09247: coco: crash in slot menu

ID	Category [?]	Severity [?]	Reproducibility	Date Submitted	Last Update
09247	Crash/Freeze	Minor	Sometimes	2 days ago	1 day ago

Tester	Robbbert	View Status	Public	Platform	MAME (Self-compiled)
Assigned To		Resolution	Open	OS	Windows 11/10 (64-bit)
Status [?]	Confirmed			Driver	trs/coco12.cpp
Version	0.280	Fixed in Version		Build	64-bit
		Fixed in Git Commit		Github Pull Request #

Summary	09247: coco: crash in slot menu
Description	Crash in slots menu, see below. Might be related somewhat to MT 08972.
Steps To Reproduce	>mame coco arkanoid Open up the tab menu, go to the Slot Devices, you'll see in "ext" it says "pak". Choose this line, press Right, it crashes. If instead you press Left then Right, "pak" disappears, never to be seen again. If you then reset the emulator, the cart cannot be run. It's necessary to quit mame and start over.
Additional Information	C:\MAME>mame coco arkanoid ----------------------------------------------------- Exception at EIP=00007ff8cb85cdc5 (__cxa_throw_bad_array_new_length+0xbc0f5ed5): ACCESS VIOLATION While attempting to read memory at ffffffffffffffff ----------------------------------------------------- RAX=000000a9d87694b0 RBX=000002303780f2f8 RCX=2049494328204e48 RDX=000000000000002c RSI=6f48202c6c6c7542 RDI=0000000000000001 RBP=2049494328204e48 RSP=000000a9d8769448 R8=6f48202c6c6c753d R9=000002303780f358 R10=0000000000000000 R11=810101010101016b R12=000000a9d87694b0 R13=000002303780f308 R14=000000a9d87694a0 R15=8f91696f948cc38a ----------------------------------------------------- Stack crawl: 000000a9d8769440: 00007ff8cb85cdc5 (memchr+0x0005) 000000a9d8769500: 00007ff707495c74 (slot_option::specify(std::basic_string_view<char, std::char_traits<char> >, bool)+0x00a4) 000000a9d87695f0: 00007ff70ca7c199 (luaopen_lfs+0x7afd99) 000000a9d87696d0: 00007ff70ca7d0b3 (luaopen_lfs+0x7b0cb3) 000000a9d8769740: 00007ff70ca7d88c (luaopen_lfs+0x7b148c) 000000a9d87697c0: 00007ff70c2db6b1 (luaopen_lfs+0xf2b1) 000000a9d8769840: 00007ff70c2dba59 (luaopen_lfs+0xf659) 000000a9d8769950: 00007ff70b1ecb2f (mame_ui_manager::update_and_render(render_container&)+0x01af) 000000a9d87699e0: 00007ff7076013a8 (video_manager::frame_update(bool)+0x0048) 000000a9d8769a40: 00007ff7040d437a (screen_device::vblank_begin(int)+0x022a) 000000a9d8769ac0: 00007ff7040c343b (device_scheduler::timeslice()+0x013b) 000000a9d8769c40: 00007ff7040c0665 (running_machine::run(bool)+0x01c5) 000000a9d876f260: 00007ff70748a16c (mame_machine_manager::execute()+0x024c) 000000a9d876f650: 00007ff70b23563a (cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&)+0x03ea) 000000a9d876f960: 00007ff70b235c6a (cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x007a) 000000a9d876f9c0: 00007ff707484f07 (emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x0027) 000000a9d876fd90: 00007ff70d0169d1 (luaopen_lfs+0xd4a5d1) 000000a9d876fde0: 00007ff7002912ee (__tmainCRTStartup+0x016e) 000000a9d876fe10: 00007ff700291406 (mainCRTStartup+0x0016) 000000a9d876fe40: 00007ff8cc267374 (BaseThreadInitThunk+0x0014) 000000a9d876fec0: 00007ff8cd73cc91 (RtlUserThreadStart+0x0021)
Github Commit

Flags
Regression Version
Affected Sets / Systems	coco

Attached Files

No.23622 hap Developer 2 days ago	Thread 1 received signal SIGSEGV, Segmentation fault. 0x00007ffe6dc6cdc5 in msvcrt!memchr () from C:\WINDOWS\System32\msvcrt.dll (gdb) bt #0 0x00007ffe6dc6cdc5 in msvcrt!memchr () from C:\WINDOWS\System32\msvcrt.dll #1 0x00007ff69778fb6f in slot_option::specify(std::basic_string_view<char, std::char_traits<char> >, bool) () #2 0x00007ff69d1dbd9a in ui::menu_slot_devices::set_slot_device(device_slot_interface&, std::basic_string_view<char, std::char_traits<char> >) () #3 0x00007ff69d1ddbaf in ui::menu_slot_devices::rotate_slot_device(device_slot_interface&, ui::menu_slot_devices::step_t) () #4 0x00007ff69d1de304 in ui::menu_slot_devices::handle(ui::menu::event const) () #5 0x00007ff69c9b93a3 in ui::menu::do_handle() () #6 0x00007ff69c9b95b6 in ui::menu::global_state::ui_handler(render_container&) () #7 0x00007ff69b825d0f in mame_ui_manager::update_and_render(render_container&) () #8 0x00007ff69782d849 in video_manager::frame_update(bool) () #9 0x00007ff693df86c2 in screen_device::vblank_begin(int) () #10 0x00007ff693f25c4b in device_scheduler::timeslice() () #11 0x00007ff693f22fed in running_machine::run(bool) () #12 0x00007ff697782450 in mame_machine_manager::execute() () #13 0x00007ff69b86e986 in cli_frontend::start_execution(mame_machine_manager, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) () #14 0x00007ff69b86ef38 in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) () #15 0x00007ff69777d3b6 in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) () #16 0x00007ff69d77dff7 in main () (gdb) q
No.23623 Robbbert Moderator 2 days ago	Thanks for confirming, and for the better stack trace.
No.23624 AJR Developer 1 day ago edited on: 1 day ago	On my debug build, MAME aborts with the following error message: mamed: ../../../../../src/frontend/mame/ui/slotopt.cpp:307: void ui::menu_slot_devices::rotate_slot_device(device_slot_interface &, menu_slot_devices::step_t): Assertion `m_current_option_list_iter != m_current_option_list.end()' failed. Aborted (core dumped) The comment above the assertion triggered here reads: // we expect the above search to succeed, because if an internal // option was selected, the menu item should be disabled Yet the item is enabled in this case, since (and this is not a unique occurrence) the CoCo cartridge slot also offers non-"internal" options.