Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mGBA will crash on macOS when inspecting an invalid map tile #2827

Closed
velipso opened this issue Feb 13, 2023 · 1 comment
Closed

mGBA will crash on macOS when inspecting an invalid map tile #2827

velipso opened this issue Feb 13, 2023 · 1 comment
Milestone
mGBA 0.10.2

Comments

@velipso
Copy link

velipso commented Feb 13, 2023

Here is the test ROM:

test.gba.zip

The code is essentially:

  ldr   r0, =REG_DISPCNT
  ldr   r1, =0x0100
  strh  r1, [r0]

  ldr   r0, =REG_BG0CNT
  ldr   r1, =0x008c
  strh  r1, [r0]

  ldr   r0, =0x06000000
  ldr   r1, =0xffff
  strh  r1, [r0]
  1. Load the ROM
  2. Go to Tools -> Game state views -> View Map
  3. Click on the upper-left corner of the Background 0 map
  4. mGBA 0.10.1 will crash on macOS

Truncated crash report below, which has a stacktrace:

Process:               mGBA [19889]
Path:                  /Applications/mGBA.app/Contents/MacOS/mGBA
Identifier:            com.endrift.mgba-qt
Version:               0.10.1 (0.10.1)
Code Type:             X86-64 (Native)

Date/Time:             2023-02-13 18:28:11.0684 -0500
OS Version:            macOS 13.2 (22D49)
Report Version:        12
Bridge OS Version:     7.2 (20P3045)

Crashed Thread:        0  Dispatch queue: com.apple.main-thread

Exception Type:        EXC_BAD_ACCESS (SIGBUS)
Exception Codes:       KERN_PROTECTION_FAILURE at 0x00000001209553fc
Exception Codes:       0x0000000000000002, 0x00000001209553fc

Termination Reason:    Namespace SIGNAL, Code 10 Bus error: 10
Terminating Process:   exc handler [19889]

VM Region Info: 0x1209553fc is not in any region.  Bytes after previous region: 1021  Bytes before following region: 76804
      REGION TYPE                    START - END         [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      shared memory               120954000-120955000    [    4K] r--/r-- SM=SHM  
--->  GAP OF 0x13000 BYTES
      CoreImage                   120968000-120969000    [    4K] rw-/rwx SM=PRV  

Thread 0 Crashed::  Dispatch queue: com.apple.main-thread
0   mGBA                          	       0x10da715f1 mTileCacheGetTile + 241
1   mGBA                          	       0x10d7fb30d QGBA::AssetTile::selectIndex(int) + 157
2   mGBA                          	       0x10d87e2f6 QGBA::MapView::selectTile(int, int) + 1366
3   mGBA                          	       0x10d87ed39 QGBA::MapView::eventFilter(QObject*, QEvent*) + 249
4   mGBA                          	       0x10edac784 QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) + 154
5   mGBA                          	       0x10db94b3c QApplicationPrivate::notify_helper(QObject*, QEvent*) + 192
6   mGBA                          	       0x10db96e38 QApplication::notify(QObject*, QEvent*) + 5788
7   mGBA                          	       0x10edac524 QCoreApplication::notifyInternal2(QObject*, QEvent*) + 138
8   mGBA                          	       0x10db95228 QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) + 684
9   mGBA                          	       0x10dbcda8c QWidgetWindow::handleMouseEvent(QMouseEvent*) + 1058
10  mGBA                          	       0x10dbccf13 QWidgetWindow::event(QEvent*) + 323
11  mGBA                          	       0x10db94b50 QApplicationPrivate::notify_helper(QObject*, QEvent*) + 212
12  mGBA                          	       0x10db9596a QApplication::notify(QObject*, QEvent*) + 462
13  mGBA                          	       0x10edac524 QCoreApplication::notifyInternal2(QObject*, QEvent*) + 138
14  mGBA                          	       0x10ea85360 QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) + 1516
15  mGBA                          	       0x10ea84eea QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) + 374
16  mGBA                          	       0x10ea7831f QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 91
17  mGBA                          	       0x10de76f06 QCocoaEventDispatcherPrivate::postedEventsSourceCallback(void*) + 40
18  CoreFoundation                	    0x7ff818a8fb78 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
19  CoreFoundation                	    0x7ff818a8fb27 __CFRunLoopDoSource0 + 157
20  CoreFoundation                	    0x7ff818a8f901 __CFRunLoopDoSources0 + 212
21  CoreFoundation                	    0x7ff818a8e57b __CFRunLoopRun + 929
22  CoreFoundation                	    0x7ff818a8db60 CFRunLoopRunSpecific + 560
23  HIToolbox                     	    0x7ff8223db766 RunCurrentEventLoopInMode + 292
24  HIToolbox                     	    0x7ff8223db396 ReceiveNextEventCommon + 199
25  HIToolbox                     	    0x7ff8223db2b3 _BlockUntilNextEventMatchingListInModeWithFilter + 70
26  AppKit                        	    0x7ff81bbde293 _DPSNextEvent + 909
27  AppKit                        	    0x7ff81bbdd114 -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1219
28  AppKit                        	    0x7ff81bbcf757 -[NSApplication run] + 586
29  mGBA                          	       0x10de761e3 QCocoaEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 1263
30  mGBA                          	       0x10edaa096 QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 282
31  mGBA                          	       0x10edac993 QCoreApplication::exec() + 123
32  mGBA                          	       0x10d7eef8e main + 1774
33  dyld                          	    0x7ff818681310 start + 2432
@endrift endrift added this to the mGBA 0.10.2 milestone Feb 13, 2023
endrift added a commit that referenced this issue Feb 15, 2023
@endrift
Qt: Fix a handful of edge cases with graphics viewers (fixes #2827)
a473aef
@endrift
Copy link
Member

endrift commented Feb 15, 2023

How do these keep popping up? I found another crash while looking into this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
mGBA 0.10.2
Development

No branches or pull requests
2 participants
@endrift @velipso