Viewing Issue Advanced Details
Jump to Notes ]
nec/pc8001.cpp
ID Category [?] Severity [?] Reproducibility Date Submitted Last Update
05534 Crash/Freeze Critical (emulator) Always Apr 18, 2014, 23:08 Jul 7, 2016, 12:35
Tester Tafoid View Status Public Platform
Assigned To Robbbert Resolution Fixed OS
Status [?] Resolved Driver
nec/pc8001.cpp
Version 0.153 Fixed in Version 0.176 Build
Fixed in Git Commit Github Pull Request #
Summary MESS-specific 05534: All sets in pc8001.c: Crash after OK
Description
Exception at EIP=00879C0B (pc8001_state::pc8001_display_pixels(bitmap_rgb32&, int, int, unsigned char, unsigned char, int, int, int, int, int, int, int)+0x00e1): ACCESS VIOLATION
Steps To Reproduce mess -str 6 -video none -fs 10
The frameskip seems to be the trigger.
Additional Information Suspect r29250 (upd3301 -> devcb2)
Github Commit
Flags
Regression Version 0.153
Affected Sets / Systems All sets in pc8001.c
Attached Files
  
Relationships
There are no relationship linked to this issue.
Notes
3
User avatar
No.10591
crazyc
Developer
Apr 19, 2014, 03:47
 Program received signal SIGSEGV, Segmentation fault.
0x00000000025e8973 in bitmap_t::pixt<unsigned int> (this=0xbaadf00dbaadf00d, y=-1163005939, x=0) at src/lib/util/bitmap.h:165
165 _PixelType &pixt(INT32 y, INT32 x = 0) const { return *(reinterpret_cast<_PixelType *>(m_base) + y * m_rowpixels + x); }
(gdb) bt
#0 0x00000000025e8973 in bitmap_t::pixt<unsigned int> (this=0xbaadf00dbaadf00d, y=-1163005939, x=0) at src/lib/util/bitmap.h:165
#1 0x00000000025b5438 in bitmap32_t::pix32 (this=0xbaadf00dbaadf00d,y=-1163005939, x=0) at src/lib/util/bitmap.h:260
#2 0x000000000094537c in pc8001_state::pc8001_display_pixels (this=0x353cb8,bitmap=..., y=-1163005939, sx=0, cc=0 '\000', lc=0 '\000', hlgt=0, rvv=0, vsp=0, sl0=0, sl12=0, csr=0, gpa=0) at src/mess/drivers/pc8001.c:394
#3 0x00000000025c0915 in delegate_base<void, bitmap_rgb32&, int, int, unsigned char, unsigned char, int, int, int, int, int, int, int>::operator() ( this=0x35da88, p1=..., p2=-1163005939, p3=0, p4=0 '\000', p5=0 '\000',
    p6=0, p7=0, p8=0, p9=0, p10=0, p11=0, p12=0) at src/lib/util/delegate.h:661
#4 0x00000000016ad037 in upd3301_device::draw_scanline (this=0x35cf08) at src/emu/video/upd3301.c:477
#5 0x00000000016ace4f in upd3301_device::dack_w (this=0x35cf08, space=..., offset=62327, data=0 '\000', mem_mask=255 'ÿ') at src/emu/video/upd3301.c:417
#6 0x00000000009454e1 in pc8001_state::dma_mem_w (this=0x353cb8, space=..., offset=62327, data=0 '\000', mem_mask=255 'ÿ') at src/mess/drivers/pc8001.c:417
#7 0x00000000025c114b in delegate_base<void, address_space&, unsigned int, unsigned char, unsigned char, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam>::operator()
   (this=0x35b770, p1=..., p2=62327, p3=0 '\000', p4=255 'ÿ') at src/lib/util/delegate.h:653
#8 0x0000000001b9f4f3 in devcb2_write_base::write8_adapter (this=0x35b6d8, space=..., offset=62327, data=0, mask=255) at src/emu/devcb2.c:481
#9 0x0000000002220ba6 in devcb2_write8::operator() (this=0x35b6d8, offset=62327, data=0 '\000', mask=255 'ÿ') at src/emu/devcb2.h:365
#10 0x00000000015cee3a in i8257_device::i8257_do_operation (this=0x35ab88, channel=2) at src/emu/machine/8257dma.c:240
#11 0x00000000015cf0b1 in i8257_device::device_timer (this=0x35ab88, timer=..., id=0, param=0, ptr=0x0) at src/emu/machine/8257dma.c:297
#12 0x000000000257abc1 in device_t::timer_expired (this=0x35ab88, timer=..., id=0, param=0, ptr=0x0) at src/emu/device.h:199
#13 0x00000000023ca3ec in device_scheduler::execute_timers (this=0x22f648) at src/emu/schedule.c:900
#14 0x0000000001bacb70 in device_scheduler::timeslice (this=0x22f648) at src/emu/schedule.c:516
#15 0x0000000001bb8d86 in running_machine::run (this=0x228d30, firstrun=true) at src/emu/machine.c:381
#16 0x0000000001bab271 in mame_execute (options=..., osd=...) at src/emu/mame.c:162
#17 0x0000000001c35a45 in cli_frontend::execute (this=0x22fa10, argc=5, argv=0x27518d80) at src/emu/clifront.c:237
#18 0x0000000000fdb6a5 in utf8_main (argc=5, argv=0x27518d80) at src/osd/windows/winmain.c:477
#19 0x0000000001e4bda9 in wmain (argc=5, argv=0x27518b80) at src/osd/windows/main.c:49
#20 0x00000000004013ca in __tmainCRTStartup ()
#21 0x00000000004014f8 in mainCRTStartup ()

m_bitmap is set in upd3301_device::screen_update which is called once before the segfault but the "if (m_status & STATUS_VE)" skips it. The problem goes away if m_bitmap is unconditionally set, although I don't know if that is correct.
User avatar
No.10852
Firewave
Senior Tester
Jul 23, 2014, 10:19
 
==22419==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000001c324ea sp 0x7ffff19fae70 bp 0x7ffff19faeb0 T0)
    #0 0x1c324e9 in unsigned int& bitmap_t::pixt<unsigned int>(int, int) const /home/notroot/trunk/src/lib/util/bitmap.h:165
    #1 0x1c324e9 in bitmap32_t::pix32(int, int) const /home/notroot/trunk/src/lib/util/bitmap.h:260
    #2 0x1c324e9 in pc8001_state::pc8001_display_pixels(bitmap_rgb32&, int, int, unsigned char, unsigned char, int, int, int, int, int, int, int) /home/notroot/trunk/src/mess/drivers/pc8001.c:394
    #3 0x4ff6faf in delegate_base<void, bitmap_rgb32&, int, int, unsigned char, unsigned char, int, int, int, int, int, int, int>::operator()(bitmap_rgb32&, int, int, unsigned char, unsigned char, int, int, int, int, int, int, int) const /home/notroot/trunk/src/lib/util/delegate.h:661
    #4 0x4ff6faf in upd3301_device::draw_scanline() /home/notroot/trunk/src/emu/video/upd3301.c:477
    #5 0x4ff6faf in upd3301_device::dack_w(address_space&, unsigned int, unsigned char, unsigned char) /home/notroot/trunk/src/emu/video/upd3301.c:417
    #6 0x5754182 in delegate_base<void, address_space&, unsigned int, unsigned char, unsigned char, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam, _noparam>::operator()(address_space&, unsigned int, unsigned char, unsigned char) const /home/notroot/trunk/src/lib/util/delegate.h:653
    #7 0x5754182 in devcb_write_base::write8_adapter(address_space&, unsigned int, unsigned long long, unsigned long long) /home/notroot/trunk/src/emu/devcb.c:481
    #8 0x51159c7 in devcb_write8::operator()(unsigned int, unsigned char, unsigned char) /home/notroot/trunk/src/emu/devcb.h:365
    #9 0x51159c7 in i8257_device::dma_write() /home/notroot/trunk/src/emu/machine/i8257.c:210
    #10 0x5113c80 in i8257_device::execute_run() /home/notroot/trunk/src/emu/machine/i8257.c:471
    #11 0x51144cf in non-virtual thunk to i8257_device::execute_run() /home/notroot/trunk/src/emu/machine/i8257.c:488
    #12 0x5a0d84e in device_execute_interface::run() /home/notroot/trunk/src/emu/diexec.h:189
    #13 0x5a0d84e in device_scheduler::timeslice() /home/notroot/trunk/src/emu/schedule.c:476
    #14 0x592f331 in running_machine::run(bool) /home/notroot/trunk/src/emu/machine.c:377
    #15 0x59271b7 in machine_manager::execute() /home/notroot/trunk/src/emu/mame.c:216
    #16 0x5739f28 in cli_frontend::execute(int, char**) /home/notroot/trunk/src/emu/clifront.c:243
    #17 0x2e3ac84 in main /home/notroot/trunk/src/osd/sdl/sdlmain.c:332
    #18 0x7ff3cfca2de4 in __libc_start_main /build/buildd/eglibc-2.17/csu/libc-start.c:260
    #19 0xd8cdcc in _start (/home/notroot/trunk/mess64d+0xd8cdcc)
User avatar
No.12908
Robbbert
Senior Tester
Jul 7, 2016, 12:35
 Used crazyc's fix, works fine. Bug has been sitting here for 2 years, seems original coder is no longer involved.