02067: mustangb, tdragonb: Access Violation

ID	Category [?]	Severity [?]	Reproducibility	Date Submitted	Last Update
02067	Crash/Freeze	Critical (emulator)	Always	Aug 2, 2008, 10:46	Aug 5, 2008, 16:40

Tester	Firewave	View Status	Public	Platform	MAME (Self-compiled)
Assigned To	aaron	Resolution	Fixed	OS
Status [?]	Resolved			Driver	nmk/nmk16.cpp
Version	0.126u3	Fixed in Version	0.126u4	Build	Debug
		Fixed in Git Commit		Github Pull Request #

Summary	02067: mustangb, tdragonb: Access Violation
Description	----------------------------------------------------- Exception at EIP=0122FFF9 (OKIM6295_set_pin7+0x0182): ACCESS VIOLATION While attempting to read memory at 00000038 ----------------------------------------------------- EAX=00000038 EBX=0123029E ECX=00000000 EDX=00000000 ESI=00000000 EDI=001E7401 EBP=0022FC18 ESP=0022FBD0 mustangb: Program received signal SIGSEGV, Segmentation fault. 0x0113bb8b in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461 461 start = ((base[0] << 16) + (base[1] << 8 ) + base[2]) & 0x3ffff; (gdb) bt full #0 0x0113bb8b in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461 voice = (struct ADPCMVoice ) 0x18091f7c temp = 1 i = 0 stop = 2293144 start = 8999 base = (unsigned char ) 0x38 <Address 0x38 out of bounds> info = (struct okim6295 ) 0x18091f7c #1 0x0113be30 in OKIM6295_data_0_w (machine=0xb541f34, offset=0, data=19 '3') at src/emu/sound/okim6295.c:588 No locals. #2 0x00981bde in write_byte_generic (spacenum=0 ' Program received signal SIGSEGV, Segmentation fault. 0x0113bb8b in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461 461 start = ((base[0] << 16) + (base[1] << 8 ) + base[2]) & 0x3ffff; (gdb) bt full #0 0x0113bb8b in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461 voice = (struct ADPCMVoice ) 0x18091f7c temp = 1 i = 0 stop = 2293144 start = 8999 base = (unsigned char ) 0x38 <Address 0x38 out of bounds> info = (struct okim6295 ) 0x18091f7c #1 0x0113be30 in OKIM6295_data_0_w (machine=0xb541f34, offset=0, data=19 '\023') at src/emu/sound/okim6295.c:588 No locals. #2 0x00981bde in write_byte_generic (spacenum=0 '\0', address=24576, data=19 '\023') at src/emu/memory.c:503 space = (const address_space ) 0x2bff1b0 handler = (const handler_data ) 0x27e96d8 offset = 0 entry = 72 #3 0x00984440 in program_write_byte_8le (address=24576, data=19 '\023') at src/emu/memory.c:4058 No locals. #4 0x00cb97ce in op_77 () at src/emu/cpu/z80/z80.c:3146 No locals. #5 0x00cbd181 in z80_execute (cycles=30681) at src/emu/cpu/z80/z80.c:3570 op = 119 #6 0x00974a3a in cpunum_execute (cpunum=1, cycles=30681) at src/emu/cpuintrf.c:1467 ran = 1 #7 0x009b7cd6 in cpuexec_timeslice (machine=0xb541f34) at src/emu/cpuexec.c:283 target = {seconds = 0, attoseconds = 428571428571428544} base = {seconds = 0, attoseconds = 420000000000000000} cpunum = 1 ran = 85718 #8 0x0097713b in mame_execute (options=0x8851e58) at src/emu/mame.c:345 settingsloaded = 0 driver = (const game_driver ) 0x1ac6720 machine = (running_machine ) 0xb541f34 mame = (mame_private ) 0xb551f68 cb = (callback_item ) 0x8851e58 gamename = (astring ) 0xb541f00 exit_pending = 0 error = 0 firstgame = 0 firstrun = 0 #9 0x00b93b6c in cli_execute (argc=6, argv=0x87b1fe8, osd_options=0x20f7bc0) at src/emu/clifront.c:171 options = (core_options ) 0x8851e58 gamename = (astring ) 0x8831f00 exename = (astring ) 0x8841f00 gamename_option = 0x8881f08 "mustangb" driver = (const game_driver ) 0x1ac6720 result = -1 #10 0x0091d6f9 in utf8_main (argc=6, argv=0x87b1fe8) at src/osd/windows/winmain.c:257 ext = 0x27d2258 ".map" #11 0x011dea79 in main (argc=6, a_argv=0x6c53f90) at src/osd/windows/main.c:72 i = 6 rc = -1 utf8_argv = (char ) 0x87b1fe8 argv = (TCHAR ) 0x6c52858 wenviron = (WCHAR ) 0x6c55080 ', address=24576, data=19 '3') at src/emu/memory.c:503 space = (const address_space ) 0x2bff1b0 handler = (const handler_data ) 0x27e96d8 offset = 0 entry = 72 #3 0x00984440 in program_write_byte_8le (address=24576, data=19 '3') at src/emu/memory.c:4058 No locals. #4 0x00cb97ce in op_77 () at src/emu/cpu/z80/z80.c:3146 No locals. #5 0x00cbd181 in z80_execute (cycles=30681) at src/emu/cpu/z80/z80.c:3570 op = 119 #6 0x00974a3a in cpunum_execute (cpunum=1, cycles=30681) at src/emu/cpuintrf.c:1467 ran = 1 #7 0x009b7cd6 in cpuexec_timeslice (machine=0xb541f34) at src/emu/cpuexec.c:283 target = {seconds = 0, attoseconds = 428571428571428544} base = {seconds = 0, attoseconds = 420000000000000000} cpunum = 1 ran = 85718 #8 0x0097713b in mame_execute (options=0x8851e58) at src/emu/mame.c:345 settingsloaded = 0 driver = (const game_driver ) 0x1ac6720 machine = (running_machine ) 0xb541f34 mame = (mame_private ) 0xb551f68 cb = (callback_item ) 0x8851e58 gamename = (astring ) 0xb541f00 exit_pending = 0 error = 0 firstgame = 0 firstrun = 0 #9 0x00b93b6c in cli_execute (argc=6, argv=0x87b1fe8, osd_options=0x20f7bc0) at src/emu/clifront.c:171 options = (core_options ) 0x8851e58 gamename = (astring ) 0x8831f00 exename = (astring ) 0x8841f00 gamename_option = 0x8881f08 "mustangb" driver = (const game_driver ) 0x1ac6720 result = -1 #10 0x0091d6f9 in utf8_main (argc=6, argv=0x87b1fe8) at src/osd/windows/winmain.c:257 ext = 0x27d2258 ".map" #11 0x011dea79 in main (argc=6, a_argv=0x6c53f90) at src/osd/windows/main.c:72 i = 6 rc = -1 utf8_argv = (char ) 0x87b1fe8 argv = (TCHAR ) 0x6c52858 wenviron = (WCHAR *) 0x6c55080 tdragonb: Program received signal SIGSEGV, Segmentation fault. 0x0113bb8b in OKIM6295_data_w (num=0, data=18) at src/emu/sound/okim6295.c:461 461 start = ((base[0] << 16) + (base[1] << 8 ) + base[2]) & 0x3ffff; (gdb) bt full #0 0x0113bb8b in OKIM6295_data_w (num=0, data=18) at src/emu/sound/okim6295.c:461 voice = (struct ADPCMVoice ) 0x182d1f7c temp = 1 i = 0 stop = 2293144 start = 8999 base = (unsigned char ) 0x8 <Address 0x8 out of bounds> info = (struct okim6295 ) 0x182d1f7c #1 0x0113be30 in OKIM6295_data_0_w (machine=0xb541f34, offset=0, data=18 '2') at src/emu/sound/okim6295.c:588 No locals. #2 0x00981bde in write_byte_generic (spacenum=0 ' Program received signal SIGSEGV, Segmentation fault. 0x0113bb8b in OKIM6295_data_w (num=0, data=18) at src/emu/sound/okim6295.c:461 461 start = ((base[0] << 16) + (base[1] << 8 ) + base[2]) & 0x3ffff; (gdb) bt full #0 0x0113bb8b in OKIM6295_data_w (num=0, data=18) at src/emu/sound/okim6295.c:461 voice = (struct ADPCMVoice ) 0x182d1f7c temp = 1 i = 0 stop = 2293144 start = 8999 base = (unsigned char ) 0x8 <Address 0x8 out of bounds> info = (struct okim6295 ) 0x182d1f7c #1 0x0113be30 in OKIM6295_data_0_w (machine=0xb541f34, offset=0, data=18 '\022') at src/emu/sound/okim6295.c:588 No locals. #2 0x00981bde in write_byte_generic (spacenum=0 '\0', address=24576, data=18 '\022') at src/emu/memory.c:503 space = (const address_space ) 0x2bff1b0 handler = (const handler_data ) 0x27e96d8 offset = 0 entry = 72 #3 0x00984440 in program_write_byte_8le (address=24576, data=18 '\022') at src/emu/memory.c:4058 No locals. #4 0x00cb97ce in op_77 () at src/emu/cpu/z80/z80.c:3146 No locals. #5 0x00cbd181 in z80_execute (cycles=10604) at src/emu/cpu/z80/z80.c:3570 op = 119 #6 0x00974a3a in cpunum_execute (cpunum=1, cycles=10604) at src/emu/cpuintrf.c:1467 ran = 1 #7 0x009b7cd6 in cpuexec_timeslice (machine=0xb541f34) at src/emu/cpuexec.c:283 target = {seconds = 0, attoseconds = 844748704095029440} base = {seconds = 0, attoseconds = 841785714285714279} cpunum = 1 ran = 29628 #8 0x0097713b in mame_execute (options=0x8851e58) at src/emu/mame.c:345 settingsloaded = 0 driver = (const game_driver ) 0x1ac6780 machine = (running_machine ) 0xb541f34 mame = (mame_private ) 0xb551f68 cb = (callback_item ) 0x8851e58 gamename = (astring ) 0xb541f00 exit_pending = 0 error = 0 firstgame = 0 firstrun = 0 #9 0x00b93b6c in cli_execute (argc=6, argv=0x87b1fe8, osd_options=0x20f7bc0) at src/emu/clifront.c:171 options = (core_options ) 0x8851e58 gamename = (astring ) 0x8831f00 exename = (astring ) 0x8841f00 gamename_option = 0x8881f08 "tdragonb" driver = (const game_driver ) 0x1ac6780 result = -1 #10 0x0091d6f9 in utf8_main (argc=6, argv=0x87b1fe8) at src/osd/windows/winmain.c:257 ext = 0x27d2258 ".map" #11 0x011dea79 in main (argc=6, a_argv=0x6c53f90) at src/osd/windows/main.c:72 i = 6 rc = -1 utf8_argv = (char ) 0x87b1fe8 argv = (TCHAR ) 0x6c52858 wenviron = (WCHAR *) 0x6c55080 startupinfo = 3289943 ', address=24576, data=18 '2') at src/emu/memory.c:503 space = (const address_space ) 0x2bff1b0 handler = (const handler_data ) 0x27e96d8 offset = 0 entry = 72 #3 0x00984440 in program_write_byte_8le (address=24576, data=18 '2') at src/emu/memory.c:4058 No locals. #4 0x00cb97ce in op_77 () at src/emu/cpu/z80/z80.c:3146 No locals. #5 0x00cbd181 in z80_execute (cycles=10604) at src/emu/cpu/z80/z80.c:3570 op = 119 #6 0x00974a3a in cpunum_execute (cpunum=1, cycles=10604) at src/emu/cpuintrf.c:1467 ran = 1 #7 0x009b7cd6 in cpuexec_timeslice (machine=0xb541f34) at src/emu/cpuexec.c:283 target = {seconds = 0, attoseconds = 844748704095029440} base = {seconds = 0, attoseconds = 841785714285714279} cpunum = 1 ran = 29628 #8 0x0097713b in mame_execute (options=0x8851e58) at src/emu/mame.c:345 settingsloaded = 0 driver = (const game_driver ) 0x1ac6780 machine = (running_machine ) 0xb541f34 mame = (mame_private ) 0xb551f68 cb = (callback_item ) 0x8851e58 gamename = (astring ) 0xb541f00 exit_pending = 0 error = 0 firstgame = 0 firstrun = 0 #9 0x00b93b6c in cli_execute (argc=6, argv=0x87b1fe8, osd_options=0x20f7bc0) at src/emu/clifront.c:171 options = (core_options ) 0x8851e58 gamename = (astring ) 0x8831f00 exename = (astring ) 0x8841f00 gamename_option = 0x8881f08 "tdragonb" driver = (const game_driver ) 0x1ac6780 result = -1 #10 0x0091d6f9 in utf8_main (argc=6, argv=0x87b1fe8) at src/osd/windows/winmain.c:257 ext = 0x27d2258 ".map" #11 0x011dea79 in main (argc=6, a_argv=0x6c53f90) at src/osd/windows/main.c:72 i = 6 rc = -1 utf8_argv = (char ) 0x87b1fe8 argv = (TCHAR ) 0x6c52858 wenviron = (WCHAR **) 0x6c55080 startupinfo = 3289943
Steps To Reproduce
Additional Information
Github Commit

Flags
Regression Version	0.126u3
Affected Sets / Systems	mustangb, tdragonb

Attached Files

No.01882 etabeta Developer Aug 2, 2008, 11:34	backtrace on SDLMAME Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000038 0x010f79b9 in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461 461 start = ((base[0] << 16) + (base[1] << 8) + base[2]) & 0x3ffff; (gdb) bt #0 0x010f79b9 in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461 #1 0x010f7c91 in OKIM6295_data_0_w (machine=0x735eed0, offset=0, data=19 '3') at src/emu/sound/okim6295.c:588 #2 0x006fb04b in write_byte_generic (spacenum=0 ' Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000038 0x010f79b9 in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461 461 start = ((base[0] << 16) + (base[1] << 8) + base[2]) & 0x3ffff; (gdb) bt #0 0x010f79b9 in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461 #1 0x010f7c91 in OKIM6295_data_0_w (machine=0x735eed0, offset=0, data=19 '\023') at src/emu/sound/okim6295.c:588 #2 0x006fb04b in write_byte_generic (spacenum=0 '\0', address=24576, data=19 '\023') at src/emu/memory.c:503 #3 0x006fdd0d in program_write_byte_8le (address=24576, data=19 '\023') at src/emu/memory.c:4058 #4 0x00fcfb9c in op_77 () at src/emu/cpu/z80/z80.c:3146 #5 0x00fd5013 in z80_execute (cycles=30681) at src/emu/cpu/z80/z80.c:3570 #6 0x006bf190 in cpunum_execute (cpunum=1, cycles=30681) at src/emu/cpuintrf.c:1467 #7 0x006bb02e in cpuexec_timeslice (machine=0x735eed0) at src/emu/cpuexec.c:283 #8 0x006ec956 in mame_execute (options=0x73327c0) at src/emu/mame.c:345 #9 0x006b8580 in cli_execute (argc=2, argv=0x7306c50, osd_options=0x20fe840) at src/emu/clifront.c:171 #10 0x00674f19 in SDL_main (argc=2, argv=0x7306c50) at src/osd/sdl/sdlmain.c:327 ', address=24576, data=19 '3') at src/emu/memory.c:503 #3 0x006fdd0d in program_write_byte_8le (address=24576, data=19 '3') at src/emu/memory.c:4058 #4 0x00fcfb9c in op_77 () at src/emu/cpu/z80/z80.c:3146 #5 0x00fd5013 in z80_execute (cycles=30681) at src/emu/cpu/z80/z80.c:3570 #6 0x006bf190 in cpunum_execute (cpunum=1, cycles=30681) at src/emu/cpuintrf.c:1467 #7 0x006bb02e in cpuexec_timeslice (machine=0x735eed0) at src/emu/cpuexec.c:283 #8 0x006ec956 in mame_execute (options=0x73327c0) at src/emu/mame.c:345 #9 0x006b8580 in cli_execute (argc=2, argv=0x7306c50, osd_options=0x20fe840) at src/emu/clifront.c:171 #10 0x00674f19 in SDL_main (argc=2, argv=0x7306c50) at src/osd/sdl/sdlmain.c:327

No.01882

etabeta

Developer

Aug 2, 2008, 11:34

backtrace on SDLMAME

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_PROTECTION_FAILURE at address: 0x00000038
0x010f79b9 in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461
461                                     start = ((base[0] << 16) + (base[1] << 8) + base[2]) & 0x3ffff;
(gdb) bt
#0  0x010f79b9 in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461
#1  0x010f7c91 in OKIM6295_data_0_w (machine=0x735eed0, offset=0, data=19 '3') at src/emu/sound/okim6295.c:588
#2  0x006fb04b in write_byte_generic (spacenum=0 'Program received signal EXC_BAD_ACCESS, Could not access memory.

Reason: KERN_PROTECTION_FAILURE at address: 0x00000038

0x010f79b9 in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461

461                                     start = ((base[0] << 16) + (base[1] << 8) + base[2]) & 0x3ffff;

(gdb) bt

#0  0x010f79b9 in OKIM6295_data_w (num=0, data=19) at src/emu/sound/okim6295.c:461

#1  0x010f7c91 in OKIM6295_data_0_w (machine=0x735eed0, offset=0, data=19 '\023') at src/emu/sound/okim6295.c:588

#2  0x006fb04b in write_byte_generic (spacenum=0 '\0', address=24576, data=19 '\023') at src/emu/memory.c:503

#3  0x006fdd0d in program_write_byte_8le (address=24576, data=19 '\023') at src/emu/memory.c:4058

#4  0x00fcfb9c in op_77 () at src/emu/cpu/z80/z80.c:3146

#5  0x00fd5013 in z80_execute (cycles=30681) at src/emu/cpu/z80/z80.c:3570

#6  0x006bf190 in cpunum_execute (cpunum=1, cycles=30681) at src/emu/cpuintrf.c:1467

#7  0x006bb02e in cpuexec_timeslice (machine=0x735eed0) at src/emu/cpuexec.c:283

#8  0x006ec956 in mame_execute (options=0x73327c0) at src/emu/mame.c:345

#9  0x006b8580 in cli_execute (argc=2, argv=0x7306c50, osd_options=0x20fe840) at src/emu/clifront.c:171

#10 0x00674f19 in SDL_main (argc=2, argv=0x7306c50) at src/osd/sdl/sdlmain.c:327

', address=24576, data=19 '3') at src/emu/memory.c:503
#3  0x006fdd0d in program_write_byte_8le (address=24576, data=19 '3') at src/emu/memory.c:4058
#4  0x00fcfb9c in op_77 () at src/emu/cpu/z80/z80.c:3146
#5  0x00fd5013 in z80_execute (cycles=30681) at src/emu/cpu/z80/z80.c:3570
#6  0x006bf190 in cpunum_execute (cpunum=1, cycles=30681) at src/emu/cpuintrf.c:1467
#7  0x006bb02e in cpuexec_timeslice (machine=0x735eed0) at src/emu/cpuexec.c:283
#8  0x006ec956 in mame_execute (options=0x73327c0) at src/emu/mame.c:345
#9  0x006b8580 in cli_execute (argc=2, argv=0x7306c50, osd_options=0x20fe840) at src/emu/clifront.c:171
#10 0x00674f19 in SDL_main (argc=2, argv=0x7306c50) at src/osd/sdl/sdlmain.c:327