Crash on MacOS in compiled plugin when working with HardcodedEnvelopeModulator

Orvillain

@Christoph-Hart

I turned on all symbol support and recompiled with LTO set to 'Monolithic' and this is the crash I get:

Thread 0 Crashed:: MainThread Dispatch queue: com.apple.main-thread
0   blankplugin                   	       0x17d35567c hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2680
1   blankplugin                   	       0x17d35d4fc hise::HardcodedSwappableEffect::restoreHardcodedData(juce::ValueTree const&) + 308
2   blankplugin                   	       0x17d13ae60 hise::Processor::restoreFromValueTree(juce::ValueTree const&) + 3376
3   blankplugin                   	       0x17d14679c hise::EnvelopeModulator::restoreFromValueTree(juce::ValueTree const&) + 40
4   blankplugin                   	       0x17d13ae60 hise::Processor::restoreFromValueTree(juce::ValueTree const&) + 3376
5   blankplugin                   	       0x17d17702c hise::ModulatorSynth::restoreFromValueTree(juce::ValueTree const&) + 1496
6   blankplugin                   	       0x17d368ce0 non-virtual thunk to hise::GlobalModulatorContainer::restoreFromValueTree(juce::ValueTree const&) + 40
7   blankplugin                   	       0x17d13ae60 hise::Processor::restoreFromValueTree(juce::ValueTree const&) + 3376
8   blankplugin                   	       0x17d17702c hise::ModulatorSynth::restoreFromValueTree(juce::ValueTree const&) + 1496
9   blankplugin                   	       0x17d1ad784 hise::ModulatorSynthChain::restoreFromValueTree(juce::ValueTree const&) + 336
10  blankplugin                   	       0x17d40d3f0 hise::FrontendProcessor::createPreset(juce::ValueTree const&) + 152
11  blankplugin                   	       0x17d40bd84 hise::FrontendProcessor::FrontendProcessor(juce::ValueTree&, juce::AudioDeviceManager*, juce::AudioProcessorPlayer*, juce::MemoryInputStream*, juce::MemoryInputStream*, juce::MemoryInputStream*, juce::MemoryInputStream*, juce::ValueTree*, juce::ValueTree*) + 10924
12  blankplugin                   	       0x17d062294 juce::JuceVST3Component::JuceVST3Component(Steinberg::Vst::IHostApplication*) + 4404
13  blankplugin                   	       0x17d059fa0 juce::createComponentInstance(Steinberg::Vst::IHostApplication*) + 36
14  blankplugin                   	       0x17d06de18 juce::JucePluginFactory::createInstance(char const*, char const*, void**) + 216
15  Live                          	       0x106e308c4 0x104860000 + 39651524
16  Live                          	       0x106c5261c 0x104860000 + 37692956
17  Live                          	       0x106c52008 0x104860000 + 37691400
18  Live                          	       0x106c51824 0x104860000 + 37689380
19  Live                          	       0x105c147e4 0x104860000 + 20662244
20  Live                          	       0x105c144ac 0x104860000 + 20661420
21  Live                          	       0x105c233d8 0x104860000 + 20722648
22  Live                          	       0x105bf8cf4 0x104860000 + 20548852
23  Live                          	       0x106e38890 0x104860000 + 39684240
24  Live                          	       0x106db8758 0x104860000 + 39159640
25  Live                          	       0x106d50b38 0x104860000 + 38734648
26  Live                          	       0x1062bb118 0x104860000 + 27635992
27  Live                          	       0x1062e3de0 0x104860000 + 27803104
28  Live                          	       0x106280154 0x104860000 + 27394388
29  Live                          	       0x1062e1084 0x104860000 + 27791492
30  Live                          	       0x1062e0d08 0x104860000 + 27790600
31  Live                          	       0x1062e0ec0 0x104860000 + 27791040
32  Live                          	       0x1070c5b7c 0x104860000 + 42359676
33  Live                          	       0x1076ca798 0x104860000 + 48670616
34  Live                          	       0x1076ca408 0x104860000 + 48669704
35  Live                          	       0x1059e44ec 0x104860000 + 18367724
36  Live                          	       0x10572f654 0x104860000 + 15529556
37  Live                          	       0x10572f1c4 0x104860000 + 15528388
38  Live                          	       0x10593dc9c 0x104860000 + 17685660
39  Foundation                    	       0x1949d0fcc __NSFireTimer + 104
40  CoreFoundation                	       0x1933e2e14 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 32
41  CoreFoundation                	       0x1933e2ad4 __CFRunLoopDoTimer + 980
42  CoreFoundation                	       0x1933e2610 __CFRunLoopDoTimers + 332
43  CoreFoundation                	       0x1933c8a18 __CFRunLoopRun + 1848
44  CoreFoundation                	       0x1933c7c58 CFRunLoopRunSpecific + 572
45  HIToolbox                     	       0x19ee5c27c RunCurrentEventLoopInMode + 324
46  HIToolbox                     	       0x19ee5f4e8 ReceiveNextEventCommon + 676
47  HIToolbox                     	       0x19efea484 _BlockUntilNextEventMatchingListInModeWithFilter + 76
48  AppKit                        	       0x1972efab4 _DPSNextEvent + 684
49  AppKit                        	       0x197c8e5b0 -[NSApplication(NSEventRouting) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 688
50  AppKit                        	       0x1972e2c64 -[NSApplication run] + 480
51  Live                          	       0x10593d068 0x104860000 + 17682536
52  dyld                          	       0x192f3eb98 start + 6076

Looks to be related to restoring a JUCE value tree??

This does not happen when LTO is set to 'No' - I'm going to try 'Incremental' as well - I'm changing the VST3 and the SharedCode targets.

BTW - this crash happens with or without calling .setEffect() in my Interface script. IE: Even if I comment this out:

const var HardcodedEnvelopeModulator1 = Synth.getSlotFX("HardcodedEnvelopeModulator1");
HardcodedEnvelopeModulator1.setEffect("ScriptEnvNetwork");

I still get the crash.

Orvillain

ScriptEnvNetwork.xml

This is my network file.

Orvillain

Attaching xcode as a debugger - which to do I had to use this script:https://gist.github.com/talaviram/1f21e141a137744c89e81b58f73e23c3

So yes, it is definitely crashing in setEffect. It looks like

->  0x3419347c4 <+2820>: ldar   w8, [x0]
MainThread (1): EXC_BAD_ACCESS (code=1, address=0xfffffffffffffff0)

So I would suggest that link-time optimization is corrupting a pointer, and garbage is being fed into setEffect() but I am honestly reaching the limits of my debugging skills here now.

Closest I can get to is:
HISE/hi_core/hi_modules/hardcoded/HardcodedModuleBase.cpp

Line 427:
bool HardcodedSwappableEffect::setEffect(const String& factoryId, bool /unused/)

The crash happens somewhere in this function.

@Christoph-Hart Is any of this useful??

Orvillain

I believe it is this part blowing up:

HISE/hi_core/hi_modules/hardcoded/HardcodedModuleBase.cpp:506
→ asProcessor().parameterNames.removeRange(getParameterOffset(), INT_MAX);

This is what I got when I did a trace using a release build with symbols, with xcode attached to Ableton Live.

(lldb) image lookup --address $pc
      Address: blankplugin[0x000000000030167c] (blankplugin.__TEXT.__text + 3146236)
      Summary: blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2680 [inlined] int std::__1::__cxx_atomic_load[abi:ne190102]<int>(std::__1::__cxx_atomic_base_impl<int> const*, std::__1::memory_order) at cxx_atomic_impl.h:317:10
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2680 [inlined] std::__1::__atomic_base<int, false>::load[abi:ne190102](std::__1::memory_order) const at atomic_base.h:59:12
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2680 [inlined] juce::Atomic<int>::get() const at juce_Atomic.h:64:60
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2680 [inlined] juce::StringHolder::isEmptyString(juce::StringHolder*) at juce_String.cpp:219:33
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2680 [inlined] juce::StringHolder::release(juce::StringHolder*) at juce_String.cpp:162:15
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2680 [inlined] juce::StringHolder::release(juce::CharPointer_UTF8) + 4 at juce_String.cpp:169:9
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2676 [inlined] juce::String::~String() + 4 at juce_String.cpp:247:5
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2672 [inlined] juce::String::~String() at juce_String.cpp:246:1
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2672 [inlined] juce::Identifier::~Identifier() at juce_Identifier.cpp:27:37
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2672 [inlined] juce::Identifier::~Identifier() at juce_Identifier.cpp:27:36
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2672 [inlined] std::__1::enable_if<!IsTriviallyCopyable<juce::Identifier>::value, void>::type juce::ArrayBase<juce::Identifier, juce::DummyCriticalSection>::removeElementsInternal<juce::Identifier>(int, int) + 60 at juce_ArrayBase.h:508:31
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2612 [inlined] juce::ArrayBase<juce::Identifier, juce::DummyCriticalSection>::removeElements(int, int) at juce_ArrayBase.h:363:13
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2612 [inlined] juce::Array<juce::Identifier, juce::DummyCriticalSection, 0>::removeRange(int, int) at juce_Array.h:926:20
               blankplugin`hise::HardcodedSwappableEffect::setEffect(juce::String const&, bool) + 2612 at HardcodedModuleBase.cpp:506:33

(lldb) frame select 13
expr -- (int)getParameterOffset()
expr -- (int)asProcessor().parameterNames.size()
frame #13: 0x000000017d679638 blankplugin`hise::HardcodedSwappableEffect::setEffect(this=0x000000011dcb8000, factoryId=<unavailable>, (null)=<unavailable>) at HardcodedModuleBase.cpp:506:33 [opt]
   503 			}
   504 			else
   505 			{
-> 506 				asProcessor().parameterNames.removeRange(getParameterOffset(), INT_MAX);
    				                             ^
   507 			}
   508 	
   509 			auto illegalIds = getIllegalParameterIds();
(int) $4 = 2
error: Couldn't look up symbols:
  __ZN4hise24HardcodedSwappableEffect11asProcessorEv
Hint: The expression tried to call a function that is not present in the target, perhaps because it was optimized out by the compiler.

Is any of this useful?

Orvillain

Just to be super sure, I scrapped all my custom HISE changes - increasing script node parameter limit to 64 and setting the channel count in the macros file to 128 - and I still get the same crash.

Orvillain

I completely wiped HISE off my system, and re-cloned the latest develop.

I started a completely new project. All it has is a global modulation container, with a hardcoded envelope modulator in it. The modulator is an oscillator going into a sig2mod.

I tried it with zero parameters, and then I tried it with 1 parameter, and then I tried it with 2 parameters, and then I tried it with 3 parameters. I even also did 10 parameters, 7 of which were connected to the various available parameters, and 3 not connected.

In all cases, I get the crash. I didn't bother messing with dsym symbols for this one. It's the same crash. Blatantly. Here is the project:
https://www.dropbox.com/scl/fi/steiw1ydyaq48runfv2i5/anewblankproject.zip?rlkey=or36uwjbj42f0e5tqqrto4dsp&st=rkg2otg6&dl=0

And here's the previous one:
https://www.dropbox.com/scl/fi/g5235ul4gkviziv0j6n8r/blankplugin.zip?rlkey=tdxaelcnteyrjy9i8de1bhkqu&dl=0

Conclusion: There seems to be an issue with link-time optimization, optimizing away something to do with global modulator hardcoded envelope networks. But I don't know what.

@Christoph-Hart - I'm kinda dead in the water on MacOS until I can figure this out. I have a build I need to send to a client. I suppose I could disable LTO for now, but this is verrrrryyyy strange. Would love to get to the bottom of it.

Christoph Hart

@Orvillain yeah, that's really a weird issue - I can reproduce it but also just with the release configuration + LTO - any change to the build flags stop the crash.

I slightly rewrote the code and now it stopped crashing. I don't know why it fixes anything, but let me know if that helps.

Orvillain

@Christoph-Hart Yep, that has fixed it, thanks!!