Viewing Issue Advanced Details
Jump to Notes ]
namcos2.cpp
ID Category [?] Severity [?] Reproducibility Date Submitted Last Update
05010 Crash/Freeze Critical (emulator) Always Sep 19, 2012, 10:43 Jun 19, 2015, 22:20
Tester Tafoid View Status Public Platform
Assigned To Resolution Fixed OS
Status [?] Resolved Driver namcos2.cpp
Version 0.147 Fixed in Version 0.161 Build
Summary 05010: luckywld, luckywldj, metlhawk, metlhawkj: [debug] Crash after OK
Description For both games, you get a similar crash. With metlhawk, it takes a few emulated seconds to hit the crashpoint. Only seems to be present in DEBUG=1 builds.

Program received signal SIGSEGV, Segmentation fault.
0x01006a21 in namcos2_shared_state::c169_roz_get_info (this=0x31500c,
    tileinfo=..., tile_index=32768, which=1) at src/mame/drivers/namcoic.c:961
961 UINT16 tile = m_c169_roz_videoram[tile_index];
(gdb) bt
#0 0x01006a21 in namcos2_shared_state::c169_roz_get_info (this=0x31500c,
    tileinfo=..., tile_index=32768, which=1) at src/mame/drivers/namcoic.c:961
#1 0x01006cf3 in namcos2_shared_state::c169_roz_get_info1 (this=0x31500c,
    tileinfo=..., tile_index=32768, param=0x0)
    at src/mame/drivers/namcoic.c:1030
#2 0x0325808c in delegate_base<void, tile_data&, unsigned int, void*, _noparam,
 _noparam>::operator() (this=0x35224700, p1=..., p2=32768, p3=0x0)
    at src/emu/delegate.h:619
#3 0x0256c217 in tilemap_t::tile_update (this=0x352246bc, logindex=128,
    col=128, row=0) at src/emu/tilemap.c:740
#4 0x0256c176 in tilemap_t::pixmap_update (this=0x352246bc)
    at src/emu/tilemap.c:721
#5 0x032510ad in tilemap_t::pixmap (this=0x352246bc) at src/emu/tilemap.h:475
#6 0x010071b5 in namcos2_shared_state::c169_roz_draw_helper (this=0x31500c,
    bitmap=..., tmap=..., clip=..., params=...)
    at src/mame/drivers/namcoic.c:1122
#7 0x01007638 in namcos2_shared_state::c169_roz_draw (this=0x31500c,
    bitmap=..., cliprect=..., pri=0) at src/mame/drivers/namcoic.c:1212
#8 0x0100a051 in namcos2_state::screen_update_luckywld (this=0x31500c,
    screen=..., bitmap=..., cliprect=...) at src/mame/video/namcos2.c:504
#9 0x032576d8 in delegate_base<unsigned int, screen_device&, bitmap_ind16&, rec
tangle const&, _noparam, _noparam>::operator() (this=0x323e06a4, p1=...,
    p2=..., p3=...) at src/emu/delegate.h:619
#10 0x02490b89 in screen_device::update_partial (this=0x323e03b4,
    scanline=223) at src/emu/screen.c:598
#11 0x027ff5a3 in video_manager::finish_screen_updates (this=0x2ac72c)
    at src/emu/video.c:647
#12 0x027fdf1a in video_manager::frame_update (this=0x2ac72c, debug=false)
    at src/emu/video.c:218
#13 0x024916bf in screen_device::vblank_begin (this=0x323e03b4)
    at src/emu/screen.c:808
#14 0x0248ff4b in screen_device::device_timer (this=0x323e03b4, timer=...,
    id=0, param=0, ptr=0x0) at src/emu/screen.c:393
#15 0x03201e7c in device_t::timer_expired (this=0x323e03b4, timer=..., id=0,
    param=0, ptr=0x0) at src/emu/device.h:221
#16 0x0249e13e in device_scheduler::execute_timers (this=0x22f258)
    at src/emu/schedule.c:910
#17 0x0249ce17 in device_scheduler::timeslice (this=0x22f258)
    at src/emu/schedule.c:429
#18 0x0254585b in running_machine::run (this=0x22c340, firstrun=true)
    at src/emu/machine.c:389
#19 0x0248da42 in mame_execute (options=..., osd=...) at src/emu/mame.c:190
#20 0x027c8406 in cli_frontend::execute (this=0x22fe80, argc=4, argv=0x3f4c20)
    at src/emu/clifront.c:252
#21 0x01d5c1bc in utf8_main (argc=4, argv=0x3f4c20)
    at src/osd/windows/winmain.c:482
#22 0x02a48f8a in wmain (argc=4, argv=0x3f4600) at src/osd/windows/main.c:82
#23 0x0040140b in __tmainCRTStartup ()
    at /home/ruben/mingw-w64/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:310
#24 0x7c817077 in RegisterWaitForInputIdle ()
   from C:\WINDOWS\system32\kernel32.dll
#25 0x00000000 in ?? ()
Steps To Reproduce
Additional Information
Flags Debug build specific
Regression Version 0.147
Affected Sets / Systems luckywld, luckywldj, metlhawk, metlhawkj
Attached Files
  
Relationships
There are no relationsihp linked to this issue.
Notes
7
User avatar
No.08910
Firewave
Senior Tester
Sep 19, 2012, 18:24
 The problem is, that the tilemap is too big for the rozvideoram. It is defined as 0x100000 in these two sets where all other define it as 0x20000.
User avatar
No.10555
Firewave
Senior Tester
Apr 10, 2014, 21:46
edited on: Apr 10, 2014, 21:47
 AddressSanitizer output from 0.153:

==1610==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6310000757fe at pc 0x30405da bp 0x7fff388f80a0 sp 0x7fff388f8098

READ of size 2 at 0x6310000757fe thread T0

    #0 0x30405d9 in namcos2_shared_state::c169_roz_get_info(tile_data&, int, int) /home/notroot/trunk/src/mame/drivers/namcoic.c:951

    #1 0x7fa4bd3 in delegate_base<void, tilemap_t&, tile_data&, unsigned int, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam>::operator()(tilemap_t&, tile_data&, unsigned int) const /home/notroot/trunk/src/emu/delegate.h:651

    #2 0x7fa4bd3 in tilemap_t::tile_update(unsigned int, unsigned int, unsigned int) /home/notroot/trunk/src/emu/tilemap.c:731

    #3 0x7fa4808 in tilemap_t::pixmap_update() /home/notroot/trunk/src/emu/tilemap.c:712

    #4 0x304187d in tilemap_t::pixmap() /home/notroot/trunk/src/emu/tilemap.h:506

    #5 0x304187d in namcos2_shared_state::c169_roz_draw_helper(screen_device&, bitmap_ind16&, tilemap_t&, rectangle const&, namcos2_shared_state::roz_parameters const&) /home/notroot/trunk/src/mame/drivers/namcoic.c:1112

    #6 0x3042778 in namcos2_shared_state::c169_roz_draw(screen_device&, bitmap_ind16&, rectangle const&, int) /home/notroot/trunk/src/mame/drivers/namcoic.c:1203

    #7 0x30ee89f in namcos2_state::screen_update_luckywld(screen_device&, bitmap_ind16&, rectangle const&) /home/notroot/trunk/src/mame/video/namcos2.c:505

    #8 0x7f806d9 in delegate_base<unsigned int, screen_device&, bitmap_rgb32&, rectangle const&, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam>::operator()(screen_device&, bitmap_rgb32&, rectangle const&) const /home/notroot/trunk/src/emu/delegate.h:651

    #9 0x7f806d9 in screen_device::update_partial(int) /home/notroot/trunk/src/emu/screen.c:613

    #10 0x801a7e0 in video_manager::finish_screen_updates() /home/notroot/trunk/src/emu/video.c:624

    #11 0x8019e84 in video_manager::frame_update(bool) /home/notroot/trunk/src/emu/video.c:200

    #12 0x7f7fa9f in screen_device::vblank_begin() /home/notroot/trunk/src/emu/screen.c:812

    #13 0x7f76b63 in device_t::timer_expired(emu_timer&, unsigned int, int, void*) /home/notroot/trunk/src/emu/device.h:199

    #14 0x7f76b63 in device_scheduler::execute_timers() /home/notroot/trunk/src/emu/schedule.c:900

    #15 0x7e8adf1 in running_machine::run(bool) /home/notroot/trunk/src/emu/machine.c:378

    #16 0x7e821d7 in mame_execute(emu_options&, osd_interface&) /home/notroot/trunk/src/emu/mame.c:194

    #17 0x7c82758 in cli_frontend::execute(int, char**) /home/notroot/trunk/src/emu/clifront.c:237

    #18 0x5608f55 in main /home/notroot/trunk/src/osd/sdl/sdlmain.c:379

    #19 0x7f2a38dc7de4 in __libc_start_main /build/buildd/eglibc-2.17/csu/libc-start.c:260

    #20 0x101071c in _start (/home/notroot/trunk/mame64d+0x101071c)



0x6310000757ff is located 0 bytes to the right of 69631-byte region [0x631000064800,0x6310000757ff)

allocated by thread T0 here:

    #0 0xffa639 in __interceptor_malloc /home/ben/development/llvm/3.4/final/llvm.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:74

    #1 0x82bd41a in malloc_file_line(unsigned long, char const*, int, bool, bool, bool) /home/notroot/trunk/src/lib/util/corealloc.c:104

    #2 0x788bef0 in operator new[](unsigned long, char const*, int) /home/notroot/trunk/src/lib/util/corealloc.h:84

    #3 0x788bef0 in dynamic_array<unsigned char>::expand_internal(int) /home/notroot/trunk/src/lib/util/coretmpl.h:107

    #4 0x788bef0 in dynamic_array<unsigned char>::resize(int) /home/notroot/trunk/src/lib/util/coretmpl.h:94

    #5 0x788bef0 in dynamic_array<unsigned char>::resize_and_clear(int, unsigned char) /home/notroot/trunk/src/lib/util/coretmpl.h:99

    #6 0x7ecb800 in memory_block::memory_block(address_space&, unsigned int, unsigned int, void*) /home/notroot/trunk/src/emu/memory.c:4083

    #7 0x7ea0782 in address_space::allocate_memory() /home/notroot/trunk/src/emu/memory.c:2142

    #8 0x7e9d217 in memory_manager::initialize() /home/notroot/trunk/src/emu/memory.c:1605

    #9 0x7e874a8 in running_machine::start() /home/notroot/trunk/src/emu/machine.c:253

    #10 0x7e8ac8d in running_machine::run(bool) /home/notroot/trunk/src/emu/machine.c:349

    #11 0x7e821d7 in mame_execute(emu_options&, osd_interface&) /home/notroot/trunk/src/emu/mame.c:194

    #12 0x7c82758 in cli_frontend::execute(int, char**) /home/notroot/trunk/src/emu/clifront.c:237

    #13 0x5608f55 in main /home/notroot/trunk/src/osd/sdl/sdlmain.c:379

    #14 0x7f2a38dc7de4 in __libc_start_main /build/buildd/eglibc-2.17/csu/libc-start.c:260

User avatar
No.11493
Firewave
Senior Tester
Mar 5, 2015, 17:43
 Added additional sets from 0.159 testrun.
User avatar
No.11525
peterferrie
Developer
Mar 19, 2015, 07:03
 They all work if the ROM size is increased to 128kb.
Any idea why they were set at 64kb? Can we just increase to 128kb and go home?
User avatar
No.11531
AWJ
Developer
Mar 20, 2015, 07:01
 Probably because there's only 64KB of RAM (not ROM) on those boards. Fixing the namcoic.c code to work with variable RAM sizes is the answer, not adding nonexistent RAM to the address maps.
User avatar
No.11769
peterferrie
Developer
Jun 19, 2015, 20:09
 this appears to be fixed in 0.162, but I haven't found the check-in that's responsible for it...
User avatar
No.11774
Tafoid
Administrator
Jun 19, 2015, 22:19
 looks like it was fixed in 0.161, my local copy of mamed for 0.161 doesn't crash. Resolving.