Viewing Issue Advanced Details
Jump to Notes ]
barcrest/mpu4crystal.cpp
ID Category [?] Severity [?] Reproducibility Date Submitted Last Update
04420 Crash/Freeze Critical (emulator) Always Jul 11, 2011, 20:39 May 28, 2013, 22:53
Tester Tafoid View Status Public Platform MAME (Self-compiled)
Assigned To Robbbert Resolution Fixed OS
Status [?] Resolved Driver
barcrest/mpu4crystal.cpp
Version 0.143u1 Fixed in Version 0.149 Build Debug
Fixed in Git Commit Github Pull Request #
Summary 04420: crysbios, donghaer, officeye, topbladv: [debug] Crash after OK
Description Backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x01cce5f9 in FlashCmd_r (space=0x1f6df034, offset=0, mem_mask=255)
    at src/mame/drivers/crystal.c:355
355 return ptr[0];


#0 0x01cce5f9 in FlashCmd_r (space=0x1f6df034, offset=0, mem_mask=255)
    at src/mame/drivers/crystal.c:355
#1 0x02586f5b in handler_entry_read::read_stub_legacy (this=0x1fbb14bc, space=..., offset=0, mask=255)
    at src/emu/memory.c:5416
#2 0x02ff3fa8 in delegate_base<unsigned int, address_space&, unsigned int, unsigned int, _noparam>::operator() (this=0x1fbb1594, p1=..., p2=0, p3=255)
    at src/emu/delegate.h:582
#3 0x02fffa48 in handler_entry_read::read32 (this=0x1fbb14bc, space=..., offset=0, mask=255)
    at src/emu/memory.c:594
#4 0x02f83538 in address_space_specific<unsigned int, (endianness_t)0, true>::read_native (this=0x1f6df034, offset=0, mask=255)
    at src/emu/memory.c:1266
#5 0x02f82e6b in address_space_specific<unsigned int, (endianness_t)0, true>::read_direct<unsigned char, true> (this=0x1f6df034, address=83886080, mask=255 ' ')
    at src/emu/memory.c:1362
#6 0x02f843d4 in address_space_specific<unsigned int, (endianness_t)0, true>::read_byte (this=0x1f6df034, address=83886080)
    at src/emu/memory.c:1594
#7 0x02194900 in SE3208_Read8 (se3208_state=0x1e3f1fb4, addr=83886080)
    at src/emu/cpu/se3208/se3208.c:116
#8 0x0219541b in LDBU (se3208_state=0x1e3f1fb4, Opcode=6976)
    at src/emu/cpu/se3208/se3208.c:412
#9 0x0219837f in cpu_execute_se3208 (device=0x27a00c)
    at src/emu/cpu/se3208/se3208.c:1767
#10 0x028f6001 in legacy_cpu_device::execute_run (this=0x27a00c)
    at src/emu/devcpu.c:260
#11 0x02f99d48 in device_execute_interface::run (this=0x27a174)
    at src/emu/diexec.h:209
#12 0x0256a5d5 in device_scheduler::timeslice (this=0x22f2d0)
    at src/emu/schedule.c:487
#13 0x0256e79e in running_machine::run (this=0x22ee48, firstrun=true)
    at src/emu/machine.c:413
#14 0x02629c10 in mame_execute (options=..., osd=...)
    at src/emu/mame.c:176
#15 0x028d9ccb in cli_frontend::execute (this=0x22fe98, argc=4, argv=0x3f49b0)
    at src/emu/clifront.c:249
#16 0x01e56bfd in utf8_main (argc=4, argv=0x3f49b0)
    at src/osd/windows/winmain.c:475
#17 0x02aeb1aa in wmain (argc=4, argv=0x3f4428)
    at src/osd/windows/main.c:82
#18 0x00401422 in __tmainCRTStartup ()
    at ../mingw-w64-crt/crt/crtexe.c:282
#19 0x7c817077 in RegisterWaitForInputIdle ()
    from C:\WINDOWS\system32\kernel32.dll
Steps To Reproduce
Additional Information
Github Commit
Flags Debug build specific
Regression Version 0.142u1
Affected Sets / Systems crysbios, donghaer, officeye, topbladv
Attached Files
  
Relationships
There are no relationship linked to this issue.
Notes
5
User avatar
No.09042
Osso
Moderator
Oct 20, 2012, 11:15
 Can't reproduce it with Linux X64 debug build.
User avatar
No.09044
Tafoid
Administrator
Oct 20, 2012, 12:20
edited on: Oct 20, 2012, 12:23
 Make sure it's a DEBUG=1 build? To be fair, only officeye and topbladv seem to trigger in my most current testing.
User avatar
No.09045
Osso
Moderator
Oct 20, 2012, 13:07
 make -j3 DEBUG=1 SYMBOLS=1
Ubuntu 12.10 X64
all 3 titles don't crash after ok. Perhaps 32 bit only?
User avatar
No.09526
Firewave
Senior Tester
May 22, 2013, 16:06
 I can't reproduce this on Linux and also see no errors with ASAN.
User avatar
No.09566
Robbbert
Senior Tester
May 28, 2013, 13:13
 All 3 titles crashed, because FlashCmd_r was reading beyond the end of region "user1", which must be at least 0x3000000 in length. Fixed at r23217.