发表新帖
发表新帖

Why would waveOutWrite() cause an exception in the debug heap?

前端 未结
关注
9 1149
甜味超标
甜味超标 2021-02-05 16:51

While researching this issue, I found multiple mentions of the following scenario online, invariably as unanswered questions on programming forums. I hope that posting this here

相关标签:
9条回答
  • 我在风中等你
    2021-02-05 17:17

    You're not alone with this issue: http://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=100589

    0 讨论(0)
  • 独厮守ぢ
    2021-02-05 17:18

    I'm seeing the same problem and have done some analysis myself:

    waveOutWrite() allocates (i.e. GlobalAlloc) a pointer to a heap area of 354 bytes and correctly stores it in the data area pointed to by header.reserved.

    But when this heap area is to be freed again (in waveCompleteHeader(), according to your analysis; I don't have the symbols for wdmaud.drv myself), the least significant byte of the pointer has been set to zero, thus invalidating the pointer (while the heap is not corrupted yet). In other words, what happens is something like:

    • (BYTE *) (header.reserved) = 0

    So I disagree with your statements in one point: waveOutWrite() stores a valid pointer first; the pointer only becomes corrupted later from another thread. Probably that's the same thread (mxdmessage) that later tries to free this heap area, but I did not yet find the point where the zero byte is stored.

    This does not happen very often, and the same heap area (same address) has successfully been allocated and deallocated before. I'm quite convinced that this is a bug somewhere in the system code.

    0 讨论(0)
  • 既然无缘
    2021-02-05 17:18

    The first thing that I'd do would be to check the return values from the waveOutX functions. If any of them fail - which isn't unreasonable given the scenario you describe - and you carry on regardless then it isn't surprising that things start to go wrong. My guess would be that waveOutWrite is returning MMSYSERR_NOMEM at some point.

    0 讨论(0)
  • 谎友^
    2021-02-05 17:21

    Use Application Verifier to figure out what's going on, if you do something suspicious, it will catch it much earlier.

    0 讨论(0)
  • 误落风尘
    2021-02-05 17:29

    It may be helpful to look at the source code for Wine, although it's possible that Wine has fixed whatever bug there is, and it's also possible Wine has other bugs in it. The relevant files are dlls/winmm/winmm.c, dlls/winmm/lolvldrv.c, and possibly others. Good luck!

    0 讨论(0)
  • 梦毁少年i
    2021-02-05 17:30

    I solved the problem by polling the sound playback and delays:

    WAVEHDR header = { buffer, sizeof(buffer), 0, 0, 0, 0, 0, 0 };
waveOutPrepareHeader(hWaveOut, &header, sizeof(WAVEHDR));
waveOutWrite(hWaveOut, &header, sizeof(WAVEHDR));
/*
* wait a while for the block to play then start trying
* to unprepare the header. this will fail until the block has
* played.
*/
while (waveOutUnprepareHeader(hWaveOut,&header,sizeof(WAVEHDR)) == WAVERR_STILLPLAYING) 
Sleep(100);
waveOutClose(hWaveOut);

    Playing Audio in Windows using waveOut Interface

    0 讨论(0)
 看不清?
提交回复
热议问题