pacho 14/10/12 17:26:12
Added: pulseaudio-5.0-zeroconf-crash-3.patch
pulseaudio-5.0-zeroconf-crash-2.patch
pulseaudio-5.0-zeroconf-crash-1.patch
Log:
Fix zeroconf crashes (#504612 by Alexander Tsoy), fix libcap dependency for
multilib (#513796 by Michał Górny), move aware from 'avahi' USE in favor of
'zeroconf' (#477620), install libpulsedsp.so for 32bits (#515600 by Sergei
Trofimovich), drop old.
(Portage version: 2.2.12/cvs/Linux x86_64, signed Manifest commit with key
A188FBD4)
Revision Changes Path
1.1
media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-3.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-3.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-3.patch?rev=1.1&content-type=text/plain
Index: pulseaudio-5.0-zeroconf-crash-3.patch
===================================================================
>From b75a20db10c8605d98324a7782a7da6483ae9f14 Mon Sep 17 00:00:00 2001
From: Tanu Kaskinen <[email protected]>
Date: Wed, 19 Mar 2014 09:50:39 +0200
Subject: zeroconf-publish: Don't assume any particular defer event ordering
Also, initialize userdata with zeros to avoid invalid pointers in
client_free().
This fixes a crash when client_free() is called before
create_client(). The whole issue could be avoided by using some other
mechanism than defer events for running the two functions, but I'll
do that change later (I have also other cleanups planned for
zeroconf-publish).
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=76184
diff --git a/src/modules/module-zeroconf-publish.c
b/src/modules/module-zeroconf-publish.c
index db92850..be8806e 100644
--- a/src/modules/module-zeroconf-publish.c
+++ b/src/modules/module-zeroconf-publish.c
@@ -142,7 +142,8 @@ struct userdata {
pa_native_protocol *native;
- bool shutting_down;
+ bool shutting_down; /* Used in the main thread. */
+ bool client_freed; /* Used in the Avahi thread. */
};
/* Runs in PA mainloop context */
@@ -707,6 +708,16 @@ static void create_client(pa_mainloop_api *api
PA_GCC_UNUSED, void *userdata) {
struct userdata *u = (struct userdata *) userdata;
int error;
+ /* create_client() and client_free() are called via defer events. If the
+ * two defer events are created very quickly one after another, we can't
+ * assume that the defer event that runs create_client() will be dispatched
+ * before the defer event that runs client_free() (at the time of writing,
+ * pa_mainloop actually always dispatches queued defer events in reverse
+ * creation order). For that reason we must be prepared for the case where
+ * client_free() has already been called. */
+ if (u->client_freed)
+ return;
+
pa_thread_mq_install(&u->thread_mq);
if (!(u->client = avahi_client_new(u->avahi_poll, AVAHI_CLIENT_NO_FAIL,
client_callback, u, &error))) {
@@ -733,7 +744,7 @@ int pa__init(pa_module*m) {
goto fail;
}
- m->userdata = u = pa_xnew(struct userdata, 1);
+ m->userdata = u = pa_xnew0(struct userdata, 1);
u->core = m->core;
u->module = m;
u->native = pa_native_protocol_get(u->core);
@@ -757,8 +768,6 @@ int pa__init(pa_module*m) {
u->source_changed_slot =
pa_hook_connect(&m->core->hooks[PA_CORE_HOOK_SOURCE_PROPLIST_CHANGED],
PA_HOOK_LATE, (pa_hook_cb_t) device_new_or_changed_cb, u);
u->source_unlink_slot =
pa_hook_connect(&m->core->hooks[PA_CORE_HOOK_SOURCE_UNLINK], PA_HOOK_LATE,
(pa_hook_cb_t) device_unlink_cb, u);
- u->main_entry_group = NULL;
-
un = pa_get_user_name_malloc();
hn = pa_get_host_name_malloc();
u->service_name = pa_truncate_utf8(pa_sprintf_malloc("%s@%s", un, hn),
AVAHI_LABEL_MAX-1);
@@ -801,6 +810,8 @@ static void client_free(pa_mainloop_api *api PA_GCC_UNUSED,
void *userdata) {
pa_avahi_poll_free(u->avahi_poll);
pa_asyncmsgq_post(u->thread_mq.outq, PA_MSGOBJECT(u->msg),
AVAHI_MESSAGE_SHUTDOWN_COMPLETE, u, 0, NULL, NULL);
+
+ u->client_freed = true;
}
void pa__done(pa_module*m) {
--
cgit v0.10.2
1.1
media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-2.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-2.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-2.patch?rev=1.1&content-type=text/plain
Index: pulseaudio-5.0-zeroconf-crash-2.patch
===================================================================
>From 37e73e10be9e42544a4cc160ff85ccada2cc9aa9 Mon Sep 17 00:00:00 2001
From: Tanu Kaskinen <[email protected]>
Date: Sat, 15 Mar 2014 09:37:06 +0200
Subject: zeroconf-publish: Don't react to messages while shutting down
This fixes a case where pa__done() is called while
AVAHI_MESSAGE_PUBLISH_ALL is waiting for processing. The
pa_asyncmsgq_wait_for(AVAHI_MESSAGE_SHUTDOWN_COMPLETE) call will
process all pending messages, and processing AVAHI_MESSAGE_PUBLISH_ALL
causes publish_all_services(), and that in turn accesses u->services,
which has been already freed at this point. If we are shutting down,
we shouldn't react to any of the messages that the Avahi thread is
sending to the main thread.
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=76184
diff --git a/src/modules/module-zeroconf-publish.c
b/src/modules/module-zeroconf-publish.c
index 35277c2..db92850 100644
--- a/src/modules/module-zeroconf-publish.c
+++ b/src/modules/module-zeroconf-publish.c
@@ -141,6 +141,8 @@ struct userdata {
pa_hook_slot *sink_new_slot, *source_new_slot, *sink_unlink_slot,
*source_unlink_slot, *sink_changed_slot, *source_changed_slot;
pa_native_protocol *native;
+
+ bool shutting_down;
};
/* Runs in PA mainloop context */
@@ -638,6 +640,11 @@ static void unpublish_all_services(struct userdata *u,
bool rem) {
static int avahi_process_msg(pa_msgobject *o, int code, void *data, int64_t
offset, pa_memchunk *chunk) {
struct userdata *u = (struct userdata *) data;
+ pa_assert(u);
+
+ if (u->shutting_down)
+ return 0;
+
switch (code) {
case AVAHI_MESSAGE_PUBLISH_ALL:
publish_all_services(u);
@@ -647,10 +654,6 @@ static int avahi_process_msg(pa_msgobject *o, int code,
void *data, int64_t offs
pa_module_unload(u->core, u->module, true);
break;
- case AVAHI_MESSAGE_SHUTDOWN_COMPLETE:
- /* pa__done() is waiting for this */
- break;
-
default:
pa_assert_not_reached();
}
@@ -797,7 +800,7 @@ static void client_free(pa_mainloop_api *api PA_GCC_UNUSED,
void *userdata) {
if (u->avahi_poll)
pa_avahi_poll_free(u->avahi_poll);
- pa_asyncmsgq_post(u->thread_mq.outq, PA_MSGOBJECT(u->msg),
AVAHI_MESSAGE_SHUTDOWN_COMPLETE, NULL, 0, NULL, NULL);
+ pa_asyncmsgq_post(u->thread_mq.outq, PA_MSGOBJECT(u->msg),
AVAHI_MESSAGE_SHUTDOWN_COMPLETE, u, 0, NULL, NULL);
}
void pa__done(pa_module*m) {
@@ -807,6 +810,8 @@ void pa__done(pa_module*m) {
if (!(u = m->userdata))
return;
+ u->shutting_down = true;
+
pa_threaded_mainloop_lock(u->mainloop);
pa_mainloop_api_once(u->api, client_free, u);
pa_threaded_mainloop_unlock(u->mainloop);
--
cgit v0.10.2
1.1
media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-1.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-1.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/pulseaudio/files/pulseaudio-5.0-zeroconf-crash-1.patch?rev=1.1&content-type=text/plain
Index: pulseaudio-5.0-zeroconf-crash-1.patch
===================================================================
>From d03ffdccdb7286021e53876ba5d4adf9a1edd0d0 Mon Sep 17 00:00:00 2001
From: Tanu Kaskinen <[email protected]>
Date: Sat, 15 Mar 2014 09:37:05 +0200
Subject: zeroconf-publish: Add locking around pa_mainloop_api_once()
Commit e1e154c7377779377fa1a36655a10effd693f7b5 added locking around
pa_mainloop_api_once() everywhere except pa__done(). This fixes that
omission.
diff --git a/src/modules/module-zeroconf-publish.c
b/src/modules/module-zeroconf-publish.c
index 0110e1d..35277c2 100644
--- a/src/modules/module-zeroconf-publish.c
+++ b/src/modules/module-zeroconf-publish.c
@@ -807,7 +807,9 @@ void pa__done(pa_module*m) {
if (!(u = m->userdata))
return;
+ pa_threaded_mainloop_lock(u->mainloop);
pa_mainloop_api_once(u->api, client_free, u);
+ pa_threaded_mainloop_unlock(u->mainloop);
pa_asyncmsgq_wait_for(u->thread_mq.outq, AVAHI_MESSAGE_SHUTDOWN_COMPLETE);
pa_threaded_mainloop_stop(u->mainloop);
--
cgit v0.10.2
