| ID | Category [?] | Severity [?] | Reproducibility | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 07974 | Crash/Freeze | Critical (emulator) | Random | May 9, 2021, 11:21 | May 14, 2021, 23:43 |
| Tester | Anamon | View Status | Public | Platform | MAME (Official Binary) |
| Assigned To | Resolution | Open | OS | Windows 10 (64-bit) | |
| Status [?] | Acknowledged | Driver | apple2.cpp | ||
| Version | 0.231 | Fixed in Version | Build | 64-bit | |
| Fixed in Git Commit | Github Pull Request # | ||||
| Summary |
 07974: apple2: Memory access violation in floppy device sound emulation |
||||
| Description |
At certain points during floppy access while emulating the Apple II, MAME crashes with a memory read access violation in a method related to floppy drive sound emulation. I have encountered this crash several times already, in two different games. Since it affects the floppy drive sound, I assume other systems than apple2 could potentially be affected, but since the crash happens only intermittently and I've mostly been emulating the Apple II recently, this is where I encountered the bug. I have added the post-crash console output to the end of this description. The two games I have so far encountered this bug in were Karateka and Hi-Res Adventure #0: Mission Asteroid. I played both of these games from disk images in the .WOZ format, which have been loaded into a diskiing drive in slot 6. The command line I use for my basic Apple II emulation configuration, which so far I have encountered the crashes in, is (triple quotes because I use PowerShell): .\mame apple2 -sl0 """""" -sl4 """""" -sl6:diskiing:1 """""" i.e. I remove the default language card from slot 0 and Mockingboard from slot 4 (which I don't think should have any impact on the crash), and I remove the default second floppy drive from the Disk II NG controller in slot 6. So far I could not determine if the crash also happens in the default configuration, with two floppy drives. Full device configuration is as follows: Driver apple2 (Apple ][):
<root> Apple ][
a2bus Apple II Bus
a2common Apple II Common Components @ 14.31 MHz
a2video Apple II video @ 14.31 MHz
ay3600 AY-5-3600 Keyboard Encoder
cass_list Software List
flop525_clean Software List
flop525_misc Software List
flop525_orig Software List
gameio Apple II Game I/O Connector
inhbank Address Map Bank
maincpu MOS Technology 6502 @ 1.02 MHz
mono Speaker
ram RAM
repttmr Timer
scantimer Timer
screen Video Screen @ 14.30 MHz
sl0 Apple II Slot @ 7.15 MHz
sl1 Apple II Slot @ 7.15 MHz
sl2 Apple II Slot @ 7.15 MHz
sl3 Apple II Slot @ 7.15 MHz
sl4 Apple II Slot @ 7.15 MHz
sl5 Apple II Slot @ 7.15 MHz
sl6 Apple II Slot @ 7.15 MHz
diskiing Apple Disk II NG controller (16-sector) @ 7.15 MHz
0 Floppy drive connector abstraction
525 5.25" single density floppy drive
floppysound Floppy sound @ 44.10 kHz
flopsndout Speaker
1 Floppy drive connector abstraction
wozfdc Apple Disk II floppy controller @ 2.04 MHz
phaselatch Fairchild 9334 Addressable Latch
sl7 Apple II Slot @ 7.15 MHz
softlatch Fairchild 9334 Addressable Latch
speaker Filtered 1-bit DAC
tape Cassette
And here is the post-crash console output with stack trace: ----------------------------------------------------- Exception at EIP=0000000144c25894 (floppy_sound_device::sound_stream_update(sound_stream&, std::vector<read_stream_view, std::allocator<read_stream_view> > const&, std::vector<write_stream_view, std::allocator<write_stream_view> >&)+0x0064): ACCESS VIOLATION While attempting to read memory at 000000000aa0fd54 ----------------------------------------------------- RAX=000000000aa0c850 RBX=0000000000001a83 RCX=000000000310e270 RDX=0000000000001a82 RSI=000000000a9f2820 RDI=0000000000149020 RBP=0000000000148ed8 RSP=0000000000148ed8 R8=000000000a9f6280 R9=0000000000000000 R10=0000000000000004 R11=000000000000113a R12=000000000000053b R13=0000000000000001 R14=000000000000053b R15=00000000030ae708 ----------------------------------------------------- Stack crawl: 0000000000148ee0: 0000000144c25894 (floppy_sound_device::sound_stream_update(sound_stream&, std::vector<read_stream_view, std::allocator<read_stream_view> > const&, std::vector<write_stream_view, std::allocator<write_stream_view> >&)+0x0064) 0000000000148fd0: 0000000143f057f3 (sound_stream::update_view(attotime, attotime, unsigned int)+0x0543) 0000000000149080: 0000000143f051f7 (sound_stream_input::update(attotime, attotime)+0x00c7) 0000000000149170: 0000000143f056e8 (sound_stream::update_view(attotime, attotime, unsigned int)+0x0438) 0000000000149220: 0000000143f051f7 (sound_stream_input::update(attotime, attotime)+0x00c7) 0000000000149310: 0000000143f056e8 (sound_stream::update_view(attotime, attotime, unsigned int)+0x0438) 0000000000149400: 0000000143db0f42 (speaker_device::mix(float*, float*, attotime, attotime, int, bool)+0x0092) 0000000000149510: 0000000143f05b21 (sound_manager::update(void*, int)+0x0171) 0000000000149590: 0000000143c792d3 (device_scheduler::timeslice()+0x0163) 00000000001496f0: 0000000143e9c828 (running_machine::run(bool)+0x0198) 000000000014f340: 00000001472718d0 (mame_machine_manager::execute()+0x01f0) 000000000014f720: 000000014a094877 (cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&)+0x0397) 000000000014f9e0: 000000014a094e33 (cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x0053) 000000000014fa40: 000000014726ee0c (emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x002c) 000000000014fe20: 000000014b05807f (main+0x017f) 000000000014fef0: 00000001400013c1 (__tmainCRTStartup+0x0231) 000000000014ff20: 00000001400014f6 (mainCRTStartup+0x0016) 000000000014ff50: 00007ff985537c24 (BaseThreadInitThunk+0x0014) 000000000014ffd0: 00007ff98640d721 (RtlUserThreadStart+0x0021) |
||||
| Steps To Reproduce |
1. Start Apple II emulation with Disk II NG Controller and a 5.25" SD drive 2. Load .WOZ image of Karateka (CRC32 579992FD) into drive 3. Play game The crash happens at random times during floppy access. Most recently, it happened after the game tried to load more data after a cutscene in the final level (dungeons). However, it has also happened earlier in the game, and at other times I have also been able to play the game to completion without a crash. |
||||
| Additional Information | I will continue trying to gather more information, by checking for reproducibility of the crash with the default apple2 device configuration, and other machines using floppy drives with sound emulation. | ||||
| Github Commit | |||||
| Flags | |||||
| Regression Version | |||||
| Affected Sets / Systems | apple2 | ||||
|
Attached Files
|
|||||
 No.18845
Tafoid Administrator
May 14, 2021, 23:43
|
Acknowledged until some concrete reproduction parameters can be determined. |
|---|