PCem crashes when running AWEUTIL /EM

Support and general discussion.
Post Reply
RealNC
Posts: 16
Joined: Tue 06 Nov, 2018 3:01 am

PCem crashes when running AWEUTIL /EM

Post by RealNC » Mon 12 Nov, 2018 10:05 am

While messing around with the AWE32 emulation, I installed the official AWE32 DOS drivers in MS-DOS 6.22 and found that running AWEUTIL /EM will crash PCem with a segmentation fault. I don't actually use that functionality (I just pass MPU-401 MIDI through to the host OS to handle), but I thought I should report the crash nonetheless.

This is on Linux 64-bit using PCem v14. It happens with all emulated systems I tried (various 486 and Pentium platforms), with or without dynamic recompilation.

JosepMa
Posts: 139
Joined: Tue 20 Jun, 2017 6:25 pm

Re: PCem crashes when running AWEUTIL /EM

Post by JosepMa » Mon 12 Nov, 2018 7:16 pm

Mmm. I am currently testing this and, while it does report an error ( ERR014: Feedback path error), it does not crash.

I haven't worked on the emulation for some time, so I cannot say if I could fix it, but I might look at what it does to report that error.
My version is AWEUTIL 1.32

RealNC
Posts: 16
Joined: Tue 06 Nov, 2018 3:01 am

Re: PCem crashes when running AWEUTIL /EM

Post by RealNC » Tue 13 Nov, 2018 2:55 am

I'm using AWEUTIL v1.35. I downloaded the AWE32 drivers directly from the Creative Labs official site.

Edit:

I've now built PCem using "--enable-debug --disable-release-build" and this produces the in-emution "path error" message and does not crash. I then rebuilt again with "--enable-release-build", and it crashes. I then changed CFLAGS in the debug build from -O0 to -Og (debug-friendly optimization level) and that makes the debug build crash.

I used gdb to get a backtrace:

Code: Select all

Thread 12 "Main Thread" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffc2ffc700 (LWP 12236)]
0x00007ffff78bd930 in snd_rawmidi_write () from /usr/lib64/libasound.so.2
(gdb) bt
#0  0x00007ffff78bd930 in snd_rawmidi_write () from /usr/lib64/libasound.so.2
#1  0x0000555555880a4f in midi_write (val=<optimized out>) at midi_alsa.c:152
#2  0x00005555557b785a in mpu401_uart_write (addr=<optimized out>, val=<optimized out>, p=<optimized out>) at sound_mpu401_uart.c:37
#3  0x0000555555784101 in outb (port=816, val=<optimized out>) at io.c:157
#4  0x00005555556b6464 in opOUT_AL_DX (rmdat32=<optimized out>) at x86_ops_io.h:117
#5  0x0000555555630fde in exec386 (cycs=cycs@entry=750000) at 386.c:263
#6  0x0000555555794aca in runpc () at pc.c:528
#7  0x000055555585e094 in mainthread (param=<optimized out>) at wx-sdl2.c:202
#8  0x00007ffff6a9d67c in ?? () from /usr/lib64/libSDL2-2.0.so.0
#9  0x00007ffff6b09e49 in ?? () from /usr/lib64/libSDL2-2.0.so.0
#10 0x00007ffff791496a in start_thread (arg=0x7fffc2ffc700) at pthread_create.c:463
#11 0x00007ffff61d51bf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
Edit 2:
This is with GCC 8.2.0. I've now tested with Clang 7.0.0, and it does not crash (release build with -O3.)

JosepMa
Posts: 139
Joined: Tue 20 Jun, 2017 6:25 pm

Re: PCem crashes when running AWEUTIL /EM

Post by JosepMa » Tue 13 Nov, 2018 9:21 pm

I see in that trace that the midi is going out to alsa via uart emulation. (note: I am using Windows).
I am not sure what is sending/receiving that causes the crash on PCem, but probably we would need to intercept something in there with the AWE so that it does not assume that the signal has to end outside.

RealNC
Posts: 16
Joined: Tue 06 Nov, 2018 3:01 am

Re: PCem crashes when running AWEUTIL /EM

Post by RealNC » Wed 14 Nov, 2018 8:48 am

OK, the error messages were misleading. The bug is straightforward actually:

Code: Select all

        if (midi_len)
        {                
                midi_command[midi_pos] = val;
                
                midi_pos++;
                
                if (midi_pos == midi_len)
		{
//			pclog("MIDI send %i: %02x %02x %02x %02x\n", midi_len, midi_command[0], midi_command[1], midi_command[2], midi_command[3]);
                        snd_rawmidi_write(midiout, midi_command, midi_len);
		}
        }
The segfault happens here:

midi_command[midi_pos] = val;

because midi_pos contains an index that overflows the midi_command buffer.

Post Reply