also have MUNGE on my command line) doesn't create a crash here when using RMB on the workbench.

BTW ABADCAFE means memeory that hasn't been initialsed.

DEADBEEF is meoery that has been accessed after it's been Freed()

If you can reproduce this repeatedly you should look at the serial output from Memguard to see what program allocated that memory.
Ah, thanks, learned something new today :-)

But..now i have a problem, having Memguard run i cannot take two steps without some random system or third party program freezing.
I got freezes in Workbench (by simply double-clicking on Ram: or a partition icon), freezes in smbfs, freezes in NewShell (opening a new tab)

I can't get Memguard to produce any output as it freezes too fast, but i could provide the other crashlogs, maybe in a new thread?

All of them have ABADCAFE in register 8 and i even have two Workbench freezes which are COMPLETELY the same

EDIT:

1) Is Memguard output sent over serial?
2) Do i need to set some special commandline options?
3) Is having "MUNGE" in the debug options in CFE set contraproductive having memguard munges the memory aswell?
4) Just tried with WBStartup list empty - same freezes, but the Workbench log changed it's adresses
Last edited by Raziel on Tue Jan 03, 2017 2:17 pm, edited 1 time in total.
People are dying.
Entire ecosystems are collapsing.
We are in the beginning of a mass extinction.
And all you can talk about is money and fairytales of eternal economic growth.
How dare you!
– Greta Thunberg
User avatar
broadblues
AmigaOS Core Developer
AmigaOS Core Developer
Posts: 600
Joined: Sat Jun 18, 2011 2:40 am
Location: Portsmouth, UK
Contact:

Re: Crash in input.device (using memguard 1.15)

Post by broadblues »

MemGuard output is sent on serial yes. You can use Sashimi but if you get screen lockups that might not show what you need.

Random crashlogs aren't to helpful without good steps to reproduce, sounds like you might have some commodity that's playing up. Perhaps test with them disabled in WBStartup and reenable them 1 by 1 till you get the one that's acting up.

Having MUNGE and well as Meguard makes no odds (fractionally less efficient I suppose but not anything you'd actually notice).
User avatar
Raziel
Posts: 1170
Joined: Sat Jun 18, 2011 4:00 pm
Location: a dying planet

Re: Crash in input.device (using memguard 1.15)

Post by Raziel »

broadblues wrote:MemGuard output is sent on serial yes.

Random crashlogs aren't to helpful without good steps to reproduce, sounds like you might have some commodity that's playing up. Perhaps test with them disabled in WBStartup and reenable them 1 by 1 till you get the one that's acting up.

Having MUNGE and well as Meguard makes no odds (fractionally less efficient I suppose but not anything you'd actually notice).
Ok, then, i have one dead easy freeze

1) Open a shell
2) Start Memguard (with no options)
3) Double-click on the RAM: icon

Instant freeze on the first click, no ram: window opens, i believe not even the second click is counted

First one with WBStartup items

Code: Select all

MemGuard 1.15 (2.1.2009) installed.
Dump of context at 0xDFC677C0
Trap type: DSI exception
Machine State (raw): 0x100000000200B030
Machine State (verbose): [Hyper] [ExtInt on] [Super] [FPU on] [IAT on] [DAT on]
Instruction pointer: in module kernel+0x0001A638 (0x0201A638)
Crashed process: Workbench (0x6021A330)
DSI verbose error description: Access not found in hash or BAT (page fault)
Access was a store operation
 0: 02038DC0 60B1DD70 ABADCAFE 503F8DF0 503F8FDC 00000000 00000140 60B1E0C8
 8: 00000000 503F8FDC A9ABADAF 7F78DB54 33933993 ABADCAFE 00000000 80020001
16: 80020021 80020028 60B04610 00000000 00000130 02950000 02950000 02806338
24: 02950000 DFFF3B84 02950000 503F8FDC 00000000 503F8FD0 02973054 DFFF3B40
CR: 93933995   XER: 8000007E  CTR: 0201A614  LR: 02030874
DSISR: 42000000  DAR: A9ABADB3

FP0 : FFF8000082000000 FF171D1BFF171D1B FF1C271AFF1C2719 FF3E4C32FF445236
FP4 : FF1C2719FF1C2719 FF1B2618FF1B2618 FF1B2618FF1B2618 4050000000000000
FP8 : 4050000000000000 3FF0000000000000 4050000000000000 4050000000000000
FP12: 4070000000000000 4330000000000100 0000000000000000 0000000000000000
FP16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP20: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP24: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP28: 0000000000000000 0000000000000000 0000000000000000 8000000000000000
FPSCR: 82000000
HID0: 0x8000000000000000  HID1: 0x000000005CE993B1
HID4: 0x4400240000080180  HID5: 0x0000006600000080

V0 : 00000000000000000000000000000000 00000000000000000000000000000000
V2 : 00192416FFCFCFCFFFCFCFCFFFCFCFCF 00000000000000000000000000000000
V4 : 00000000010101010202020203030303 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
V6 : 101112131415161718191A1B1C1D1E1F FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
V8 : 001002120414061608180A1A0C1C0E1E FFCFCFCFFFCFCFCFFFCFCFCFFFCFCFCF
V10: 01000100010001000100010001000100 CE31CE31CE31CE31CE31CE31CE31CE31
V12: CE31CE31CE31CE31CE31CE31CE31CE31 00000000000000000000000000000000
V14: 00000000000000000000000000000000 FE01CE31FE01CE31FE01CE31FE01CE31
V16: CF31CF31CF31CF31CF31CF31CF31CF31 00000000000000000000000000000000
V18: 00000000000000000000000000000000 FE01CE31FE01CE31FE01CE31FE01CE31
V20: 00000000000000000000000000000000 00000000000000000000000000000000
V22: 00000000000000000000000000000000 00000000000000000000000000000000
V24: 00000000000000000000000000000000 00000000000000000000000000000000
V26: 00000000000000000000000000000000 00000000000000000000000000000000
V28: 00000000000000000000000000000000 00000000000000000000000000000000
V30: 00000000000000000000000000000000 00000000000000000000000000000000
VSCR: 00000000 VRSAVE: 00000000

Disassembly of crash site:
 0201A628: 7D234B78   mr                r3,r9
 0201A62C: 91440000   stw               r10,0(r4)
 0201A630: 81490000   lwz               r10,0(r9)
 0201A634: 81290004   lwz               r9,4(r9)
>0201A638: 912A0004   stw               r9,4(r10)
 0201A63C: 4E800020   blr
 0201A640: 38600000   li                r3,0
 0201A644: 4E800020   blr
 0201A648: 81230000   lwz               r9,0(r3)
 0201A64C: 81430004   lwz               r10,4(r3)

Kernel command line: SERIAL MUNGE DEBUGLEVEL=1

Registers pointing to code:
Second one without WBStartup

Code: Select all

MemGuard 1.15 (2.1.2009) installed.
Dump of context at 0xDFC633E0
Trap type: DSI exception
Machine State (raw): 0x100000000200B030
Machine State (verbose): [Hyper] [ExtInt on] [Super] [FPU on] [IAT on] [DAT on]
Instruction pointer: in module kernel+0x0001A638 (0x0201A638)
Crashed process: Workbench (0x60ADB630)
DSI verbose error description: Access not found in hash or BAT (page fault)
Access was a store operation
 0: 02038DC0 60A8ED90 ABADCAFE 600CB960 600CBFDC 00000000 00000180 60A8F0E8
 8: 00000000 600CBFDC C1C3C5C7 7FAD6B54 26824882 ABADCAFE 611CCB96 80020001
16: 80020021 80020028 61212E90 00000000 00000160 02950000 02950000 02806338
24: 02950000 DFFFADC4 02950000 600CBFDC 00000000 600CBFD0 02973054 DFFFAD80
CR: 86822884   XER: 40000000  CTR: 0201A614  LR: 02030874
DSISR: 42000000  DAR: C1C3C5CB

FP0 : FFF8000082004000 FFEDE9E4FFF2EFEC FF1F231AFF1E2118 FFEDE9E5FFECE9E4
FP4 : FF242B23FF232A21 FF232322FF232323 FF232324FF232324 4050000000000000
FP8 : 4050000000000000 3FF0000000000000 3FF0000000000000 3FDB9B9BA0000000
FP12: 3FDBDBDBE0000000 4330000080000010 0000000000000000 0000000000000000
FP16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP20: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP24: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FP28: 0000000000000000 0000000000000000 0000000000000000 8000000000000000
FPSCR: 82004000
HID0: 0x8000000000000000  HID1: 0x000000005CE993B1
HID4: 0x4400240000080180  HID5: 0x0000006600000080

V0 : 00000000000000000000000000000000 FF242B23FF232A21FF21281FFF20271D
V2 : FF1E2118FFC7C9BBFFC8C9BBFFC9CABC 00000000000000000000000000000000
V4 : 00000000010101010202020203030303 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
V6 : 101112131415161718191A1B1C1D1E1F FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
V8 : 001002120414061608180A1A0C1C0E1E FFCECFC1FFCFCFC1FFCFCFC1FFCFCFC1
V10: 01000100010001000100010001000100 CD32C03FCE31C03FCE31C03FCE31C03F
V12: CD32C03FCE31C03FCE31C03FCE31C03F 0C0D0E0F101112131415161718191A1B
V14: 00000000000000000000000000000000 FE01CE31FE01CE31FE01CE31FE01CE31
V16: CE32C13FCF31C13FCF31C13FCF31C13F 00000000000000000000000000000000
V18: 00000000000000000000000000000000 FE01CA35FE01CC33FE01CD32FE01CD32
V20: 00000000000000000000000000000000 00000000000000000000000000000000
V22: 00000000000000000000000000000000 00000000000000000000000000000000
V24: 00000000000000000000000000000000 00000000000000000000000000000000
V26: 00000000000000000000000000000000 00000000000000000000000000000000
V28: 00000000000000000000000000000000 00000000000000000000000000000000
V30: 00000000000000000000000000000000 00000000000000000000000000000000
VSCR: 00000000 VRSAVE: 00000000

Disassembly of crash site:
 0201A628: 7D234B78   mr                r3,r9
 0201A62C: 91440000   stw               r10,0(r4)
 0201A630: 81490000   lwz               r10,0(r9)
 0201A634: 81290004   lwz               r9,4(r9)
>0201A638: 912A0004   stw               r9,4(r10)
 0201A63C: 4E800020   blr
 0201A640: 38600000   li                r3,0
 0201A644: 4E800020   blr
 0201A648: 81230000   lwz               r9,0(r3)
 0201A64C: 81430004   lwz               r10,4(r3)

Kernel command line: SERIAL MUNGE DEBUGLEVEL=1

Registers pointing to code:
Dump of context at 0xDFFE9BA0
Trap type: DSI exception
Machine State (raw): 0x1000000000009030
Machine State (verbose): [Hyper] [ExtInt on] [Super] [IAT on] [DAT on]
Instruction pointer: in module ohci.usbhcd+0x00001D04 (0x025F6F44)
Crashed task: OHCI Controller Task Unit 4 (0x6FEF1730)
DSI verbose error description: Access not found in hash or BAT (page fault)
Access was a load operation
 0: 025FFAE4 6FD60F10 3369BB33 6FDA5350 6FF3C8C0 00000000 00000001 6FF8C180
 8: 6FCC20F0 00000054 DEADBEEF 0204A784 0000079C 33333B3B 04008000 10000000
16: 80000000 00000000 6FF3C8C0 00000000 6FDA6D80 08000000 00000001 02B40000
24: 00000000 6FDA5404 00000001 00000001 6FCC20F0 6FD6441C 6FDA5350 00000001
CR: 42B24422   XER: 20000023  CTR: 00000000  LR: 025FFB20
DSISR: 40000000  DAR: DEADBF43
HID0: 0x8000000000000000  HID1: 0x000000005CE993B1
HID4: 0x4400240000080180  HID5: 0x0000006600000080

Disassembly of crash site:
 025F6F34: 81440008   lwz               r10,8(r4)
 025F6F38: 2F890000   cmpwi             cr7,r9,0
 025F6F3C: 39250015   addi              r9,r5,21
 025F6F40: 5529103A   rlwinm            r9,r9,2,0,29
>025F6F44: 7D29502E   lwzx              r9,r9,r10
 025F6F48: 409E0014   bne-              cr7,0x25F6F5C
 025F6F4C: 5528403E   rlwinm            r8,r9,8,0,31
 025F6F50: 5128C00E   rlwimi            r8,r9,24,0,7
 025F6F54: 5128C42E   rlwimi            r8,r9,24,16,23
 025F6F58: 7D094378   mr                r9,r8
I am not on a beta system, so please take that into account
People are dying.
Entire ecosystems are collapsing.
We are in the beginning of a mass extinction.
And all you can talk about is money and fairytales of eternal economic growth.
How dare you!
– Greta Thunberg
User avatar
broadblues
AmigaOS Core Developer
AmigaOS Core Developer
Posts: 600
Joined: Sat Jun 18, 2011 2:40 am
Location: Portsmouth, UK
Contact:

Re: Crash in input.device (using memguard 1.15)

Post by broadblues »

I can reproduce that on my FE Update 1 install.

Not on my latest beta which is interesting.
zzd10h
Posts: 546
Joined: Sun Sep 16, 2012 5:40 am
Location: France

Re: Crash in input.device (using memguard 1.15)

Post by zzd10h »

@Raziel

When will you be enrolled as a betatester ?
It should be useful next time that you do all these crashtests before OS4 public release? :D
http://apps.amistore.net/zTools
X1000 - AmigaOS 4.1.6 / 4.1 FE
User avatar
Raziel
Posts: 1170
Joined: Sat Jun 18, 2011 4:00 pm
Location: a dying planet

Re: Crash in input.device (using memguard 1.15)

Post by Raziel »

zzd10h wrote:@Raziel

When will you be enrolled as a betatester ?
It should be useful next time that you do all these crashtests before OS4 public release? :D
Only if i get direct access to you for cross checking :-P
People are dying.
Entire ecosystems are collapsing.
We are in the beginning of a mass extinction.
And all you can talk about is money and fairytales of eternal economic growth.
How dare you!
– Greta Thunberg
User avatar
Raziel
Posts: 1170
Joined: Sat Jun 18, 2011 4:00 pm
Location: a dying planet

Re: Crash in input.device (using memguard 1.15)

Post by Raziel »

broadblues wrote:I can reproduce that on my FE Update 1 install.

Not on my latest beta which is interesting.
Ah, nice to see it's not me not being able to use AmigaOS4 :-D

Now it would be interesting if this Workbench crash is causing all the other crashes or if e.g. the NewShell crash i encountered is a unique one...should i post that one aswell for you to double-check?
People are dying.
Entire ecosystems are collapsing.
We are in the beginning of a mass extinction.
And all you can talk about is money and fairytales of eternal economic growth.
How dare you!
– Greta Thunberg
Post Reply