[ オリジナルレポート ]

BugID: #05732

カテゴリ 重要度 ステータス 解決状況 登録日時 最終更新
クラッシュ/フリーズ重要 (本体)解決済み修正済み2014-10-15 20:322018-12-09 14:45
 
テスターfurrykef担当者AJRソース
バージョン0.155発生バージョン0.149修正バージョン0.205
フラグ
セット All games using MCS-48
セット詳細
 
概 要MCS-48ゲームWPDにウォッチポイントを設定するとクラッシュする。
詳 細After following the reproduction steps, MAME crashes with this error:

-----------------------------------------------------
Exception at EIP=0000000001075252 (mcs48_cpu_device::mov_r6_a()+0x0012): ACCESS VIOLATION
While attempting to write memory at 0000000000000006
-----------------------------------------------------
RAX=0000000000000000 RBX=0000000006541EE0 RCX=0000000006541EE0 RDX=0000000000000000
RSI=0000000005293BC0 RDI=00000000002286AC RBP=0000000000228670 RSP=0000000000228670
 R8=00000000000000FE  R9=0000000000000000 R10=0000000000000006 R11=0000000000000246
R12=000000000000005B R13=000000000FD92FD0 R14=000000000617B980 R15=000000000022F310
-----------------------------------------------------
Stack crawl:
  0000000000228670: 0000000001075252 (mcs48_cpu_device::mov_r6_a()+0x0012)
  00000000002286E0: 000000000107E93D (mcs48_cpu_device::execute_run()+0x009d)
  0000000000228780: 0000000001A0DE9F (device_scheduler::timeslice()+0x035f)
  00000000002287E0: 0000000001A8BCA9 (running_machine::run(bool)+0x0149)
  000000000022F420: 0000000001A9E68A (machine_manager::execute()+0x022a)
  000000000022F610: 0000000001B24B40 (cli_frontend::execute(int, char**)+0x0b60)
  000000000022FDF0: 0000000000FB2C18 (utf8_main(int, char**)+0x01a8)
  000000000022FE50: 0000000001E0F5FE (wmain+0x007e)
  000000000022FF20: 00000000004013CA (__tmainCRTStartup+0x024a)
  000000000022FF50: 00000000004014F8 (mainCRTStartup+0x0018)
  000000000022FF80: 00000000778A59ED (BaseThreadInitThunk+0x000d)
  000000000022FFD0: 00000000779DC541 (RtlUserThreadStart+0x0021)
再現手順Launch MAME with "mame64 -debug dkong" or "mame64 -debug mario"

Before execution begins, input the following two commands:
focus soundcpu [in mario, use "focus audiocpu" instead]
wpd 1f,1,w

Then press F5 to resume execution. MAME will crash with the error message given in the description. (dkong was used for the message in the description.) You can also step through the program with F11 instead of F5, and it should eventually crash. In dkong, it will crash on the first "sel rb1" instruction. In mario, it will crash on the first instruction (nop).
追加情報Backtrace:

#0 0x000000000209eaa2 in mcs48_cpu_device::mov_r6_a (this=0x3f469360)
at src/emu/cpu/mcs48/mcs48.c:747
No locals.
#1 0x00000000020a17bc in mcs48_cpu_device::execute_run (this=0x3f469360)
at src/emu/cpu/mcs48/mcs48.c:1169
opcode = 174
curcycles = 1
#2 0x0000000003db2642 in device_execute_interface::run (this=0x3f469810)
at src/emu/diexec.h:187
No locals.
#3 0x0000000002c59587 in device_scheduler::timeslice (this=0x22e4b8)
at src/emu/schedule.c:478
ran = 599
delta = {seconds = 0, attoseconds = 1499999999998464, static never = {
seconds = 1000000000, attoseconds = 0,
static never = <same as static member of an already seen type>,
static zero = {seconds = 0, attoseconds = 0,
static never = <same as static member of an already seen type>,
static zero = <same as static member of an already seen type>}}, static zero = <same as static member of an already seen type>}
delta = 1499999999993856
exec = 0x3f469810
target = {seconds = 0, attoseconds = 1499999999993856,
static never = {seconds = 1000000000, attoseconds = 0,
static never = <same as static member of an already seen type>,
static zero = {seconds = 0, attoseconds = 0,
static never = <same as static member of an already seen type>,
static zero = <same as static member of an already seen type>}}, static zero = <same as static member of an already seen type>}
call_debugger = true
#4 0x0000000002cfdafd in running_machine::run (this=0x227a20, firstrun=true)
at src/emu/machine.c:382
settingsloaded = true
error = 0
#5 0x0000000000000000 in ?? ()
 
添付ファイル