- Status Closed
- Percent Complete
- Task Type Bugs
- Category User Interface
- Assigned To No-one
- Operating System All players
- Severity High
- Priority Very Low
- Reported Version
- Due in Version Undecided
-
Due Date
Undecided
- Votes
- Private
FS#6010 - Rockbox crash due to context menu recursion
I can’t really say what happens, but i can show you how to get to it.
1. Go To “Browse Plugins” Menu
2. Access the context menu of any plugin (Playlist, Playlist Catalogue, rename, delete, …) [edited for clarity –RaeNye]
3. Press menu (or whatever button takes you to the main menu)
4. Go back to step 1 and repeat.
5. if you do it right, rockbox freezes and playback stops
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task
I can reproduce this on my H320 but it took quite some repeats.
Confirmed on X5.
After 7 iterations, I got I40: PDIR1FULL at 00000007.
This happens on any ‘Browse XXX’ menu (I tried with plugins and themes).
Can you still repro this with a new build? (I tried on my H340, but no crash occurred.)
Are just going into and out of the context menu? How many repeats, roughly? (10? 100?)
Reconfirmed on X5 simulator (25/9 build).
To reproduce, repeat the key sequence “REC, UP, UP, RIGHT, long SELECT” ~5 times
Aha, got it on the H300 sim - thanks Rani.
I’m not familiar with the menu code, but it looks like this recurses through the following routines:
(…)
(#33 0x0040559b in main_menu () at main_menu.c:433)
#34 0×00408276 in onplay (file=0x369fb8c “/.rockbox/rocks/alpine_cdc.rock”,
#35 0x0041901c in dirbrowse () at tree.c:817
#36 0x00419b33 in rockbox_browse (root=0x45c1f9 “/.rockbox/rocks”,
#37 0×00405309 in plugin_browse () at main_menu.c:286
#38 0×00405915 in menu_run (m=0) at menu.c:183
#39 0x0040559b in main_menu () at main_menu.c:433
This results in a stack overflow.
I would guess the problem lies in onplay.c, lines 994-995. Somehow this should be returning a special value to result rather than continuing inwards. Someone who knows this code will need to take over though!
patch 6189 claims to fix this crach, anyone tested?
I can still reproduce this on a 4G ipod color using yesterdays cvs build (061021-1612).
patch
FS#6189seems to fix it but makes my device do weird things when reproducing this issue. Seems not to be the correct fix… (it eventually crashed too)I wonder if this simple patch is acceptable… It disables main menu recursion the hard way