Viewing Issue Advanced Details
Jump to Notes ]
ID Category [?] Severity [?] Reproducibility Date Submitted Last Update
08490 Misc. Critical (emulator) Sometimes Nov 4, 2022, 13:54 Dec 4, 2022, 20:00
Tester Firewave View Status Public Platform MAME (Official Binary)
Assigned To hap Resolution Fixed OS Windows 10/11 (64-bit)
Status [?] Resolved Driver
Version 0.249 Fixed in Version 0.251 Build 64-bit
Fixed in Git Commit f5493f8 Github Pull Request #
Summary 08490: some exidy/* drivers: Executable might exit with -1073740940
Description 
C:\Apps\mame>mame -window catch22 -str 2
Average speed: 100.51% (1 seconds)

C:\Apps\mame>echo %ERRORLEVEL%
-1073740940

There's no issue running it at all. It is just the exitcode.

This exitcode might also appear as 0xC0000374 in other contexts. I have not found a proper description of this error but it appears to indicate a "heap corruption".
Steps To Reproduce
Additional Information Affected sets:
exidy/vertigo.cpp
topgunnr

exidy/exidy440.cp
hitnmiss2
whodunit8
cheyenne
claypign
crossbow
hitnmiss
showdown
whodunit
cracksht
topsecex
catch22
chiller
combat
yukon1
yukon
Github Commit
Flags
Regression Version
Affected Sets / Systems some exidy/* drivers
Attached Files
  
Relationships
There are no relationship linked to this issue.
Notes
5
User avatar
No.20693
Firewave
Senior Tester
Nov 4, 2022, 13:54
 0.249 report the following for the exidy/exidy440.cpp sets (e.g catch22):
==9484==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6210002bd0d8 at pc 0x7f6b7f2ab9bc bp 0x7ffffe028200 sp 0x7ffffe0281f8
WRITE of size 4 at 0x6210002bd0d8 thread T0
    #0 0x7f6b7f2ab9bb in __fill_a1<int *, int> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_algobase.h:922:11
    #1 0x7f6b7f2ab9bb in __fill_a<int *, int> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_algobase.h:968:7
    #2 0x7f6b7f2ab9bb in int* std::__fill_n_a<int*, unsigned int, int>(int*, unsigned int, int const&, std::random_access_iterator_tag) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_algobase.h:1119:7
    #3 0x7f6b7f2a5468 in fill_n<int *, unsigned int, int> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_algobase.h:1148:14
    #4 0x7f6b7f2a5468 in exidy440_sound_device::sound_stream_update(sound_stream&, std::vector<read_stream_view, std::allocator<read_stream_view> > const&, std::vector<write_stream_view, std::allocator<write_stream_view> >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/mame/exidy/exidy440_a.cpp:803:2
    #5 0x7f6b7f2a676f in non-virtual thunk to exidy440_sound_device::sound_stream_update(sound_stream&, std::vector<read_stream_view, std::allocator<read_stream_view> > const&, std::vector<write_stream_view, std::allocator<write_stream_view> >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/mame/exidy/exidy440_a.cpp
    #6 0x7f6b9da55f6d in util::detail::delegate_base<delegate_late_bind, void, sound_stream&, std::vector<read_stream_view, std::allocator<read_stream_view> > const&, std::vector<write_stream_view, std::allocator<write_stream_view> >&>::operator()(sound_stream&, std::vector<read_stream_view, std::allocator<read_stream_view> > const&, std::vector<write_stream_view, std::allocator<write_stream_view> >&) const /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/delegate.h:765:11
    #7 0x7f6b9da47f0e in sound_stream::update_view(attotime, attotime, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/sound.cpp:749:4
    #8 0x7f6b9da46bdf in sound_stream_input::update(attotime, attotime) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/sound.cpp:522:25
    #9 0x7f6b9da47aa1 in sound_stream::update_view(attotime, attotime, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/sound.cpp:735:49
    #10 0x7f6b9da46bdf in sound_stream_input::update(attotime, attotime) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/sound.cpp:522:25
    #11 0x7f6b9da47aa1 in sound_stream::update_view(attotime, attotime, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/sound.cpp:735:49
    #12 0x7f6b9da5d9b8 in speaker_device::mix(float*, float*, attotime, attotime, int, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/speaker.cpp:70:42
    #13 0x7f6b9da5154b in sound_manager::update(int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/sound.cpp:1511:11
    #14 0x7f6b9d9d0304 in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/delegate.h:765:11
    #15 0x7f6b9d9d0304 in device_scheduler::execute_timers() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/schedule.cpp:951:5
    #16 0x7f6b9d9cb858 in device_scheduler::timeslice() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/schedule.cpp:505:2
    #17 0x7f6b9d8634a7 in running_machine::run(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:329:17
    #18 0x7f6ba09c9f7f in mame_machine_manager::execute() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:290:19
    #19 0x7f6ba0bbe8d6 in cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:275:22
    #20 0x7f6ba0bc241f in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:291:3
    #21 0x7f6ba09ced5f in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:454:18
    #22 0x7f6b9dba558b in main /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/sdlmain.cpp:191:9
    #23 0x7f6b5c0a9209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #24 0x7f6b5c0a92bb in __libc_start_main csu/../csu/libc-start.c:389:3
    #25 0x7f6b7b32f260 in _start (/mnt/s/GitHub/mame/mame+0x1d397260) (BuildId: 603d3d1c300651feb2a8e3ac6e9cb58d3f85e77b)

0x6210002bd0d8 is located 0 bytes to the right of 4056-byte region [0x6210002bc100,0x6210002bd0d8)
allocated by thread T0 here:
    #0 0x7f6b7b3ece7d in operator new(unsigned long) (/mnt/s/GitHub/mame/mame+0x1d454e7d) (BuildId: 603d3d1c300651feb2a8e3ac6e9cb58d3f85e77b)
    #1 0x7f6b7d8b7cdd in allocate /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/new_allocator.h:137:27
    #2 0x7f6b7d8b7cdd in std::allocator_traits<std::allocator<int> >::allocate(std::allocator<int>&, unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/alloc_traits.h:464:20
    #3 0x7f6b7f2aa610 in _M_allocate /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_vector.h:378:20
    #4 0x7f6b7f2aa610 in std::vector<int, std::allocator<int> >::_M_default_append(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/vector.tcc:650:34
    #5 0x7f6b7f2a8c42 in std::vector<int, std::allocator<int> >::resize(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_vector.h:1011:4
    #6 0x7f6b7f29cec5 in exidy440_sound_device::device_start() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/mame/exidy/exidy440_a.cpp:146:22
    #7 0x7f6b9703f410 in device_t::start() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/device.cpp:562:2
    #8 0x7f6b9d8622df in running_machine::start_all_devices() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:1013:13
    #9 0x7f6b9d8602b4 in running_machine::start() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:211:2
    #10 0x7f6b9d8630dc in running_machine::run(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:281:3
    #11 0x7f6ba09c9f7f in mame_machine_manager::execute() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:290:19
    #12 0x7f6ba0bbe8d6 in cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:275:22
    #13 0x7f6ba0bc241f in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:291:3
    #14 0x7f6ba09ced5f in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:454:18
    #15 0x7f6b9dba558b in main /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/sdlmain.cpp:191:9
    #16 0x7f6b5c0a9209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16

SUMMARY: AddressSanitizer: heap-buffer-overflow /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_algobase.h:922:11 in __fill_a1<int *, int>
Shadow bytes around the buggy address:
  0x0c428004f9c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c428004f9d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c428004f9e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c428004f9f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c428004fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c428004fa10: 00 00 00 00 00 00 00 00 00 00 00[fa]fa fa fa fa
  0x0c428004fa20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c428004fa30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c428004fa40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c428004fa50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c428004fa60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
User avatar
No.20714
hap
Developer
Nov 4, 2022, 19:28
 Does this commit from a couple days ago fix the issue for topgunnr? https://github.com/mamedev/mame/commit/b8e5e554ea391f9ac5b3fcb97ebda9616df32688
User avatar
No.20717
Firewave
Senior Tester
Nov 4, 2022, 22:58
 I can confirm that topgunnr is fixed by that commit.
User avatar
No.20855
Firewave
Senior Tester
Nov 22, 2022, 23:25
 No valgrind errors reported for catch22 with 0.249.
User avatar
No.20910
hap
Developer
Dec 4, 2022, 14:42
 The one for exidy440 sound is possibly fixed here: https://github.com/mamedev/mame/commit/f5493f86d9dfd6bae07849fe679d28fe5dd8ae1f