Mixxx

segfault in DSP::Delay::get

Bug #1810543 reported by Stephane Bernaud on 2019-01-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Mixxx	Expired	Critical	Unassigned

Bug Description

while trying to reproduce segfault described in #1810381, i was able to find a way to produce another segfault that i could easily reproduce :
- load a song
- play it
- really quickly activate/deactivate effect bank 1 AND, in the same time, activate/deactivate (really quickly too) reverb (effect bank 1 / slot 3)
- after few seconds a segfault is signaled

I have a core generated for this segfault.
Here is a backtrace :

Core was generated by `./bin/mixxx'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 DSP::Delay::get (this=0x562c2018a848) at lib/reverb/dsp/Delay.h:75
75 sample_t x = data [read];

Thread 1 (Thread 0x7f355dffb700 (LWP 3594)):
#0 0x0000562bfe35513f in DSP::Delay::get() (this=0x562c2018a848) at lib/reverb/dsp/Delay.h:75
#1 0x0000562bfe35513f in Lattice::process(float, double) (d=0, x=<optimized out>, this=0x562c2018a848)
    at lib/reverb/Reverb.h:65
#2 0x0000562bfe35513f in PlateStub::process(float, float, float*, float*) (this=this@entry=0x562c2018a82
0, x=<optimized out>, decay=decay@entry=0.444999993, _xl=_xl@entry=0x7f35a5418020, _xr=0x7f35a5418020,
    _xr@entry=0x7f35a5418024) at lib/reverb/Reverb.cc:249
#3 0x0000562bfe355be7 in MixxxPlateX2::processBuffer(float const*, float*, unsigned int, float, float, f
loat, float, float) (this=this@entry=0x562c2018a820, in=in@entry=0x7f35a537b020, out=out@entry=0x7f35a541
8020, frames=<optimized out>, bandwidthParam=<optimized out>, decayParam=<optimized out>, dampingParam=0,
currentSend=currentSend@entry=0.111572266, previousSend=<optimized out>) at lib/reverb/Reverb.cc:458
#4 0x0000562bfe554e65 in ReverbEffect::processChannel(ChannelHandle const&, ReverbGroupState*, float const*, float*, mixxx::EngineParameters const&, EffectEnableState, GroupFeatureState const&) (this=<optimized out>, handle=..., pState=0x562c2018a810, pInput=0x7f35a537b020, pOutput=0x7f35a5418020, bufferParameters=..., enableState=EffectEnableState::Disabling, groupFeatures=...)
    at src/effects/builtin/reverbeffect.cpp:117
#5 0x0000562bfe55982e in EffectProcessorImpl<ReverbGroupState>::process(ChannelHandle const&, ChannelHandle const&, float const*, float*, mixxx::EngineParameters const&, EffectEnableState, GroupFeatureState const&) (this=0x7f35a516e010, inputHandle=..., outputHandle=..., pInput=0x7f35a537b020, pOutput=0x7f35a5418020, bufferParameters=..., enableState=EffectEnableState::Disabling, groupFeatures=...)
    at src/effects/effectprocessor.h:157
#6 0x0000562bfe64b0e2 in EngineEffect::process(ChannelHandle const&, ChannelHandle const&, float const*, float*, unsigned int, unsigned int, EffectEnableState, GroupFeatureState const&) (this=this@entry=0x7f35a51f1010, inputHandle=..., outputHandle=..., pInput=pInput@entry=0x7f35a537b020, pOutput=pOutput@entry=0x7f35a5418020, numSamples=numSamples@entry=2048, sampleRate=44100, chainEnableState=<optimized out>, groupFeatures=...) at src/engine/effects/engineeffect.cpp:197
#7 0x0000562bfe64e926 in EngineEffectChain::process(ChannelHandle const&, ChannelHandle const&, float*, float*, unsigned int, unsigned int, GroupFeatureState const&) (this=this@entry=0x7f35a54b5010, inputHandle=..., outputHandle=..., pIn=pIn@entry=0x7f3668066020, pOut=pOut@entry=0x7f35d6b16020, numSamples=numSamples@entry=2048, sampleRate=<optimized out>, groupFeatures=...)
    at src/engine/effects/engineeffectchain.cpp:277
#8 0x0000562bfe652ffd in EngineEffectRack::process(ChannelHandle const&, ChannelHandle const&, float*, float*, unsigned int, unsigned int, GroupFeatureState const&) (this=this@entry=0x562bffa17050, inputHandle=..., outputHandle=..., pIn=pIn@entry=0x7f3668066020, pOut=pOut@entry=0x7f3660713020, numSamples=2048, sampleRate=44100, groupFeatures=...) at src/engine/effects/engineeffectrack.cpp:79
#9 0x0000562bfe65473f in EngineEffectsManager::processInner(SignalProcessingStage, ChannelHandle const&, ChannelHandle const&, float*, float*, unsigned int, unsigned int, GroupFeatureState const&, float, float) (this=this@entry=0x562bff85b9f0, stage=stage@entry=SignalProcessingStage::Postfader, inputHandle=..., outputHandle=..., pIn=<optimized out>, pOut=pOut@entry=0x7f366037a020, numSamples=<optimized out>, sampleRate=<optimized out>, groupFeatures=..., oldGain=oldGain@entry=0, newGain=<optimized out>)
    at src/engine/effects/engineeffectsmanager.cpp:222
#10 0x0000562bfe6551a5 in EngineEffectsManager::processPostFaderAndMix(ChannelHandle const&, ChannelHandle const&, float*, float*, unsigned int, unsigned int, GroupFeatureState const&, float, float) (this=this@entry=0x562bff85b9f0, inputHandle=..., outputHandle=..., pIn=<optimized out>, pOut=pOut@entry=0x7f366037a020, numSamples=numSamples@entry=2048, sampleRate=44100, groupFeatures=..., oldGain=oldGain@entry=0, newGain=<optimized out>) at src/engine/effects/engineeffectsmanager.cpp:164
#11 0x0000562bfe5e78a5 in ChannelMixer::applyEffectsAndMixChannels(EngineMaster::GainCalculator const&, QVarLengthArray<EngineMaster::ChannelInfo*, 64>*, QVarLengthArray<EngineMaster::GainCache, 64>*, float*, ChannelHandle const&, unsigned int, unsigned int, EngineEffectsManager*) (gainCalculator=..., activeChannels=activeChannels@entry=0x562bff8b99b8, channelGainCache=channelGainCache@entry=0x562bff8b8d58, pOutput=0x7f366037a020, outputHandle=..., iBufferSize=2048, iSampleRate=44100, pEngineEffectsManager=0x562bff85b9f0) at src/engine/channelmixer_autogen.cpp:48
#12 0x0000562bfe679f6c in EngineMaster::process(int) (this=0x562bff8b88f0, iBufferSize=iBufferSize@entry=2048) at src/engine/enginemaster.cpp:422

(gdb) p read
$1 = 0
(gdb) p data
$2 = (sample_t *) 0x0

Operating system :
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic

CPU architecture : Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
$ uname -a
Linux oleg 4.15.0-43-generic #46-Ubuntu SMP Thu Dec 6 14:45:28 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

Your video
$ sudo lspci | grep VGA
00:02.0 VGA compatible controller: Intel Corporation HD Graphics 620 (rev 02)

sound hardware
traktor kontrol S4 mk2 one

mixxx version : 2.2

git log --max-count=1
commit 56b2c05d16a7ddf893b356e4bd4562e7ceccd627 (HEAD -> 2.2, origin/2.2)
Merge: 98c1be601 0e13a3d38
Author: RJ Skerry-Ryan <email address hidden>
Date: Tue Jan 1 08:05:42 2019 -0800

Merge pull request #1970 from sblaisot/2.2-2019

Revision history for this message

Stephane Bernaud (uraoul) wrote on 2019-01-04:

full backtrace (all threads) Edit (51.2 KiB, text/plain)

Daniel Schürmann (daschuer) on 2019-01-04

Changed in mixxx:
importance:	Undecided → Critical

Revision history for this message

Be (be.ing) wrote on 2019-01-04:

Does this happen with other effects or only Reverb?

Changed in mixxx:
milestone:	none → 2.2.1

Revision history for this message

Stephane Bernaud (uraoul) wrote on 2019-01-05:

for now, i can only reproduce with reverb.

Activating cue button (the one that sends the track to headphone) while reverb effect is on can triggers this segfault too.

Daniel Schürmann (daschuer) on 2019-04-23

Changed in mixxx:
milestone:	2.2.1 → 2.2.2

Revision history for this message

Daniel Schürmann (daschuer) wrote on 2019-04-24:

I cannot reproduce this with Mixxx 2.2.1 on ubuntu Xenial.

The backtrace looks as if the delay[] is accessed before setup or after destroying.
I have just checked but the delay object is always used from the same thread, so I cannot explain how this can happen.

Can you still produce it with lasted Mixxx Version 2.2.1?

Daniel Schürmann (daschuer) on 2019-08-02