search

libgme / game-music-emu

Blargg's video game music emulation library, which allows audio applications to easily add playback support for the music of many classic video game consoles.
GNU Lesser General Public License v2.1
59 stars 12 forks source link

crash report from archlinux #58

Closed sezero closed 1 hour ago

sezero commented 9 months ago

FYI:

https://bugs.archlinux.org/task/75994

vlc: /build/libgme/src/game-music-emu-0.6.3/gme/blargg_common.h:58:
 T& blargg_vector<T>::operator[](size_t) const [with T = short int; size_t = long unsigned int]:
 Assertion `n <= size_' failed.

The ticket is closed by building libgme in 'Release' mode instead of 'Debug' but that's obviously not a fix.

I do not have a way of testing or knowing whether or not the issue still is present.

Wohlstand commented 8 months ago

I checked this, and it doesn't gets reproduced on the lates state... I'll try to check this deeper...

sezero commented 8 months ago

Remember that the issue was reported to show itself when the library is built in debug mode.

Wohlstand commented 8 months ago

Ye, I did that in debug mode, and it doesn't gets crashed on my end. I may guess that bug had neen fixed before me, or something... :thinking:

Wohlstand commented 8 months ago

It's better to verify the LATEST development version on the same place to ensure the thing works as needed.

Wohlstand commented 4 months ago

Seems to verify this, I will need to install the Docker container and run the stuff inside it... :thinking:

City-busz commented 1 week ago

It still happens with the latest development code if libgme is built with build type Debug or None.

Here is the full backtrace:

#0  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
        tid = <optimized out>
        ret = 0
        pd = <optimized out>
        old_mask = {__val = {128663913752624}}
        ret = <optimized out>
#1  0x00007504f61ffeb3 in __pthread_kill_internal (threadid=<optimized out>, signo=6) at pthread_kill.c:78
No locals.
#2  0x00007504f61a7a30 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
        ret = <optimized out>
#3  0x00007504f618f4c3 in __GI_abort () at abort.c:79
        save_stage = 1
        act = {__sigaction_handler = {sa_handler = 0x20, sa_sigaction = 0x20}, sa_mask = {__val = {128664169223750, 128663597204288, 128663597204288, 128663597092560, 7, 0, 
              4, 8589934592, 0, 128663913752808, 18446744073709551496, 2, 128663597204272, 128663913752848, 128664169672110, 128664170980576}}, sa_flags = 2143672064, 
          sa_restorer = 0x7504e6dfe910}
#4  0x00007504f618f3df in __assert_fail_base (fmt=0x7504f631ab68 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x7504cc78deaf "n <= size_", 
    file=file@entry=0x7504cc78a330 "/usr/src/debug/libgme/game-music-emu/gme/blargg_common.h", line=line@entry=65, 
    function=function@entry=0x7504cc78ad28 "T& blargg_vector<T>::operator[](size_t) const [with T = short int; size_t = long unsigned int]") at assert.c:94
        str = 0x7504d401c340 "\214\233L\204\003u"
        total = 4096
#5  0x00007504f619fc67 in __assert_fail (assertion=0x7504cc78deaf "n <= size_", file=0x7504cc78a330 "/usr/src/debug/libgme/game-music-emu/gme/blargg_common.h", line=65, 
    function=0x7504cc78ad28 "T& blargg_vector<T>::operator[](size_t) const [with T = short int; size_t = long unsigned int]") at assert.c:103
No locals.
#6  0x00007504cc757de8 in blargg_vector<short>::operator[](unsigned long) const [clone .part.0] [clone .lto_priv.0] [clone .lto_priv.0] (n=<optimized out>, 
    this=<optimized out>) at /usr/src/debug/libgme/game-music-emu/gme/blargg_common.h:65
        __PRETTY_FUNCTION__ = <optimized out>
#7  0x00007504cc788b1e in blargg_vector<short>::operator[] (this=<optimized out>, n=<optimized out>, this=<optimized out>, n=<optimized out>)
    at /usr/src/debug/libgme/game-music-emu/gme/Spc_Emu.cpp:347
        __PRETTY_FUNCTION__ = <optimized out>
#8  Fir_Resampler_::skip_input (this=0x7504d4c2a6f8, count=-2) at /usr/src/debug/libgme/game-music-emu/gme/Fir_Resampler.cpp:195
        remain = <optimized out>
        max_count = <optimized out>
        remain = <optimized out>
        max_count = <optimized out>
#9  Spc_Emu::skip_ (this=0x7504d4c2a510, count=1099072) at /usr/src/debug/libgme/game-music-emu/gme/Spc_Emu.cpp:332
        resampler_latency = <optimized out>
        buf = {9520, -11264, 29956, 0, -15738, -2551, 29956, 0, 24, 0, 48, 0, -5440, -6433, 29956, 0, -5632, -6433, 29956, 0, -10496, 32709, -28993, -18474, 18960, 26816, 
          29956, 0, 0, 0, 0, 0, -1, -1, -1, -1, 13, 0, 0, 0, -5264, -6433, 29956, 0, 0, 0, 0, 0, 22620, 18, 0, 0, -10496, 32709, -28993, -18474, 0, 0, 0, 0, 5519, -2605, 
          29956, 0}
#10 0x00007504cc7886e2 in Music_Emu::skip(long) [clone .isra.0] (this=this@entry=0x7504d4c2a510, count=<optimized out>)
    at /usr/src/debug/libgme/game-music-emu/gme/Music_Emu.cpp:263
        __PRETTY_FUNCTION__ = <optimized out>
#11 0x00007504cc759905 in Music_Emu::seek_samples (this=0x7504d4c2a510, time=1879008) at /usr/src/debug/libgme/game-music-emu/gme/Music_Emu.cpp:236
        blargg_return_err_ = <optimized out>
#12 Music_Emu::seek_samples (this=0x7504d4c2a510, time=1879008) at /usr/src/debug/libgme/game-music-emu/gme/Music_Emu.cpp:232
No locals.
#13 Music_Emu::seek (this=0x7504d4c2a510, msec=<optimized out>) at /usr/src/debug/libgme/game-music-emu/gme/Music_Emu.cpp:241
No locals.
#14 gme_seek (me=0x7504d4c2a510, msec=<optimized out>) at /usr/src/debug/libgme/game-music-emu/gme/gme.cpp:398
No locals.
#15 0x00007504cea58844 in Control (demux=<optimized out>, query=<optimized out>, args=<optimized out>) at demux/gme.c:275
        pos = 4.8241146318778998e+228
        seek = <optimized out>
        sys = 0x7504d4007c40
#16 0x00007504f60a12e9 in demux_Control (p_demux=<optimized out>, i_query=<optimized out>) at ../include/vlc_demux.h:365
        args = {{gp_offset = 16, fp_offset = 64, overflow_arg_area = 0x7504e6dfec20, reg_save_area = 0x7504e6dfeb60}}
        i_result = <optimized out>
#17 0x00007504f60bfde3 in Control (p_input=p_input@entry=0x750484005cb0, i_type=i_type@entry=2, val=..., val@entry=...) at input/input.c:2033
        f_pos = 0.1919
        i_control_date = <optimized out>
        b_force_update = false
        __func__ = "Control"
#18 0x00007504f60c140b in MainLoop (p_input=p_input@entry=0x750484005cb0, b_interactive=b_interactive@entry=true) at input/input.c:802
        i_deadline = <optimized out>
        b_postpone = <optimized out>
        i_type = <optimized out>
        val = {i_int = 1044676975, b_bool = 111, f_float = 0.1919, psz_string = 0x3e44816f <error: Cannot access memory at address 0x3e44816f>, p_address = 0x3e44816f, 
          p_list = 0x3e44816f, coords = {x = 1044676975, y = 0}}
        i_wakeup = 178772337612
        b_paused = <optimized out>
        i_intf_update = <optimized out>
        i_last_seek_mdate = 0
        b_pause_after_eof = false
        b_paused_at_eof = <optimized out>
        p_demux = <optimized out>
        b_can_demux = true
        __func__ = "MainLoop"
#19 0x00007504f60c2707 in Run (data=0x750484005cb0) at input/input.c:506
        priv = 0x750484005cb0
        p_input = 0x750484005cb0
#20 0x00007504f61fdded in start_thread (arg=<optimized out>) at pthread_create.c:447
        ret = <optimized out>
        pd = <optimized out>
        out = <optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {128663913756352, 6951825986904853404, 128663913756352, -120, 0, 128664104106384, 6951825986883881884, 
                6951861722525404060}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
        not_first_call = <optimized out>
#21 0x00007504f62810dc in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
Wohlstand commented 3 days ago

I'll try to take a look soon and try to make some.

Wohlstand commented 6 hours ago

According to the this stack trace, the crash happens here at the Fir_Resampler.cpp because of attempt to go out of ramge. However, in the stack trace there is no any values providen (showing just "").

изображение

So, there is a question: is need to make a workaround here, or check all the stuff through the stack and avoid producing such of invalid values :thinking:

Wohlstand commented 4 hours ago

@City-busz Another question: does this happens with ANY SPC files, or it happens with some that you do have? I do have something like this, and no crash happens at me locally, I even enabled all STL's asserts by global macros: ice_ow_mod_spc.spc.zip

Wohlstand commented 4 hours ago

Okay, just now I built the debug version of VLC from the source, and I ran it under debugging and supplying my custom GME SO file, and I reproduced that damned crash locally at me, finally: изображение

So, trying to figure for the reason and eliminate it at all.

Wohlstand commented 4 hours ago

I found the count is -2, and that's weird... When it passed as an array index, it's supposed to be positive.

Wohlstand commented 4 hours ago

And, because the argument is size_t, the -2 turned into extremely large positive value that led an assert: изображение

Wohlstand commented 3 hours ago

Okay, actually, this is a wrong formula: изображение However, I have no idea, does this supposed to round, or just subtract a small pile? :thinking: I think, I'll just turn this into zero as a small test.

Wohlstand commented 3 hours ago

Okay, just now I sent a quick fix. @City-busz, please test out the latest development version again, now it should work just fine.

City-busz commented 1 hour ago

Yes, it fixes the problem. Thank you very much! :)

Wohlstand commented 1 hour ago

Thanks for the confirmation, so, it's a time to close this issue.