| Message ID | 20190211195126.29651-1-brendan.shanks@teradek.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | pcm: dshare: Fix overflow when slave_hw_ptr rolls over boundary | expand |
On Mon, 11 Feb 2019 20:51:26 +0100, Brendan Shanks wrote: > > In snd_pcm_dshare_sync_area() when 'slave_hw_ptr' rolls over > 'slave_boundary', the wrong variable is checked ('dshare->slave_hw_ptr' vs > the local 'slave_hw_ptr'). In some cases, this results in 'slave_hw_ptr' > not rolling over correctly. 'slave_size' and 'size' are then much too > large, and the for loop blocks for several minutes copying samples. > > This was likely only triggered on 32-bit systems, since the PCM boundary > is computed based on LONG_MAX and is much larger on 64-bit systems. > > This same change was made to pcm_dmix in commit > 6c7f60f7a982fdba828e4530a9d7aa0aa2b704ae ("Fix boundary overlap”) from > June 2005. > > Signed-off-by: Brendan Shanks <brendan.shanks@teradek.com> Thanks, applied now. Takashi
diff --git a/src/pcm/pcm_dshare.c b/src/pcm/pcm_dshare.c index 2bb735fe..f135b5df 100644 --- a/src/pcm/pcm_dshare.c +++ b/src/pcm/pcm_dshare.c @@ -121,7 +121,7 @@ static void snd_pcm_dshare_sync_area(snd_pcm_t *pcm) */ slave_hw_ptr -= slave_hw_ptr % dshare->slave_period_size; slave_hw_ptr += dshare->slave_buffer_size; - if (dshare->slave_hw_ptr > dshare->slave_boundary) + if (slave_hw_ptr >= dshare->slave_boundary) slave_hw_ptr -= dshare->slave_boundary; if (slave_hw_ptr < dshare->slave_appl_ptr) slave_size = slave_hw_ptr + (dshare->slave_boundary - dshare->slave_appl_ptr);
In snd_pcm_dshare_sync_area() when 'slave_hw_ptr' rolls over 'slave_boundary', the wrong variable is checked ('dshare->slave_hw_ptr' vs the local 'slave_hw_ptr'). In some cases, this results in 'slave_hw_ptr' not rolling over correctly. 'slave_size' and 'size' are then much too large, and the for loop blocks for several minutes copying samples. This was likely only triggered on 32-bit systems, since the PCM boundary is computed based on LONG_MAX and is much larger on 64-bit systems. This same change was made to pcm_dmix in commit 6c7f60f7a982fdba828e4530a9d7aa0aa2b704ae ("Fix boundary overlap”) from June 2005. Signed-off-by: Brendan Shanks <brendan.shanks@teradek.com>