search

DeaDBeeF-Player / deadbeef

DeaDBeeF Player
https://deadbeef.sourceforge.io/
Other
1.65k stars 178 forks source link

Rare, arbitary segfault #1830

Closed orbea closed 6 years ago

orbea commented 7 years ago

Steps to reproduce the problem

  1. Run deadbeef for a while until it crashes.

What's going on? Describe the problem in as much detail as possible.

Deadbeef crashes once in a blue moon for no good reason. It might be connected to the window resizing when another window is opened. I use an dynamic tiling wm (spectrwm) so this can happen often.

Information about the software:

Deadbeef version: deadbeef-2017.06.27_b284c9eb_master-x86_64-1_git OS: Slackware64-current

gtk+2-2.24.31-x86_64-1 cairo-1.14.10-x86_64-1 glib2-2.52.3-x86_64-1

Thread 1 "deadbeef-gtkui" received signal SIGSEGV, Segmentation fault.
0x00007f471d810e1b in _int_malloc () from /lib64/libc.so.6
(gdb) bt
#0  0x00007f471d810e1b in _int_malloc () at /lib64/libc.so.6
#1  0x00007f471d813a88 in malloc () at /lib64/libc.so.6
#2  0x00007f471c451e2e in  () at /usr/lib64/../lib64/libcairo.so.2
#3  0x00007f471c4c6e97 in  () at /usr/lib64/../lib64/libcairo.so.2
#4  0x00007f471c4c2a90 in  () at /usr/lib64/../lib64/libcairo.so.2
#5  0x00007f471c495fdb in cairo_surface_flush ()
    at /usr/lib64/../lib64/libcairo.so.2
#6  0x00007f471cba2869 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#7  0x00007f471c44059b in  () at /usr/lib64/../lib64/libcairo.so.2
#8  0x00007f471c453a49 in  () at /usr/lib64/../lib64/libcairo.so.2
#9  0x00007f471d523b9f in scope_expose_event (widget=0xfcde70, event=0x7fffffffc760, user_d
ata=0xf91670) at widgets.c:3024
#10 0x00007f471cf6534c in  () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#11 0x00007f47175a68ed in g_closure_invoke ()
    at /usr/lib64/../lib64/libgobject-2.0.so.0
#12 0x00007f47175b8515 in  () at /usr/lib64/../lib64/libgobject-2.0.so.0
#13 0x00007f47175c071c in g_signal_emit_valist ()
    at /usr/lib64/../lib64/libgobject-2.0.so.0
#14 0x00007f47175c1722 in g_signal_emit ()
    at /usr/lib64/../lib64/libgobject-2.0.so.0
#15 0x00007f471d075a9c in  () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#16 0x00007f471cf64120 in gtk_main_do_event ()
    at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#17 0x00007f471cbc4a4f in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#18 0x00007f471cbc49f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#19 0x00007f471cbc49f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#20 0x00007f471cbc49f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#21 0x00007f471cbc49f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#22 0x00007f471cbc49f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#23 0x00007f471cbc49f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#24 0x00007f471cbc49f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#25 0x00007f471cbc16a1 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#26 0x00007f471cbc1f78 in gdk_window_process_all_updates ()
    at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#27 0x00007f471cbc1fd9 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#28 0x00007f471cba1bf7 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#29 0x00007f4715ebb015 in g_main_context_dispatch ()
    at /usr/lib64/../lib64/libglib-2.0.so.0
#30 0x00007f4715ebb3b8 in  () at /usr/lib64/../lib64/libglib-2.0.so.0
#31 0x00007f4715ebb6c2 in g_main_loop_run ()
    at /usr/lib64/../lib64/libglib-2.0.so.0
#32 0x00007f471cf62f87 in gtk_main () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#33 0x00007f471d4cffd7 in gtkui_thread (ctx=0x0) at gtkui.c:1387
#34 0x00007f471d4d073f in gtkui_start () at gtkui.c:1510
#35 0x0000000000405d74 in main (argc=1, argv=0x7fffffffe298) at main.c:1182

Full gdb log - https://pastebin.com/HETcCzeQ

Note: I will be out of town for a while starting on the 12th or 13th of this month and will be unable to help debug during that time.

Oleksiy-Yakovenko commented 7 years ago

The crash happens after the oscilloscope widget expose event handler calls cairo_destroy. There doesn't seem to be a legit reason for the crash.

But we can try to debug this further when you're available.

orbea commented 7 years ago

Is there anything I can do in the short term to help debug this?

Oleksiy-Yakovenko commented 7 years ago

A few things:

Install cairo debug symbols -- that should help to see more info in debugger. See if backtrace is different every time, or the same. Try removing scope widget, replacing it with a similar one (e.g. spectrum), and see if the problem is still there.

orbea commented 7 years ago

Alright, I will work on it. The crashes happen rarely so it may take some time. Thanks for the advice.

orbea commented 7 years ago

It happened again, now with cairo debug symbols.

Thread 1 "deadbeef-gtkui" received signal SIGABRT, Aborted.
0x00007f73f8d49c9f in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x00007f73f8d49c9f in raise () at /lib64/libc.so.6
#1  0x00007f73f8d4b7c0 in abort () at /lib64/libc.so.6
#2  0x00007f73f8d8e9a1 in __libc_message () at /lib64/libc.so.6
#3  0x00007f73f8d98a69 in _int_free () at /lib64/libc.so.6
#4  0x00007f73f8d9dc9e in free () at /lib64/libc.so.6
#5  0x00007f73f76e6fd5 in  () at /usr/lib64/../lib64/libpixman-1.so.0
#6  0x00007f73f76e6f49 in pixman_image_unref () at /usr/lib64/../lib64/libpixman-1.so.0
#7  0x00007f73f798985d in _cairo_image_surface_finish (abstract_surface=0xece000) at cairo-image-surface.c:844
#8  0x00007f73f79d9eb6 in _cairo_surface_finish (surface=0xece000) at cairo-surface.c:1033
#9  0x00007f73f79d9d00 in INT_cairo_surface_destroy (surface=0xece000) at cairo-surface.c:971
#10 0x00007f73f8aad798 in scope_draw_cairo (widget=0x1006a70, cr=0x15a6fe0, user_data=0xfc6150) at widgets.c:2908
#11 0x00007f73f8aadb43 in scope_draw (widget=0x1006a70, cr=0x15a6fe0, user_data=0xfc6150) at widgets.c:3015
#12 0x00007f73f8aadb90 in scope_expose_event (widget=0x1006a70, event=0x7fffffffc230, user_data=0xfc6150) at widgets.c:3023
#13 0x00007f73f84ef34c in  () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#14 0x00007f73f2ab98ed in g_closure_invoke () at /usr/lib64/../lib64/libgobject-2.0.so.0
#15 0x00007f73f2acb515 in  () at /usr/lib64/../lib64/libgobject-2.0.so.0
#16 0x00007f73f2ad371c in g_signal_emit_valist () at /usr/lib64/../lib64/libgobject-2.0.so.0
#17 0x00007f73f2ad4722 in g_signal_emit () at /usr/lib64/../lib64/libgobject-2.0.so.0
#18 0x00007f73f85ffa9c in  () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#19 0x00007f73f84ee120 in gtk_main_do_event () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#20 0x00007f73f814ea4f in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#21 0x00007f73f814e9f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#22 0x00007f73f814e9f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#23 0x00007f73f814e9f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#24 0x00007f73f814e9f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#25 0x00007f73f814e9f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#26 0x00007f73f814e9f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#27 0x00007f73f814e9f5 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#28 0x00007f73f814b6a1 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#29 0x00007f73f814c10d in gdk_window_process_updates () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#30 0x00007f73f860df83 in  () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#31 0x00007f73f2ab98ed in g_closure_invoke () at /usr/lib64/../lib64/libgobject-2.0.so.0
#32 0x00007f73f2acb110 in  () at /usr/lib64/../lib64/libgobject-2.0.so.0
#33 0x00007f73f2ad3d65 in g_signal_emit_valist () at /usr/lib64/../lib64/libgobject-2.0.so.0
#34 0x00007f73f2ad4722 in g_signal_emit () at /usr/lib64/../lib64/libgobject-2.0.so.0
#35 0x00007f73f84785f0 in  () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#36 0x00007f73f812bbf7 in  () at /usr/lib64/../lib64/libgdk-x11-2.0.so.0
#37 0x00007f73f13ce015 in g_main_context_dispatch () at /usr/lib64/../lib64/libglib-2.0.so.0
#38 0x00007f73f13ce3b8 in  () at /usr/lib64/../lib64/libglib-2.0.so.0
#39 0x00007f73f13ce6c2 in g_main_loop_run () at /usr/lib64/../lib64/libglib-2.0.so.0
#40 0x00007f73f84ecf87 in gtk_main () at /usr/lib64/../lib64/libgtk-x11-2.0.so.0
#41 0x00007f73f8a59fd7 in gtkui_thread (ctx=0x0) at gtkui.c:1387
#42 0x00007f73f8a5a73f in gtkui_start () at gtkui.c:1510
#43 0x0000000000405d74 in main (argc=1, argv=0x7fffffffe298) at main.c:1182

Full GDB log - https://pastebin.com/C5QYPKgE

I have now tried replacing the scope widget with the spectrum. I will see if I can reproduce it yet again.

Oleksiy-Yakovenko commented 7 years ago

The new backtrace shows a different crash location. 1st one was inside of cairo_destroy, the 2nd is cairo_surface_destroy.

Oleksiy-Yakovenko commented 7 years ago

a new idea to try: add some logging to widgets.c:2906, to see what was the last width/height just before the crash.

Oleksiy-Yakovenko commented 7 years ago

Any news about this one?

Oleksiy-Yakovenko commented 6 years ago

out of date

Kabouik commented 6 years ago

I'm having similar issues as well, except it seems more frequent than what @orbea described. Basically Deadbeef plays for a few minutes (or seconds, it depends), then randomly crashes. It seems random as it does not require any action from me (sometimes I'm just reading something in another window with my hands off the keyboard or the mouse) and happens on several tracks that otherwise play correctly in another instance.

The excerpt below shows the end of the terminal output when a crash occurs:

gtk style: 
* { 
} 
*:selected { 
} 
*:active { 
} 

(deadbeef:30128): Gtk-WARNING **: Invalid text buffer iterator: either the iterator is uninitialized, or the characters/pixbufs/widgets in the buffer have been modified since the iterator was created.
You must use marks, character numbers, or line numbers to preserve a position across buffer modifications.
You can apply tags and insert marks without invalidating your iterators,
but any mutation that affects 'indexable' buffer contents (contents that can be referred to by character offset)
will invalidate all outstanding iterators
Segmentation Fault
backtrace() returned 21 addresses
deadbeef() [0x404742]
/usr/lib64/libc.so.6(+0x36590) [0x7f24a279c590]
/usr/lib64/libgtk-3.so.0(+0x3085fb) [0x7f249b63c5fb]
/usr/lib64/libgtk-3.so.0(+0x309d23) [0x7f249b63dd23]
/usr/lib64/libgtk-3.so.0(gtk_text_layout_get_line_display+0x192) [0x7f249b646812]
/usr/lib64/libgtk-3.so.0(+0x313c22) [0x7f249b647c22]
/usr/lib64/libgtk-3.so.0(+0x2f3831) [0x7f249b627831]
/usr/lib64/libgtk-3.so.0(gtk_text_layout_validate_yrange+0x282) [0x7f249b645912]
/usr/lib64/libgtk-3.so.0(+0x323083) [0x7f249b657083]
/usr/lib64/libgtk-3.so.0(+0x323c13) [0x7f249b657c13]
/usr/lib64/libgtk-3.so.0(+0x324059) [0x7f249b658059]
/usr/lib64/libgdk-3.so.0(+0x2bc00) [0x7f249b272c00]
/usr/lib64/libglib-2.0.so.0(g_main_context_dispatch+0x155) [0x7f249ad70365]
/usr/lib64/libglib-2.0.so.0(+0x4b730) [0x7f249ad70730]
/usr/lib64/libglib-2.0.so.0(g_main_context_iteration+0x2c) [0x7f249ad707bc]
/usr/lib64/libgio-2.0.so.0(g_application_run+0x1fd) [0x7f249af3021d]
/usr/lib64/deadbeef/ddb_gui_GTK3.so(gtkui_thread+0xdc) [0x7f249baa06ac]
/usr/lib64/deadbeef/ddb_gui_GTK3.so(+0x5a752) [0x7f249baa0752]
deadbeef() [0x40440d]
/usr/lib64/libc.so.6(__libc_start_main+0xea) [0x7f24a278653a]
deadbeef() [0x40461a]

Here are my plugins:

I am using Deadbeef version 0.7.2 according to the changelog, but deadbeef --version just says:

starting deadbeef devel
DeaDBeeF devel Copyright © 2009-2017 Alexey Yakovenko

However, checking in my software manager, I can confirm that Deadbeef 0.7.2 is installed while the deadbeef-devel package is not installed.