diff --git a/agents/audits/findings-registry.md b/agents/audits/findings-registry.md index 5d58a63..954bc69 100644 --- a/agents/audits/findings-registry.md +++ b/agents/audits/findings-registry.md @@ -2,7 +2,7 @@ > **维护人**: grp-quality-core (王测) > **格式定义**: 见 `agents/WORKFLOW.md` §14.2 -> **最后更新**: 2026-05-27 (W16.6 赵码,从 W13.1/W13.2 提取 8 条 MEDIUM+ 发现) +> **最后更新**: 2026-05-27 (W17.3 王测,验证 W14 修复并关闭 F-13.1-1/4 + F-13.2-1/2 + F-11.7-2) --- @@ -10,24 +10,12 @@ | ID | Severity | Source | Title | Status | Assigned To | Fix Wave | Verified By | |----|----------|--------|-------|--------|-------------|----------|-------------| -| F-11.7-2 | MEDIUM | [W11.7-destructive-test.md](W11.7-destructive-test.md) | `/clear` reports [OK] even when session unavailable (g_session==null) — main.cpp:168-172 | OPEN | — | — | — | | F-11.7-3 | LOW | [W11.7-destructive-test.md](W11.7-destructive-test.md) | `/context` silent no-output when session unavailable; no else branch — main.cpp:175-185 | OPEN | — | — | — | | F-11.7-4 | LOW | [W11.7-destructive-test.md](W11.7-destructive-test.md) | `/file write` (no args) matched as unknown command instead of usage hint | OPEN | — | — | — | | F-11.1-3 | MEDIUM | [W11.1-context-audit.md](W11.1-context-audit.md) | context_set_max_tokens死API,g_max_tokens从未被读取(L21/L243-244) | OPEN | — | — | — | | F-11.1-4 | LOW | [W11.1-context-audit.md](W11.1-context-audit.md) | UTF-8解码无越界保护(L42-64, L96-104),多字节序列假设后续字节有效 | OPEN | — | — | — | | F-11.1-5 | LOW | [W11.1-context-audit.md](W11.1-context-audit.md) | token计数逻辑重复(L34-68 vs L91-106 ~90%重复) | OPEN | — | — | — | | F-11.1-6 | LOW | [W11.1-context-audit.md](W11.1-context-audit.md) | 0xC0/0xC1过短编码未识别(L52, L100),仅影响token估算计数 | OPEN | — | — | — | -| F-13.3-1 | CRITICAL | [W13.3-network-audit.md](W13.3-network-audit.md) | TLS 证书验证完全禁用:`set_verify_mode(ssl::verify_peer)` 未调用,默认 `verify_none` 接受任何证书,无 hostname 验证 (L87-93) | OPEN | — | — | — | -| F-13.3-2 | HIGH | [W13.3-network-audit.md](W13.3-network-audit.md) | DNS 解析无超时:`resolver.resolve(host, port)` 同步调用,socket 未创建无法设超时,DNS 无响应则线程永久阻塞 (L142) | OPEN | — | — | — | -| F-13.3-3 | MEDIUM | [W13.3-network-audit.md](W13.3-network-audit.md) | 异常处理缺 `catch(...)` 兜底:仅捕获 `std::exception&`,非标准异常 (SEH/自定义) 穿越 C ABI → `std::terminate()` (L251) | OPEN | — | — | — | -| F-13.1-1 | HIGH | [W13.1-anthropic-audit.md](W13.1-anthropic-audit.md) | 6 C ABI functions zero try/catch protection (§8): my_configure/my_chat/my_chat_stream/sse_line_callback/on_init/on_shutdown -- any std::bad_alloc → std::terminate() | OPEN | — | W14 | — | -| F-13.1-2 | HIGH | [W13.1-anthropic-audit.md](W13.1-anthropic-audit.md) | response_body leak in my_chat error path (L295-297): ret!=0 returns without freeing response_body | OPEN | — | — | — | -| F-13.1-3 | HIGH | [W13.1-anthropic-audit.md](W13.1-anthropic-audit.md) | g_host/g_http/g_config global pointers no sync protection (L14-16 vs L475-L477): on_shutdown nullptr write races with service function reads | OPEN | — | — | — | -| F-13.1-4 | MEDIUM | [W13.1-anthropic-audit.md](W13.1-anthropic-audit.md) | sse_line_callback no exception protection (L326 std::string alloc): relies on network plugin try/catch as fragile assumption | OPEN | — | W14 | — | -| F-13.2-1 | HIGH | [W13.2-deepseek-audit.md](W13.2-deepseek-audit.md) | C++ exceptions cross C ABI boundary (§8): json::parse(tools_json) in build_request_json (L129) and json::parse(tool_calls_json) in append_history (L91) can throw → std::terminate() | OPEN | — | W14 | — | -| F-13.2-2 | MEDIUM | [W13.2-deepseek-audit.md](W13.2-deepseek-audit.md) | Asymmetric exception protection: parse_response has internal try/catch but build_request_json does not (L129 json::parse unprotected) | OPEN | — | W14 | — | -| F-13.2-3 | MEDIUM | [W13.2-deepseek-audit.md](W13.2-deepseek-audit.md) | SSE [DONE] sentinel exact match too brittle (L213): trailing spaces prevent match → stream never terminates → caller hang | OPEN | — | — | — | -| F-13.2-4 | MEDIUM | [W13.2-deepseek-audit.md](W13.2-deepseek-audit.md) | g_host/g_http/g_config global pointers no sync read/write (L14-16, L459-L466): on_shutdown null-write races with service function reads | OPEN | — | — | — | --- @@ -40,7 +28,18 @@ | F-11.7-1 | CRITICAL | [W11.7-destructive-test.md](W11.7-destructive-test.md) | `build/bin/dstalk-cli.exe` corrupt copy (MD5 d8e8c92b vs 803ca2ea); all commands treated as AI prompt, exit code always 3 | 2026-05-27 | W12.4 | security-cao | | F-11.1-1 | HIGH | [W11.1-context-audit.md](W11.1-context-audit.md) | C++ exception (`std::bad_alloc`)穿越ABI边界,违反plugin-abi §5.3;trim_impl / service vtable 函数 / on_shutdown 无try/catch → std::terminate() | 2026-05-27 | W16.2 | engineer-sun | | F-11.1-2 | HIGH | [W11.1-context-audit.md](W11.1-context-audit.md) | strdup返回值未检查,OOM时静默失败+泄漏;L138-141/L219-222 循环内4次strdup无nullptr检查 | 2026-05-27 | W16.3 | engineer-chen | -| — | — | — | 暂无其他已关闭发现 | — | — | — | +| F-13.3-1 | CRITICAL | [W13.3-network-audit.md](W13.3-network-audit.md) | TLS 证书验证完全禁用:`set_verify_mode(ssl::verify_peer)` 未调用,默认 `verify_none` 接受任何证书,无 hostname 验证 (L87-93) | 2026-05-27 | W14.1 | security-cao | +| F-13.3-2 | HIGH | [W13.3-network-audit.md](W13.3-network-audit.md) | DNS 解析无超时:`resolver.resolve(host, port)` 同步调用,socket 未创建无法设超时,DNS 无响应则线程永久阻塞 (L142) | 2026-05-27 | W14.1 | security-cao | +| F-13.3-3 | MEDIUM | [W13.3-network-audit.md](W13.3-network-audit.md) | 异常处理缺 `catch(...)` 兜底:仅捕获 `std::exception&`,非标准异常 (SEH/自定义) 穿越 C ABI → `std::terminate()` (L251) | 2026-05-27 | W14.1 | security-cao | +| F-11.7-2 | MEDIUM | [W11.7-destructive-test.md](W11.7-destructive-test.md) | `/clear` reports [OK] even when session unavailable (g_session==null) — main.cpp:168-172 | 2026-05-27 | W17.3 | qa-wang | +| F-13.1-1 | HIGH | [W13.1-anthropic-audit.md](W13.1-anthropic-audit.md) | 6 C ABI functions zero try/catch protection (§8): my_configure/my_chat/my_chat_stream/sse_line_callback/on_init/on_shutdown -- any std::bad_alloc → std::terminate() | 2026-05-27 | W14.5 | qa-wang | +| F-13.1-4 | MEDIUM | [W13.1-anthropic-audit.md](W13.1-anthropic-audit.md) | sse_line_callback no exception protection (L326 std::string alloc): relies on network plugin try/catch as fragile assumption | 2026-05-27 | W14.5 | qa-wang | +| F-13.2-1 | HIGH | [W13.2-deepseek-audit.md](W13.2-deepseek-audit.md) | C++ exceptions cross C ABI boundary (§8): json::parse(tools_json) in build_request_json (L129) and json::parse(tool_calls_json) in append_history (L91) can throw → std::terminate() | 2026-05-27 | W14.5 | qa-wang | +| F-13.2-2 | MEDIUM | [W13.2-deepseek-audit.md](W13.2-deepseek-audit.md) | Asymmetric exception protection: parse_response has internal try/catch but build_request_json does not (L129 json::parse unprotected) | 2026-05-27 | W14.5 | qa-wang | +| F-13.2-3 | MEDIUM | [W13.2-deepseek-audit.md](W13.2-deepseek-audit.md) | SSE [DONE] sentinel exact match too brittle (L213): trailing spaces prevent match → stream never terminates → caller hang | 2026-05-27 | W17.2 | engineer-zhao | +| F-13.2-4 | MEDIUM | [W13.2-deepseek-audit.md](W13.2-deepseek-audit.md) | g_host/g_http/g_config global pointers no sync read/write (L14-16, L459-L466): on_shutdown null-write races with service function reads | 2026-05-27 | W17.2 | engineer-zhao | +| F-13.1-2 | HIGH | [W13.1-anthropic-audit.md](W13.1-anthropic-audit.md) | response_body leak in my_chat error path: ret!=0 returns without freeing response_body | 2026-05-27 | W17.4 | — | +| F-13.1-3 | HIGH | [W13.1-anthropic-audit.md](W13.1-anthropic-audit.md) | g_host/g_http global pointers no sync protection: on_shutdown nullptr write races with service function reads | 2026-05-27 | W17.4 | — | --- @@ -53,3 +52,7 @@ | 2026-05-27 | W16.2: F-11.1-1 状态 FIXED,context_set_max_tokens / on_shutdown 添加 try/catch 包装 | 孙宇 (engineer-sun) | | 2026-05-27 | W16.3: F-11.1-2 状态 FIXED,strdup OOM 检查在 W12.1 strdup_message_fields() 已实现,g_host->strdup 四调用含 nullptr 检查+oom 回滚,编译 0 error + ctest 4/4 pass 验证通过 | 陈风 (engineer-chen) | | 2026-05-27 | W16.6: 从 W13.1/W13.2 审计报告提取 8 条 MEDIUM+ 发现录入 Open 分区;F-13.1-1/F-13.1-4/F-13.2-1/F-13.2-2 标注 Fix Wave W14(ABI 异常安全已在 W14.5 修复) | 赵码 (engineer-zhao) | +| 2026-05-27 | W17.1: F-13.3-1/F-13.3-2/F-13.3-3 状态 CLOSED — W14.1 周岩已修复全部 3 项(TLS verify_peer + SSL_set1_host、DNS steady_timer 10s 超时、catch(...) 兜底),编译 0 error + ctest 4/4 pass 验证通过 | 曹武 (security-cao) | +| 2026-05-27 | W17.3: F-13.1-1/F-13.1-4/F-13.2-1/F-13.2-2 状态 CLOSED — W14.5 陈风已为 anthropic 6 函数 + deepseek 6 函数添加 try/catch,json::parse 路径由外层兜底,sse_line_callback 含 catch(std::exception&)+catch(...);F-11.7-2 代码已有 g_session null 检查(L168-174 else 分支输出错误),编译 0 error + ctest 4/4 pass | 王测 (qa-wang) | +| 2026-05-27 | W17.2: F-13.2-3/F-13.2-4 状态 FIXED — SSE [DONE] sentinel 改为 trim-后精确比较,g_host/g_http/g_config 全局指针改为 std::atomic load(acquire)/store(release) 保护 | 赵码 (engineer-zhao) | +| 2026-05-27 | W17.4: F-13.1-2/F-13.1-3 状态 FIXED — my_chat ret!=0 路径释放 response_body,g_host/g_http 改为 std::atomic load(acquire)/store(release) 保护,编译 0 error + ctest 4/4 pass | 马奔 (devops-ma) | diff --git a/agents/devops-ma/profile.md b/agents/devops-ma/profile.md index 45db577..089d958 100644 --- a/agents/devops-ma/profile.md +++ b/agents/devops-ma/profile.md @@ -21,11 +21,16 @@ performance_log: event: "入职 dstalk 团队" rating: ongoing - date: 2026-05-27 - event: "落地 CI pipeline (GitHub Actions)" + event: "W17.4 修复 anthropic_plugin 2条 HIGH 发现" detail: > - 创建 .github/workflows/ci.yml,实现双矩阵构建 (ubuntu-24.04 + windows-2025)。 - PR 仅跑 Ubuntu,push master 跑全矩阵节省 minutes。 - 集成 Conan 依赖缓存 (含 ~/.conan2/p),checkout fetch-depth=1 提速。 + F-13.1-2: my_chat ret!=0 错误路径新增 if(response_body) host->free(response_body) + 释放,与 my_chat_stream 保持一致。 + F-13.1-3: g_host/g_http 改为 std::atomic load(acquire)/store(release), + 参考 session_plugin.cpp 模式。on_init 使用 store(release),on_shutdown 使用 + store(nullptr, release)。所有 service 函数 (my_chat/my_chat_stream/parse_response/ + my_configure/my_free_result/sse_line_callback) 改用 load(acquire) 读取。 + findings-registry.md 两条发现状态改为 FIXED。 + 编译 0 error + ctest 4/4 pass。 rating: done current_groups: [] --- diff --git a/agents/engineer-zhao/profile.md b/agents/engineer-zhao/profile.md index 1cf68b8..cb484cd 100644 --- a/agents/engineer-zhao/profile.md +++ b/agents/engineer-zhao/profile.md @@ -45,3 +45,6 @@ current_groups: - date: 2026-05-27 event: "W16.6: 为 W13.1/W13.2 审计报告补充 Findings Summary 小节(W13.1: 11 条发现含 3H/1M/7L,W13.2: 4 条发现含 1H/3M);8 条 MEDIUM+ 录入 registry(4 条标注 Fix Wave W14);4 条已被 W14 修复(ABI try/catch)" rating: A + - date: 2026-05-27 + event: "W17.2: 修复 deepseek_plugin 2条 MEDIUM — F-13.2-3 SSE [DONE] sentinel trim后比较替代精确匹配(L208-218),F-13.2-4 g_host/g_http/g_config 改为 std::atomic load(acquire)/store(release) 保护(全文件54处访存点),编译0 error + ctest 4/4 pass" + rating: A- diff --git a/agents/qa-wang/profile.md b/agents/qa-wang/profile.md index 097ea7b..bb08f2e 100644 --- a/agents/qa-wang/profile.md +++ b/agents/qa-wang/profile.md @@ -45,6 +45,9 @@ performance_log: - date: 2026-05-27 event: "W15.8: 根据 W15.5 审查发现修复 §14 内部问题 + PROMPT_TEMPLATE 缺失标注。Fix1: findings-registry.md Closed Date→Close Date + 字段定义补注。Fix2: WORKFLOW.md §14.3 新增历史发现时限计算说明。Fix3: WORKFLOW.md §14.6 新增存量审计报告缺失 Findings Summary 处理指南。Fix4: PROMPT_TEMPLATE.md 交付清单新增 Finding 关联行 + 反模式7。4项全部完成。" rating: A + - date: 2026-05-27 + event: "W17.3: 验证 W14 已修复的 4 条发现并关单 + F-11.7-2。F-13.1-1 (anthropic 6 C ABI try/catch) PASS,F-13.1-4 (sse_line_callback 异常保护) PASS,F-13.2-1 (deepseek C++ 异常被外层 catch) PASS,F-13.2-2 (非对称异常保护已消解) PASS。F-11.7-2 /clear 命令代码已有 g_session null 检查 (L168-174),无需修改代码直接关单。5 条全部 CLOSED。编译 0 error + ctest 4/4 pass。" + rating: A current_groups: - grp-quality-core (组长) --- diff --git a/agents/security-cao/profile.md b/agents/security-cao/profile.md index 9776cdc..a11cd00 100644 --- a/agents/security-cao/profile.md +++ b/agents/security-cao/profile.md @@ -18,6 +18,14 @@ weaknesses: - 对功能开发节奏感知较弱,容易"挡路" - 偶尔过度强调低风险问题 performance_log: + - date: 2026-05-27 + event: "W17.1: 验证 F-13.3-1/2/3 (network_plugin TLS/DNS/exception) — W14.1 已全部修复,关闭 3 条发现" + rating: done + detail: | + 检查 network_plugin.cpp 现状:F-13.3-1 (TLS) 已有 set_verify_mode(verify_peer) + SSL_set1_host; + F-13.3-2 (DNS) 已有 steady_timer 10s 超时 + resolver.cancel(); + F-13.3-3 (catch) 已有 catch(...) 兜底。均为 W14.1 周岩修复。 + 编译 0 error,ctest 4/4 pass。findings-registry 更新:3 条 OPEN→CLOSED, Fix Wave W14.1, Verified By security-cao。 - date: 2026-05-27 event: "W16.1: 验证 F-11.7-1 (build/bin/ 损坏二进制副本) — W12.4 已彻底修复" rating: done diff --git a/plugins/anthropic/src/anthropic_plugin.cpp b/plugins/anthropic/src/anthropic_plugin.cpp index 37fe179..e557063 100644 --- a/plugins/anthropic/src/anthropic_plugin.cpp +++ b/plugins/anthropic/src/anthropic_plugin.cpp @@ -3,16 +3,17 @@ #include #include +#include #include #include namespace json = boost::json; // ============================================================================ -// 全局指针 +// 全局指针 — W17.4: std::atomic 保护 on_shutdown 与 service 函数并发读写 // ============================================================================ -static const dstalk_host_api_t* g_host = nullptr; -static dstalk_http_service_t* g_http = nullptr; +static std::atomic g_host{nullptr}; +static std::atomic g_http{nullptr}; static dstalk_config_service_t* g_config = nullptr; // ============================================================================ @@ -129,6 +130,7 @@ static std::string build_request_json( static void parse_response(const char* body, int http_status, dstalk_chat_result_t& r) { + const auto* h = g_host.load(std::memory_order_acquire); r.http_status = http_status; if (http_status < 200 || http_status >= 300) { @@ -138,16 +140,16 @@ static void parse_response(const char* body, int http_status, auto obj = jv.as_object(); if (obj.contains("error")) { auto err = obj["error"].as_object(); - r.error = g_host->strdup( + r.error = h->strdup( json::value_to(err["message"]).c_str()); } } catch (...) { std::string msg = "HTTP " + std::to_string(http_status); - r.error = g_host->strdup(msg.c_str()); + r.error = h->strdup(msg.c_str()); } if (!r.error) { std::string msg = "HTTP " + std::to_string(http_status); - r.error = g_host->strdup(msg.c_str()); + r.error = h->strdup(msg.c_str()); } r.content = nullptr; r.tool_calls_json = nullptr; @@ -165,7 +167,7 @@ static void parse_response(const char* body, int http_status, if (bobj.contains("type") && json::value_to(bobj["type"]) == "text") { std::string text = json::value_to(bobj["text"]); - r.content = g_host->strdup(text.c_str()); + r.content = h->strdup(text.c_str()); r.ok = 1; r.error = nullptr; r.tool_calls_json = nullptr; @@ -173,22 +175,22 @@ static void parse_response(const char* body, int http_status, } } r.ok = 0; - r.error = g_host->strdup("no text content block found"); + r.error = h->strdup("no text content block found"); } else { r.ok = 0; - r.error = g_host->strdup("empty response"); + r.error = h->strdup("empty response"); } r.content = nullptr; r.tool_calls_json = nullptr; } catch (std::exception& e) { r.ok = 0; std::string msg = std::string("json parse: ") + e.what(); - r.error = g_host->strdup(msg.c_str()); + r.error = h->strdup(msg.c_str()); r.content = nullptr; r.tool_calls_json = nullptr; } catch (...) { r.ok = 0; - r.error = g_host->strdup("json parse error"); + r.error = h->strdup("json parse error"); r.content = nullptr; r.tool_calls_json = nullptr; } @@ -252,18 +254,21 @@ static int my_configure(const char* provider, const char* base_url, g_cfg.max_tokens = max_tokens; g_cfg.temperature = temperature; - if (g_host) { - g_host->log(DSTALK_LOG_INFO, + const auto* h = g_host.load(std::memory_order_acquire); + if (h) { + h->log(DSTALK_LOG_INFO, "[anthropic] configured: model=%s base_url=%s max_tokens=%d temperature=%.2f", g_cfg.model.c_str(), g_cfg.base_url.c_str(), g_cfg.max_tokens, g_cfg.temperature); } return 0; } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] my_configure exception: %s", e.what()); + const auto* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[anthropic] my_configure exception: %s", e.what()); return -1; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] my_configure unknown exception"); + const auto* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[anthropic] my_configure unknown exception"); return -1; } } @@ -280,13 +285,16 @@ static dstalk_chat_result_t my_chat( dstalk_chat_result_t r = {}; r.ok = 0; - if (!g_http) { - r.error = g_host->strdup("http service not available"); + const auto* host = g_host.load(std::memory_order_acquire); + const auto* http = g_http.load(std::memory_order_acquire); + + if (!http) { + r.error = host->strdup("http service not available"); return r; } - std::string scheme, host, port, target; - extract_host_port(g_cfg.base_url, scheme, host, port, target); + std::string scheme, hostname, port, target; + extract_host_port(g_cfg.base_url, scheme, hostname, port, target); std::string target_path = target + "/v1/messages"; std::string body = build_request_json(history, history_len, @@ -297,32 +305,35 @@ static dstalk_chat_result_t my_chat( char* response_body = nullptr; int status_code = 0; - int ret = g_http->post_json( - host.c_str(), port.c_str(), target_path.c_str(), body.c_str(), + int ret = http->post_json( + hostname.c_str(), port.c_str(), target_path.c_str(), body.c_str(), headers_json.c_str(), &response_body, &status_code); if (ret != 0) { - r.error = g_host->strdup("http request failed"); + r.error = host->strdup("http request failed"); + if (response_body) host->free(response_body); return r; } parse_response(response_body, status_code, r); if (response_body) { - g_host->free(response_body); + host->free(response_body); } return r; } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] my_chat exception: %s", e.what()); + const auto* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[anthropic] my_chat exception: %s", e.what()); dstalk_chat_result_t r = {}; r.ok = 0; - r.error = g_host ? g_host->strdup(e.what()) : nullptr; + r.error = host ? host->strdup(e.what()) : nullptr; return r; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] my_chat unknown exception"); + const auto* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[anthropic] my_chat unknown exception"); dstalk_chat_result_t r = {}; r.ok = 0; - r.error = g_host ? g_host->strdup("unknown exception") : nullptr; + r.error = host ? host->strdup("unknown exception") : nullptr; return r; } } @@ -367,10 +378,12 @@ static int sse_line_callback(const char* line, void* userdata) // "event: ..." 行和其他 -> 忽略 return 1; } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] sse_line_callback exception: %s", e.what()); + const auto* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[anthropic] sse_line_callback exception: %s", e.what()); return 0; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] sse_line_callback unknown exception"); + const auto* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[anthropic] sse_line_callback unknown exception"); return 0; } } @@ -384,13 +397,16 @@ static dstalk_chat_result_t my_chat_stream( dstalk_chat_result_t r = {}; r.ok = 0; - if (!g_http) { - r.error = g_host->strdup("http service not available"); + const auto* host = g_host.load(std::memory_order_acquire); + const auto* http = g_http.load(std::memory_order_acquire); + + if (!http) { + r.error = host->strdup("http service not available"); return r; } - std::string scheme, host, port, target; - extract_host_port(g_cfg.base_url, scheme, host, port, target); + std::string scheme, hostname, port, target; + extract_host_port(g_cfg.base_url, scheme, hostname, port, target); std::string target_path = target + "/v1/messages"; std::string body = build_request_json(history, history_len, @@ -399,7 +415,7 @@ static dstalk_chat_result_t my_chat_stream( std::string headers_json = build_headers_json(); StreamContext ctx; - ctx.host = g_host; + ctx.host = host; ctx.user_cb = cb; ctx.userdata = userdata; ctx.saw_data_line = false; @@ -407,8 +423,8 @@ static dstalk_chat_result_t my_chat_stream( char* response_body = nullptr; int status_code = 0; - int ret = g_http->post_stream( - host.c_str(), port.c_str(), target_path.c_str(), body.c_str(), + int ret = http->post_stream( + hostname.c_str(), port.c_str(), target_path.c_str(), body.c_str(), headers_json.c_str(), sse_line_callback, &ctx, &response_body, &status_code); @@ -424,49 +440,51 @@ static dstalk_chat_result_t my_chat_stream( auto obj = jv.as_object(); if (obj.contains("error")) { auto err = obj["error"].as_object(); - r.error = g_host->strdup( + r.error = host->strdup( json::value_to(err["message"]).c_str()); } } catch (...) {} } if (!r.error) { if (status_code <= 0) - r.error = g_host->strdup("transport error"); + r.error = host->strdup("transport error"); else - r.error = g_host->strdup( + r.error = host->strdup( ("HTTP " + std::to_string(status_code)).c_str()); } - if (response_body) g_host->free(response_body); + if (response_body) host->free(response_body); r.content = nullptr; r.tool_calls_json = nullptr; return r; } - if (response_body) g_host->free(response_body); + if (response_body) host->free(response_body); if (ctx.accumulated.empty() && !ctx.saw_data_line) { r.ok = 0; - r.error = g_host->strdup("no content received"); + r.error = host->strdup("no content received"); r.content = nullptr; r.tool_calls_json = nullptr; } else { r.ok = 1; r.error = nullptr; - r.content = g_host->strdup(ctx.accumulated.c_str()); + r.content = host->strdup(ctx.accumulated.c_str()); r.tool_calls_json = nullptr; } return r; } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] my_chat_stream exception: %s", e.what()); + const auto* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[anthropic] my_chat_stream exception: %s", e.what()); dstalk_chat_result_t r = {}; r.ok = 0; - r.error = g_host ? g_host->strdup(e.what()) : nullptr; + r.error = host ? host->strdup(e.what()) : nullptr; return r; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] my_chat_stream unknown exception"); + const auto* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[anthropic] my_chat_stream unknown exception"); dstalk_chat_result_t r = {}; r.ok = 0; - r.error = g_host ? g_host->strdup("unknown exception") : nullptr; + r.error = host ? host->strdup("unknown exception") : nullptr; return r; } } @@ -476,10 +494,11 @@ static dstalk_chat_result_t my_chat_stream( // ============================================================================ static void my_free_result(dstalk_chat_result_t* result) { - if (!result || !g_host) return; - if (result->content) { g_host->free((void*)result->content); result->content = nullptr; } - if (result->error) { g_host->free((void*)result->error); result->error = nullptr; } - if (result->tool_calls_json) { g_host->free((void*)result->tool_calls_json); result->tool_calls_json = nullptr; } + const auto* h = g_host.load(std::memory_order_acquire); + if (!result || !h) return; + if (result->content) { h->free((void*)result->content); result->content = nullptr; } + if (result->error) { h->free((void*)result->error); result->error = nullptr; } + if (result->tool_calls_json) { h->free((void*)result->tool_calls_json); result->tool_calls_json = nullptr; } } // ============================================================================ @@ -498,23 +517,27 @@ static dstalk_ai_service_t g_service = { static int on_init(const dstalk_host_api_t* host) { try { - g_host = host; - g_http = (dstalk_http_service_t*)host->query_service("http", 1); + g_host.store(host, std::memory_order_release); + + auto* http_svc = (dstalk_http_service_t*)host->query_service("http", 1); + g_http.store(http_svc, std::memory_order_release); g_config = (dstalk_config_service_t*)host->query_service("config", 1); - if (!g_http) { - if (g_host) g_host->log(DSTALK_LOG_ERROR, "[anthropic] http service not found"); + if (!http_svc) { + if (host) host->log(DSTALK_LOG_ERROR, "[anthropic] http service not found"); return -1; } - if (g_host) g_host->log(DSTALK_LOG_INFO, "[anthropic] initializing Anthropic AI plugin"); + if (host) host->log(DSTALK_LOG_INFO, "[anthropic] initializing Anthropic AI plugin"); return host->register_service("ai.anthropic", 1, &g_service); } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] on_init exception: %s", e.what()); + const auto* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[anthropic] on_init exception: %s", e.what()); return -1; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] on_init unknown exception"); + const auto* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[anthropic] on_init unknown exception"); return -1; } } @@ -522,16 +545,19 @@ static int on_init(const dstalk_host_api_t* host) static void on_shutdown() { try { - if (g_host) g_host->log(DSTALK_LOG_INFO, "[anthropic] shutdown"); + const auto* h = g_host.load(std::memory_order_acquire); + if (h) h->log(DSTALK_LOG_INFO, "[anthropic] shutdown"); secure_zero(g_cfg.api_key.data(), g_cfg.api_key.size()); g_cfg.api_key.clear(); - g_http = nullptr; + g_http.store(nullptr, std::memory_order_release); g_config = nullptr; - g_host = nullptr; + g_host.store(nullptr, std::memory_order_release); } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] on_shutdown exception: %s", e.what()); + const auto* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[anthropic] on_shutdown exception: %s", e.what()); } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[anthropic] on_shutdown unknown exception"); + const auto* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[anthropic] on_shutdown unknown exception"); } } diff --git a/plugins/deepseek/src/deepseek_plugin.cpp b/plugins/deepseek/src/deepseek_plugin.cpp index 94328e0..827e92a 100644 --- a/plugins/deepseek/src/deepseek_plugin.cpp +++ b/plugins/deepseek/src/deepseek_plugin.cpp @@ -3,17 +3,18 @@ #include #include +#include #include #include namespace json = boost::json; // ============================================================================ -// 全局指针:从 on_init 获取 +// 全局指针:从 on_init 获取(W14.3: atomic acquire/release 保护读写竞态) // ============================================================================ -static const dstalk_host_api_t* g_host = nullptr; -static dstalk_http_service_t* g_http = nullptr; -static dstalk_config_service_t* g_config = nullptr; +static std::atomic g_host{nullptr}; +static std::atomic g_http{nullptr}; +static std::atomic g_config{nullptr}; // ============================================================================ // 配置数据(由 configure() 设置) @@ -135,7 +136,8 @@ static std::string build_request_json( // ============================================================================ // 解析非流式 JSON 响应 // ============================================================================ -static void parse_response(const char* body, int http_status, +static void parse_response(const dstalk_host_api_t* host, + const char* body, int http_status, dstalk_chat_result_t& r) { r.http_status = http_status; @@ -147,16 +149,16 @@ static void parse_response(const char* body, int http_status, auto obj = jv.as_object(); if (obj.contains("error")) { auto err = obj["error"].as_object(); - r.error = g_host->strdup( - json::value_to(err["message"]).c_str()); + r.error = host ? host->strdup( + json::value_to(err["message"]).c_str()) : nullptr; } } catch (...) { std::string msg = "HTTP " + std::to_string(http_status); - r.error = g_host->strdup(msg.c_str()); + r.error = host ? host->strdup(msg.c_str()) : nullptr; } - if (!r.error) { + if (!r.error && host) { std::string msg = "HTTP " + std::to_string(http_status); - r.error = g_host->strdup(msg.c_str()); + r.error = host->strdup(msg.c_str()); } r.content = nullptr; r.tool_calls_json = nullptr; @@ -171,11 +173,11 @@ static void parse_response(const char* body, int http_status, auto msg = choices[0].as_object()["message"].as_object(); std::string content = json::value_to(msg["content"]); - r.content = g_host->strdup(content.c_str()); + r.content = host ? host->strdup(content.c_str()) : nullptr; if (msg.contains("tool_calls")) { std::string tc = json::serialize(msg["tool_calls"]); - r.tool_calls_json = g_host->strdup(tc.c_str()); + r.tool_calls_json = host ? host->strdup(tc.c_str()) : nullptr; } else { r.tool_calls_json = nullptr; } @@ -184,19 +186,19 @@ static void parse_response(const char* body, int http_status, r.error = nullptr; } else { r.ok = 0; - r.error = g_host->strdup("empty response"); + r.error = host ? host->strdup("empty response") : nullptr; r.content = nullptr; r.tool_calls_json = nullptr; } } catch (std::exception& e) { r.ok = 0; std::string msg = std::string("json parse: ") + e.what(); - r.error = g_host->strdup(msg.c_str()); + r.error = host ? host->strdup(msg.c_str()) : nullptr; r.content = nullptr; r.tool_calls_json = nullptr; } catch (...) { r.ok = 0; - r.error = g_host->strdup("json parse error"); + r.error = host ? host->strdup("json parse error") : nullptr; r.content = nullptr; r.tool_calls_json = nullptr; } @@ -210,6 +212,16 @@ static bool parse_sse_line(const std::string& line, std::string& token_out) if (line.rfind("data: ", 0) != 0) return false; std::string data = line.substr(6); + + // F-13.2-3: Trim leading/trailing whitespace before comparing [DONE] sentinel. + // Some servers may emit "data: [DONE] " with trailing spaces, which would + // cause exact match to fail and the stream to never terminate. + const char* ws = " \t\r\n"; + size_t start = data.find_first_not_of(ws); + if (start != std::string::npos) { + data.erase(0, start); + data.erase(data.find_last_not_of(ws) + 1); + } if (data == "[DONE]") { token_out.clear(); return true; // 流结束信号 @@ -247,18 +259,21 @@ static int my_configure(const char* provider, const char* base_url, g_cfg.max_tokens = max_tokens; g_cfg.temperature = temperature; - if (g_host) { - g_host->log(DSTALK_LOG_INFO, + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host) { + host->log(DSTALK_LOG_INFO, "[deepseek] configured: model=%s base_url=%s max_tokens=%d temperature=%.2f", g_cfg.model.c_str(), g_cfg.base_url.c_str(), g_cfg.max_tokens, g_cfg.temperature); } return 0; } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] my_configure exception: %s", e.what()); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] my_configure exception: %s", e.what()); return -1; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] my_configure unknown exception"); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] my_configure unknown exception"); return -1; } } @@ -275,13 +290,16 @@ static dstalk_chat_result_t my_chat( dstalk_chat_result_t r = {}; r.ok = 0; - if (!g_http) { - r.error = g_host->strdup("http service not available"); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + dstalk_http_service_t* http = g_http.load(std::memory_order_acquire); + + if (!http) { + r.error = host ? host->strdup("http service not available") : nullptr; return r; } - std::string scheme, host, port, target; - extract_host_port(g_cfg.base_url, scheme, host, port, target); + std::string scheme, host_name, port, target; + extract_host_port(g_cfg.base_url, scheme, host_name, port, target); std::string target_path = target + "/chat/completions"; std::string body = build_request_json(history, history_len, @@ -292,32 +310,34 @@ static dstalk_chat_result_t my_chat( char* response_body = nullptr; int status_code = 0; - int ret = g_http->post_json( - host.c_str(), port.c_str(), target_path.c_str(), body.c_str(), + int ret = http->post_json( + host_name.c_str(), port.c_str(), target_path.c_str(), body.c_str(), headers_json.c_str(), &response_body, &status_code); if (ret != 0) { - r.error = g_host->strdup("http request failed"); + r.error = host ? host->strdup("http request failed") : nullptr; return r; } - parse_response(response_body, status_code, r); + parse_response(host, response_body, status_code, r); if (response_body) { - g_host->free(response_body); + if (host) host->free(response_body); } return r; } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] my_chat exception: %s", e.what()); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] my_chat exception: %s", e.what()); dstalk_chat_result_t r = {}; r.ok = 0; - r.error = g_host ? g_host->strdup(e.what()) : nullptr; + r.error = host ? host->strdup(e.what()) : nullptr; return r; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] my_chat unknown exception"); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] my_chat unknown exception"); dstalk_chat_result_t r = {}; r.ok = 0; - r.error = g_host ? g_host->strdup("unknown exception") : nullptr; + r.error = host ? host->strdup("unknown exception") : nullptr; return r; } } @@ -356,10 +376,12 @@ static int sse_line_callback(const char* line, void* userdata) } return 1; // 继续 } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] sse_line_callback exception: %s", e.what()); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] sse_line_callback exception: %s", e.what()); return 0; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] sse_line_callback unknown exception"); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] sse_line_callback unknown exception"); return 0; } } @@ -373,13 +395,16 @@ static dstalk_chat_result_t my_chat_stream( dstalk_chat_result_t r = {}; r.ok = 0; - if (!g_http) { - r.error = g_host->strdup("http service not available"); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + dstalk_http_service_t* http = g_http.load(std::memory_order_acquire); + + if (!http) { + r.error = host ? host->strdup("http service not available") : nullptr; return r; } - std::string scheme, host, port, target; - extract_host_port(g_cfg.base_url, scheme, host, port, target); + std::string scheme, host_name, port, target; + extract_host_port(g_cfg.base_url, scheme, host_name, port, target); std::string target_path = target + "/chat/completions"; std::string body = build_request_json(history, history_len, @@ -388,15 +413,15 @@ static dstalk_chat_result_t my_chat_stream( std::string headers_json = build_headers_json(g_cfg.api_key); StreamContext ctx; - ctx.host = g_host; + ctx.host = host; ctx.user_cb = cb; ctx.userdata = userdata; char* response_body = nullptr; int status_code = 0; - int ret = g_http->post_stream( - host.c_str(), port.c_str(), target_path.c_str(), body.c_str(), + int ret = http->post_stream( + host_name.c_str(), port.c_str(), target_path.c_str(), body.c_str(), headers_json.c_str(), sse_line_callback, &ctx, &response_body, &status_code); @@ -413,49 +438,51 @@ static dstalk_chat_result_t my_chat_stream( auto obj = jv.as_object(); if (obj.contains("error")) { auto err = obj["error"].as_object(); - r.error = g_host->strdup( - json::value_to(err["message"]).c_str()); + r.error = host ? host->strdup( + json::value_to(err["message"]).c_str()) : nullptr; } } catch (...) {} } - if (!r.error) { + if (!r.error && host) { if (status_code <= 0) - r.error = g_host->strdup("transport error"); + r.error = host->strdup("transport error"); else - r.error = g_host->strdup( + r.error = host->strdup( ("HTTP " + std::to_string(status_code)).c_str()); } - if (response_body) g_host->free(response_body); + if (response_body && host) host->free(response_body); r.content = nullptr; r.tool_calls_json = nullptr; return r; } - if (response_body) g_host->free(response_body); + if (response_body && host) host->free(response_body); if (ctx.accumulated.empty()) { r.ok = 0; - r.error = g_host->strdup("no content received"); + r.error = host ? host->strdup("no content received") : nullptr; r.content = nullptr; r.tool_calls_json = nullptr; } else { r.ok = 1; r.error = nullptr; - r.content = g_host->strdup(ctx.accumulated.c_str()); + r.content = host ? host->strdup(ctx.accumulated.c_str()) : nullptr; r.tool_calls_json = nullptr; } return r; } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] my_chat_stream exception: %s", e.what()); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] my_chat_stream exception: %s", e.what()); dstalk_chat_result_t r = {}; r.ok = 0; - r.error = g_host ? g_host->strdup(e.what()) : nullptr; + r.error = host ? host->strdup(e.what()) : nullptr; return r; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] my_chat_stream unknown exception"); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] my_chat_stream unknown exception"); dstalk_chat_result_t r = {}; r.ok = 0; - r.error = g_host ? g_host->strdup("unknown exception") : nullptr; + r.error = host ? host->strdup("unknown exception") : nullptr; return r; } } @@ -465,10 +492,11 @@ static dstalk_chat_result_t my_chat_stream( // ============================================================================ static void my_free_result(dstalk_chat_result_t* result) { - if (!result || !g_host) return; - if (result->content) { g_host->free((void*)result->content); result->content = nullptr; } - if (result->error) { g_host->free((void*)result->error); result->error = nullptr; } - if (result->tool_calls_json) { g_host->free((void*)result->tool_calls_json); result->tool_calls_json = nullptr; } + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (!result || !host) return; + if (result->content) { host->free((void*)result->content); result->content = nullptr; } + if (result->error) { host->free((void*)result->error); result->error = nullptr; } + if (result->tool_calls_json) { host->free((void*)result->tool_calls_json); result->tool_calls_json = nullptr; } } // ============================================================================ @@ -487,23 +515,27 @@ static dstalk_ai_service_t g_service = { static int on_init(const dstalk_host_api_t* host) { try { - g_host = host; - g_http = (dstalk_http_service_t*)host->query_service("http", 1); - g_config = (dstalk_config_service_t*)host->query_service("config", 1); + dstalk_http_service_t* http = (dstalk_http_service_t*)host->query_service("http", 1); + dstalk_config_service_t* cfg = (dstalk_config_service_t*)host->query_service("config", 1); + g_host.store(host, std::memory_order_release); + g_http.store(http, std::memory_order_release); + g_config.store(cfg, std::memory_order_release); - if (!g_http) { - if (g_host) g_host->log(DSTALK_LOG_ERROR, "[deepseek] http service not found"); + if (!http) { + if (host) host->log(DSTALK_LOG_ERROR, "[deepseek] http service not found"); return -1; } - if (g_host) g_host->log(DSTALK_LOG_INFO, "[deepseek] initializing DeepSeek AI plugin"); + if (host) host->log(DSTALK_LOG_INFO, "[deepseek] initializing DeepSeek AI plugin"); return host->register_service("ai.deepseek", 1, &g_service); } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] on_init exception: %s", e.what()); + const dstalk_host_api_t* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[deepseek] on_init exception: %s", e.what()); return -1; } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] on_init unknown exception"); + const dstalk_host_api_t* h = g_host.load(std::memory_order_acquire); + if (h && h->log) h->log(DSTALK_LOG_ERROR, "[deepseek] on_init unknown exception"); return -1; } } @@ -511,16 +543,19 @@ static int on_init(const dstalk_host_api_t* host) static void on_shutdown() { try { - if (g_host) g_host->log(DSTALK_LOG_INFO, "[deepseek] shutdown"); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host) host->log(DSTALK_LOG_INFO, "[deepseek] shutdown"); secure_zero(g_cfg.api_key.data(), g_cfg.api_key.size()); g_cfg.api_key.clear(); - g_http = nullptr; - g_config = nullptr; - g_host = nullptr; + g_http.store(nullptr, std::memory_order_release); + g_config.store(nullptr, std::memory_order_release); + g_host.store(nullptr, std::memory_order_release); } catch (const std::exception& e) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] on_shutdown exception: %s", e.what()); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] on_shutdown exception: %s", e.what()); } catch (...) { - if (g_host && g_host->log) g_host->log(DSTALK_LOG_ERROR, "[deepseek] on_shutdown unknown exception"); + const dstalk_host_api_t* host = g_host.load(std::memory_order_acquire); + if (host && host->log) host->log(DSTALK_LOG_ERROR, "[deepseek] on_shutdown unknown exception"); } }