Details
-
Bug
-
Resolution: Fixed
-
Major
-
Oracle VM VirtualBox 7.0.15.
-
0.4.15-dev-7885-g12b3272 https://github.com/reactos/reactos/commit/12b3272d9e6b2810985516ebad0ce545e5601d59
Description
My recent commit https://github.com/reactos/reactos/commit/12b3272d9e6b2810985516ebad0ce545e5601d59 corresponding to build 0.4.15-dev-7885-g12b3272 in audio subsystem has introduced 2 new crashes in winmm:capture and winmm:wave tests:
capture.c:147: |
Test failed: waveInOpen(0): format=96000x16x2 |
flags=50004(CALLBACK_EVENT|WAVE_MAPPED) rc=MMSYSERR_ERROR(Undefined |
external error.)
|
Unhandled exception
|
ExceptionCode: c0000005
|
Faulting Address: 0CCD1000
|
CS:EIP 1b:70c7f574
|
DS 23 ES 23 FS 3b GS 0 |
EAX: 0ccd0ff0 EBX: 70c86020 ECX: 00000001 |
EDX: 0023cea8 EBP: 0022f928 ESI: 002365b8 ESP: 0022f8f8
|
EDI: 00000001 EFLAGS: 00010206 |
Address:
|
wdmaud.drv:f574 (C:\ReactOS\System32\wdmaud.drv@70c70000) |
Frames:
|
wdmaud.drv:f9dc (C:\ReactOS\System32\wdmaud.drv@70c70000) |
wdmaud.drv:2ca9 (C:\ReactOS\System32\wdmaud.drv@70c70000) |
wdmaud.drv:725e (C:\ReactOS\System32\wdmaud.drv@70c70000) |
wdmaud.drv:6dde (C:\ReactOS\System32\wdmaud.drv@70c70000) |
wdmaud.drv:60f6 (C:\ReactOS\System32\wdmaud.drv@70c70000) |
winmm.dll:3c5b (C:\ReactOS\System32\winmm.dll@7bab0000) |
winmm.dll:4187 (C:\ReactOS\System32\winmm.dll@7bab0000) |
winmm.dll:11359 (C:\ReactOS\System32\winmm.dll@7bab0000) |
winmm.dll:1678c (C:\ReactOS\System32\winmm.dll@7bab0000) |
<winmm_winetest.exe:17ca> (C:\ReactOS\bin\winmm_winetest.exe@400000) |
<winmm_winetest.exe:2e8b> (C:\ReactOS\bin\winmm_winetest.exe@400000) |
<winmm_winetest.exe:3b90> (C:\ReactOS\bin\winmm_winetest.exe@400000) |
<winmm_winetest.exe:22434> (C:\ReactOS\bin\winmm_winetest.exe@400000) |
<winmm_winetest.exe:2a362> (C:\ReactOS\bin\winmm_winetest.exe@400000) |
<winmm_winetest.exe:2a3d9> (C:\ReactOS\bin\winmm_winetest.exe@400000) |
kernel32.dll:11cde (C:\ReactOS\system32\kernel32.dll@7c600000) |
fixme:(dll/win32/winmm/lolvldrv.c:620) Closing while ll-driver open |
Before:
captue: https://reactos.org/testman/detail.php?id=72688526&prev=0
wave: https://reactos.org/testman/detail.php?id=72688534&prev=0
vs after:
capture: https://reactos.org/testman/detail.php?id=72699009&prev=72688526
wave: https://reactos.org/testman/detail.php?id=72699018&prev=72688534
Full testbot result: https://reactos.org/testman/compare.php?ids=94590,94599.
The address indeed points to the code path that was changed by the guilty commit:
https://git.reactos.org/?p=reactos.git;a=blob;f=sdk/lib/drivers/sound/mmixer/wave.c;h=7c48f0bc8278907c0e32f83537a0e5e9c575d00e;hb=HEAD#l253
The problem is, it crashes on pin connect allocation, because the additional data size is not initialized properly. For PCM wave format, it should be initialized to zero, as this format has no additional data, or it can be not initialized at all, since this member isn't actually used in that case, as it appears to be done in winmm_winetest.
To fix this, we need to initialize additional data size for other formats separately. Then use it in the further allocation and initialization of the format data size.
I already made a fix for this and will provide a PR soon. 
I can confirm that after my changes, both crashes are no longer occurring for me and winmm_winetest works exactly same as before the guilty commit, so the problem is actually fixed.
Attachments
Issue Links
- blocks
-
-
- Resolved
-
-
-
- Resolved
-