Viewing Issue Advanced Details
ID Category [?] Severity [?] Reproducibility Date Submitted Last Update
06737 Crash/Freeze Critical (emulation) Always Oct 29, 2017, 02:01 Nov 2, 2017, 20:25
Tester wuemura View Status Public Platform MAME (Official Binary)
Assigned To Resolution Invalid report OS Windows 10 (64-bit)
Status [?] Closed Driver
Version 0.191 Fixed in Version Build 64-bit
Fixed in Git Commit Github Pull Request #
Summary 06737: arabfgt: Fatal error: Unhandled OpCode found
Description MAME crash after the 2nd boss defeat.
Steps To Reproduce 1. Run arabfgt
2. defeat 2nd stage boss
3. mame crash with
Fatal error: Unhandled OpCode found : 04 at 00000006
Additional Information Happens on official binary and GIT
Github Commit
Flags
Regression Version
Affected Sets / Systems arabfgt
Attached Files
zip file icon arabfgt.zip (825,366 bytes) Oct 29, 2017, 14:11 Uploaded by wuemura
save state
png file icon 0000.png (24,599 bytes) Oct 31, 2017, 02:37 Uploaded by wuemura
all cheats for P1 enabled at start
wuemura
Relationships
There are no relationship linked to this issue.
Notes
12
User avatar
No.14357
AJR
Developer
Oct 29, 2017, 13:44
This could be some sort of bug in the V60 core (on top of its fatalerror on undefined opcode, which is in itself a very bad idea). Without a save state from shortly before the crash, this bug may be difficult to pinpoint.
User avatar
No.14358
wuemura
Viewer
Oct 29, 2017, 14:11
Save state added.
User avatar
No.14363
AJR
Developer
Oct 30, 2017, 04:26
I've been unable to reproduce this bug on OS X with MAME 0.191 and the provided save state. arabfgt, however, doesn't officially support save states, and there's actually quite a lot of data that the System 32 driver isn't saving.
User avatar
No.14372
Haze
Senior Tester
Oct 30, 2017, 14:10
I'm getting no repro either.

Is this a victim of the hiscore or cheat plugins?
User avatar
No.14373
B2K24
Senior Tester
Oct 30, 2017, 20:54
No repo here either. I beat lizardman, snakewoman, and passed the bonus stage with no error messages.

I'll try to do a complete clear either tonight or tomorrow.
User avatar
No.14377
wuemura
Viewer
Oct 31, 2017, 01:41
Does this help?
MAME exception: Unhandled OpCode found : 04 at 00000006

Attempting to fall into debugger

Thread 1 "mame64d" received signal SIGTRAP, Trace/breakpoint trap.
0x00007ffff44662e7 in kill () at ../sysdeps/unix/syscall-template.S:84
84	../sysdeps/unix/syscall-template.S: Arquivo ou diretório não encontrado.
(gdb) bt
#0  0x00007ffff44662e7 in kill () at ../sysdeps/unix/syscall-template.S:84
#1  0x000055555dd5c372 in osd_break_into_debugger ()
    at ../../../../../src/osd/modules/lib/osdlib_unix.cpp:97
#2  0x000055555d65119a in emu_fatalerror::emu_fatalerror ()
    at ../../../../../src/emu/emucore.cpp:43
#3  0x000055555d651476 in fatalerror ()
    at ../../../../../src/emu/emucore.cpp:92
#4  0x000055555c8b56c0 in v60_device::opUNHANDLED ()
    at ../../../../../src/devices/cpu/v60/v60.cpp:379
#5  0x000055555c8cc39b in v60_device::execute_run ()
    at ../../../../../src/devices/cpu/v60/v60.cpp:618
#6  0x000055555d7a8528 in device_execute_interface::run ()
    at ../../../../../src/emu/diexec.h:186
#7  device_scheduler::timeslice () at ../../../../../src/emu/schedule.cpp:481
#8  0x000055555d7573a0 in running_machine::run ()
    at ../../../../../src/emu/machine.cpp:357
#9  0x000055555b4cf812 in mame_machine_manager::execute ()
    at ../../../../../src/frontend/mame/mame.cpp:229
#10 0x000055555b56b005 in cli_frontend::start_execution ()
    at ../../../../../src/frontend/mame/clifront.cpp:257
#11 0x000055555b56b59e in cli_frontend::execute ()
    at ../../../../../src/frontend/mame/clifront.cpp:273
#12 0x000055555b4cd67b in emulator_info::start_frontend ()
---Type <return> to continue, or q <return> to quit---
    at ../../../../../src/frontend/mame/mame.cpp:329
#13 0x000055555910bac6 in main () at ../../../../../src/osd/sdl/sdlmain.cpp:216

(gdb) frame 0
#0  0x00007ffff44662e7 in kill () at ../sysdeps/unix/syscall-template.S:84
84	../sysdeps/unix/syscall-template.S: Arquivo ou diretório não encontrado.
(gdb) list +
79	in ../sysdeps/unix/syscall-template.S

(gdb) frame 2
#2  0x000055555d65119a in emu_fatalerror::emu_fatalerror ()
    at ../../../../../src/emu/emucore.cpp:43
43		osd_break_into_debugger(text);
(gdb) list +
38		}
39		else
40		{
41			vsnprintf(text, sizeof(text), format, ap);
42		}
43		osd_break_into_debugger(text);
44	}
45	
46	emu_fatalerror::emu_fatalerror(int _exitcode, const char *format, ...)
47	: code(_exitcode)

(gdb) frame 3
#3  0x000055555d651476 in fatalerror ()
    at ../../../../../src/emu/emucore.cpp:92
92		emu_fatalerror error(format, ap);
(gdb) list +
87	
88	void fatalerror(const char *format, ...)
89	{
90		va_list ap;
91		va_start(ap, format);
92		emu_fatalerror error(format, ap);
93		va_end(ap);
94		throw error;
95	}

(gdb) frame 4
#4  0x000055555c8b56c0 in v60_device::opUNHANDLED ()
    at ../../../../../src/devices/cpu/v60/v60.cpp:379
379		fatalerror("Unhandled OpCode found : %02x at %08x\n", OpRead16(PC), PC);
(gdb) list +
374	#include "op6.hxx"
375	#include "op7a.hxx"
376	
377	uint32_t v60_device::opUNHANDLED()
378	{
379		fatalerror("Unhandled OpCode found : %02x at %08x\n", OpRead16(PC), PC);
380		//return 0; /* never reached, fatalerror won't return */
381	}
382	
383	// Opcode jump table

gdb) frame 5
#5  0x000055555c8cc39b in v60_device::execute_run ()
    at ../../../../../src/devices/cpu/v60/v60.cpp:618
618			inc = (this->*s_OpCodeTable[OpRead8(PC)])();
(gdb) list +
613		{
614			uint32_t inc;
615			m_PPC = PC;
616			debugger_instruction_hook(this, PC);
617			m_icount -= 8;  /* fix me -- this is just an average */
618			inc = (this->*s_OpCodeTable[OpRead8(PC)])();
619			PC += inc;
620			if (m_irq_line != CLEAR_LINE)
621				v60_try_irq();
622		}

(gdb) frame 6
#6  0x000055555d7a8528 in device_execute_interface::run ()
    at ../../../../../src/emu/diexec.h:186
186		void run() { execute_run(); }
(gdb) list +
181		// time and cycle accounting
182		attotime local_time() const;
183		u64 total_cycles() const;
184	
185		// required operation overrides
186		void run() { execute_run(); }
187	
188		// deliberately ambiguous functions; if you have the execute interface
189		// just use it
190		device_execute_interface &execute() { return *this; }

(gdb) frame 7
#7  device_scheduler::timeslice () at ../../../../../src/emu/schedule.cpp:481
481								exec->run();
(gdb) list +
476							// via the call to cpu_execute
477							exec->m_cycles_stolen = 0;
478							m_executing_device = exec;
479							*exec->m_icountptr = exec->m_cycles_running;
480							if (!call_debugger)
481								exec->run();
482							else
483							{
484								debugger_start_cpu_hook(&exec->device(), target);
485								exec->run();

(gdb) frame 8
#8  0x000055555d7573a0 in running_machine::run ()
    at ../../../../../src/emu/machine.cpp:357
357					m_scheduler.timeslice();
(gdb) list +
352			{
353				g_profiler.start(PROFILER_EXTRA);
354	
355				// execute CPUs if not paused
356				if (!m_paused)
357					m_scheduler.timeslice();
358				// otherwise, just pump video updates through
359				else
360					m_video->frame_update();

(gdb) frame 9
#9  0x000055555b4cf812 in mame_machine_manager::execute ()
    at ../../../../../src/frontend/mame/mame.cpp:229
229			error = machine.run(is_empty);
(gdb) list +
224			running_machine machine(config, *this);
225	
226			set_machine(&machine);
227	
228			// run the machine
229			error = machine.run(is_empty);
230			m_firstrun = false;
231	
232			// check the state of the machine
233			if (m_new_driver_pending)

(gdb) frame 10
#10 0x000055555b56b005 in cli_frontend::start_execution ()
    at ../../../../../src/frontend/mame/clifront.cpp:257
257		m_result = manager->execute();
(gdb) list +
252		const game_driver *system = mame_options::system(m_options);
253		if (system == nullptr && *(m_options.system_name()) != 0)
254			throw emu_fatalerror(EMU_ERR_NO_SUCH_GAME, "Unknown system '%s'", m_options.system_name());
255	
256		// otherwise just run the game
257		m_result = manager->execute();
258	}
259	
260	//-------------------------------------------------
261	//  execute - execute a game via the standard

(gdb) frame 11
#11 0x000055555b56b59e in cli_frontend::execute ()
    at ../../../../../src/frontend/mame/clifront.cpp:273
273			start_execution(manager, args);
(gdb) list +
268		m_result = EMU_ERR_NONE;
269		mame_machine_manager *manager = mame_machine_manager::instance(m_options, m_osd);
270	
271		try
272		{
273			start_execution(manager, args);
274		}
275		// handle exceptions of various types
276		catch (emu_fatalerror &fatal)
277		{

(gdb) frame 12
#12 0x000055555b4cd67b in emulator_info::start_frontend ()
    at ../../../../../src/frontend/mame/mame.cpp:329
329		return frontend.execute(args);
(gdb) list +
324	}
325	
326	int emulator_info::start_frontend(emu_options &options, osd_interface &osd, std::vector<std::string> &args)
327	{
328		cli_frontend frontend(options, osd);
329		return frontend.execute(args);
330	}
331	
332	int emulator_info::start_frontend(emu_options &options, osd_interface &osd, int argc, char *argv[])
333	{

(gdb) frame 13
#13 0x000055555910bac6 in main () at ../../../../../src/osd/sdl/sdlmain.cpp:216
216			res = emulator_info::start_frontend(options, osd, args);
(gdb) list +
211	
212		{
213			sdl_options options;
214			sdl_osd_interface osd(options);
215			osd.register_options();
216			res = emulator_info::start_frontend(options, osd, args);
217		}
218	
219	#ifdef SDLMAME_UNIX
220	#if (!defined(SDLMAME_MACOSX)) && (!defined(SDLMAME_HAIKU)) && (!defined(SDLMAME_EMSCRIPTEN)) && (!defined(SDLMAME_ANDROID))
User avatar
No.14378
Haze
Senior Tester
Oct 31, 2017, 01:56
edited on: Oct 31, 2017, 01:56
doesn't really help, we know the fatalerror is because the CPU encounters an opcode it doesn't understand meaning it has very likely already crashed.

*why* it ends up in that code is a mystery, sometimes these things can be caused by enabling hiscores or cheats, all of which are unexpected operations for the unoriginal game and cause instability (this is why the hiscore.dat support was originally removed from MAME) so it's important to know if you have any of those enabled.
User avatar
No.14379
wuemura
Viewer
Oct 31, 2017, 02:37
edited on: Oct 31, 2017, 02:38
The only thing I've enabled is cheat.
I've tested one by one, the cheat that cause this was "Infinite Energy" for player 1, the other cheats doesn't make the CPU crash.
I have no way to test if this happens with other players as well.

There is another issue that I've discover, if you enable all cheats for player one at start the screen get full of lines and start to slow everything down.
Is this a known issue or should I fill another bug report?
User avatar
No.14382
B2K24
Senior Tester
Oct 31, 2017, 05:02
My understanding is that cheats are a fun thing for users but aren't guaranteed by MAMEdev. Any oddities should be reported at their respective forums such as Pugsy's

http://www.mamecheat.co.uk/forums/
User avatar
No.14383
Osso
Moderator
Oct 31, 2017, 07:02
http://mametesters.org/rules.html
In fact Rule 7 states "Finding bugs via using "cheats" is discouraged. Sometimes cheats can affect the games in ways that aren't immediately apparent. If you can't get to the point in the game where the bug occurs without cheating, please mention this fact in your bug report."
User avatar
No.14384
wuemura
Viewer
Oct 31, 2017, 10:17
It was not my intention to find a bug with cheats.
But since we find 2 different ones, I'll leave this to developers to decide because, the main issue are not the cheats, they are working fine. To me the issue are using it in a unstable machine as Haze stated.

This could help developers make the machine more stable.
User avatar
No.14386
Haze
Senior Tester
Oct 31, 2017, 14:06
no, the issue is the cheats are making the game unstable and causing the original CPU to crash, which then causes MAME to exit.

if the Fatalerror wasn't there the game would still crash at that point with the cheat enabled

you shouldn't be reporting bugs with cheats enabled, they can do this.