Segmentation fault on GBA input page

[thesourcehim]

I deleted old mednafen.cfg and configured mednaffe again. Segfault started to happen after I configured my xbox 360 controller once and restarted mednaffe. Now every time I switch to GBA input page (no matter if controller is plugged or not), mednaffe crashes.

Thread 1 "mednaffe" received signal SIGSEGV, Segmentation fault. 0x0000000000416781 in value_to_text (listjoy=0x3106640 = {...}, value=value@entry=0x8893a0 "joystick") at widgets/joystick_linux.c:256 256 if (items[2][0] == 'b')

bt full

0 0x0000000000416781 in value_to_text (listjoy=0x3106640 = {...}, value=value@entry=0x8893a0 "joystick") at widgets/joystick_linux.c:256

    text = 0x0
    items = 0x44c03e0

1 0x0000000000414a42 in med_list_joy_value_to_text (self=, value=value@entry=0x8893a0 "joystick") at widgets/medlistjoy.c:142

    __func__ = "med_list_joy_value_to_text"
    priv = <optimized out>

2 0x0000000000413570 in med_input_convert_to_text (self=self@entry=0xbd5c10, v=v@entry=0x8893a0 "joystick", p=p@entry=0x7fffffffbba0) at widgets/medinput.c:1208

    __func__ = "med_input_convert_to_text"
    priv = <optimized out>
    text = 0x0
    items = 0x43347e0

3 0x00000000004138c0 in med_input_real_set_value (base=0xbd5c10, v=0x8893a0 "joystick") at widgets/medinput.c:1257

    p = 0x0
    text = <optimized out>
    self = 0xbd5c10
    priv = 0xbd5a80
    __func__ = "med_input_real_set_value"

4 0x000000000040b37b in main_window_medwid_map (sender=0xbd5c10, self=) at mainwindow.c:578

    priv = <optimized out>
    command = <optimized out>
    tmp = 0x8893a0 "joystick"

[thesourcehim]

It seems that mednaffe didn't save config file properly. In the gba controls section I found the following line: gba.input.builtin.gamepad.up joystick While it should have been: gba.input.builtin.gamepad.up joystick 0x0003045e028e01100008000b00000000 abs_1-

Fixing that line manually removed the crash.

[AmatCoder]

True, malformed input mapping can lead to access an array out of bounds.

Fixed with commit e967c2dc.