From 9ab45f37c6fa866762fae8bb01f72eacdc75abd3 Mon Sep 17 00:00:00 2001 From: Robin Gareus Date: Tue, 28 Aug 2012 15:42:35 +0000 Subject: [PATCH] LV2 worker: prevent corruption of ringbuffer git-svn-id: svn://localhost/ardour2/branches/3.0@13146 d708f5d6-7413-0410-9779-e7cbd77b26cf --- libs/ardour/ardour/worker.h | 13 +++++++++- libs/ardour/worker.cc | 49 ++++++++++++++++++++++++++++++++++--- 2 files changed, 57 insertions(+), 5 deletions(-) diff --git a/libs/ardour/ardour/worker.h b/libs/ardour/ardour/worker.h index cdc3d1d06d..4f3ff54bc1 100644 --- a/libs/ardour/ardour/worker.h +++ b/libs/ardour/ardour/worker.h @@ -75,6 +75,16 @@ public: private: void run(); + /** + Peek in RB, get size and check if a block of 'size' is available. + + Handle the unlikley edge-case, if we're called in between the + responder writing 'size' and 'data'. + + @param rb the ringbuffer to check + @return true if the message is complete, false otherwise + */ + bool verify_message_completeness(RingBuffer* rb); Workee* _workee; RingBuffer* _requests; @@ -82,7 +92,8 @@ private: uint8_t* _response; PBD::Semaphore _sem; bool _exit; - Glib::Threads::Thread* _thread; + Glib::Threads::Thread* _thread; + }; } // namespace ARDOUR diff --git a/libs/ardour/worker.cc b/libs/ardour/worker.cc index 67c72ffeba..d48ac959ba 100644 --- a/libs/ardour/worker.cc +++ b/libs/ardour/worker.cc @@ -44,11 +44,14 @@ Worker::~Worker() bool Worker::schedule(uint32_t size, const void* data) { + if (_requests->write_space() < size + sizeof(size)) { + return false; + } if (_requests->write((const uint8_t*)&size, sizeof(size)) != sizeof(size)) { return false; } if (_requests->write((const uint8_t*)data, size) != size) { - return false; // FIXME: corruption + return false; } _sem.post(); return true; @@ -57,11 +60,34 @@ Worker::schedule(uint32_t size, const void* data) bool Worker::respond(uint32_t size, const void* data) { + if (_requests->write_space() < size + sizeof(size)) { + return false; + } if (_responses->write((const uint8_t*)&size, sizeof(size)) != sizeof(size)) { return false; } if (_responses->write((const uint8_t*)data, size) != size) { - return false; // FIXME: corruption + return false; + } + return true; +} + +bool +Worker::verify_message_completeness(RingBuffer* rb) +{ + uint32_t read_space = rb->read_space(); + uint32_t size; + RingBuffer::rw_vector vec; + rb->get_read_vector (&vec); + if (vec.len[0] >= sizeof(size)) { + memcpy (&size, vec.buf[0], sizeof (size)); + } else { + memcpy (&size, vec.buf[0], vec.len[0]); + memcpy (&size + vec.len[0], vec.buf[1], sizeof(size) - vec.len[0]); + } + if (read_space < size+sizeof(size)) { + /* message from writer is yet incomplete. respond next cycle */ + return false; } return true; } @@ -71,7 +97,12 @@ Worker::emit_responses() { uint32_t read_space = _responses->read_space(); uint32_t size = 0; - while (read_space > sizeof(size)) { + while (read_space >= sizeof(size)) { + if (!verify_message_completeness(_responses)) { + /* message from writer is yet incomplete. respond next cycle */ + return; + } + /* read and send response */ _responses->read((uint8_t*)&size, sizeof(size)); _responses->read(_response, size); _workee->work_response(size, _response); @@ -90,7 +121,17 @@ Worker::run() return; } - uint32_t size = 0; + uint32_t size = _requests->read_space(); + if (size < sizeof(size)) { + PBD::error << "Worker: no work-data on ring buffer" << endmsg; + continue; + } + while (!verify_message_completeness(_requests)) { + ::usleep(2000); + if (_exit) { + return; + } + } if (_requests->read((uint8_t*)&size, sizeof(size)) < sizeof(size)) { PBD::error << "Worker: Error reading size from request ring" << endmsg;