Executing below command will not produce any audio:
pacat --channels=3 /dev/urandom
Turns out that pa_stream_write() breaks large audio buffers into
segments of the maximum memblock size available -- a value which
is not necessarily frame aligned.
Meanwhile the server discards any non-aligned client audio, as a
security measure, due to some earlier reported daemon crashes.
Thus divide sent audio to the expected aligned form.
CommitReference-1: 22827a5e1e
CommitReference-2: 150ace90f3
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=98475
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=77595
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Users reported pacat crashes when playing certain multi-channel
audio. For example:
pacat --channels=2 /dev/zero works
pacat --channels=3 /dev/zero pa_stream_write() failed: EINVAL
pacat --channels=4 /dev/zero works
pacat --channels=5 /dev/zero pa_stream_write() failed: EINVAL
pacat audio playback is pipe-like, from STDIN to PA write stream.
Meanwhile STDIN "ready to read" events got regularly triggered
before the write stream was even created, or at moments where the
stream could not accept any more audio.
In these out-of-sync cases, the write stream could not report the
appropriate buffer lengths it accepts, thus a default of 4K bytes
was chosen -- compatible by luck with some channel counts and
incompatible with others.
Instead of choosing a faulty default in these scenarios, mute the
the STDIN events until the write stream is available & queriable.
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=98475
Reported-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Although such 9.0 clients support memfd transport, they have an
iochannel bug that would break memfd audio if they're run in 32
bit mode over a 64-bit kernel. Influence them to use the POSIX
shared memory model instead.
Also bump the protocol version to exclusively mark such v9.0
libraries. Check commit 451d1d6762 for further details.
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=97769
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Users reported audio breakage for 32-bit pulse clients connected
to a 64-bit server over memfds. Investigating the issue further,
the problem is twofold:
1. iochannel's file-descriptor passing code is liberal in what it
issues: produced ancillary data object's "data" section exceeds
length field. How such an extra space is handled is a grey area
in the POSIX.1g spec, the IETF RFC #2292 "Advanced Sockets API
for IPv6" memo, and the cmsg(3) manpage.
2. A 64-bit kernel handling of such extra space differs by whether
the app is 64-bit or 32-bit. For 64-bit apps, the kernel
smartly ducks the issue. For 32-bit apps, an -EINVAL is
directly returned; that's due to a kernel CMSG header traversal
bug in the networking stack "32-bit sockets emulation layer".
Compare Linux Kernel's socket.h cmsg_nxthdr() code and the
32-bit emulation layer version of it at net/compat.c
cmsg_compat_nxthdr() for further info. Notice how the former
graciously ignores incomplete CMSGs while the latter _directly_
complains about them -- as of kernel version 4.9-rc5.
(A kernel patch is to be submitted)
Details:
iochannel typically uses sendmsg() for passing FDs & credentials.
>From RFC 2292, sendmsg() control data is just a heterogeneous
array of embedded ancillary objects that can differ in length.
Linguistically, a "control message" is an ancillary data object.
For example, below is a sendmsg() "msg_control" containing two
ancillary objects:
|<---------------------- msg_controllen---------------------->|
| |
|<--- ancillary data object -->|<----- ancillary data object->|
|<------- CMSG_SPACE() ------->|<------- CMSG_SPACE() ------->|
| | |
|<-------- cmsg_len ------->| |<-------- cmsg_len ------->| |
|<------- CMSG_LEN() ------>| |<------- CMSG_LEN() ------>| |
| | | | |
+-----+-----+-----+--+------+--+-----+-----+-----+--+------+--+
|cmsg_|cmsg_|cmsg_|XX|cmsg_ |XX|cmsg_|cmsg_|cmsg_|XX|cmsg_ |XX|
|len |level|type |XX|data[]|XX|len |level|type |XX|data[]|XX|
+-----+-----+-----+--+------+--+-----+-----+-----+--+----+-+--+
^^^^^^^ Ancil Object #1 ^^^^^^^ Ancil Object #2
(control message) (control message)
^
|
+--- sendmsg() "msg_control" points here
Problem is, while passing FDs, iochannel's code try to avoid
variable-length arrays by creating a single cmsg object that can
fit as much FDs as possible:
union {
struct cmsghdr hdr;
uint8_t data[CMSG_SPACE(sizeof(int) * MAX_ANCIL_DATA_FDS)];
} cmsg; ^^^^^^^^^^^^^^^^^^
Most of the time though the number of FDs to be passed is less
than the maximum above, thus "cmsg_len" is set to the _actual_ FD
array size:
cmsg.hdr.cmsg_len = CMSG_LEN(sizeof(int) * nfd);
^^^
This inconsistency tricks the kernel into thinking that we have 2
ancillay data objects instead of one! First cmsg is valid as
intended, but the second is instantly _corrupt_ since it has a
cmsg_len size of 0 -- thus failing kernel's CMSG_OK() tests.
For 32-bit apps on a 32-bit kernel, and 64-bit apps over a 64-bit
one, the kernel's own CMSG header traversal macros just ignore the
second "incomplete" cmsg. For 32-bit apps over a 64-bit kernel
though, the kernel 32-bit socket emulation macros does not forgive
such incompleteness and directly complains of invalid args (due to
a subtle bug).
Avoid this ugly problem, which can also bite us in a pure 64-bit
environment if MAX_ANCIL_DATA_FDS got extended to 5 FDs, by
setting "cmsg_data[]" array size to "cmsg_len".
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=97769
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Openssl 1.1.0 made all structs opaque, which caused a build failure in
raop_client.c. The struct member assignments are now replaced with a
call to RSA_set0_key().
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=96726
Reviewed-by: Felipe Sateler <fsateler@debian.org>
KTH is a Swedish institution of higher education, and in its full name
spelled Kungliga Tekniska högskolan.
Signed-off-by: Anton Lundin <glance@acc.umu.se>
Bluez5 uses different profile names as bluez4, so we need to check for
a2dp_sink and headset_head_unit too for bluez5 support.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
module-xenpv-sink.c - In pa__init(...), memory for pa_modargs *ma is not released before returning from function.
Signed-off-by: Deepak Srivastava <srivastava.d@samsung.com>
systemd-hostnamed provides an icon for the machine it is running on.
If it is running, module-zeroconf-publish uses this icon for the
'icon-name' attribute in the Avahi properties. module-zeroconf-discover
passes this icon to module-tunnel using the module parameter
{sink/source}_properties.
This allows to display a portable, desktop or phone instead of
the generic sound card icon.
passing an invalid sample_spec to
pa_sample_size_of_format(),
pa_frame_size(),
pa_bytes_per_second(),
pa_bytes_to_usec(),
pa_usec_to_bytes()
currently gives a result of 0
this is problematic as
(a) it leads to many potential divide-by-zero issues flagged by Coverity,
(b) pa_sample_spec_valid() is called often and the mostly unnecessary validation
of the sample_spec cannot be optimized away due to pa_return_val_if_fail()
(c) nobody checks the result for 0 and the behaviour is not documented
this patch replaces pa_return_val_if_fail() with pa_assert()
note that this commit changes the API!
note that pa_return_val_if_fail() strangely logs an assertion, but then happily
continues...
fixes numerious CIDs
PA_PAGE_SIZE using sysconf() may return a negative number
CID 1137925, CID 1137926, CID 1138485
instead of calling sysconf() directly, add function pa_page_size()
which uses the guestimate 4096 in case sysconf(_SC_PAGE_SIZE) fails
using PA_ONCE to only evaluate sysconf() once
CID 1353122
this is a false-positive because
if (dbus_message_has_interface(p->message, "org.bluez.Manager") ||
dbus_message_has_interface(p->message, "org.bluez.Adapter"))
d = NULL;
else if (!(d = pa_hashmap_get(y->devices, dbus_message_get_path(p->message)))) {
pa_log_warn("Received GetProperties() reply from unknown device: %s (device removed?)",
dbus_message_get_path(p->message));
goto finish2;
}
d can be NULL only if p->message interface is org.bluez.Manager or
org.bluez.Adapter. If
dbus_message_is_method_call(p->message, "org.bluez.Device", "GetProperties")
returns true, we know that the interface is org.bluez.Device.
thanks, Tanu!
pa_ncpu() is supposed to report the number of processors available on
the system. For that, it currently calls sysconf(_SC_NPROCESSORS_CONF).
However, since the operating system can disable individual processors,
we should call sysconf(_SC_NPROCESSORS_ONLN) to determine the number
of processors currently available [1]. Consequently, the once-test will
fail since pthread_setaffinity_np() is called with CPUs that are
currently not available.
It might also be advisable to change the code in the future to use CPU
sets on Linux as even the suggested change is not 100% safe but at least
it improves over the existing code. If PulseAudio was to be run in a CPU
set [2], the number of processors available to PulseAudio could be even
less than the number of CPUs currently online (_SC_NPROCESSORS_CONF).
[1] https://www.gnu.org/software/libc/manual/html_node/Processor-Resources.html
[2] http://man7.org/linux/man-pages/man7/cpuset.7.html
BugLink: https://bugs.freedesktop.org/show_bug.cgi?id=96809
Signed-off-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
The pipe buffer is likely to be a power of 2 (e.g. 4096 bytes). This
works nicely for 16 bit stereo samples but breaks when using 24 bit
samples.
This patch aligns the buffer using pa_frame_align().
create_card_profile() used to get called separately for HSP and HFP,
so if a headset supports both profiles, a profile named
"headset_head_unit" would get created twice. The second instance would
get immediately freed, so that wasn't a particularly serious problem.
However, I think it makes more sense to create the profile only once.
This patch makes things so that before a profile is created, we check
what name that profile would have, and if a profile with that name
already exists, we don't create the profile.
A couple of Yocto releases (jethro and krogoth) have non-upstream
patches that suffer from this double creation. The patches add
associations between profiles and ports, and those associations use
the profile name as the key. When the second profile gets freed, the
associations between the profile and its ports get removed, and since
the profile name is used as the key, this erroneously affects the
first profile too. Crashing ensues.
BugLink: https://bugzilla.yoctoproject.org/show_bug.cgi?id=10018
Add transport_set_state() that encapsulates changing the variable,
logging and firing the change hook.
I also made a cosmetic change to the corresponding BlueZ 5 log
message so that both messages have the format that I like.
A hashmap is more convenient than a linked list for storing the UUIDs,
so change the BlueZ 4 code accordingly.
Rename the BlueZ 4 UUID constants to match the BlueZ 5 naming.
The only changes to the BlueZ 5 code are the addition of one comment
and making another comment a bit clearer.
The properties_received flag affects whether the device should be
considered valid, so let's update the valid flag after setting the
properties_received flag.
There's a call to device_update_valid() anyway later when setting
the device adapters, so this change isn't strictly necessary, but
this makes it more obvious that the code is correct (and less
fragile).
module-card-restore should only restore the initial state of new
cards, but profile_available_changed_callback() changed the profile
whenever the saved profile became available. That caused interference
with module-bluetooth-policy, which also sets card profiles based on
the availability changes.
The original reason for having this code was to work around the
problem that bluetooth cards used to be created with only one profile
available, and other profiles would become available soon after the
card creation. Now the bluetooth card creation is delayed until all
profiles are available, so this bad workaround can be removed.
Discussion:
https://lists.freedesktop.org/archives/pulseaudio-discuss/2016-August/026575.html
The CONNECTION_CHANGED hook is used to notify the discovery module
about new and removed devices. When a bluetooth device connects, the
hook used to be called immediately when the first profile connected.
That meant that only one profile was marked as available during the
card creation, other profiles would get marked as available later.
That makes it hard for module-card-restore to restore the saved
profile, if the saved profile becomes available with some delay.
module-card-restore has a workaround for this problem, but that turned
out to interfere with module-bluetooth-policy, so the workaround will
be removed in the next patch.
The BlueZ 4 code doesn't need changes, because we use the
org.bluez.Audio interface to get a notification when all profiles are
connected.
Doesn't really affect logic, but Coverity reports this as dead-code, and
I figure it makes sense to be consistent about our use of HAVE_MEMFD.
CID: 1352045
