[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] audio/jack: fix use after free segfault
From: |
Geoffrey McRae |
Subject: |
Re: [PATCH] audio/jack: fix use after free segfault |
Date: |
Wed, 19 Aug 2020 21:45:33 +1000 |
User-agent: |
Roundcube Webmail/1.3.8 |
On 2020-08-19 21:30, Christian Schoenebeck wrote:
On Mittwoch, 19. August 2020 00:20:07 CEST Geoffrey McRae wrote:
> Could you please describe in more detail how you ran into this
> situation with
> your 2nd audio device?
Sure. Run a Windows guest with two audio devices, let it boot up, then
restart
the jack service to trigger the recovery routine, then attempt to use
the 2nd
(non-primary) audio device. Ie, go to windows audio settings to test
the
microphone of the second audio device.
When windows try to use the 2nd audio device it goes through the
recovery
routine triggering this fault.
I still don't quite get how this correlates. So you are forcing a
restart of
jackd on host side in between, for what purpose? To simulate the
Windows
client being kicked by jackd?
For many reasons jack may need to be stopped and started again, such as
hardware changes when switching to a USB audio device, or tuning the
period size, etc. QEMU should be able to recover if the jack server goes
away, it's that simple.
The following sequence is what triggers this fault.
client1 = jack_client_open();
client2 = jack_client_open();
client1 gets a shutdown signal
jack_client_close(client1);
client1 = jack_client_open();
client2 gets a shutdown signal
jack_client_close(client2);
client2 = jack_client_open();
One would expect this sequence to work fine as it conforms to the JACK
documentation and common design practice, however, the call to
`jack_client_open` notices that there is the 2nd session and frees it
out from under the application.
This has been resolved in the v5 patch as suggested by Gerd by
scheduling a QEMUBH to perform the closures so they occur in order
before an attempt to open again. Even still this is clearly a design
flaw in the Jack2 library.
What latencies do you achieve BTW with Windows guests?
Never tested, it's not the reason why I use jack. Suffice to say it's
far better than PulseAudio, I get no stuttering issues like is commonly
reported for ALSA and PA, and allows for a high degree of
reconfigurability. The guest VM overall performs far better also as
windows is never waiting on the audio device due to the decoupling
provided by the ring buffer in my implementation.
I am aware and since these libraries are interchangeable I had assumed
that
JACK1 will have the same fault. If not I suppose we need to detect
which
is in
use and change this code appropriately.
I haven't checked this in the JACK1 code base yet, but I assume JACK1
does not
behave like JACK2 here, because the JACK API is very clear that it is
the
client's responsibility to free itself.
So it looks like a JACK2-only-bug to me.
Confirmed, this was investigated today.
Very weird that there is no jack_client_version() in the shared weak
API (i.e.
missing on JACK1 side).
I raised this as an issue today:
https://github.com/jackaudio/jack2/issues/628
The developer there seems to feel that allowing the application to know
the jack client version is a bad thing.
Best regards,
Christian Schoenebeck
- [PATCH] audio/jack: fix use after free segfault, Geoffrey McRae, 2020/08/18
- Re: [PATCH] audio/jack: fix use after free segfault, no-reply, 2020/08/18
- Re: [PATCH] audio/jack: fix use after free segfault, Christian Schoenebeck, 2020/08/18
- Re: [PATCH] audio/jack: fix use after free segfault, Geoffrey McRae, 2020/08/18
- Re: [PATCH] audio/jack: fix use after free segfault, Christian Schoenebeck, 2020/08/19
- Re: [PATCH] audio/jack: fix use after free segfault,
Geoffrey McRae <=
- Re: [PATCH] audio/jack: fix use after free segfault, Christian Schoenebeck, 2020/08/19
- Re: [PATCH] audio/jack: fix use after free segfault, Geoffrey McRae, 2020/08/19
- Re: [PATCH] audio/jack: fix use after free segfault, Christian Schoenebeck, 2020/08/19
- Re: [PATCH] audio/jack: fix use after free segfault, Geoffrey McRae, 2020/08/19
- Re: [PATCH] audio/jack: fix use after free segfault, Christian Schoenebeck, 2020/08/20
- Re: [PATCH] audio/jack: fix use after free segfault, Gerd Hoffmann, 2020/08/19