<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hello,<br>
<br>
Platform: Windows 10, msvc2015 update3, using OpenAL-Soft-1.17.2<br>
<br>
We have a situation where we can end up with a crash in realloc,
with the error "Critical error detected c0000374".<br>
In our specific case, we increased the number of sources up to 4096
(from the default 256) in the alsoft.conf like this:<br>
<br>
[general]<br>
sources = 4096<br>
<br>
The number of voices remains at the (hardcoded) default 256, see
ALc.c, alcCreateContext, where it does this:<br>
<br>
ALContext->MaxVoices = 256;<br>
ALContext->Voices = <b>al_</b><b>calloc</b>(16,
ALContext->MaxVoices * sizeof(ALContext->Voices[0]));<br>
<br>
Notice the memory is allocated using al_calloc, which does an
al_malloc with several #ifdef'ed implementations inside.<br>
One of them does "manual alignment", another is using
_aligned_malloc. In our specific case _aligned_malloc is being used.<br>
<br>
Now we can get into a situation where we actually need more voices,
which is handled in alSourcePlayv like this:<br>
<br>
newcount = context->MaxVoices << 1;<br>
if(newcount > 0)<br>
temp = <b>realloc</b>(context->Voices, newcount *
sizeof(context->Voices[0]));<br>
<br>
Notice it does a realloc - but that doesn't match with what
al_malloc did, e.g. :<br>
- for HAVE__ALIGNED_MALLOC, it should do an _aligned_realloc(...,
16) // where 16 is the alignment originally used when allocating
ALContext->Voices<br>
- for HAVE_ALIGNED_ALLOC, the pointer passed to realloc must have
been returned by an earlier call to malloc(), calloc() or realloc(),
which isn't the case since it's 'manually aligned'. <br>
It probably needs something similar to al_free, where it uses
the 0x55 and 0x0 markers to get back the original unaligned address,
and then manually align again on the realloc'ed address.<br>
<br>
There are more places calling realloc. I assume it's quite likely
they can cause similar issues, but I haven't verified that. <br>
It's probably a good idea to implement an al_realloc() function and
call that instead. <br>
--
<pre class="moz-signature" cols="72">Best Regards
Roger Boerdijk
EGOSOFT GmbH, Heidestrasse 4, 52146 Würselen, Germany
Tel: +49 2405 4239970, <a class="moz-txt-link-abbreviated" href="http://www.egosoft.com">www.egosoft.com</a>
Geschäftsführer: Bernd Lehahn, Handelsregister Aachen HRB 13473
</pre>
</body>
</html>