| ID | Category [?] | Severity [?] | Reproducibility | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 05116 | Misc. | Minor | Always | Jan 19, 2013, 13:47 | Mar 9, 2013, 09:40 |
| Tester | Firewave | View Status | Public | Platform | MESS (Self-compiled) |
| Assigned To | Firewave | Resolution | Fixed | OS | |
| Status [?] | Resolved | Driver | |||
| Version | 0.148 | Fixed in Version | 0.148u2 | Build | Debug |
| Fixed in Git Commit | Github Pull Request # | ||||
| Summary |
 05116: Sets using MC6847: Invalid read of size 1 |
||||
| Description |
==62745== Invalid read of size 1 ==62745== at 0x1193F11: unsigned int mc6847_friend_device::emit_mc6847_samples<1>(unsigned char, unsigned char const*, int, unsigned int*, unsigned int const*, unsigned char (*)(running_machine&, unsigned char, int), int, int) (mc6847.h:148) ==62745== by 0x1191944: mc6847_base_device::screen_update(screen_device&, bitmap_rgb32&, rectangle const&) (mc6847.c:766) ==62745== by 0x1B118D8: delegate_base<unsigned int, screen_device&, bitmap_rgb32&, rectangle const&, _noparam, _noparam>::operator()(screen_device&, bitmap_rgb32&, rectangle const&) const (delegate.h:542) ==62745== by 0x1B0EDF2: screen_device::update_partial(int) (screen.c:603) ==62745== by 0x1B52275: video_manager::finish_screen_updates() (video.c:658) ==62745== by 0x1B50DE7: video_manager::frame_update(bool) (video.c:229) ==62745== by 0x1B0F7CC: screen_device::vblank_begin() (screen.c:812) ==62745== by 0x1B0E309: screen_device::device_timer(emu_timer&, unsigned int, int, void*) (screen.c:397) ==62745== by 0x1B0B9B0: device_t::timer_expired(emu_timer&, unsigned int, int, void*) (device.h:227) ==62745== by 0x1B0BC7C: device_scheduler::execute_timers() (schedule.c:914) ==62745== by 0x1B0A3BB: device_scheduler::timeslice() (schedule.c:429) ==62745== by 0x1AA49B0: running_machine::run(bool) (machine.c:393) ==62745== by 0x1AA22B3: mame_execute(emu_options&, osd_interface&) (mame.c:190) ==62745== by 0x19C94F4: cli_frontend::execute(int, char**) (clifront.c:255) ==62745== by 0x13154D8: main (sdlmain.c:371) ==62745== Address 0x10b43c6a is not stack'd, malloc'd or (recently) free'd |
||||
| Steps To Reproduce | |||||
| Additional Information |
Systems which use MC6847 or variant:alice |
||||
| Github Commit | |||||
| Flags | |||||
| Regression Version | |||||
| Affected Sets / Systems | Sets using MC6847 | ||||
|
Attached Files
|
|||||
 No.09259
Tafoid Administrator
Jan 19, 2013, 17:45
|
Doesn't crash? Is there supposed to be a popup warning? |
|---|---|
 No.09260
Firewave Senior Tester
Jan 19, 2013, 22:50
|
No warning at all - just valgrind complaining. fellow also has this at different lines: ==64789== Invalid read of size 1 ==64789== at 0x119398D: unsigned int mc6847_friend_device::emit_mc6847_samples<1>(unsigned char, unsigned char const*, int, unsigned int*, unsigned int const*, unsigned char (*)(running_machine&, unsigned char, int), int, int) (mc6847.h:379) ==64789== by 0x1191944: mc6847_base_device::screen_update(screen_device&, bitmap_rgb32&, rectangle const&) (mc6847.c:766) ==64789== by 0x1B118D8: delegate_base<unsigned int, screen_device&, bitmap_rgb32&, rectangle const&, _noparam, _noparam>::operator()(screen_device&, bitmap_rgb32&, rectangle const&) const (delegate.h:542) ==64789== by 0x1B0EDF2: screen_device::update_partial(int) (screen.c:603) ==64789== by 0x1B52275: video_manager::finish_screen_updates() (video.c:658) ==64789== by 0x1B50DE7: video_manager::frame_update(bool) (video.c:229) ==64789== by 0x1B0F7CC: screen_device::vblank_begin() (screen.c:812) ==64789== by 0x1B0E309: screen_device::device_timer(emu_timer&, unsigned int, int, void*) (screen.c:397) ==64789== by 0x1B0B9B0: device_t::timer_expired(emu_timer&, unsigned int, int, void*) (device.h:227) ==64789== by 0x1B0BC7C: device_scheduler::execute_timers() (schedule.c:914) ==64789== by 0x1B0A3BB: device_scheduler::timeslice() (schedule.c:429) ==64789== by 0x1AA49B0: running_machine::run(bool) (machine.c:393) ==64789== by 0x1AA22B3: mame_execute(emu_options&, osd_interface&) (mame.c:190) ==64789== by 0x19C94F4: cli_frontend::execute(int, char**) (clifront.c:255) ==64789== by 0x13154D8: main (sdlmain.c:371) ==64789== Address 0x10b1d17d is not stack'd, malloc'd or (recently) free'd ==64789== ==64789== Invalid read of size 1 ==64789== at 0x119187D: mc6847_base_device::screen_update(screen_device&, bitmap_rgb32&, rectangle const&) (mc6847.c:754) ==64789== by 0x1B118D8: delegate_base<unsigned int, screen_device&, bitmap_rgb32&, rectangle const&, _noparam, _noparam>::operator()(screen_device&, bitmap_rgb32&, rectangle const&) const (delegate.h:542) ==64789== by 0x1B0EDF2: screen_device::update_partial(int) (screen.c:603) ==64789== by 0x1B52275: video_manager::finish_screen_updates() (video.c:658) ==64789== by 0x1B50DE7: video_manager::frame_update(bool) (video.c:229) ==64789== by 0x1B0F7CC: screen_device::vblank_begin() (screen.c:812) ==64789== by 0x1B0E309: screen_device::device_timer(emu_timer&, unsigned int, int, void*) (screen.c:397) ==64789== by 0x1B0B9B0: device_t::timer_expired(emu_timer&, unsigned int, int, void*) (device.h:227) ==64789== by 0x1B0BC7C: device_scheduler::execute_timers() (schedule.c:914) ==64789== by 0x1B0A3BB: device_scheduler::timeslice() (schedule.c:429) ==64789== by 0x1AA49B0: running_machine::run(bool) (machine.c:393) ==64789== by 0x1AA22B3: mame_execute(emu_options&, osd_interface&) (mame.c:190) ==64789== by 0x19C94F4: cli_frontend::execute(int, char**) (clifront.c:255) ==64789== by 0x13154D8: main (sdlmain.c:371) ==64789== Address 0x10b1d160 is 0 bytes after a block of size 19,808 alloc'd ==64789== at 0x63303F8: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==64789== by 0x1F162BF: osd_malloc (sdlos_unix.c:87) ==64789== by 0x1A1AA49: malloc_file_line(unsigned long, char const*, int) (emualloc.c:146) ==64789== by 0x1194269: device_t* device_creator<mc6847_pal_device>(machine_config const&, char const*, device_t*, unsigned int) (emualloc.h:145) ==64789== by 0x19E07D3: device_t::add_subdevice(device_t* (*)(machine_config const&, char const*, device_t*, unsigned int), char const*, unsigned int) (device.c:827) ==64789== by 0x1AAA6A5: machine_config::device_add(device_t*, char const*, device_t* (*)(machine_config const&, char const*, device_t*, unsigned int), unsigned int) (mconfig.c:182) ==64789== by 0x10DC91A: construct_machine_config_laser200(machine_config&, device_t*) (vtech1.c:1006) ==64789== by 0x1AA9E8A: machine_config::machine_config(game_driver const&, emu_options&) (mconfig.c:68) ==64789== by 0x1AA2240: mame_execute(emu_options&, osd_interface&) (mame.c:179) ==64789== by 0x19C94F4: cli_frontend::execute(int, char**) (clifront.c:255) ==64789== by 0x13154D8: main (sdlmain.c:371) |
|
No.09261
Firewave Senior Tester
Jan 20, 2013, 17:06
edited on: Jan 20, 2013, 17:06
|
mc1000 shows another variation==4729== Invalid read of size 1 ==4729== at 0x1191910: mc6847_base_device::screen_update(screen_device&, bitmap_rgb32&, rectangle const&) (mc6847.c:759) ==4729== by 0x1B118D8: delegate_base<unsigned int, screen_device&, bitmap_rgb32&, rectangle const&, _noparam, _noparam>::operator()(screen_device&, bitmap_rgb32&, rectangle const&) const (delegate.h:542) ==4729== by 0x1B0EDF2: screen_device::update_partial(int) (screen.c:603) ==4729== by 0x1B52275: video_manager::finish_screen_updates() (video.c:658) ==4729== by 0x1B50DE7: video_manager::frame_update(bool) (video.c:229) ==4729== by 0x1B0F7CC: screen_device::vblank_begin() (screen.c:812) ==4729== by 0x1B0E309: screen_device::device_timer(emu_timer&, unsigned int, int, void*) (screen.c:397) ==4729== by 0x1B0B9B0: device_t::timer_expired(emu_timer&, unsigned int, int, void*) (device.h:227) ==4729== by 0x1B0BC7C: device_scheduler::execute_timers() (schedule.c:914) ==4729== by 0x1B0A3BB: device_scheduler::timeslice() (schedule.c:429) ==4729== by 0x1AA49B0: running_machine::run(bool) (machine.c:393) ==4729== by 0x1AA22B3: mame_execute(emu_options&, osd_interface&) (mame.c:190) ==4729== by 0x19C94F4: cli_frontend::execute(int, char**) (clifront.c:255) ==4729== by 0x13154D8: main (sdlmain.c:371) ==4729== Address 0x10d7bd20 is 0 bytes after a block of size 19,808 alloc'd ==4729== at 0x63303F8: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==4729== by 0x1F162BF: osd_malloc (sdlos_unix.c:87) ==4729== by 0x1A1AA49: malloc_file_line(unsigned long, char const*, int) (emualloc.c:146) ==4729== by 0x119415A: device_t* device_creator<mc6847_ntsc_device>(machine_config const&, char const*, device_t*, unsigned int) (emualloc.h:145) ==4729== by 0x19E07D3: device_t::add_subdevice(device_t* (*)(machine_config const&, char const*, device_t*, unsigned int), char const*, unsigned int) (device.c:827) ==4729== by 0x1AAA6A5: machine_config::device_add(device_t*, char const*, device_t* (*)(machine_config const&, char const*, device_t*, unsigned int), unsigned int) (mconfig.c:182) ==4729== by 0x7A4EF6: construct_machine_config_mc1000(machine_config&, device_t*) (mc1000.c:454) ==4729== by 0x1AA9E8A: machine_config::machine_config(game_driver const&, emu_options&) (mconfig.c:68) ==4729== by 0x1AA2240: mame_execute(emu_options&, osd_interface&) (mame.c:179) ==4729== by 0x19C94F4: cli_frontend::execute(int, char**) (clifront.c:255) ==4729== by 0x13154D8: main (sdlmain.c:371) |
|
No.09266
Firewave Senior Tester
Jan 22, 2013, 05:03
|
spc1000 shows yet another location==13823== Invalid read of size 1 ==13823== at 0x11919D2: mc6847_base_device::screen_update(screen_device&, bitmap_rgb32&, rectangle const&) (mc6847.c:775) ==13823== by 0x1B118D8: delegate_base<unsigned int, screen_device&, bitmap_rgb32&, rectangle const&, _noparam, _noparam>::operator()(screen_device&, bitmap_rgb32&, rectangle const&) const (delegate.h:542) ==13823== by 0x1B0EDF2: screen_device::update_partial(int) (screen.c:603) ==13823== by 0x1B52275: video_manager::finish_screen_updates() (video.c:658) ==13823== by 0x1B50DE7: video_manager::frame_update(bool) (video.c:229) ==13823== by 0x1B0F7CC: screen_device::vblank_begin() (screen.c:812) ==13823== by 0x1B0E309: screen_device::device_timer(emu_timer&, unsigned int, int, void*) (screen.c:397) ==13823== by 0x1B0B9B0: device_t::timer_expired(emu_timer&, unsigned int, int, void*) (device.h:227) ==13823== by 0x1B0BC7C: device_scheduler::execute_timers() (schedule.c:914) ==13823== by 0x1B0A3BB: device_scheduler::timeslice() (schedule.c:429) ==13823== by 0x1AA49B0: running_machine::run(bool) (machine.c:393) ==13823== by 0x1AA22B3: mame_execute(emu_options&, osd_interface&) (mame.c:190) ==13823== by 0x19C94F4: cli_frontend::execute(int, char**) (clifront.c:255) ==13823== by 0x13154D8: main (sdlmain.c:371) ==13823== Address 0x10d874ca is 6 bytes before a block of size 1,192 alloc'd ==13823== at 0x63303F8: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==13823== by 0x1F162BF: osd_malloc (sdlos_unix.c:87) ==13823== by 0x1A1AA49: malloc_file_line(unsigned long, char const*, int) (emualloc.c:146) ==13823== by 0x1A29158: device_t* device_creator<speaker_device>(machine_config const&, char const*, device_t*, unsigned int) (emualloc.h:145) ==13823== by 0x19E07D3: device_t::add_subdevice(device_t* (*)(machine_config const&, char const*, device_t*, unsigned int), char const*, unsigned int) (device.c:827) ==13823== by 0x1AAA6A5: machine_config::device_add(device_t*, char const*, device_t* (*)(machine_config const&, char const*, device_t*, unsigned int), unsigned int) (mconfig.c:182) ==13823== by 0xCD3468: construct_machine_config_spc1000(machine_config&, device_t*) (spc1000.c:311) ==13823== by 0x1AA9E8A: machine_config::machine_config(game_driver const&, emu_options&) (mconfig.c:68) ==13823== by 0x1AA2240: mame_execute(emu_options&, osd_interface&) (mame.c:179) ==13823== by 0x19C94F4: cli_frontend::execute(int, char**) (clifront.c:255) ==13823== by 0x13154D8: main (sdlmain.c:371) |
|
No.09290
Firewave Senior Tester
Jan 28, 2013, 02:00
|
I debugged alice and it seems, that the m_ram_base is not initialized when read in mc10_state::mc10_mc6847_videoram_r. |
 No.09311
Bletch Developer
Feb 8, 2013, 00:49
|
Unfortunately it isn't obvious to me what the problem is. I'm on Win32, so I cannot Valgrind this myself. |
|
No.09419
Firewave Senior Tester
Mar 9, 2013, 09:39
|
Fixed in r21763 |