Crash with Impulse Tracker

[Vort]

When Impulse Tracker starts, Bochs crashes:

Stack trace:

>   bochs.exe!operator delete[](void * block) Line 16   C++
    bochs.exe!bx_audio_buffer_c::delete_buffer() Line 87    C++
    bochs.exe!resampler_thread(void * indata) Line 210  C++

Test files: impulse.zip. Version: 664fdae152deb74abdb078bbeb40391c4193e805

[Vort]

Heap corruption happens because of odd length (18181) passed to convert_to_float with param->bits equal to 2. This problem can be hack-fixed by clearing bit 0 of length:

diff --git a/bochs/iodev/sound/soundlow.cc b/bochs/iodev/sound/soundlow.cc
index e76e539a9..8f86aceb7 100644
--- a/bochs/iodev/sound/soundlow.cc
+++ b/bochs/iodev/sound/soundlow.cc
@@ -297,7 +297,10 @@ int bx_soundlow_waveout_c::sendwavepacket(int length, Bit8u data[], bx_pcm_param
 {
   unsigned len1 = length;

-  if (src_param->bits == 16) len1 >>= 1;
+  if (src_param->bits == 16) {
+    len1 >>= 1;
+    length &= ~1;
+  }
   if (pcm_callback_id >= 0) {
     BX_LOCK(resampler_mutex);
     audio_buffer_t *inbuffer = audio_buffers[0]->new_buffer(len1); 

However, it does not help to get sound out of Impulse Tracker, something else is broken as well. With DOSBox, for example, pressing Enter, Enter, F5 allows to start playback of test file ELYSIUM.MOD.

[vruppert]

No progress with the sound issue yet, but I noticed that the app uses the unimplemented secondary VGA charmap. I had no test case until now, that's why I'm currently working on it.

[Vort]

After be1baa295c5850badc347bc2631ff49a772cd04c logo looks correct, thanks.

[vruppert]

The crash should be fixed now. The SB16 sends a packet with odd size for 16-bit stereo to the lowlevel sound code causing a buffer overflow. After adjusting the size it should be okay. I don't know how to use this program, so I don't know whether or not there is music output.

[Vort]

I don't know how to use this program, so I don't know whether or not there is music output.

With DOSBox, for example, pressing Enter, Enter, F5 allows to start playback of test file ELYSIUM.MOD.

[vruppert]

In DOSBox the keyboard and the music are okay, but in Bochs the keyboard only works if I don't load the mouse driver. Music doesn't work yet, but I want to review the keyboard code first.

[Vort]

I noticed only IPS drop, similar to #192, maybe keyboard is just lagging?

[vruppert]

After reducing the keyboard serial delay the program is usable, but still no sound. I decided to set the default value to 150, since values >= 200 seem to trigger a timeout and finally making the keyboard unusable. No I'll have a look what goes wrong with the SB16.

[vruppert]

I have found 16-bit writes to the mixer for setting up resources, but there's no progress with sound output yet.

[vruppert]

Since I had no progress with the SB stuff yet, I tried the PC speaker (SB16 disabled) and also heard nothing. After fixing up the speaker code and some hacks in the timer code I can hear some noise - not really music yet. Now I have applied the speaker changes only, since the timer investigation needs some more time. I'm back at work tomorrow, so this task may take some days.

[Vort]

I tried the PC speaker (SB16 disabled)

Speaker can also be selected with it /S1

[Vort]

For some reason, I did not figured out earlier that Impulse Tracker was open sourced 10 years ago: https://github.com/herrnst/impulsetracker Source codes may help to understand what it expects from Sound Blaster 16.

[Vort]

Crash is fixed long time ago, so I made separate report about music playback: #248.