[PATCH v1] bluetooth: Fix potential assertion failure due to unaligned packet size

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2013-01-28 at 18:25 +0100, Mikel Astiz wrote:
> From: Mikel Astiz <mikel.astiz at bmw-carit.de>
> 
> While reading from the SCO socket, there is no guarantee regarding the
> resulting packet size. In some rare cases, it might not even match the
> alignment expected in pa_source_post(), resulting in an assertion
> failure inside pa_volume_memchunk():
> 
> I: [alsa-sink] module-loopback.c: Could not peek into queue
> I: [alsa-sink] module-loopback.c: Could not peek into queue
> I: [alsa-sink] module-loopback.c: Could not peek into queue
> E: [bluetooth] sample-util.c: Assertion 'pa_frame_aligned(c->length, spec)' failed at pulsecore/sample-util.c:725, function pa_volume_memchunk(). Aborting.
> 
> Program received signal SIGABRT, Aborted.
> [Switching to Thread 0x7fffda98f700 (LWP 8058)]
> 0x00007ffff6177935 in raise () from /lib64/libc.so.6
> Missing separate debuginfos, use: debuginfo-install alsa-lib-1.0.26-1.fc17.x86_64 dbus-libs-1.4.10-7.fc17.x86_64 flac-1.2.1-9.fc17.x86_64 glibc-2.15-58.fc17.x86_64 gsm-1.0.13-6.fc17.x86_64 json-c-0.10-2.fc17.x86_64 libICE-1.0.8-1.fc17.x86_64 libSM-1.2.1-1.fc17.x86_64 libX11-1.5.0-2.fc17.x86_64 libXau-1.0.6-3.fc17.x86_64 libXext-1.3.1-1.fc17.x86_64 libXi-1.6.1-1.fc17.x86_64 libXtst-1.2.0-3.fc17.x86_64 libogg-1.3.0-1.fc17.x86_64 libsndfile-1.0.25-2.fc17.x86_64 libtool-ltdl-2.4.2-3.1.fc17.x86_64 libudev-182-3.fc17.x86_64 libuuid-2.21.2-3.fc17.x86_64 libvorbis-1.3.3-1.fc17.x86_64 libxcb-1.9-1.fc17.x86_64 speex-1.2-0.14.rc1.fc17.x86_64
> ---
> v1: Do not round down the packet size but instead just drop it entirely. Besides, improve comment with information about why this scenario could ever hold true.
> 
>  src/modules/bluetooth/module-bluetooth-device.c | 11 +++++++++++
>  1 file changed, 11 insertions(+)
> 
> diff --git a/src/modules/bluetooth/module-bluetooth-device.c b/src/modules/bluetooth/module-bluetooth-device.c
> index 9e4a8f9..33b2afa 100644
> --- a/src/modules/bluetooth/module-bluetooth-device.c
> +++ b/src/modules/bluetooth/module-bluetooth-device.c
> @@ -667,6 +667,17 @@ static int hsp_process_push(struct userdata *u) {
>  
>          pa_assert((size_t) l <= pa_memblock_get_length(memchunk.memblock));
>  
> +        /* In some rare occasions, we might receive packets of a very strange
> +         * size. This could potentially be possible if the SCO packet was
> +         * received partially over-the-air, or more probably due to hardware
> +         * issues in our Bluetooth adapter. In these cases, in order to avoid
> +         * an assertion failure due to unaligned data, just discard the whole
> +         * packet */
> +        if (!pa_frame_aligned(l, &u->sample_spec)) {
> +            pa_log_warn("SCO packet received of unaligned size: %zu", l);
> +            break;
> +        }
> +
>          memchunk.length = (size_t) l;
>          u->read_index += (uint64_t) l;

Thanks, applied.

-- 
Tanu



[Index of Archives]     [Linux Audio Users]     [AMD Graphics]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux