From: Andre Noll <maan@systemlinux.org>
Date: Thu, 10 Nov 2011 09:14:21 +0000 (+0100)
Subject: vss: Don't prefault header.
X-Git-Tag: v0.4.9~10
X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=commitdiff_plain;h=71bcf40d3aeed43884c8db9e44d5eade41f22db2

vss: Don't prefault header.

Commit 7bba6232 (vss: Mmap audio files using MAP_POPULATE.) introduced
read-ahead for chunks of the mmapped audio file. However, it missed
the fact that for ogg streams chunk 0 is created on the fly and stored
in a dynamically allocated buffer. Read-ahead on this buffer is likely
to access memory not owned by the process and might lead to a segfault.

Fix this bug by not performing read-ahead for chunk zero.
---

diff --git a/vss.c b/vss.c
index e336a9e7..db1beeba 100644
--- a/vss.c
+++ b/vss.c
@@ -1079,8 +1079,6 @@ static void vss_send(struct vss_task *vsst)
 			senders[i].send(mmd->current_chunk, mmd->chunks_sent,
 				buf, len, vsst->header_buf, vsst->header_len);
 		}
-		mmd->chunks_sent++;
-		mmd->current_chunk++;
 		/*
 		 * Prefault next chunk(s)
 		 *
@@ -1093,11 +1091,15 @@ static void vss_send(struct vss_task *vsst)
 		 * eliminate the delays completely. Moreover, it is supported
 		 * only on Linux. So we do our own read-ahead here.
 		 */
-		buf += len;
-		for (i = 0; i < 5 && buf < vsst->map + mmd->size; i++) {
-			__a_unused volatile char x = *buf;
-			buf += 4096;
+		if (mmd->current_chunk > 0) { /* chunk 0 might be on the heap */
+			buf += len;
+			for (i = 0; i < 5 && buf < vsst->map + mmd->size; i++) {
+				__a_unused volatile char x = *buf;
+				buf += 4096;
+			}
 		}
+		mmd->chunks_sent++;
+		mmd->current_chunk++;
 	}
 }