08369: megadriv: Loading ggenie with carts with unsupported save types crashes MAME

ID	Category [?]	Severity [?]	Reproducibility	Date Submitted	Last Update
08369	Crash/Freeze	Major	Always	Jul 6, 2022, 01:28	Jul 8, 2022, 02:22

Tester	Foxhack	View Status	Public	Platform	MAME (Official Binary)
Assigned To		Resolution	Open	OS	Windows 10/11 (64-bit)
Status [?]	Confirmed			Driver	sega/mdconsole.cpp
Version	0.245	Fixed in Version		Build	64-bit
		Fixed in Git Commit		Github Pull Request #

Summary	08369: megadriv: Loading ggenie with carts with unsupported save types crashes MAME
Description	To reproduce: Start MAME, select Genesis, select Game Genie from the software list, and start emulation. Now hit tab, select File Manager, load Sonic & Knuckles (world) as the second cart and MAME will crash. In release build 0.244, MAME just closed and output the following error to the console: "Fatal error: Unknown slot option 'rom_sk' in slot 'mdslot:rom_ggenie:subslot' Unknown slot option 'rom_sk' in slot 'mdslot:rom_ggenie:subslot'" This seems to be the expected behavior. Starting in 0.245, attempting this within the UI causes the access violation error shown below. If you load the carts from the command line on 0.245 (mame genesis -cart1 ggenie -cart2 sk), the normal fatal error message appears, with no access violation error. I tried this with another game with a non-supported save type in ggenie (evander) and it behaved the same way. I dug around and it appears the driver started failing after this was merged; I did a git checkout to pull the source up to this point, built a megadriv-only build, and the crashed happened. https://github.com/mamedev/mame/pull/9732 https://github.com/mamedev/mame/commit/641c55693bbbe35b8044d960ad5b65d65e322c23
Steps To Reproduce
Additional Information
Github Commit

Flags
Regression Version	0.244
Affected Sets / Systems	megadriv

Attached Files	mamegenesisggskaccesscrash.jpg (108,109 bytes) Jul 6, 2022, 01:28 Uploaded by Foxhack

No.20366 Robbbert Senior Tester Jul 7, 2022, 04:13 edited on: Jul 7, 2022, 04:14	The supplied dump is completely useless as the symbols are missing - I've added a proper one. C:\MAME>mame genesis ggenie Warning: layout view 'Bezel Artwork' contains deprecated bezel element Warning: layout view 'Bezel Artwork' contains deprecated bezel element Fatal error: Unknown slot option 'rom_sk' in slot 'mdslot:rom_ggenie:subslot' Unknown slot option 'rom_sk' in slot 'mdslot:rom_ggenie:subslot' ----------------------------------------------------- Exception at EIP=00007ff6b3df3531 (ui_input_manager::reset()+0x0021): ACCESS VIOLATION While attempting to write memory at 000002a4a41b59f6 ----------------------------------------------------- RAX=0000000000000202 RBX=000002a4a85e5b20 RCX=000002a4a41b5150 RDX=00007ff6b64afd30 RSI=000002a4a42107b0 RDI=000002a4a41b56d8 RBP=000000a73abef290 RSP=000000a73abeef60 R8=0202020202020202 R9=0202020202020202 R10=0000000000008000 R11=000000a73abeef60 R12=000002a4a42107b0 R13=0000000000000000 R14=000002a4a3400470 R15=000002a4a4e8f680 ----------------------------------------------------- Stack crawl: 000000a73abeef60: 00007ff6b3df3531 (ui_input_manager::reset()+0x0021) 000000a73abeefa0: 00007ff6b6a827a8 (ui::menu::global_state::~global_state()+0x0018) 000000a73abeeff0: 00007ff6b6a85d25 (std::any::_Manager_external<ui::menu::global_state_wrapper>::_S_manage(std::any::_Op, std::any const, std::any::_Arg)+0x0075) 000000a73abef040: 00007ff6b648e3f0 (mame_ui_manager::~mame_ui_manager()+0x00d0) 000000a73abef070: 00007ff6b648e5ee (mame_ui_manager::~mame_ui_manager()+0x000e) 000000a73abef0d0: 00007ff6b3bf427f (mame_machine_manager::~mame_machine_manager()+0x024f) 000000a73abef100: 00007ff6b3bf440e (mame_machine_manager::~mame_machine_manager()+0x000e) 000000a73abef3e0: 00007ff6b64c644f (cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x008f) 000000a73abef440: 00007ff6b3bf2039 (emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x0029) 000000a73abef810: 00007ff6b75999c7 (main+0x0197) 000000a73abef8e0: 00007ff6ac0913b1 (__tmainCRTStartup+0x0231) 000000a73abef910: 00007ff6ac0914e6 (mainCRTStartup+0x0016) 000000a73abef940: 00007ff902237034 (BaseThreadInitThunk+0x0014) 000000a73abef9c0: 00007ff9029c2651 (RtlUserThreadStart+0x0021)

No.20366

Robbbert

Senior Tester

Jul 7, 2022, 04:13

edited on: Jul 7, 2022, 04:14

The supplied dump is completely useless as the symbols are missing - I've added a proper one.

C:\MAME>mame genesis ggenie
Warning: layout view 'Bezel Artwork' contains deprecated bezel element
Warning: layout view 'Bezel Artwork' contains deprecated bezel element
Fatal error: Unknown slot option 'rom_sk' in slot 'mdslot:rom_ggenie:subslot'
Unknown slot option 'rom_sk' in slot 'mdslot:rom_ggenie:subslot'

-----------------------------------------------------
Exception at EIP=00007ff6b3df3531 (ui_input_manager::reset()+0x0021): ACCESS VIOLATION
While attempting to write memory at 000002a4a41b59f6
-----------------------------------------------------
RAX=0000000000000202 RBX=000002a4a85e5b20 RCX=000002a4a41b5150 RDX=00007ff6b64afd30
RSI=000002a4a42107b0 RDI=000002a4a41b56d8 RBP=000000a73abef290 RSP=000000a73abeef60
R8=0202020202020202 R9=0202020202020202 R10=0000000000008000 R11=000000a73abeef60
R12=000002a4a42107b0 R13=0000000000000000 R14=000002a4a3400470 R15=000002a4a4e8f680
-----------------------------------------------------
Stack crawl:
  000000a73abeef60: 00007ff6b3df3531 (ui_input_manager::reset()+0x0021)
  000000a73abeefa0: 00007ff6b6a827a8 (ui::menu::global_state::~global_state()+0x0018)
  000000a73abeeff0: 00007ff6b6a85d25 (std::any::_Manager_external<ui::menu::global_state_wrapper>::_S_manage(std::any::_Op, std::any const*, std::any::_Arg*)+0x0075)
  000000a73abef040: 00007ff6b648e3f0 (mame_ui_manager::~mame_ui_manager()+0x00d0)
  000000a73abef070: 00007ff6b648e5ee (mame_ui_manager::~mame_ui_manager()+0x000e)
  000000a73abef0d0: 00007ff6b3bf427f (mame_machine_manager::~mame_machine_manager()+0x024f)
  000000a73abef100: 00007ff6b3bf440e (mame_machine_manager::~mame_machine_manager()+0x000e)
  000000a73abef3e0: 00007ff6b64c644f (cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x008f)
  000000a73abef440: 00007ff6b3bf2039 (emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x0029)
  000000a73abef810: 00007ff6b75999c7 (main+0x0197)
  000000a73abef8e0: 00007ff6ac0913b1 (__tmainCRTStartup+0x0231)
  000000a73abef910: 00007ff6ac0914e6 (mainCRTStartup+0x0016)
  000000a73abef940: 00007ff902237034 (BaseThreadInitThunk+0x0014)
  000000a73abef9c0: 00007ff9029c2651 (RtlUserThreadStart+0x0021)