カテゴリ 重要度 ステータス 解決状況 登録日時 最終更新
クラッシュ/フリーズ重要 (本体)認証済み未処理2016-04-30 12:072017-12-23 04:58
 
テスターanikom15担当者 ソースmsx/msx.cpp
バージョン0.173発生バージョン0.173修正バージョン
修正コミットプルリク
フラグ
セット cf3300 [bomber3d]
セット詳細
 
概 要フロッピーディスクをロードするとクラッシュする。
詳 細UPDATE: This crash only seems to occur when a double-sided floppy is loaded into a single-sided drive. See notes for details.

I tested with bomber3d, msxdos, msxdosa, and msxdosb, all loaded from the software list. All crashed except for msxdosb, which froze. I used the National CF-3300 (cf3300) set, though I imagine it affects other MSX systems with floppy drives as well.

Here's the crash output:

-----------------------------------------------------
Exception at EIP=0000000002A780CE (floppy_image_format_t::generate_track_from_levels(int, int, std::vector<unsigned int, std::allocator<unsigned int> >&, int, floppy_image*)+0x025e): ACCESS VIOLATION
While attempting to write memory at 0000000067655273
-----------------------------------------------------
RAX=0000000067655273 RBX=0000000018E16120 RCX=0000000050000000 RDX=0000000000000DAC
RSI=0000000000000020 RDI=00000000500003E8 RBP=0000000000242B10 RSP=0000000000242A90
R8=00000000000186A0 R9=000000001907BB40 R10=00000000000001F4 R11=0000000000000000
R12=0000000000000000 R13=000000001901A0CC R14=0000000000000000 R15=00000000000003E8
-----------------------------------------------------
Stack crawl:
0000000000242AA0: 0000000002A780CE (floppy_image_format_t::generate_track_from_levels(int, int, std::vector<unsigned int, std::allocator<unsigned int> >&, int, floppy_image*)+0x025e)
00000000002431D0: 0000000002A7EE89 (floppy_image_format_t::generate_track(floppy_image_format_t::desc_e const*, int, int, floppy_image_format_t::desc_s const*, int, int, floppy_image*)+0x02b9)
0000000000248640: 0000000002AD4951 (upd765_format::load(io_generic*, unsigned int, floppy_image*)+0x0631)
00000000002486D0: 0000000002338945 (floppy_image_device::call_load()+0x00c5)
0000000000248710: 000000000295B4EA (device_image_interface::finish_load()+0x00aa)
00000000002487D0: 00000000029ABCE8 (image_manager::postdevice_init()+0x00f8)
0000000000248840: 000000000298CE33 (driver_device::device_start()+0x0083)
0000000000248960: 0000000002953932 (device_t::start()+0x0422)
00000000002489C0: 00000000029CE48B (running_machine::start_all_devices()+0x006b)
0000000000248AA0: 00000000029D2C3A (running_machine::start()+0x0b7a)
0000000000248B00: 00000000029D2FFA (running_machine::run(bool)+0x00aa)
000000000024F4F0: 000000000178F2FA (mame_machine_manager::execute()+0x015a)
000000000024F960: 000000000180A9D2 (cli_frontend::execute(int, char**)+0x1092)
000000000024F9D0: 000000000178E555 (emulator_info::start_frontend(emu_options&, osd_interface&, int, char**)+0x0035)
000000000024FDF0: 00000000016F1834 (utf8_main(int, char**)+0x0124)
000000000024FE50: 0000000002E9085F (wmain+0x007f)
000000000024FF20: 000000000040140C (__tmainCRTStartup+0x025c)
000000000024FF50: 000000000040153B (mainCRTStartup+0x001b)
000000000024FF80: 00007FF9EDC72D92 (BaseThreadInitThunk+0x0022)
000000000024FFD0: 00007FF9EDF39F64 (RtlUserThreadStart+0x0034)
再現手順1. Run MAME with cf3300 bomber3d
2. MAME will stall at 'Initializing...' before crashing

1. Run MAME with cf3300 msxdosb -window -debug
2. Also crash
追加情報 
 
添付ファイル