Home Page

Get a seg fault only with Odyssey2, only in Ubuntu

Posted By: Procyon

Get a seg fault only with Odyssey2, only in Ubuntu - 08/29/20 04:09 AM

Hello. I wanted to try out the new Odyssey2 emulation in 0.224. 99% of the time I boot into linux, so I tried it there first. But every attempt to load any Odyssey2 cartridge results in a seg fault. I doubled checked, and loading NES carts or Atari 2600 carts work fine, only Odyssey2 produces this result. So just to be extra sure, I booted into Windows, and gave 0.224 a try there, and it worked beautifully. So I'm not clear on what's happening in Ubuntu.

I used valgrind to get more context and to see if I could get a stack trace. This is the tail end of what I was able to produce after running
Code
valgrind -v mame64 -video opengl odyssey2 kcmunch
:

Code
--5297-- Discarding syms at 0x1e5c2180-0x1e5c232d in /usr/lib/x86_64-linux-gnu/alsa-lib/libasound_module_conf_pulse.so (have_dinfo 1)
--5297-- Reading syms from /usr/lib/x86_64-linux-gnu/libudev.so.1.6.17
--5297--    object doesn't have a symbol table
--5297-- REDIR: 0x16375670 (libc.so.6:__strnlen_avx2) redirected to 0x147feee0 (strnlen)
--5297-- REDIR: 0x16289330 (libc.so.6:malloc_usable_size) redirected to 0x147fe3b0 (malloc_usable_size)
==5297== Invalid read of size 1
==5297==    at 0x162361EA: ____strtoul_l_internal (strtol_l.c:292)
==5297==    by 0x9BD39EF: o2_cart_slot_device::call_load() [clone .part.0] (in /home/procyon/dev/mame/mame64)
==5297==    by 0x9BD3AED: non-virtual thunk to o2_cart_slot_device::call_load() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBEE548C: device_image_interface::finish_load() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE4E207: image_manager::postdevice_init() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBF43E4E: driver_device::device_start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBEDD992: device_t::start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE6A75A: running_machine::start_all_devices() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE6F623: running_machine::start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE70BFE: running_machine::run(bool) (in /home/procyon/dev/mame/mame64)
==5297==    by 0x92AF46E: mame_machine_manager::execute() (in /home/procyon/dev/mame/mame64)
==5297==    by 0x9352684: cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) (in /home/procyon/dev/mame/mame64)
==5297==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==5297== 
==5297== 
==5297== Process terminating with default action of signal 11 (SIGSEGV)
==5297==  Access not within mapped region at address 0x0
==5297==    at 0x162361EA: ____strtoul_l_internal (strtol_l.c:292)
==5297==    by 0x9BD39EF: o2_cart_slot_device::call_load() [clone .part.0] (in /home/procyon/dev/mame/mame64)
==5297==    by 0x9BD3AED: non-virtual thunk to o2_cart_slot_device::call_load() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBEE548C: device_image_interface::finish_load() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE4E207: image_manager::postdevice_init() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBF43E4E: driver_device::device_start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBEDD992: device_t::start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE6A75A: running_machine::start_all_devices() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE6F623: running_machine::start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE70BFE: running_machine::run(bool) (in /home/procyon/dev/mame/mame64)
==5297==    by 0x92AF46E: mame_machine_manager::execute() (in /home/procyon/dev/mame/mame64)
==5297==    by 0x9352684: cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) (in /home/procyon/dev/mame/mame64)
==5297==  If you believe this happened as a result of a stack
==5297==  overflow in your program's main thread (unlikely but
==5297==  possible), you can try to increase the size of the
==5297==  main thread stack using the --main-stacksize= flag.
==5297==  The main thread stack size used in this run was 8388608.
==5297== 
==5297== HEAP SUMMARY:
==5297==     in use at exit: 20,869,852 bytes in 24,136 blocks
==5297==   total heap usage: 112,463 allocs, 88,327 frees, 2,383,279,376 bytes allocated
==5297== 
==5297== Searching for pointers to 24,136 not-freed blocks
==5297== Checked 581,100,776 bytes
==5297== 
==5297== LEAK SUMMARY:
==5297==    definitely lost: 11,744 bytes in 7 blocks
==5297==    indirectly lost: 135,877 bytes in 492 blocks
==5297==      possibly lost: 811,455 bytes in 5,736 blocks
==5297==    still reachable: 19,910,776 bytes in 17,901 blocks
==5297==                       of which reachable via heuristic:
==5297==                         newarray           : 65,568 bytes in 3 blocks
==5297==                         multipleinheritance: 104 bytes in 1 blocks
==5297==         suppressed: 0 bytes in 0 blocks
==5297== Rerun with --leak-check=full to see details of leaked memory
==5297== 
==5297== Use --track-origins=yes to see where uninitialised values come from
==5297== ERROR SUMMARY: 4 errors from 2 contexts (suppressed: 0 from 0)
==5297== 
==5297== 1 errors in context 1 of 2:
==5297== Invalid read of size 1
==5297==    at 0x162361EA: ____strtoul_l_internal (strtol_l.c:292)
==5297==    by 0x9BD39EF: o2_cart_slot_device::call_load() [clone .part.0] (in /home/procyon/dev/mame/mame64)
==5297==    by 0x9BD3AED: non-virtual thunk to o2_cart_slot_device::call_load() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBEE548C: device_image_interface::finish_load() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE4E207: image_manager::postdevice_init() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBF43E4E: driver_device::device_start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xBEDD992: device_t::start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE6A75A: running_machine::start_all_devices() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE6F623: running_machine::start() (in /home/procyon/dev/mame/mame64)
==5297==    by 0xCE70BFE: running_machine::run(bool) (in /home/procyon/dev/mame/mame64)
==5297==    by 0x92AF46E: mame_machine_manager::execute() (in /home/procyon/dev/mame/mame64)
==5297==    by 0x9352684: cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) (in /home/procyon/dev/mame/mame64)
==5297==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==5297== 
==5297== 
==5297== 3 errors in context 2 of 2:
==5297== Conditional jump or move depends on uninitialised value(s)
==5297==    at 0x16F304B5: pa_shm_cleanup (in /usr/lib/x86_64-linux-gnu/pulseaudio/libpulsecommon-13.99.so)
==5297==    by 0x16F306F1: pa_shm_create_rw (in /usr/lib/x86_64-linux-gnu/pulseaudio/libpulsecommon-13.99.so)
==5297==    by 0x16F203F6: pa_mempool_new (in /usr/lib/x86_64-linux-gnu/pulseaudio/libpulsecommon-13.99.so)
==5297==    by 0x163EE9B1: pa_context_new_with_proplist (in /usr/lib/x86_64-linux-gnu/libpulse.so.0.21.2)
==5297==    by 0x14904D5E: ??? (in /usr/lib/x86_64-linux-gnu/libSDL2-2.0.so.0.10.0)
==5297==    by 0x1490565A: ??? (in /usr/lib/x86_64-linux-gnu/libSDL2-2.0.so.0.10.0)
==5297==    by 0x14857D9B: ??? (in /usr/lib/x86_64-linux-gnu/libSDL2-2.0.so.0.10.0)
==5297==    by 0x14853906: ??? (in /usr/lib/x86_64-linux-gnu/libSDL2-2.0.so.0.10.0)
==5297==    by 0x9213324: sound_sdl::init(osd_options const&) (in /home/procyon/dev/mame/mame64)
==5297==    by 0xDBCE0B4: osd_module_manager::init(osd_options const&) (in /home/procyon/dev/mame/mame64)
==5297==    by 0x91C8917: osd_common_t::init_subsystems() (in /home/procyon/dev/mame/mame64)
==5297==    by 0x91B6DA3: sdl_osd_interface::init(running_machine&) (in /home/procyon/dev/mame/mame64)
==5297== 
==5297== ERROR SUMMARY: 4 errors from 2 contexts (suppressed: 0 from 0)
Segmentation fault (core dumped)
Posted By: Vas Crabb

Re: Get a seg fault only with Odyssey2, only in Ubuntu - 08/29/20 10:37 AM

You would’ve been able to get the backtrace a lot faster with GCC, rather than running it under valgrind. Anyway, it appears to be crashing at src/devices/bus/odyssey2/slot.cpp:160 – it doesn’t check whether get_feature returns nullptr. It should check the result before calling strtoul on it.
Posted By: Procyon

Re: Get a seg fault only with Odyssey2, only in Ubuntu - 08/30/20 12:38 AM

Thanks for the insight. Any idea why my problem is isolated to Ubuntu and runs fine in Windows?
Posted By: R. Belmont

Re: Get a seg fault only with Odyssey2, only in Ubuntu - 08/30/20 12:56 AM

strtoul() on Windows probably sanity-checks the inputs and glibc's version doesn't.
Posted By: hap

Re: Get a seg fault only with Odyssey2, only in Ubuntu - 08/30/20 06:01 AM

Woops, I thought strtoul would always return 0 on parse error. I use this function in the microvsn driver too.
Do you compile MAME? Does this work ok?

m_b = get_feature("b_pin") && bool(strtoul(get_feature("b_pin"), nullptr, 0)) ? 1 : 0;
Posted By: Procyon

Re: Get a seg fault only with Odyssey2, only in Ubuntu - 08/30/20 07:31 PM

Originally Posted by hap
Do you compile MAME? Does this work ok?


Hi hap, as a matter of fact I do. I applied your code change, and it does indeed work. K.C. Munchkin fired right up for me. Thanks very much for everyone's help!
Posted By: Golden Child

Re: Get a seg fault only with Odyssey2, only in Ubuntu - 08/31/20 10:27 AM

I'm running Ubuntu 20.04 and needed to figure out where it was segfaulting so you may try this to get the backtrace:

First install coredumpctl by

sudo apt install systemd-coredump


then you can do

coredumpctl (this will list the coredumps available)
coredumpctl info (more info, and tells you where the coredump is)
coredumpctl debug (will launch gdb on the core dump)

Once you're into gdb, do a "bt" and this will give you the backtrace. "quit" will drop out of gdb.
Posted By: hap

Re: Get a seg fault only with Odyssey2, only in Ubuntu - 09/09/20 10:50 AM

Crash bug was fixed a week ago btw. And for anyone clicking this thread, here are some bonus screenshots laugh

Some minor bugs remain, but overall the emulation is very good. The bug that annoys me the most is in Backgammon. It does multiple screen updates but (even according to the disassembly) it never increments the sprite/char Y registers.

[Linked Image from i.imgur.com]
[Linked Image from i.imgur.com]
[Linked Image from i.imgur.com]
[Linked Image from i.imgur.com]
[Linked Image from i.imgur.com]
© 2020 Forums