http://bugs.winehq.org/show_bug.cgi?id=31684
--- Comment #12 from rankincj@yahoo.com 2012-09-18 07:58:29 CDT --- (In reply to comment #11)
I checked through how local_buffer is used and didn't find any obvious problems with it. So it's probably a memory corruption bug, as comment 2 suggests. Could you attach another log with the channels from http://wiki.winehq.org/Sound?
OK, I'll do that tonight (although I'll have to trim the compressed log down to < 1 MB). For what it's worth, I've already tried hacking a few calls to RtlValidateHeap(This->local_buffer, ...) into the code. The first hint of heap corruption appeared when snd_pcm_readi() seemed to overflow This->local_buffer, except that then I checked the offsets and sizes and they all seemed to be within range.
Is it possible that the original This->local_buffer is somehow freed and a smaller chunk of memory reallocated at the same address? And then snd_pm_readi() continues to write to it via a stale pointer?