Previous 199869 Revisions Next

r21784 Sunday 10th March, 2013 at 13:44:37 UTC by Nathan Woods
[COCO] Fixed a degenerate scenario that could cause MESS to crash with a stack
overflow when reading the floating bus.
[src/mess/includes]coco.h
[src/mess/machine]coco.c

trunk/src/mess/machine/coco.c
r21783r21784
162162   {
163163      m_maincpu->debug()->set_dasm_override(dasm_override);
164164   }
165
166   // miscellaneous
167   m_in_floating_bus_read = false;
165168}
166169
167170
r21783r21784
254257
255258UINT8 coco_state::floating_bus_read(void)
256259{
257   UINT8 byte;
260   UINT8 result;
258261
259   // set up the ability to read address spaces
260   address_space &program = m_maincpu->space(AS_PROGRAM);
262   // this method calls program.read_byte() - therefore we run the risk of a stack overflow if we don't check for
263   // a reentrant invocation
264   if (m_in_floating_bus_read)
265   {
266      // not sure what should really happen in this extremely degenerate scenario (the PC is probably
267      // in $FFxx never-never land), but I guess 0xFF is as good as anything.
268      result = 0xFF;
269   }
270   else
271   {
272      // prevent stack overflows
273      m_in_floating_bus_read = true;
261274
262   // get the previous and current PC
263   UINT16 prev_pc = m_maincpu->pcbase();
264   UINT16 pc = m_maincpu->pc();
275      // set up the ability to read address spaces
276      address_space &program = m_maincpu->space(AS_PROGRAM);
265277
266   // get the byte; and skip over header bytes
267   byte = program.read_byte(prev_pc);
268   if ((byte == 0x10) || (byte == 0x11))
269      byte = program.read_byte(++prev_pc);
278      // get the previous and current PC
279      UINT16 prev_pc = m_maincpu->pcbase();
280      UINT16 pc = m_maincpu->pc();
270281
271   // check to see if the opcode specifies the indexed addressing mode, and the secondary byte
272   // specifies no-offset
273   bool is_nooffset_indexed = (((byte & 0xF0) == 0x60) || ((byte & 0xF0) == 0xA0) || ((byte & 0xF0) == 0xE0))
274      && ((program.read_byte(prev_pc + 1) & 0xBF) == 0x84);
282      // get the byte; and skip over header bytes
283      UINT8 byte = program.read_byte(prev_pc);
284      if ((byte == 0x10) || (byte == 0x11))
285         byte = program.read_byte(++prev_pc);
275286
276   // finally read the byte
277   return program.read_byte(is_nooffset_indexed ? pc : 0xFFFF);
287      // check to see if the opcode specifies the indexed addressing mode, and the secondary byte
288      // specifies no-offset
289      bool is_nooffset_indexed = (((byte & 0xF0) == 0x60) || ((byte & 0xF0) == 0xA0) || ((byte & 0xF0) == 0xE0))
290         && ((program.read_byte(prev_pc + 1) & 0xBF) == 0x84);
291
292      // finally read the byte
293      result = program.read_byte(is_nooffset_indexed ? pc : 0xFFFF);
294
295      // we're done reading
296      m_in_floating_bus_read = false;
297   }
298   return result;
278299}
279300
280301
trunk/src/mess/includes/coco.h
r21783r21784
259259
260260   // VHD selection
261261   UINT8 m_vhd_select;
262
263   // safety to prevent stack overflow when reading floating bus
264   bool m_in_floating_bus_read;
262265};
263266
264267#endif // __COCO__

Previous 199869 Revisions Next

© 1997-2024 The MAME Team