Add macro SPA_CMP to do 3-way comparisons safely, and use it to avoid
signed integer overflows.
Fix also float/double comparisons (previously 0.1 == 0.8 since cast to
return type int).
Fix Id/Bool comparisons so they can return negative value.
Like the location, the orientation is a static property of libcamera
devices. While the rotation is already exposed as buffer transform,
knowing the property can be handy for applications in various ways.
See also: cd8ac5c1a ("libcamera: add camera location property on nodes")
Add struct spa_error_location that holds information about some parsing
context such as the line and column number, error and line fragment
with the error.
Make spa_json_get_error() fill in the spa_error_location instead. Add
some error codes to the error state and use this to add a parsing reason
to the location.
Add a debug function to log the error location in a nice way. Also
add a FILE based debug context to log to any FILE.
Replace pw_properties_check_string() with
pw_properties_update_string_checked() and add
pw_properties_new_string_checked(). The check string behaviour can still
be done by setting props to NULL but the main purpose is to be able to
avoid parsing the json file twice in the future.
When using the old pw_properties_update_string(), log a warning to the
log when we fail to parse the complete string.
Use the new checked functions and the debug functions to report about
parsing errors in the tools and conf parsing.
This gives errors like:
```
> pw-loopback --playback-props '{ foo = [ f : g ] }'
error: syntax error in --playback-props: Invalid array separator
line: 1 | { foo = [ f : g ] }
col: 14 | ^
```
Check each object key is associated with value. Disallow object or
array valued keys.
Add flag tracking whether the parser is at global top-level or not, as
there we may either be in object context or in a single-value context.
Save depth=0 array flag bit in state, so that spa_json_next preserves
its complete state across calls. The higher-depth flag bits can be in
temporary stack as they are not needed across calls.
Control characters probably are an error. We also are not validating any
utf8 here, so disallow bare utf8 too --- one likely should use strings
for such content anyway as spaces are not allowed otherwise.
Successful return is always >= 2 since it includes {} or [], so use 0 to
indicate error.
Since there's existing code that doesn't check the return value, it's
better to use 0 for errors as it'll likely to just lead to producing an
empty string if the value is not checked.
Disallow = and : as bare items in [] containers, as that likely is
"[ { foo = bar } ]" mistyped as "[ foo = bar ]".
Disallow nesting errors, eg. "[ foo bar" or "[ foo bar }".
Fix handling of ", \ and # in bare strings.
Fix ignoring trailing comments.
Add a fixed-size stack (128 levels) to the tokenizer, so that it can
check these at levels below its depth.
When the tokenizer encounters an error, make it and its parents enter
error state where no further input will be processed. This allows caller
to check for parse errors later as convenient.
The error state can be queried using spa_json_get_error, which also
looks up the error line/column position.
spa_json_parse_float/int receive non nul-terminated string, so calling
string functions assuming nul-termination is invalid.
Fix by copying data to a buffer before doing parsing.
spa_exchange() is used in spa_clear_ptr() and spa_clear_fd() which
already use the _old_value variable. So make it use a slightly different
local variable name to avoid shadow warnings.
Fixes#3915
spa_json_parse_stringn() can be used when the strings source and
destination are overlapping so use memmove instead of strncpy to
avoid corruption of the strings.
Move some of the tracking code for the DLL to where it is used.
Add resync.ms (default 10) option at which we give up rate adjusting
and instead do a hard resync. This results in a jump in the position
of the graph clock.
Fix the following compiler warning:
| In file included from /usr/include/spa-0.2/spa/utils/dict.h:14,
| from ../src/util_pipewire_objects.c:15:
| /usr/include/spa-0.2/spa/utils/defs.h: In function 'spa_ptr_inside_and_aligned':
| /usr/include/spa-0.2/spa/utils/defs.h:275:56: error: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Werror=sign-conversion]
| 275 | #define SPA_PTR_ALIGNMENT(p,align) ((intptr_t)(p) & ((align)-1))
| | ^
| /usr/include/spa-0.2/spa/utils/defs.h:276:42: note: in expansion of macro 'SPA_PTR_ALIGNMENT'
| 276 | #define SPA_IS_ALIGNED(p,align) (SPA_PTR_ALIGNMENT(p,align) == 0)
| | ^~~~~~~~~~~~~~~~~
| /usr/include/spa-0.2/spa/utils/defs.h:308:13: note: in expansion of macro 'SPA_IS_ALIGNED'
| 308 | if (SPA_IS_ALIGNED(p2, align)) {
| | ^~~~~~~~~~~~~~
Add a new overflow-safe function to check if region p2 of size s2 fits
completely in p1 of size s1 and, if it does, return the amount of bytes
in p1 that come after the end of p2. Use this to bounds check the pod
iterators while ensuring that the pointer is bounds checked before being
dereferenced.
The spa_pod*_next() functions can still create an out-of-bounds pointer,
but this will not be dereferenced. Fixing this requires either
additional complexity in these functions or forbidding POD structs,
objects, and sequences that have a length that is not a multiple of 8
bytes.
Fixes: 92ac9a355f ("spa: add spa_ptrinside")
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Add a new overflow safe function to check if region p2 of size s2 fits
completely in p1 of size s1. Use this to bounds check the pod iterators.
Fixes#3727
added cleanup of unused variables and fix warning about missing initializers
to resolve build warnings in pipewire-rs
Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
This adds an api.alsa.bind-ctls property to alsa-pcm sink and source
nodes, to bind a property to an ALSA PCM ctl. The property is an array
of ctl names that should be bound.
This can be handy, for example, to bind the Playback/Capture Rate
controls on a USB gadget, in order to track the PCM's state via a node
param.
This is currently wired to be read-only, but it should be easy enough to
make it writable.
Up until now, `spa/utils/cleanup.h` was not installed,
but 779f06865c ("pod: add spa_auto support for dynamic builder")
included it in a public header. So now `cleanup.h` also needs to
be installed like any other public header so as to not break
3rd party users.
For example, `xdg-desktop-portal-wlr` would break:
https://codesearch.debian.net/search?q=spa_pod_dynamic_builder_init&literal=1
As part of this, in alsa-udev.c, certain structures and variables referred
to as "device" are renamed to "card". Otherwise, there is ambiguity, since
"device" can mean a udev device, an SPA device, a compress-offload device,
a PCM device etc.
Also, replace "card id" with "card number" to emphasize that these integers
are not actually SPA object IDs.
The tag param has a list of arbitrary key/value pairs. Like the Latency
param, it travels up and downstream. Mixers will append the info
dictionaries or do some more fancy merging.
The purpose is to transport arbirary metadata, out-of-band, through the
graph and it's used for stream metadata and other stream properties.
before gcc 10 its not supporting pointer dereferencing in __typeof__.
so made changes according to that. Fixes#3375
clang also defines __GNUC__ and resolves '4' along with __clang__ which
resolves '1'. On any version of clang, __GNUC__ and resolves '4'.
anyway clang has this feature since version 3.
systemd, dbus-broker, and many glib applications heavily
utilize the GNU C attribute "cleanup" to achieve C++ RAII-like
semantics for local resource management. This commit introduces
essentialy same mechanism into pipewire.
At the moment, this is inteded to be a strictly private API.
free() and close() as cleanup targets are sufficiently common
to warrant their own special macros:
spa_autofree char *s = strdup(p);
// will call `free(s)` at the end of the lifetime of `s`
spa_autoclose int fd = openat(...);
// will call `close(fd)` if `fd >= 0` at the end of the lifetime of `fd`
However, with `spa_auto()` or `spa_autoptr()` it is possible to define
other variables that will be cleaned up properly. Currently four are supported:
spa_autoptr(FILE) f = fopen(...);
// `f` has type `FILE *`
// will call `fclose(f)` if `f != NULL`
spa_autoptr(DIR) d = opendir(...);
// `d` has type `DIR *`
// will call `closedir(d)` if `d != NULL`
spa_autoptr(pw_properties) p = pw_properties_new(NULL, NULL);
// `p` has type `struct pw_properties *`
// will call `pw_properties_free(p)`
spa_auto(pw_strv) v = pw_split_strv(...);
// `v` has type `char **`
// will call `pw_strv_free(v)`
It is possible to add support for other types, e.g.
SPA_DEFINE_AUTOPTR_CLEANUP(pw_main_loop, struct pw_main_loop, {
// the pointer can be accessed using `*thing`
// `thing` has type `struct pw_main_loop **`
spa_clear_ptr(*thing, pw_main_loop_destroy);
})
spa_autoptr(pw_main_loop) l = ...;
// `l` has type `struct pw_main_loop *`
// will call `pw_main_loop_destroy(l)`
or
SPA_DEFINE_AUTO_CLEANUP(spa_pod_dynamic_builder, struct spa_pod_dynamic_builder, {
// `thing` has type `struct spa_pod_dynamic_builder *`
spa_pod_dynamic_builder_clean(thing);
})
spa_auto(spa_pod_dynamic_builder) builder = ...
// `builder` has type `struct spa_pod_dynamic_builder`
// will call `spa_pod_dynamic_builder_clean(&builder)`
The first argument is always an arbitrary name. This name must be passed to
`spa_auto()` and `spa_autoptr()` as it is what determines the actual type
and destructor used. The second parameter is the concrete type. For
`SPA_DEFINE_AUTO_CLEANUP()` this is the concrete type to be used, while for
`SPA_DEFINE_AUTOPTR_CLEANUP()` it is the concrete type without the
outermost pointer. That is,
SPA_DEFINE_AUTOPTR_CLEANUP(A, foo, ...)
SPA_DEFINE_AUTO_CLEANUP(B, foo, ...)
spa_autoptr(A) x; // `x` has type `foo *`
spa_auto(B) y; // `y` has type `foo`
A couple other macros are also added:
spa_clear_ptr(ptr, destructor)
// calls `destructor(ptr)` if `ptr != NULL` and sets `ptr` to `NULL`
spa_clear_fd(fd)
// calls `close(fd)` if `fd >= 0` and sets `fd` to -1
spa_steal_ptr(ptr)
// sets `ptr` to `NULL` and returns the old value,
// useful for preventing the auto cleanup mechanism from kicking in
// when returning the pointer from a function
spa_steal_fd(fd)
// sets `fd` to -1 and returns the old value
Add a _fast callback function that skips the version and method check.
We can use this in places where performance is critical when we do the
check out of the critical loops.
Make all system methods _fast calls. We expect them to exist and have
the right version. If we add new versions we can make them slow.
Single argument static_assert() is only available since
C++17 and C23. Some compilers accept it even in earlier language
versions, but some do not.
Single argument static assertions can be supported by using
a GCC extensions, namely that `, ## __VA_ARGS__` removes the
comma if the variadic argument list is empty. This enables a
construction which passes a pre-determined string as the second
argument of the underlying static_assert() when only a single
argument is used in the `SPA_STATIC_ASSERT()` macro.
Fixes#3050
