search

mgerdes / Open-Golf

A cross-platform minigolf game written in C.
MIT License
1.8k stars 87 forks source link

SIGSEGV when opening on Android #27

Open dfandrich opened 1 year ago

dfandrich commented 1 year ago

Launching the app (the 1.0 version from F-Droid) on an armv7l LineageOS 14.1 (Android 7.1.2) device results in an immediate SIGSEGV with only the Android crash dialog being displayed. The backtrace implies it might be some kind of audio issue.

11-13 19:53:50.630  2329 30013 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=me.mgerdes.open_golf/android.app.NativeActivity bnds=[750,608][960,846] (has extras)} from uid 10027 on display 0
11-13 19:53:50.649  2329  2343 W BroadcastQueue: Permission Denial: receiving Intent { act=com.android.launcher3.action.LAUNCH flg=0x10 (has extras) } to com.google.android.gms/.chimera.GmsIntentOperationService$GmsExternalReceiver requires com.android.launcher3.permission.RECEIVE_LAUNCH_BROADCASTS due to sender com.cyanogenmod.trebuchet (uid 10027)
11-13 19:53:50.702  2329 30015 I ActivityManager: Start proc 10245:me.mgerdes.open_golf/u0a124 for activity me.mgerdes.open_golf/android.app.NativeActivity
11-13 19:53:50.749 10245 10245 W System  : ClassLoader referenced unknown path: 
11-13 19:53:50.881 10245 10273 I Adreno-EGL: <qeglDrvAPI_eglInitialize:379>: QUALCOMM Build: 10/21/15, 369a2ea, I96aee987eb
11-13 19:53:50.969  2329  2352 I ActivityManager: Displayed me.mgerdes.open_golf/android.app.NativeActivity: +316ms
11-13 19:53:50.998 10245 10276 I golf    : Loading file data/static_data.static_data, count: 1
11-13 19:53:50.999 10245 10276 I golf    : Loading file data/models/ui_square.obj, count: 1
11-13 19:53:50.999 10245 10276 I golf    : Loading file data/models/cube.obj, count: 1
11-13 19:53:50.999 10245 10276 I golf    : Loading file data/models/render_image_square.obj, count: 1
11-13 19:53:51.000 10245 10276 I golf    : Loading file data/models/editor/ball_start.obj, count: 1
11-13 19:53:51.002 10245 10276 I golf    : Loading file data/models/golf_ball.obj, count: 1
11-13 19:53:51.007 10245 10276 I golf    : Loading file data/textures/golf_ball_normal_map.jpg, count: 1
11-13 19:53:51.018 10245 10276 I golf    : Loading file data/textures/fallback.png, count: 1
11-13 19:53:51.034 10245 10276 I golf    : Loading file data/textures/colors/white.png, count: 1
11-13 19:53:51.035 10245 10276 I golf    : Loading file data/textures/colors/black.png, count: 1
11-13 19:53:51.038 10245 10276 I golf    : Loading file data/textures/colors/red.png, count: 1
11-13 19:53:51.038 10245 10276 I golf    : Loading file data/textures/colors/yellow.png, count: 1
11-13 19:53:51.038 10245 10276 I golf    : Loading file data/textures/aimer.png, count: 1
11-13 19:53:51.039 10245 10276 I golf    : Loading file data/textures/arrow.png, count: 1
11-13 19:53:51.087 10245 10276 I golf    : Loading file data/textures/water_noise_1.png, count: 1
11-13 19:53:51.116  2329 30006 I ActivityManager: Process com.google.android.configupdater (pid 8248) has died
11-13 19:53:51.117  2329 30006 D ActivityManager: cleanUpApplicationRecord -- 8248
11-13 19:53:51.123 10245 10276 I golf    : Loading file data/textures/water_noise_2.png, count: 1
11-13 19:53:51.128 10245 10276 I golf    : Loading file data/textures/water_noise_3.png, count: 1
11-13 19:53:51.151  2329  3309 I ActivityManager: Process com.qualcomm.timeservice (pid 9198) has died
11-13 19:53:51.151  2329  3309 D ActivityManager: cleanUpApplicationRecord -- 9198
11-13 19:53:51.183  2329  4348 I ActivityManager: Process com.android.calendar (pid 9071) has died
11-13 19:53:51.183  2329  4348 D ActivityManager: cleanUpApplicationRecord -- 9071
11-13 19:53:51.188 10245 10273 W libOpenSLES: class OutputMix interface 0 requested but unavailable MPH=43
11-13 19:53:51.188 10245 10273 W libOpenSLES: Leaving Object::GetInterface (SL_RESULT_FEATURE_UNSUPPORTED)
11-13 19:53:51.191 10245 10273 I libOpenSLES: Emulating old channel mask behavior (ignoring positional mask 0x4, using default mask 0x1 based on channel count of 1)
11-13 19:53:51.192 10245 10273 W AudioTrack: AUDIO_OUTPUT_FLAG_FAST denied by client; transfer 1, track 44100 Hz, output 48000 Hz
11-13 19:53:51.192  1825  2818 W AudioFlinger: createTrack_l(): mismatch between requested flags (00000100) and output flags (00000006)
11-13 19:53:51.192  1825  2818 E AudioMixer: AudioMixer::getTrackName out of available tracks
11-13 19:53:51.192  1825  2818 E AudioFlinger: no more track names available
11-13 19:53:51.192  1825  2818 E AudioFlinger: createTrack_l() initCheck failed -12; no control block?
11-13 19:53:51.193 10245 10273 E AudioTrack: AudioFlinger could not create track, status: -12
11-13 19:53:51.193 10245 10273 E libOpenSLES: AudioTrack::initCheck status 4294967284
11-13 19:53:51.193 10245 10273 W libOpenSLES: Leaving Object::Realize (SL_RESULT_CONTENT_UNSUPPORTED)
11-13 19:53:51.193 10245 10273 W libOpenSLES: Leaving Object::GetInterface (SL_RESULT_PRECONDITIONS_VIOLATED)
11-13 19:53:51.193 10245 10273 W libOpenSLES: Leaving Object::GetInterface (SL_RESULT_PRECONDITIONS_VIOLATED)
11-13 19:53:51.193 10245 10273 W libOpenSLES: Leaving Object::GetInterface (SL_RESULT_PRECONDITIONS_VIOLATED)
11-13 19:53:51.194 10245 10273 F libc    : Fatal signal 11 (SIGSEGV), code 1, fault addr 0x0 in tid 10273 (erdes.open_golf)
11-13 19:53:51.194   146   146 W         : debuggerd: handling request: pid=10245 uid=10124 gid=10124 tid=10273
11-13 19:53:51.217  2329  4518 I ActivityManager: Process com.android.deskclock (pid 4398) has died
11-13 19:53:51.217  2329  4518 D ActivityManager: cleanUpApplicationRecord -- 4398
11-13 19:53:51.271 10279 10279 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
11-13 19:53:51.271 10279 10279 F DEBUG   : LineageOS Version: '14.1-20210123-UNOFFICIAL-hammerhead'
11-13 19:53:51.271 10279 10279 F DEBUG   : Build fingerprint: 'google/hammerhead/hammerhead:6.0.1/M4B30Z/3437181:user/release-keys'
11-13 19:53:51.271 10279 10279 F DEBUG   : Revision: '11'
11-13 19:53:51.271 10279 10279 F DEBUG   : ABI: 'arm'
11-13 19:53:51.271 10279 10279 F DEBUG   : pid: 10245, tid: 10273, name: erdes.open_golf  >>> me.mgerdes.open_golf <<<
11-13 19:53:51.271 10279 10279 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
11-13 19:53:51.271 10279 10279 F DEBUG   :     r0 00000000  r1 9babe800  r2 97572e0e  r3 00000003
11-13 19:53:51.271 10279 10279 F DEBUG   :     r4 9b43c1f8  r5 000020a8  r6 00000001  r7 b2de4870
11-13 19:53:51.271 10279 10279 F DEBUG   :     r8 0000209c  r9 9b43c258  sl b465a008  fp 000020a0
11-13 19:53:51.271 10279 10279 F DEBUG   :     ip b2de42fc  sp b2de4800  lr b61a1771  pc 9a2903c8  cpsr 600f0030
11-13 19:53:51.281 10279 10279 F DEBUG   :
11-13 19:53:51.281 10279 10279 F DEBUG   : backtrace:
11-13 19:53:51.281 10279 10279 F DEBUG   :     #00 pc 000b23c8  /data/app/me.mgerdes.open_golf-1/lib/arm/libgolf.so (saudio_setup+767)
11-13 19:53:51.281 10279 10279 F DEBUG   :     #01 pc 000799cd  /data/app/me.mgerdes.open_golf-1/lib/arm/libgolf.so (golf_audio_init+44)
11-13 19:53:51.281 10279 10279 F DEBUG   :     #02 pc 0006e68f  /data/app/me.mgerdes.open_golf-1/lib/arm/libgolf.so
11-13 19:53:51.281 10279 10279 F DEBUG   :     #03 pc 000b9b2f  /data/app/me.mgerdes.open_golf-1/lib/arm/libgolf.so
11-13 19:53:51.281 10279 10279 F DEBUG   :     #04 pc 00047bd3  /system/lib/libc.so (_ZL15__pthread_startPv+22)
11-13 19:53:51.281 10279 10279 F DEBUG   :     #05 pc 00019cbd  /system/lib/libc.so (__start_thread+6)
11-13 19:53:51.628   146   146 W         : debuggerd: resuming target 10245
11-13 19:53:51.629  2329  2349 I BootReceiver: Copying /data/tombstones/tombstone_09 to DropBox (SYSTEM_TOMBSTONE)
11-13 19:53:51.636  2329  2349 W DropBoxManagerService: Dropping: SYSTEM_TOMBSTONE (10 > 0 bytes)
11-13 19:53:51.642  2329 10291 W ActivityManager:   Force finishing activity me.mgerdes.open_golf/android.app.NativeActivity
11-13 19:53:51.655   181   181 E lowmemorykiller: Error writing /proc/10245/oom_score_adj; errno=22
11-13 19:53:51.663  2329 10292 W DropBoxManagerService: Dropping: data_app_native_crash (1257 > 0 bytes)
11-13 19:53:51.678  2329 25753 I WindowManager: WIN DEATH: Window{7be113 u0 me.mgerdes.open_golf/android.app.NativeActivity}
11-13 19:53:51.678  2329  2341 I ActivityManager: Process me.mgerdes.open_golf (pid 10245) has died
11-13 19:53:51.678  2329  2341 D ActivityManager: cleanUpApplicationRecord -- 10245
11-13 19:53:51.705  1824  1824 I Zygote  : Process 10245 exited due to signal (11)
11-13 19:53:51.721  2329  9426 I OpenGLRenderer: Initialized EGL, version 1.4
11-13 19:53:51.721  2329  9426 D OpenGLRenderer: Swap behavior 1
11-13 19:53:52.287  3332  3438 W OpenGLRenderer: Incorrectly called buildLayer on View: ShortcutAndWidgetContainer, destroying layer...
11-13 19:53:52.287  3332  3438 W OpenGLRenderer: Incorrectly called buildLayer on View: ShortcutAndWidgetContainer, destroying layer...
dfandrich commented 1 year ago

Sure enough, it is related to audio. A few other apps run around the same time of these crashes failed to play their audio, indicating that something was wrong with Android/Linux' audio subsystem. After running a few apps to try to test the audio, audio just suddenly started working fine, and Open Golf then started running.

I'm guessing that the root problem is that Open Golf is not checking an error code while initializing audio somewhere and is then crashing on a bad pointer.

dfandrich commented 1 year ago

The call to saudio_setup() in golf_audio_init() is not followed by a call to saudio_isvalid(), to check that audio is actually available, however, the documentation says missing that call shouldn't hurt. It would be handy to have a log message if !saudio_isvalid(). Also, the crash is happening before saudio_setup() even returns. I don't see any obvious NULL pointer references in saudio_setup() but maybe the compiler has inlined some other functions. Is the program simply failing a SOKOL_ASSERT? I would expect a cleaner exit in that case, though.

I found some suspicious code in _saudio_backend_init(), though. Most of the OpenSLES calls have their return codes checked, but the ones starting in the / setup player / section to the end of the function do not. If (*_saudio.backend.engine)->CreateAudioPlayer fails, then _saudio.backend.player_obj would remain NULL and the subsequent calls would dereference a NULL pointer. I suspect this is the issue.