04839: hb_dacz: Crash after OK

ID	Category [?]	Severity [?]	Reproducibility	Date Submitted	Last Update
04839	Crash/Freeze	Critical (emulator)	Always	May 17, 2012, 20:52	May 28, 2013, 22:52

Tester	Tafoid	View Status	Public	Platform	MAME (Self-compiled)
Assigned To	Robbbert	Resolution	Fixed	OS	Windows XP
Status [?]	Resolved			Driver	jpm/pluto5.cpp
Version	0.145u8	Fixed in Version	0.149	Build	Normal
		Fixed in Git Commit		Github Pull Request #

Summary	04839: hb_dacz: Crash after OK
Description	Program received signal SIGSEGV, Segmentation fault. 0x00b6a332 in pluto5_state::pluto5_mem_r (this=0x267c9c, space=..., offset=1048576, mem_mask=4294901760) at src/mame/drivers/pluto5.c:210 210 return m_cpuregion[offset]; (gdb) bt #0 0x00b6a332 in pluto5_state::pluto5_mem_r (this=0x267c9c, space=..., offset=1048576, mem_mask=4294901760) at src/mame/drivers/pluto5.c:210 #1 0x0318b0ac in delegate_base<unsigned int, address_space&, unsigned int, unsigned int, _noparam, _noparam>::operator() (this=0x30aa7b34, p1=..., p2=1048576, p3=4294901760) at src/emu/delegate.h:619 #2 0x031969d4 in handler_entry_read::read32 (this=0x30aa7a5c, space=..., offset=1048576, mask=4294901760) at src/emu/memory.c:405 #3 0x030c2f18 in address_space_specific<unsigned int, (endianness_t)1, true>::read_native (this=0x3006f57c, offset=4194304, mask=4294901760) at src/emu/memory.c:1087 #4 0x030c2aef in address_space_specific<unsigned int, (endianness_t)1, true>::read_direct<unsigned short, true> (this=0x3006f57c, address=4194304, mask=65535) at src/emu/memory.c:1183 #5 0x030c3e28 in address_space_specific<unsigned int, (endianness_t)1, true>::read_word (this=0x3006f57c, address=4194304) at src/emu/memory.c:1416 #6 0x02ec1835 in direct_read_data::read_decrypted_word (this=0x300700ac, byteaddress=4194304, directxor=2) at src/emu/memory.h:1019 #7 0x01d91f83 in m68k_memory_interface::read_immediate_16 (this=0x2f0d1adc, address=4194304) at src/emu/cpu/m68000/m68kcpu.c:1297 #8 0x0318b2a2 in delegate_base<unsigned short, unsigned int, _noparam, _noparam, _noparam, _noparam>::operator() (this=0x2f0d1ae0, p1=4194304) at src/emu/delegate.h:617 #9 0x023119c2 in m68ki_ic_readimm16 (m68k=0x2f0d18b8, address=4194304) at src/emu/cpu/m68000/m68kcpu.h:996 #10 0x02311ae3 in m68ki_read_imm_16 (m68k=0x2f0d18b8) at src/emu/cpu/m68000/m68kcpu.h:1024 #11 0x023605f6 in _m68ki_cpu_core::m68k_op_ori_8_d (mc68kcpu=0x2f0d18b8) at obj/windowsd/emu/cpu/m68000/m68kops.c:25811 #12 0x01d904a8 in cpu_execute_m68k (device=0x268164) at src/emu/cpu/m68000/m68kcpu.c:809 #13 0x027d9f73 in legacy_cpu_device::execute_run (this=0x268164) at src/emu/devcpu.c:260 #14 0x030d6f3c in device_execute_interface::run (this=0x26841c) at src/emu/diexec.h:228 #15 0x02469483 in device_scheduler::timeslice (this=0x22f2f8) at src/emu/schedule.c:489 #16 0x025240fc in running_machine::run (this=0x22c410, firstrun=true) at src/emu/machine.c:389 #17 0x02456e4b in mame_execute (options=..., osd=...) at src/emu/mame.c:189 #18 0x027bb352 in cli_frontend::execute (this=0x22fe80, argc=4, argv=0x3f4bd8) at src/emu/clifront.c:252 #19 0x01d298c0 in utf8_main (argc=4, argv=0x3f4bd8) at src/osd/windows/winmain.c:482 #20 0x02a50dc2 in wmain (argc=4, argv=0x3f28f0) at src/osd/windows/main.c:82 #21 0x00401422 in __tmainCRTStartup () at ../mingw-w64-crt/crt/crtexe.c:282 #22 0x7c817077 in RegisterWaitForInputIdle () from C:\WINDOWS\system32\kernel32.dll #23 0x00000000 in ?? ()
Steps To Reproduce
Additional Information	hb_daca from 0.145u8-0.147u3 hb_dacz from 0.147u4+
Github Commit

Flags
Regression Version	0.145u8
Affected Sets / Systems	hb_dacz

Attached Files

No.09323 Firewave Senior Tester Feb 9, 2013, 14:31	I cannot reproduce this on Windows or Linux.
No.09328 NekoEd Senior Tester Feb 10, 2013, 22:43	I can't reproduce this one either, SDLMAME64 0.148 on an x64 host.
No.09330 Tafoid Administrator Feb 11, 2013, 01:56	Actually, the setname changed when there was organization in the driver - r19254 hb_daca -> hb_dcaz
No.09519 Firewave Senior Tester May 22, 2013, 13:23	Can reproduce on Linux using an ASAN build. Crash location matches the one reported by Tafoid.
No.09528 Firewave Senior Tester May 22, 2013, 16:15	Possibly related to 04836
No.09567 Robbbert Senior Tester May 28, 2013, 13:33	pluto5_mem_r was reading beyond the end of "maincpu" region. Fixed in r23218.