| ID | Category [?] | Severity [?] | Reproducibility | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 05871 | Crash/Freeze | Major | Always | Mar 7, 2015, 22:11 | May 5, 2016, 05:04 |
| Tester | mfeingol | View Status | Public | Platform | MAME (Official Binary) |
| Assigned To | Robbbert | Resolution | Fixed | OS | Windows Vista/7/8 (64-bit) |
| Status [?] | Resolved | Driver | |||
| Version | 0.159 | Fixed in Version | 0.174 | Build | 64-bit |
| Fixed in Git Commit | Github Pull Request # | ||||
| Summary | 05871: puckman: Double-free starting up puckman when using -mt | ||||
| Description |
The 64-bit Windows build of Mame 0.159 is corrupting the heap and crashing due to a double-free. Heap verification flags disabled: D:\Operations\Games\Emulate\Mame>cdb -g mame64.exe puckman [...] (2858.2a80): Unknown exception - code 20474343 (first chance) Critical error detected c0000374 (2858.2740): Break instruction exception - code 80000003 (first chance) ntdll!RtlReportCriticalFailure+0x4b: 00007ffd`4b1e11ff cc int 3 0:001> k Child-SP RetAddr Call Site 00000000`0852f730 00007ffd`4b1e4482 ntdll!RtlReportCriticalFailure+0x4b 00000000`0852f840 00007ffd`4b1e5080 ntdll!RtlpHeapHandleError+0x12 00000000`0852f870 00007ffd`4b198edb ntdll!RtlpLogHeapFailure+0xa4 00000000`0852f8a0 00000000`01ea0245 ntdll!RtlFreeHeap+0x77c3b 00000000`0852f940 00000000`00fd0aa7 image00000000_00400000+0x1aa0245 Heap verification flags enabled: D:\Operations\Games\Emulate\Mame>cdb -g mame64.exe puckman [...] (179c.418c): Unknown exception - code 20474343 (first chance) =========================================================== VERIFIER STOP 0000000000000007: pid 0x179C: block already freed 0000000007BD1000 : Heap handle 0000000016ADDBF0 : Heap block 000000000000000D : Block size 0000000000000000 : =========================================================== This verifier stop is not continuable. Process will be terminated when you use the `go' debugger command. =========================================================== (179c.418c): Break instruction exception - code 80000003 (first chance) verifier!VerifierStopMessage+0x2a4: 00007ffd`3cababd4 cc int 3 0:000> k Child-SP RetAddr Call Site 00000000`00238100 00007ffd`3cab986b verifier!VerifierStopMessage+0x2a4 00000000`002381a0 00007ffd`3cab9c70 verifier!AVrfpDphReportCorruptedBlock+0x157 00000000`00238260 00007ffd`3cabec3b verifier!AVrfpDphCheckNormalHeapBlock+0xc8 00000000`002382c0 00007ffd`3cad4ac1 verifier!VerifierCheckPageHeapAllocation+0x6b 00000000`002382f0 00000000`01ea0245 verifier!AVrfpHeapFree+0x71 00000000`00238380 00000000`00fd0b51 image00000000_00400000+0x1aa0245 0:000> dd 16ADDBF0 00000000`16addbf0 f0f0f0f0 f0f0f0f0 f0f0f0f0 a0a0a0f0 00000000`16addc00 a0a0a0a0 a0a0a0a0 a0a0a0a0 f0f0f0a0 00000000`16addc10 00000000 00000000 00000000 00000000 00000000`16addc20 f0f0f0f0 f0f0f0f0 2077c1ae 2845ac8a 00000000`16addc30 abcdaaaa 00000000 07bd1000 80000000 00000000`16addc40 00000058 00000000 000000a8 00000000 00000000`16addc50 16b54fa0 00000000 16b54f00 00000000 00000000`16addc60 065108d0 00000000 f0f0f0f0 dcbaaaaa |
||||
| Steps To Reproduce |
mame64 -mt -debug puckman It will crash after 5-10 seconds. |
||||
| Additional Information | |||||
| Github Commit | |||||
| Flags | 64-bit specific | ||||
| Regression Version | 0.159 | ||||
| Affected Sets / Systems | puckman | ||||
|
Attached Files
|
 mame.ini (8,105 bytes) Mar 9, 2015, 04:06 Uploaded by mfeingol | ||||
 No.11497
Osso Moderator
Mar 8, 2015, 06:19
|
Can't reproduce on WIN8 64bit with MAME64 0.159. |
|---|---|
 No.11498
B2K24 Senior Tester
Mar 8, 2015, 22:17
|
Doesn't seem to repo here either using -debug and pressing F5 to run it. |
|
No.11499
mfeingol Tester
Mar 9, 2015, 04:07
|
Hi. Can you please retry with the mame.ini I just uploaded? If I run puckman without this mame.ini, it appears to work alright. But if I use this mame.ini, it crashes. |
 No.11500
Mamesick Senior Tester
Mar 9, 2015, 07:42
|
multithreading 1 It crashes with -mt enabled here. WIN7 64-bit. Also have a look here: http://mame32fx.altervista.org/forum/viewtopic.php?f=3&t=170 It seems we have a serious issue with multithreading enabled in 0.159 |
|
No.11501
Osso Moderator
Mar 9, 2015, 08:54
|
even using mt, I still can't reproduce it. |
|
No.11502
mfeingol Tester
Mar 9, 2015, 16:49
|
Confirmed the crash occurs with multithreading 1, and does not occur with multithreading 0. Is there a PDB file for mame64.exe available somewhere? |
|
No.11503
B2K24 Senior Tester
Mar 10, 2015, 01:50
|
I get a crash now when inserting -mt at the command line and using a debug build mamed -mt -debug puckman ----------------------------------------------------- Exception at EIP=026F60FA (osd_free(void*)+0x000a): ACCESS VIOLATION While attempting to read memory at 08AC1FEF ----------------------------------------------------- EAX=08AC1FF3 EBX=08AC1FF3 ECX=06D70A70 EDX=00000000 ESI=00320338 EDI=00000000 EBP=0028BA98 ESP=0028BA80 ----------------------------------------------------- Stack crawl: 0028BA98: 026F60FA (osd_free(void*)+0x000a) 0028BB18: 015E7A01 (win_monitor_info::aspect()+0x0081) 0028BB78: 0160A589 (d3d::renderer::get_primitives()+0x0109) 0028BBE8: 015ECEE7 (win_window_info::update()+0x0147) 0028BC68: 015E7C6F (windows_osd_interface::update(bool)+0x006f) 0028BD18: 023C8E70 (video_manager::frame_update(bool)+0x0140) 0028BDF8: 02350E35 (ui_manager::display_startup_screens(bool, bool)+0x0275) 0028BE98: 0229F6D5 (running_machine::run(bool)+0x01f5) 0028F898: 022BAAE5 (machine_manager::execute()+0x03d5) 0028FA78: 0238978F (cli_frontend::execute(int, char**)+0x156f) 0028FE98: 015E648F (utf8_main(int, char**)+0x029f) 0028FEC8: 026F52F1 (wmain+0x0071) 0028FF88: 004013F0 (__tmainCRTStartup+0x0270) 0028FF94: 760B339A (BaseThreadInitThunk+0x0012) 0028FFD4: 776FBF32 (RtlInitializeExceptionChain+0x0063) 0028FFEC: 776FBF05 (RtlInitializeExceptionChain+0x0036) |
|
No.11533
mfeingol Tester
Mar 21, 2015, 18:30
|
Hi. Any updates on tracking down the issue? Thanks. |
 No.12602
Robbbert Senior Tester
May 5, 2016, 05:04
|
-mt no longer exists, so resolving. |