Hello,
it took me a while, but I got some more info.
Michael Karcher wrote:
So you should find out where the HeapAlloc call was issued from that returned 0x6d50028. If it was from a wine dll, that dll might need to be fixed to ensure more strict alignment (might be some kind of audio buffer in dsound stuff); if it is directly from guitar rig, wine has to implement the needed alignment in its ntdll implementation.
It seems to me like RtlAllocateHeap was called directly from GR3, not even through HeapAlloc. Before the crash, the following backtrace was produced:
Backtrace: =>1 0x7ef9bb60 myGR3DebugBreak() [/home/martin/Code/wine/wine-1.1.4-findbuggr3/dlls/ntdll/heap.c:1191] in ntdll (0x0033eb44) 2 0x7ef9e07b RtlAllocateHeap+0x58b(heap=0x4380000, flags=2, size=8388608) [/home/martin/Code/wine/wine-1.1.4-findbuggr3/dlls/ntdll/heap.c:1313] in ntdll (0x0033ebe4) 3 0x00a2cce3 in guitar rig 3 (+0x62cce3) (0x0033ec20) 4 0x00a2cbda in guitar rig 3 (+0x62cbda) (0x0033ecdc) 5 0x0071a15f in guitar rig 3 (+0x31a15f) (0x0033ed18) 6 0x0048193c in guitar rig 3 (+0x8193c) (0x0033ee24) 7 0x0047fe54 in guitar rig 3 (+0x7fe54) (0x0033f02c) 8 0x0047c6d8 in guitar rig 3 (+0x7c6d8) (0x0033f068) 9 0x0041bec6 in guitar rig 3 (+0x1bec6) (0x0033f104) 10 0x004bedd6 in guitar rig 3 (+0xbedd6) (0x0033f204) 11 0x005b4dda in guitar rig 3 (+0x1b4dda) (0x049f5a78) 12 0x04380100 (0x00d17460) 13 0x004c165c in guitar rig 3 (+0xc165c) (0x006140d8) 14 0x001ae8cb (0x8bd98b53)
RtlAllocateHeap gets called over and over again, so for my breakpoint I added myGR3DebugBreak() which only gets called when the return value is 0x7320028 (which is the content of ESI at the crash). There should actually be another debug function between myGR3DebugBreak and RtlAllocateHeap. I'm not sure why it doesn't appear in the backtrace.
So I guess this means the alignment has to be fixed in ntdll. How would that be done? Change #define ALIGNMENT to 16? Add 8 bytes to SUBHEAP? Add an assert somewhere to ensure this? Or is this more complex?
Martin