Rockbox

Tasklist

FS#8028 - Sim segfaults during SID skipping

Attached to Project: Rockbox
Opened by Steve Bavin (pondlife) - Friday, 26 October 2007, 11:01 GMT
Last edited by Steve Bavin (pondlife) - Monday, 19 November 2007, 17:57 GMT
Task Type Bugs
Category Music playback
Status Closed
Assigned To Nicolas Pennequin (nicolas_p)
Operating System All players
Severity Low
Priority Normal
Reported Version Daily build (which?)
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

I set up a test folder with 140 random SIDs from the HVSC archive. Skipping forward during SID playback gives a segfault, possibly when buffering adds MP3s to the end of the buffer:

...
We open the real file '/(Compilations)/(Test)/SID/Boom.sid'
We open the real file '/(Compilations)/(Test)/SID/Brutal_Techno.sid'
We open the real file '/(Compilations)/(Test)/SID/Brutal_Techno.sid'
We open the real file '/(Compilations)/(Test)/SID/Brutal_Techno.sid'
We open the real file '/(Compilations)/(Test)/SID/Bullshit_II.sid'
We open the real file '/.rockbox/.playlist_control'
Adding 01 Zuton Fever.mp3
Adding 02 Pressure Point.mp3
Adding 03 You Will You Won't.mp3
Adding 04 Confusion.mp3
Adding 05 Havana Gang Brawl.mp3
Adding 06 Railroad.mp3
Adding 07 Long Time Coming.mp3
Adding 08 Nightmare Part II.mp3
Adding 09 Not A Lot To Do.mp3
Adding 10 Remember Me.mp3
Adding 11 Dirty Dancehall.mp3
Adding 12 Moons And Horror Shows.mp3

Program received signal SIGSEGV, Segmentation fault.
[Switching to thread 11028.0x140c]
0x00450abc in format (push=0x450b2e <sprfunc>, userp=0x4adfd3c, fmt=0x471433 ".codec",
ap=0x4adfd7c "") at common/sprintf.c:184
184 while (*str != '\0' && ok && precision--)
(gdb) bt
#0 0x00450abc in format (push=0x450b2e <sprfunc>, userp=0x4adfd3c, fmt=0x471433 ".codec",
ap=0x4adfd7c "") at common/sprintf.c:184
#1 0x00450bb9 in snprintf (buf=0x4adfdbc "/.rockbox/codecs/sid.codec", size=259,
fmt=0x471420 "/.rockbox/codecs/%s.codec") at common/sprintf.c:228
#2 0x0043fff8 in codec_get_full_path (path=0x4adfdbc "/.rockbox/codecs/sid.codec",
codec_root_fn=0x0) at codecs.c:170
#3 0x004400e1 in codec_load_file (plugin=0x0, api=0x4668a0) at codecs.c:243
#4 0x0043df1d in codec_thread () at playback.c:1921
#5 0x00460351 in runthread (data=0x2625be0) at thread-sdl.c:303
#6 0x6bfb0adc in SDL_RunThread (data=0x36d4c38) at ../../../SDL-1.2.9/src/thread/SDL_thread.c:218
#7 0x6bfb0dd1 in RunThread (data=0x36d4c38) at SDL_systhread.c:44
#8 0x7c57b3bc in lstrcmpiW () from /cygdrive/d/WINNT/system32/KERNEL32.DLL
#9 0x00000000 in ?? ()
(gdb) print str
$1 = 0x0
(gdb) print precision
$2 = 2147483647
(gdb)
This task depends upon

Closed by  Steve Bavin (pondlife)
Monday, 19 November 2007, 17:57 GMT
Reason for closing:  Fixed
Additional comments about closing:  Seems ok now.
Comment by Steve Bavin (pondlife) - Friday, 26 October 2007, 11:56 GMT
OK, the cause has been traced back to a null codec name passed into codec_load_file(). This comes from:

Breakpoint 1, get_codec_filename (cod_spec=0) at playback.c:1063
warning: Source file is more recent than executable.
1063 int type = cod_spec & CODEC_TYPE_MASK;
(gdb) bt
#0 get_codec_filename (cod_spec=0) at playback.c:1063
#1 0x0043e1e5 in codec_thread () at playback.c:2059
#2 0x00460371 in runthread (data=0x2625be0) at thread-sdl.c:303
#3 0x6bfb0adc in SDL_RunThread (data=0x36d4c48) at ../../../SDL-1.2.9/src/thread/SDL_thread.c:218
#4 0x6bfb0dd1 in RunThread (data=0x36d4c48) at SDL_systhread.c:44
#5 0x7c57b3bc in lstrcmpiW () from /cygdrive/d/WINNT/system32/KERNEL32.DLL
#6 0x00000000 in ?? ()
(gdb) print curtrack_id3.title
$1 = 0x0
(gdb) print curtrack_id3.path
$2 = '\0' <repeats 259 times>

Seems to be a null-filled curtrack_id3 when playback.c:2059 is executed.
Comment by Michael Sevakis (MikeS) - Friday, 26 October 2007, 13:00 GMT
Should we have a MoB bugs task? Anyway, some possibly related items:

1) rapid skipping causes codec failure on gigabeat (only tested there) that stopping doesn't recover from.
2) playing SPC from the file browser while an MP3 was playing caused codec failure as well
Comment by Steve Bavin (pondlife) - Monday, 29 October 2007, 09:02 GMT
Things are somewhat better, but I still get a segfault when skipping backwards (not every skip, but easily crashable). Seems to be within the SID codec now though:

Program received signal SIGSEGV, Segmentation fault.
[Switching to thread 9452.0x188c]
0x00456ae6 in memcpy (dst0=0x533a220, src0=0x53290be, len0=65409) at common/memcpy.c:114
114 *dst++ = *src++;
(gdb) bt
#0 0x00456ae6 in memcpy (dst0=0x533a220, src0=0x53290be, len0=65409) at common/memcpy.c:114
#1 0x0532478b in memcpy (dest=0x533a220, src=0x53290be, n=65409) at codeclib.c:109
#2 0x05324145 in LoadSIDFromMemory (pSidData=0x5329040, load_addr=0x4adfd3e,
init_addr=0x4adfd3c, play_addr=0x4adfd3a, subsongs=0x4adfd39 "", startsong=0x4adfd38 "",
speed=0x4adfd37 "", size=65535) at sid.c:1193
#3 0x0532428f in codec_main () at sid.c:1238
#4 0x05324573 in codec_start (api=0x4668a0) at codec_crt0.c:51
#5 0x004401da in codec_load_ram (codecptr=0x5cb280 "MZ\220", size=71751, ptr2=0x0, bufwrap=0,
api=0x4668a0) at codecs.c:229
#6 0x00440315 in codec_load_file (plugin=0x473d51 "sid", api=0x4668a0) at codecs.c:260
#7 0x0043e046 in codec_thread () at playback.c:1904
#8 0x0046091c in runthread (data=0x2625c40) at thread-sdl.c:307
#9 0x6bfb0adc in SDL_RunThread (data=0x36d4c48) at ../../../SDL-1.2.9/src/thread/SDL_thread.c:218
#10 0x6bfb0dd1 in RunThread (data=0x36d4c48) at SDL_systhread.c:44
#11 0x7c57b3bc in lstrcmpiW () from /cygdrive/d/WINNT/system32/KERNEL32.DLL
#12 0x00000000 in ?? ()

I'd guess that size=65535 is an undetected error/special value, resulting in a memcpy of 65409 bytes...
Comment by Nicolas Pennequin (nicolas_p) - Tuesday, 06 November 2007, 17:20 GMT
Is this still a problem? I haven't been able to reproduce.
Comment by Steve Bavin (pondlife) - Tuesday, 06 November 2007, 17:28 GMT
Nope, I can't crash it any more. I can get it into a stalled buffering situation though:
pcm: 0/529200
alloc: 3297628/29503984
real: 2555525/29503984
usefl: 2555525/29503984
data_rem: 669185
track count: 127
handle count: 255
UI is usable, but skipping won't restart playback and pressing STOP locks the sim.
Comment by Nicolas Pennequin (nicolas_p) - Monday, 19 November 2007, 17:33 GMT
Should I close this task?

Loading...