Closed xris1658 closed 6 months ago
Changes in commit 941119b6 has been reverted since it crashes on Linux. The evasion is definitely not the desired way to fix the issue.
This issue is fixed in commit 23fec17f.
The reason why this issue occurred is that the Steinberg::IPlugView
tries to access VST3PluginGUI::frame_
that passed to the IPlugView
before when ctor of VST3PluginGUI
is called. This happens even if the IPlugView::release()
is called indirectly in VST3Plugin::uninitializeEditController()
(by checking the ref count, we noticed that the IPlugView
is still alive).
Actually, I located this problem pretty quickly by using Dr. Memory, which found this illegal access:
~~Dr.M~~ Error #855: UNADDRESSABLE ACCESS of freed memory: reading 0x00000287a6b68dc8-0x00000287a6b68dd0 8 byte(s)
~~Dr.M~~ # 0 Zebra2(x64).dll!AM_VST3_Processor::process12092+0xb2b5 (0x00007ffcd97ffe75 <Zebra2(x64).dll+0x48fe75>)
~~Dr.M~~ # 1 Zebra2(x64).dll!ExitDll +0x234d99 (0x00007ffcd97f402a <Zebra2(x64).dll+0x48402a>)
~~Dr.M~~ # 2 Zebra2(x64).dll!ExitDll +0x234c13 (0x00007ffcd97f3ea4 <Zebra2(x64).dll+0x483ea4>)
~~Dr.M~~ # 3 Zebra2(x64).dll!ExitDll +0x2344e4 (0x00007ffcd97f3775 <Zebra2(x64).dll+0x483775>)
~~Dr.M~~ # 4 releasePointer<> [C:\Users\xris1658\Project\YADAW\src\audio\util\VST3Helper.hpp:34]
~~Dr.M~~ # 5 invoke_main [D:\a\_work\1\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:78]
~~Dr.M~~ # 6 __scrt_common_main_seh [D:\a\_work\1\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288]
~~Dr.M~~ # 7 __scrt_common_main [D:\a\_work\1\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:330]
~~Dr.M~~ # 8 mainCRTStartup [D:\a\_work\1\s\src\vctools\crt\vcstartup\src\startup\exe_main.cpp:16]
~~Dr.M~~ # 9 KERNEL32.dll!BaseThreadInitThunk +0x13 (0x00007ffd34707344 <KERNEL32.dll+0x17344>)
~~Dr.M~~ Note: @0:01:33.453 in thread 14968
~~Dr.M~~ Note: next higher malloc: 0x00000287a6b69620-0x00000287a6b69720
~~Dr.M~~ Note: 0x00000287a6b68dc8-0x00000287a6b68dd0 overlaps memory 0x00000287a6b68db0-0x00000287a6b68df0 that was freed here:
~~Dr.M~~ Note: # 0 replace_operator_delete_nothrow [D:\a\drmemory\drmemory\common\alloc_replace.c:2978]
~~Dr.M~~ Note: # 1 operator delete [D:\a\_work\1\s\src\vctools\crt\vcstartup\src\heap\delete_scalar_size.cpp:31]
~~Dr.M~~ Note: # 2 YADAW::Audio::Plugin::VST3PluginGUI::`scalar deleting destructor'
~~Dr.M~~ Note: # 3 std::unique_ptr<>::reset [C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.39.33519\include\memory:3284]
~~Dr.M~~ Note: # 4 YADAW::Audio::Plugin::VST3Plugin::uninitializeEditController [C:\Users\xris1658\Project\YADAW\src\audio\plugin\VST3Plugin.cpp:654]
~~Dr.M~~ Note: # 5 YADAW::Audio::Plugin::VST3Plugin::uninitialize [C:\Users\xris1658\Project\YADAW\src\audio\plugin\VST3Plugin.cpp:300]
~~Dr.M~~ Note: instruction: mov (%rcx) -> %rax
In which the read is actually where VST3PluginGUI::frame_
is at.
I mentioned previously that Musec does not crash on unloading these plugins, even if it did not reset the frame (see here). This is because the frame object is a stack object inside VST3Plugin
(see here). Therefore, the frame object will survive the plugin instance. The old design hides mistakes I have made, only to trip me and confuse me later.
The same goes for the component handler, which is why the commit above exists. The first commit fixed the issue in VST3Test while the second commit fixed the issue in the main app.
Zebra2 and Zebralette are synthesizers by u-he.
Reproduce
test-zebra
VST3Test
Error message
Stack trace
releasePointer<Steinberg::Vst::IComponent>(Steinberg::Vst::IComponent *)
YADAW::Audio::Plugin::VST3Plugin::destroyPlugin()
YADAW::Audio::Plugin::VST3Plugin::~VST3Plugin()
main(int, char **)
invoke_main()
__scrt_common_main_seh()
__scrt_common_main()
mainCRTStartup(void *)
More details
test-zebra
branch).IAudioProcessor::release
is removed, we might encounter memory leaks or other runtime errors. For comparison, Musec WILL call thatrelease
without crashing.