http://bugs.winehq.org/show_bug.cgi?id=28617
Bug #: 28617 Summary: FlatOut 2 v1.2 crashes on launch (audio related) Product: Wine Version: 1.3.29 Platform: x86 OS/Version: Linux Status: UNCONFIRMED Severity: minor Priority: P2 Component: winealsa.drv AssignedTo: wine-bugs@winehq.org ReportedBy: gyebro69@gmail.com CC: aeikum@codeweavers.com Classification: Unclassified Regression SHA1: 8258a5188cc36563809ac7495e49bc43ae4326e4
Created attachment 36768 --> http://bugs.winehq.org/attachment.cgi?id=36768 plain terminal output
FlatOut2 v1.2 crashes right after starting, when DirectSound is selected as sound output in the game configurator (that's the default setting). Strictly speaking, this is not a regression: the game always crashed in former Wine versions as well, when Alsa was set to emulation. Now, that Directsound hardware acceleration has been removed from Wine, the crash is reproducible 'out-of-the-box'.
Workaround: need to select 'Windows Multimedia Waveout' option in the launcher (instead of the default DirectSound).
I can't reproduce the problem in the demo, which is an older version of the game (1.1). The demo starts fine in current git (wine-1.3.29-245-g895b48e) even if DirectSound is selected in the launcher.
The result of the regression test: 8258a5188cc36563809ac7495e49bc43ae4326e4 is the first bad commit commit 8258a5188cc36563809ac7495e49bc43ae4326e4 Author: Andrew Eikum aeikum@codeweavers.com Date: Fri Sep 23 15:03:51 2011 -0500
winealsa.drv: Remove wave, mixer, and dsound driver code.
:040000 040000 e34e9dab6f585755d23f4cad91d4af6dc37b786b bf2a47c73bcdd75db339177384a4d566c4fa41e6 M dlls
wine-1.3.29-245-g895b48e Fedora 15 x86 Alsa 1.0.24 Pulseaudio is not running
http://bugs.winehq.org/show_bug.cgi?id=28617
--- Comment #1 from GyB gyebro69@gmail.com 2011-10-08 04:53:18 CDT --- Created attachment 36769 --> http://bugs.winehq.org/attachment.cgi?id=36769 +tid,+winmm,+mmdevapi,+dsound,+alsa log
I wonder if these warnings might be related:
... warn:alsa:AudioClient_GetCurrentPadding Xrun detected ...
They're repeated several times in the log.
http://bugs.winehq.org/show_bug.cgi?id=28617
GyB gyebro69@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |regression
http://bugs.winehq.org/show_bug.cgi?id=28617
--- Comment #2 from Andrew Eikum aeikum@codeweavers.com 2011-10-17 13:02:56 CDT --- Created attachment 36956 --> http://bugs.winehq.org/attachment.cgi?id=36956 dsound: Don't make the capture buffer object address public until it is prepared
(In reply to comment #1)
Created attachment 36769 [details] +tid,+winmm,+mmdevapi,+dsound,+alsa log
I wonder if these warnings might be related:
... warn:alsa:AudioClient_GetCurrentPadding Xrun detected ...
They're repeated several times in the log.
Nope. There's some problem creating the audio capture buffer. FlatOut2 apparently does no error checking, which results in the crash. You can see this in your log here (line 1385):
0009:trace:dsound:IDirectSoundCaptureImpl_CreateCaptureBuffer (0x3728d70,0x32fc74,0x6b0a20,(nil)) 0009:trace:dsound:IDirectSoundCaptureBufferImpl_Create (0x3728c80,0x6b0a20,0x32fc74) 0009:trace:dsound:IDirectSoundCaptureBufferImpl_Create (formattag=0x0001,chans=1,samplerate=8000,bytespersec=16000,blockalign=2,bitspersamp=16,cbSize=0) 0009:trace:mmdevapi:MMDevice_Activate (0x135100)->(0x5dd7f728,1,(nil),0x3728cdc) 0009:trace:alsa:AUDDRV_GetAudioEndpoint "default" 0x135100 1 0x3728cdc 0029:trace:dsound:IDirectSoundCaptureBufferImpl_GetCurrentPosition (0x3728f50,(nil),0x517ea4c) 0029:warn:dsound:IDirectSoundCaptureBufferImpl_GetCurrentPosition no driver 0029:trace:dsound:IDirectSoundCaptureBufferImpl_Lock (0x3728f50,00000000,00007998,0x517ea40,0x517ea54,0x517ea50,0x517ea30,0x00000000) at 1571 0029:trace:dsound:IDirectSoundCaptureBufferImpl_Lock invalid call 0029:trace:dsound:IDirectSoundCaptureBufferImpl_Lock returning 88780032 wine: Unhandled page fault on read access to 0x00000f9f at address 0x604702 (thread 0029), starting debugger...
Then a bit further down, you see thread 0009 resume with a successful MMDevice_Activate() call. So I think this is a concurrency issue. My guess is the game's audio capture thread (0029) continually checks for its IDirectSoundCaptureBuffer pointer to be non-NULL and starts working with it as soon as it is. Since our implementation assigns the buffer object directly to the pointer at allocation time, their capture thread takes it and tries to use the incomplete object before CreateCaptureBuffer() returns.
So here's a patch which only fills in the pointer on success. Does it fix the crash? If not, can you throw another log at me?
http://bugs.winehq.org/show_bug.cgi?id=28617
--- Comment #3 from GyB gyebro69@gmail.com 2011-10-17 13:35:04 CDT --- (In reply to comment #2)
Created attachment 36956 [details] dsound: Don't make the capture buffer object address public until it is prepared
(In reply to comment #1)
Created attachment 36769 [details] +tid,+winmm,+mmdevapi,+dsound,+alsa log
I wonder if these warnings might be related:
... warn:alsa:AudioClient_GetCurrentPadding Xrun detected ...
They're repeated several times in the log.
Nope. There's some problem creating the audio capture buffer. FlatOut2 apparently does no error checking, which results in the crash. You can see this in your log here (line 1385):
0009:trace:dsound:IDirectSoundCaptureImpl_CreateCaptureBuffer (0x3728d70,0x32fc74,0x6b0a20,(nil)) 0009:trace:dsound:IDirectSoundCaptureBufferImpl_Create (0x3728c80,0x6b0a20,0x32fc74) 0009:trace:dsound:IDirectSoundCaptureBufferImpl_Create (formattag=0x0001,chans=1,samplerate=8000,bytespersec=16000,blockalign=2,bitspersamp=16,cbSize=0) 0009:trace:mmdevapi:MMDevice_Activate (0x135100)->(0x5dd7f728,1,(nil),0x3728cdc) 0009:trace:alsa:AUDDRV_GetAudioEndpoint "default" 0x135100 1 0x3728cdc 0029:trace:dsound:IDirectSoundCaptureBufferImpl_GetCurrentPosition (0x3728f50,(nil),0x517ea4c) 0029:warn:dsound:IDirectSoundCaptureBufferImpl_GetCurrentPosition no driver 0029:trace:dsound:IDirectSoundCaptureBufferImpl_Lock (0x3728f50,00000000,00007998,0x517ea40,0x517ea54,0x517ea50,0x517ea30,0x00000000) at 1571 0029:trace:dsound:IDirectSoundCaptureBufferImpl_Lock invalid call 0029:trace:dsound:IDirectSoundCaptureBufferImpl_Lock returning 88780032 wine: Unhandled page fault on read access to 0x00000f9f at address 0x604702 (thread 0029), starting debugger...
Then a bit further down, you see thread 0009 resume with a successful MMDevice_Activate() call. So I think this is a concurrency issue. My guess is the game's audio capture thread (0029) continually checks for its IDirectSoundCaptureBuffer pointer to be non-NULL and starts working with it as soon as it is. Since our implementation assigns the buffer object directly to the pointer at allocation time, their capture thread takes it and tries to use the incomplete object before CreateCaptureBuffer() returns.
So here's a patch which only fills in the pointer on success. Does it fix the crash? If not, can you throw another log at me?
The patch indeed fixed the startup problem in FlatOut 2, when DirectSound driver was selected in the launcher. Tested with wine-1.3.30-145-g7a4349b. I should have mentioned that despite of the crash sometimes the game just starts fine (and audio is working in the game). Most of the times the crash is fatal. Thanks for taking time to read through the logs and creating the patch.
http://bugs.winehq.org/show_bug.cgi?id=28617
Andrew Eikum aeikum@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |6a7c2f66e0569d2419eb9619e78 | |716a9a5f94966 Status|UNCONFIRMED |RESOLVED Resolution| |FIXED
--- Comment #4 from Andrew Eikum aeikum@codeweavers.com 2011-10-18 13:21:28 CDT --- Fixed by 6a7c2f66e0569d2419eb9619e78716a9a5f94966.
http://bugs.winehq.org/show_bug.cgi?id=28617
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #5 from Alexandre Julliard julliard@winehq.org 2011-10-21 13:50:30 CDT --- Closing bugs fixed in 1.3.31.
-
wine-bugs@winehq.org