Viewing Issue Advanced Details Jump to Notes ] [ View Source: mquake.c ]
ID Category [?] Severity [?] Reproducibility Date Submitted Last Update
04636 Crash/Freeze Critical (emulator) Always 2012-01-24 00:43 2012-02-02 04:14
Tester Tafoid View Status Public Platform MAME (Self-compiled)
Assigned To R. Belmont Resolution Fixed OS Windows XP (32-bit)
Status [?] Resolved   Driver mquake.c
Version 0.144u6 Fixed in Version 0.145 Build Debug
Summary 04636: mquake: [debug] Exception after OK
Description
Exception at EIP=00449479 (es5503_sample_r(address_space*, unsigned int)+0x0061): ACCESS VIOLATION

Steps To Reproduce
Additional Information
Flags Debug build specific
Regression Version 0.143u5
Affected Sets / Systems mquake
Attached Files
 


-  Notes
User avatar (08106)
R. Belmont (Developer)
2012-01-29 20:35

I couldn't get this to happen on a Linux 64-bit DEBUG=1 build from u7. (And the Qchip Test, which is the ES5503, plays correctly).
User avatar (08112)
Tafoid (Administrator)
2012-01-30 21:31
edited on: 2012-01-30 21:33

My 0.144u7, debug+symbols brings out this on crash:
-----------------------------------------------------
Exception at EIP=00449475 (es5503_sample_r(address_space*, unsigned int)+0x0061)
: ACCESS VIOLATION
While attempting to read memory at 289FA000
-----------------------------------------------------
EAX=289FA000 EBX=00000000 ECX=00000006 EDX=0026500C
ESI=00000001 EDI=0272563E EBP=0022E788 ESP=0022E760
-----------------------------------------------------
Stack crawl:
  0022E788: 00449475 (es5503_sample_r(address_space*, unsigned int)+0x0061)
  0022E7B8: 02629CCC (handler_entry_read::read_stub_legacy(address_space&, unsig
ned int, unsigned char)+0x002a)
  0022E7E8: 031A39AF (delegate_base<unsigned char, address_space&, unsigned int,
 unsigned char, _noparam, _noparam>::operator()(address_space&, unsigned int, un
signed char) const+0x0033)
  0022E818: 031AFFAF (handler_entry_read::read8(address_space&, unsigned int, un
signed char) const+0x0033)
  0022E848: 031136B1 (address_space_specific<unsigned char, (endianness_t)0, fal
se>::read_native(unsigned int)+0x00a9)
  0022E868: 03114754 (address_space_specific<unsigned char, (endianness_t)0, fal
se>::read_byte(unsigned int)+0x0018)
  0022E888: 02F69603 (direct_read_data::read_raw_byte(unsigned int, unsigned int
)+0x0057)
  0022E948: 02A86982 (es5503_device::sound_stream_update(sound_stream&, int**, i
nt**, int)+0x026e)
  0022E988: 02725678 (sound_stream::device_stream_update_stub(device_t*, sound_s
tream*, void*, int**, int**, int)+0x003a)
  0022E9D8: 02725F76 (sound_stream::generate_samples(int)+0x011c)
  0022EAB8: 027250B0 (sound_stream::update()+0x0430)
  0022EAD8: 02A86631 (es5503_device::device_timer(emu_timer&, unsigned int, int,
 void*)+0x0017)
  0022EB08: 03169DF0 (device_t::timer_expired(emu_timer&, unsigned int, int, voi
d*)+0x0034)
  0022EB48: 0260CF7C (device_scheduler::execute_timers()+0x013c)
  0022EC88: 0260B989 (device_scheduler::timeslice()+0x008f)
  0022ED88: 026101C6 (running_machine::run(bool)+0x03e4)
  0022F928: 025EECBB (mame_execute(emu_options&, osd_interface&)+0x0290)
  0022FBB8: 029692AD (cli_frontend::execute(int, char**)+0x08b9)
  0022FEC8: 01E9D920 (utf8_main(int, char**)+0x01c4)
  0022FEF8: 02BEB012 (wmain+0x008a)
  0022FFC0: 00401422 (__tmainCRTStartup+0x0292)
  0022FFF0: 7C817077 (RegisterWaitForInputIdle+0x0049)

Backtrace
Program received signal SIGSEGV, Segmentation fault.
0x00449475 in es5503_sample_r (space=0x28757acc, offset=32768)
    at src/mame/drivers/mquake.c:93
93 return rom[offset + (es5503->get_channel_strobe() * 0x10000)];
(gdb) bt
#0 0x00449475 in es5503_sample_r (space=0x28757acc, offset=32768)
    at src/mame/drivers/mquake.c:93
#1 0x02629ccc in handler_entry_read::read_stub_legacy (this=0x2877ff34,
    space=..., offset=32768, mask=255 ' ') at src/emu/memory.c:5433
#2 0x031a39af in delegate_base<unsigned char, address_space&, unsigned int, uns
igned char, _noparam, _noparam>::operator() (this=0x2877ffdc, p1=...,
    p2=32768, p3=255 ' ') at src/emu/delegate.h:619
#3 0x031affaf in handler_entry_read::read8 (this=0x2877ff34, space=...,
    offset=32768, mask=255 ' ') at src/emu/memory.c:592
#4 0x031136b1 in address_space_specific<unsigned char, (endianness_t)0, false>:
:read_native (this=0x28757acc, offset=32768) at src/emu/memory.c:1299
#5 0x03114754 in address_space_specific<unsigned char, (endianness_t)0, false>:
:read_byte (this=0x28757acc, address=32768) at src/emu/memory.c:1604
#6 0x02f69603 in direct_read_data::read_raw_byte (this=0x287585f4,
    byteaddress=32768, directxor=0) at src/emu/memory.h:741
#7 0x02a86982 in es5503_device::sound_stream_update (this=0x27069c,
    stream=..., inputs=0x0, outputs=0x290d1ff8, samples=1)
    at src/emu/sound/es5503.c:185
#8 0x02725678 in sound_stream::device_stream_update_stub (device=0x27069c,
    stream=0x2881c094, param=0x270950, inputs=0x0, outputs=0x290d1ff8,
    samples=1) at src/emu/sound.c:429
#9 0x02725f76 in sound_stream::generate_samples (this=0x2881c094, samples=1)
    at src/emu/sound.c:595
#10 0x027250b0 in sound_stream::update (this=0x2881c094)
    at src/emu/sound.c:283
#11 0x02a86631 in es5503_device::device_timer (this=0x27069c, timer=...,
    tid=0, param=0, ptr=0x0) at src/emu/sound/es5503.c:105
#12 0x03169df0 in device_t::timer_expired (this=0x27069c, timer=..., id=0,
    param=0, ptr=0x0) at src/emu/device.h:219
#13 0x0260cf7c in device_scheduler::execute_timers (this=0x22f158)
    at src/emu/schedule.c:909
#14 0x0260b989 in device_scheduler::timeslice (this=0x22f158)
    at src/emu/schedule.c:428
#15 0x026101c6 in running_machine::run (this=0x22ee00, firstrun=true)
    at src/emu/machine.c:404
#16 0x025eecbb in mame_execute (options=..., osd=...) at src/emu/mame.c:192
#17 0x029692ad in cli_frontend::execute (this=0x22fe80, argc=4, argv=0x3f4ae8)
    at src/emu/clifront.c:246
#18 0x01e9d920 in utf8_main (argc=4, argv=0x3f4ae8)
    at src/osd/windows/winmain.c:482
#19 0x02beb012 in wmain (argc=4, argv=0x3f44c8) at src/osd/windows/main.c:82
#20 0x00401422 in __tmainCRTStartup () at ../mingw-w64-crt/crt/crtexe.c:282
#21 0x7c817077 in RegisterWaitForInputIdle ()
   from C:\WINDOWS\system32\kernel32.dll
#22 0x00000000 in ?? ()

User avatar (08115)
Haze (Developer)
2012-01-31 05:11

I'd hazard a guess either offset or what es5503->get_channel_strobe() is returning are uninitialized.