From 433465bcfcd8d9a2270cb27dd0ea933e9fefa829 Mon Sep 17 00:00:00 2001 From: Con Kolivas Date: Mon, 14 Oct 2013 11:35:47 +1100 Subject: [PATCH] Convert the usb callback function to use a cgsem_t using the timedwait code to avoid races with mutexes/conditionals. --- usbutils.c | 22 ++++++---------------- 1 file changed, 6 insertions(+), 16 deletions(-) diff --git a/usbutils.c b/usbutils.c index f9cb2281..cd7152d7 100644 --- a/usbutils.c +++ b/usbutils.c @@ -2194,15 +2194,13 @@ static char *find_end(unsigned char *buf, unsigned char *ptr, int ptrlen, int to #define USB_RETRY_MAX 5 struct usb_transfer { - pthread_mutex_t mutex; - pthread_cond_t cond; + cgsem_t cgsem; struct libusb_transfer *transfer; }; static void init_usb_transfer(struct usb_transfer *ut) { - mutex_init(&ut->mutex); - pthread_cond_init(&ut->cond, NULL); + cgsem_init(&ut->cgsem); ut->transfer = libusb_alloc_transfer(0); if (unlikely(!ut->transfer)) quit(1, "Failed to libusb_alloc_transfer"); @@ -2213,7 +2211,7 @@ static void LIBUSB_CALL transfer_callback(struct libusb_transfer *transfer) { struct usb_transfer *ut = transfer->user_data; - pthread_cond_signal(&ut->cond); + cgsem_post(&ut->cgsem); } /* Wait for callback function to tell us it has finished the USB transfer, but @@ -2221,21 +2219,15 @@ static void LIBUSB_CALL transfer_callback(struct libusb_transfer *transfer) static int callback_wait(struct usb_transfer *ut, int *transferred, unsigned int timeout) { struct libusb_transfer *transfer= ut->transfer; - struct timespec ts_now, ts_end; - struct timeval tv_now; int ret; - cgtime(&tv_now); - ms_to_timespec(&ts_end, timeout); - timeval_to_spec(&ts_now, &tv_now); - timeraddspec(&ts_end, &ts_now); - ret = pthread_cond_timedwait(&ut->cond, &ut->mutex, &ts_end); - if (ret) { + ret = cgsem_mswait(&ut->cgsem, timeout); + if (ret == ETIMEDOUT) { /* We are emulating a timeout ourself here */ libusb_cancel_transfer(transfer); /* Now wait for the callback function to be invoked. */ - pthread_cond_wait(&ut->cond, &ut->mutex); + cgsem_wait(&ut->cgsem); } ret = transfer->status; if (ret == LIBUSB_TRANSFER_CANCELLED) @@ -2281,7 +2273,6 @@ usb_bulk_transfer(struct libusb_device_handle *dev_handle, int intinfo, USBDEBUG("USB debug: @usb_bulk_transfer(%s (nodev=%s),intinfo=%d,epinfo=%d,data=%p,length=%d,timeout=%u,mode=%d,cmd=%s,seq=%d) endpoint=%d", cgpu->drv->name, bool_str(cgpu->usbinfo.nodev), intinfo, epinfo, data, length, timeout, mode, usb_cmdname(cmd), seq, (int)endpoint); init_usb_transfer(&ut); - mutex_lock(&ut.mutex); /* We give the transfer no timeout since we manage timeouts ourself */ libusb_fill_bulk_transfer(ut.transfer, dev_handle, endpoint, buf, length, transfer_callback, &ut, 0); @@ -2714,7 +2705,6 @@ static int usb_control_transfer(libusb_device_handle *dev_handle, uint8_t bmRequ int err, transferred; init_usb_transfer(&ut); - mutex_lock(&ut.mutex); libusb_fill_control_setup(buf, bmRequestType, bRequest, wValue, wIndex, wLength); libusb_fill_control_transfer(ut.transfer, dev_handle, buf, transfer_callback,