• Status Closed
  • Percent Complete
  • Task Type Bugs
  • Category User Interface
  • Assigned To No-one
  • Operating System All players
  • Severity High
  • Priority Very Low
  • Reported Version
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Rockbox
Opened by aw3se4dr5 - 2006-09-17
Last edited by pondlife - 2006-09-29

FS#6010 - Rockbox crash due to context menu recursion

I can’t really say what happens, but i can show you how to get to it.

1. Go To “Browse Plugins” Menu
2. Access the context menu of any plugin (Playlist, Playlist Catalogue, rename, delete, …) [edited for clarity –RaeNye]
3. Press menu (or whatever button takes you to the main menu)
4. Go back to step 1 and repeat.
5. if you do it right, rockbox freezes and playback stops

Closed by  petur
2006-12-11 21:06
Reason for closing:  Fixed
nls commented on 2006-09-17 15:45

I can reproduce this on my H320 but it took quite some repeats.

Confirmed on X5.
After 7 iterations, I got I40: PDIR1FULL at 00000007.
This happens on any ‘Browse XXX’ menu (I tried with plugins and themes).

Can you still repro this with a new build? (I tried on my H340, but no crash occurred.)
Are just going into and out of the context menu? How many repeats, roughly? (10? 100?)

Reconfirmed on X5 simulator (25/9 build).
To reproduce, repeat the key sequence “REC, UP, UP, RIGHT, long SELECT” ~5 times

Aha, got it on the H300 sim - thanks Rani.
I’m not familiar with the menu code, but it looks like this recurses through the following routines:
(#33 0x0040559b in main_menu () at main_menu.c:433)
#34 0×00408276 in onplay (file=0x369fb8c “/.rockbox/rocks/alpine_cdc.rock”,

  attr=2048, from=2) at onplay.c:995

#35 0x0041901c in dirbrowse () at tree.c:817
#36 0x00419b33 in rockbox_browse (root=0x45c1f9 “/.rockbox/rocks”,

  dirfilter=13) at tree.c:1210

#37 0×00405309 in plugin_browse () at main_menu.c:286
#38 0×00405915 in menu_run (m=0) at menu.c:183
#39 0x0040559b in main_menu () at main_menu.c:433
This results in a stack overflow.

I would guess the problem lies in onplay.c, lines 994-995. Somehow this should be returning a special value to result rather than continuing inwards. Someone who knows this code will need to take over though!

nls commented on 2006-10-15 11:11

patch 6189 claims to fix this crach, anyone tested?

flik commented on 2006-10-22 08:33

I can still reproduce this on a 4G ipod color using yesterdays cvs build (061021-1612).

petur commented on 2006-12-10 22:27

patch  FS#6189  seems to fix it but makes my device do weird things when reproducing this issue. Seems not to be the correct fix… (it eventually crashed too)

petur commented on 2006-12-11 20:32

I wonder if this simple patch is acceptable… It disables main menu recursion the hard way


Available keyboard shortcuts


Task Details

Task Editing