Segmentation fault with JACK output

[Queatz]

Bug Summary

LMMS crashes on launch when Jack is selected as output.

Steps to reproduce

Switch to JACK output
Relaunch LMMS

Expected behavior

No crash

Actual behavior

Crash

Affected LMMS versions

1.2.2
1.3.0 Alpha 1

Logs

Click to expand

Notice: could not set realtime priority.
Cannot use real-time scheduling (RR/5) (1: Operation not permitted)
JackClient::AcquireSelfRealTime error
cannot connect output ports. you'll have to do connections at your own!
Segmentation fault (core dumped)

[Queatz]

These are the JACK logs

Destination port in attempted (dis)connection of system:playback_2 and  is not an input port
Destination port in attempted (dis)connection of system:playback_2 and  is not an input port
JackGraphManager::Disconnect: port_src = 17 not used name = 

[PhysSong]

@Queatz Could you try launching LMMS with gdb or other debuggers?

[Queatz]

Is there a debug AppImage I can download?

Edit: Hmm, it doesn't crash when I build it from source. Confirmed JACK is working.

Supported audio interfaces
--------------------------
* ALSA                        : OK
* JACK                        : OK (weak linking enabled)
* OSS                         : OK
* Sndio                       : 
* PortAudio                   : OK
* libsoundio                  : not found, please install libsoundio if you require libsoundio support
* PulseAudio                  : OK
* SDL                         : OK, using SDL1.2

Supported MIDI interfaces
-------------------------
* ALSA                        : OK
* OSS                         : OK
* Sndio                       : 
* JACK                        : OK (weak linking enabled)
* WinMM                       : 
* AppleMidi                   : 

Supported file formats for project export
-----------------------------------------
* WAVE                        : OK
* FLAC                        : OK
* OGG/VORBIS                  : OK
* MP3/Lame                    : OK

Optional plugins
----------------
* Lv2 plugins                 : not found, install it or set PKG_CONFIG_PATH appropriately
* SUIL for plugin UIs         : not found, install it or set PKG_CONFIG_PATH appropriately
* ZynAddSubFX instrument      : OK
* Carla Patchbay & Rack       : OK (weak linking enabled)
* SoundFont2 player           : OK
* Stk Mallets                 : OK
* VST-instrument hoster       : not found, please install (lib)wine-dev (or similar) - 64 bit systems additionally need gcc-multilib and g++-multilib
* VST-effect hoster           : not found, please install (lib)wine-dev (or similar) - 64 bit systems additionally need gcc-multilib and g++-multilib
* CALF LADSPA plugins         : OK
* CAPS LADSPA plugins         : OK
* CMT LADSPA plugins          : OK
* TAP LADSPA plugins          : OK
* SWH LADSPA plugins          : OK
* GIG player                  : OK

[JohannesLorenz]

@Queatz it may not have crashed, but valgrind can sometimes show errors that do not lead to a crash yet (you need a debug build to use valgrind).

[Queatz]

==29325== Conditional jump or move depends on uninitialised value(s)
==29325==    at 0xFE7BCA1: ???
==29325==    by 0x24DB47C7: ???

With valgrind I see this 1,000 times and then it stops reporting errors.

[JohannesLorenz]

You can google how to suppress valgrind stopping at 1000. Also, there are valgrind suppression files to suppress this particular "???" jump.

[Queatz]

Here is the output with that error suppressed:

jacob@jacob-desktop:/media/jacob/Storage/Projects/lmms/build$ valgrind --error-limit=no --suppressions=s.supp ./lmms
==31484== Memcheck, a memory error detector
==31484== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==31484== Using Valgrind-3.17.0 and LibVEX; rerun with -h for copyright info
==31484== Command: ./lmms
==31484== 
*** WEAK-JACK: initializing
*** WEAK-JACK: OK. (0)
Lv2 plugin SUMMARY: 207 of 340  loaded in 28468 msecs.
For details about not loaded plugins, please set
  environment variable "LMMS_LV2_DEBUG" to nonempty.
Lv2 Plugins blacklisted: 10 of 340 
  If you want to ignore the blacklist (dangerous!), please set
  environment variable "LMMS_IGNORE_BLACKLIST" to nonempty.
ALSA-sequencer: unhandled input event 66
==31484== 
==31484== HEAP SUMMARY:
==31484==     in use at exit: 3,901,689 bytes in 36,058 blocks
==31484==   total heap usage: 6,029,798 allocs, 5,993,740 frees, 5,177,878,705 bytes allocated
==31484== 
==31484== LEAK SUMMARY:
==31484==    definitely lost: 45,488 bytes in 20 blocks
==31484==    indirectly lost: 662 bytes in 22 blocks
==31484==      possibly lost: 60,216 bytes in 1,795 blocks
==31484==    still reachable: 3,704,867 bytes in 33,402 blocks
==31484==                       of which reachable via heuristic:
==31484==                         newarray           : 4,264 bytes in 1 blocks
==31484==         suppressed: 0 bytes in 0 blocks
==31484== Rerun with --leak-check=full to see details of leaked memory
==31484== 
==31484== For lists of detected and suppressed errors, rerun with: -s
==31484== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 1185 from 1136)

Here is the output with that error suppressed and --leak-check=full:
https://gist.github.com/Queatz/2a08d4632d0464f857d0f8d5ad3fff40

[JohannesLorenz]

Thanks, the output with leak check enabled "randomly" seems to show the error. A QThread (probably the jack thread) seems to be still running while it's being destroyed via

==31585==    by 0x38F47D: MixerWorkerThread::~MixerWorkerThread() (MixerWorkerThread.cpp:137)
==31585==    by 0x603BE1D: QObjectPrivate::deleteChildren() (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.2)
==31585==    by 0x6046CC3: QObject::~QObject() (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.2)
==31585==    by 0x387229: Mixer::~Mixer() (Mixer.cpp:160)
==31585==    by 0x38724D: Mixer::~Mixer() (Mixer.cpp:192)
==31585==    by 0x35D31A: void LmmsCore::deleteHelper<Mixer>(Mixer**) (Engine.h:137)
==31585==    by 0x35CCB5: LmmsCore::destroy() (Engine.cpp:101)

Next question is why this thread is still running when LmmsCore::destroy is being called.

[Queatz]

I am using QjackCtl, so maybe this is a bug in QjackCtl (that could possibly be handled better in LMMS)?

QjackCtl - JACK Audio Connection Kit - Qt GUI Interface
Version: 0.9.1
Using: Qt 5.15.2

[JohannesLorenz]

OK, I was slightly wrong, there is no Jack QThread. The log shows that one of the MixerWorkerThreads is still running.

There are two questions:

1. Why is the MixerWorkerThread not terminating? It's likely hanging in some callback.
2. Why is LMMS not properly terminating that thread?

As to 2: AudioDevice does it like this:

	if( !thread->wait( 30000 ) )
	{
		fprintf( stderr, "Terminating audio device thread\n" );
		thread->terminate();
		if( !thread->wait( 1000 ) )
		{
			fprintf( stderr, "Thread not terminated yet\n" );
		}
	}

Mixer.cpp does only:

        for( int w = 0; w < m_numWorkers; ++w )
	{
		m_workers[w]->quit();
	}

	MixerWorkerThread::startAndWaitForJobs();

	for( int w = 0; w < m_numWorkers; ++w )
	{
		m_workers[w]->wait( 500 );
	}

        // XXX

@Queatz can you please append the following code where I marked // XXX, recompile and check if you still get errors?

	for( int w = 0; w < m_numWorkers; ++w )
	{
		m_workers[w]->terminate();
                if( !m_workers[w]->wait( 1000 ) )
		{
			fprintf( stderr, "Thread not terminated yet\n" );
		}
	}
	for( int w = 0; w < m_numWorkers; ++w )
	{
		m_workers[w]->wait( 500 );
	}

[Queatz]

That definitely seems to have worked.

I also added snd_config_update_free_global(); after snd_seq_close( m_seqHandle ); in ~MidiAlsaSeq() which got it down to just 5 errors:

==45952== Command: ./lmms
==45952== 
*** WEAK-JACK: initializing
*** WEAK-JACK: OK. (0)
Lv2 plugin SUMMARY: 207 of 340  loaded in 27084 msecs.
For details about not loaded plugins, please set
  environment variable "LMMS_LV2_DEBUG" to nonempty.
Lv2 Plugins blacklisted: 10 of 340 
  If you want to ignore the blacklist (dangerous!), please set
  environment variable "LMMS_IGNORE_BLACKLIST" to nonempty.
==45952== 
==45952== HEAP SUMMARY:
==45952==     in use at exit: 3,751,796 bytes in 33,953 blocks
==45952==   total heap usage: 4,443,531 allocs, 4,409,578 frees, 4,659,868,240 bytes allocated
==45952== 
==45952== 160 bytes in 1 blocks are possibly lost in loss record 7,117 of 7,859
==45952==    at 0x4842839: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==45952==    by 0x603AFE5: QObjectPrivate::addConnection(int, QObjectPrivate::Connection*) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.2)
==45952==    by 0x603EA3C: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.2)
==45952==    by 0x604529E: QObject::connect(QObject const*, char const*, QObject const*, char const*, Qt::ConnectionType) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.2)
==45952==    by 0x4A9578A: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.15.2)
==45952==    by 0x4A9D6BB: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.15.2)
==45952==    by 0x4A9DE01: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.15.2)
==45952==    by 0x4AA055C: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.15.2)
==45952==    by 0x4B43396: QLineEdit::initStyleOption(QStyleOptionFrame*) const (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.15.2)
==45952==    by 0x4B40446: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.15.2)
==45952==    by 0x4B442DF: QLineEdit::QLineEdit(QWidget*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.15.2)
==45952==    by 0x4DFBC1: FxLine::FxLine(QWidget*, FxMixerView*, int) (FxLine.cpp:103)
==45952== 
==45952== 480 bytes in 1 blocks are possibly lost in loss record 7,426 of 7,859
==45952==    at 0x4847A25: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==45952==    by 0x4014A6B: calloc (rtld-malloc.h:44)
==45952==    by 0x4014A6B: allocate_dtv (dl-tls.c:366)
==45952==    by 0x4014A6B: _dl_allocate_tls (dl-tls.c:612)
==45952==    by 0x487D197: allocate_stack (allocatestack.c:622)
==45952==    by 0x487D197: pthread_create@@GLIBC_2.2.5 (pthread_create.c:644)
==45952==    by 0x73E1ED4: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6705.0)
==45952==    by 0x73B8824: g_thread_new (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6705.0)
==45952==    by 0x738F323: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6705.0)
==45952==    by 0xC984C97: ??? (in /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6705.0)
==45952==    by 0xC984FD4: g_task_get_type (in /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6705.0)
==45952==    by 0xC9F2218: ??? (in /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6705.0)
==45952==    by 0xC9E59A6: g_bus_get_sync (in /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6705.0)
==45952==    by 0xCE0393E: ??? (in /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so)
==45952==    by 0xC570959: g_type_create_instance (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.6705.0)
==45952== 
==45952== 480 bytes in 1 blocks are possibly lost in loss record 7,427 of 7,859
==45952==    at 0x4847A25: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==45952==    by 0x4014A6B: calloc (rtld-malloc.h:44)
==45952==    by 0x4014A6B: allocate_dtv (dl-tls.c:366)
==45952==    by 0x4014A6B: _dl_allocate_tls (dl-tls.c:612)
==45952==    by 0x487D197: allocate_stack (allocatestack.c:622)
==45952==    by 0x487D197: pthread_create@@GLIBC_2.2.5 (pthread_create.c:644)
==45952==    by 0x73E1ED4: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6705.0)
==45952==    by 0x73B8824: g_thread_new (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6705.0)
==45952==    by 0xC9F41A3: ??? (in /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6705.0)
==45952==    by 0xC9E51F9: ??? (in /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6705.0)
==45952==    by 0xC9E5A13: g_bus_get_sync (in /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6705.0)
==45952==    by 0xCE0393E: ??? (in /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so)
==45952==    by 0xC570959: g_type_create_instance (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.6705.0)
==45952==    by 0xC55673C: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.6705.0)
==45952==    by 0xC557C1C: g_object_new_with_properties (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.6705.0)
==45952== 
==45952== 480 bytes in 1 blocks are possibly lost in loss record 7,428 of 7,859
==45952==    at 0x4847A25: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==45952==    by 0x4014A6B: calloc (rtld-malloc.h:44)
==45952==    by 0x4014A6B: allocate_dtv (dl-tls.c:366)
==45952==    by 0x4014A6B: _dl_allocate_tls (dl-tls.c:612)
==45952==    by 0x487D197: allocate_stack (allocatestack.c:622)
==45952==    by 0x487D197: pthread_create@@GLIBC_2.2.5 (pthread_create.c:644)
==45952==    by 0x5E27602: QThread::start(QThread::Priority) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.2)
==45952==    by 0xAFF0353: QDBusConnection::connectToBus(QString const&, QString const&) (in /usr/lib/x86_64-linux-gnu/libQt5DBus.so.5.15.2)
==45952==    by 0xFED70E4: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so)
==45952==    by 0xFED752D: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so)
==45952==    by 0xFED7737: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so)
==45952==    by 0xFEDB8AE: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/platforminputcontexts/libibusplatforminputcontextplugin.so)
==45952==    by 0x57ADC81: QPlatformInputContextFactory::create(QString const&) (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.15.2)
==45952==    by 0xAE79601: QXcbIntegration::initialize() (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.15.2)
==45952==    by 0x57C3EAC: QGuiApplicationPrivate::eventDispatcherReady() (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.15.2)
==45952== 
==45952== 834 (512 direct, 322 indirect) bytes in 2 blocks are definitely lost in loss record 7,515 of 7,859
==45952==    at 0x4842839: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==45952==    by 0xAFB10C9: ??? (in /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.12.0)
==45952==    by 0xAFB19B4: ??? (in /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.12.0)
==45952==    by 0xAFB32EB: ??? (in /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.12.0)
==45952==    by 0xAFBACD8: ??? (in /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.12.0)
==45952==    by 0xB37E569: ??? (in /usr/lib/x86_64-linux-gnu/libexpat.so.1.6.12)
==45952==    by 0xB37BE14: ??? (in /usr/lib/x86_64-linux-gnu/libexpat.so.1.6.12)
==45952==    by 0xB37DAFD: ??? (in /usr/lib/x86_64-linux-gnu/libexpat.so.1.6.12)
==45952==    by 0xB381A54: XML_ParseBuffer (in /usr/lib/x86_64-linux-gnu/libexpat.so.1.6.12)
==45952==    by 0xAFB8252: ??? (in /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.12.0)
==45952==    by 0xAFB868B: ??? (in /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.12.0)
==45952==    by 0xAFB889C: ??? (in /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.12.0)
==45952== 
==45952== LEAK SUMMARY:
==45952==    definitely lost: 512 bytes in 2 blocks
==45952==    indirectly lost: 322 bytes in 13 blocks
==45952==      possibly lost: 1,600 bytes in 4 blocks
==45952==    still reachable: 3,658,906 bytes in 33,115 blocks
==45952==                       of which reachable via heuristic:
==45952==                         newarray           : 4,264 bytes in 1 blocks
==45952==         suppressed: 0 bytes in 0 blocks
==45952== Reachable blocks (those to which a pointer was found) are not shown.
==45952== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==45952== 
==45952== For lists of detected and suppressed errors, rerun with: -s
==45952== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 1165 from 1121)

[JohannesLorenz]

I also added snd_config_update_free_global(); after snd_seq_close( m_seqHandle ); in ~MidiAlsaSeq()

OK, this is ALSA, so you just switched to ALSA?

[JohannesLorenz]

Back to the other question:

1. Why is the MixerWorkerThread not terminating? It's likely hanging in some callback.

Can you please again let it fail with valgrind (undo your fix), but this time connect valgrind to gdb before, and when valgrind hangs at the issue, do thread apply all bt in gdb an send the output?

[Queatz]

The ALSA error I was seeing is unrelated (I am using the ALSA Sequencer for MIDI since I wasn't able to get Jack MIDI working.)

Sure, I will do that.

[Queatz]

Can't seem to get QT to be able to connect to the display when launching valgrind with vgdb. Will look more into it later today.

[firewall1110]

I am not able to reproduce this bug on Debian 10 with (jackd is stopped before):
lmms-1.2.2-linux-x86_64.AppImage
lmms-1.3.0-alpha.1.33+g4f74151-linux-x86_64.AppImage
lmms-1.3.0-alpha.1.102+g89fc6c9-linux-x86_64.AppImage
all is working fine - no crash.

[JohannesLorenz]

Can't seem to get QT to be able to connect to the display when launching valgrind with vgdb. Will look more into it later today.

Hey @Queatz , did you have success?

We are fixing a segfault on #6912 , the probability is low but feel free to test if your bug persists on that branch.

[Queatz]

@JohannesLorenz I havn't got back to this yet. Will update if I get the chance.

[JohannesLorenz]

Hi again @Queatz , we added another fix in #6912 . Now (thanks to analysis from @messmerd ) we think your issue is likely fixed there. It would be really cool if you could give it a quick try with that PR.