SCUMM: Monkey1-SegaCD crash in IMuseDriver_GMidi::trackMidiState() when quitting the game

[dwatteau]

This is on today's Git HEAD.

How to reproduce:

1. Have gui_return_to_launcher_at_exit=true in ScummVM settings
2. Start a new Monkey1-SegaCD (English) game
3. Go to Voodoo Lady's shop
4. Click on the Quit button of the ScummVM window, to go back to the launcher

This crash then happens:

User picked target 'monkey-sega' (engine ID 'scumm', game ID 'monkey')...
Process 6698 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x50)
    frame #0: 0x00000001000e4671 scummvm`Scumm::IMuseDriver_GMidi::trackMidiState(this=0x000060000292ca10, b=0) at midi.cpp:680:7
   677 		}
   678 		// fall through
   679 		case 1: // Program change
-> 680 			if (*var == (b & 0xFF))
   681 				return false;
   682 			else
   683 				*var = b & 0xFF;
Target 0: (scummvm) stopped.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x50)
  * frame #0: 0x00000001000e4671 scummvm`Scumm::IMuseDriver_GMidi::trackMidiState(this=0x000060000292ca10, b=0) at midi.cpp:680:7
    frame #1: 0x00000001000e57ce scummvm`Scumm::IMuseDriver_GMidi::send(this=0x000060000292ca10, b=16560) at midi.h:49:45
    frame #2: 0x00000001000e4518 scummvm`Scumm::IMuseDriver_GMidi::deinitDevice(this=0x000060000292ca10) at midi.cpp:642:3
    frame #3: 0x00000001000e3dd3 scummvm`Scumm::IMuseDriver_GMidi::close(this=0x000060000292ca10) at midi.cpp:419:3
    frame #4: 0x00000001000e3828 scummvm`Scumm::IMuseDriver_GMidi::~IMuseDriver_GMidi(this=0x000060000292ca10) at midi.cpp:395:2
    frame #5: 0x00000001000e3875 scummvm`Scumm::IMuseDriver_GMidi::~IMuseDriver_GMidi(this=0x000060000292ca10) at midi.cpp:394:41
    frame #6: 0x00000001000e3899 scummvm`Scumm::IMuseDriver_GMidi::~IMuseDriver_GMidi(this=0x000060000292ca10) at midi.cpp:394:41
    frame #7: 0x00000001000cdb92 scummvm`Scumm::IMuseInternal::~IMuseInternal(this=0x0000000102138200) at imuse.cpp:99:3
    frame #8: 0x00000001000cddb5 scummvm`Scumm::IMuseInternal::~IMuseInternal(this=0x0000000102138200) at imuse.cpp:80:33
    frame #9: 0x00000001000cddd9 scummvm`Scumm::IMuseInternal::~IMuseInternal(this=0x0000000102138200) at imuse.cpp:80:33
    frame #10: 0x00000001001d94a9 scummvm`Scumm::ScummEngine::~ScummEngine(this=0x0000000110170000) at scumm.cpp:457:2
    frame #11: 0x000000010006cfa5 scummvm`Scumm::ScummEngine_v5::~ScummEngine_v5(this=0x0000000110170000) at scumm_v5.h:29:7
    frame #12: 0x000000010006cc65 scummvm`Scumm::ScummEngine_v5::~ScummEngine_v5(this=0x0000000110170000) at scumm_v5.h:29:7
    frame #13: 0x000000010006cc89 scummvm`Scumm::ScummEngine_v5::~ScummEngine_v5(this=0x0000000110170000) at scumm_v5.h:29:7
    frame #14: 0x0000000100288ee4 scummvm`MetaEngine::deleteInstance(this=0x0000600000010170, engine=0x0000000110170000, gameDescriptor=0x00007ff7bfefd690, meDescriptor=0x0000000000000000) at metaengine.cpp:348:2
    frame #15: 0x000000010001c6db scummvm`runGame(enginePlugin=0x0000600000224480, system=0x0000000101404080, game=0x00007ff7bfefd690, meDescriptor=0x0000000000000000) at main.cpp:324:13
    frame #16: 0x000000010001a3c0 scummvm`scummvm_main(argc=1, argv=0x00007ff7bfeff738) at main.cpp:796:13
    frame #17: 0x000000010001342a scummvm`main(argc=1, argv=0x00007ff7bfeff738) at macosx-main.cpp:44:12
    frame #18: 0x00007ff813f96418 dyld`start + 1896

(ScummVM config file attached below)

This is a recent regression; a Git bisect points me to commit adb52bcebed27bb8f9512090e12f9de4515da223 ("SCUMM: (IMS/MIDI) - add midi message tracking").

[dwatteau]

Minimal ScummVM configuration file to reproduce the issue

[athrxx]

Thanks, I have made a fix. This was just a wrong order of things in the driver's destruction process (deleting a buffer that still got used).

The other interesting point that comes to mind is why the engine even creates a midi driver for the SegaCD version. It feels like nonsense, but maybe it is needed. I'll take a look at that if I don't forget...