diff options
| author | Takashi Iwai <tiwai@suse.de> | 2016-02-17 14:30:26 +0100 |
|---|---|---|
| committer | Sasha Levin <sasha.levin@oracle.com> | 2016-03-04 10:18:43 -0500 |
| commit | bec2f3e615c4498b07d9905371d787a3d5dc9b8d (patch) | |
| tree | 97702438ea44a696805e7fd6001c5aae8df751aa | |
| parent | b1fa3e907a01216659a04c3c2531d257be4c809b (diff) | |
| download | linux-stable-bec2f3e615c4498b07d9905371d787a3d5dc9b8d.tar.gz linux-stable-bec2f3e615c4498b07d9905371d787a3d5dc9b8d.tar.bz2 linux-stable-bec2f3e615c4498b07d9905371d787a3d5dc9b8d.zip | |
ALSA: pcm: Fix rwsem deadlock for non-atomic PCM stream
[ Upstream commit 67ec1072b053c15564e6090ab30127895dc77a89 ]
A non-atomic PCM stream may take snd_pcm_link_rwsem rw semaphore twice
in the same code path, e.g. one in snd_pcm_action_nonatomic() and
another in snd_pcm_stream_lock(). Usually this is OK, but when a
write lock is issued between these two read locks, the problem
happens: the write lock is blocked due to the first reade lock, and
the second read lock is also blocked by the write lock. This
eventually deadlocks.
The reason is the way rwsem manages waiters; it's queued like FIFO, so
even if the writer itself doesn't take the lock yet, it blocks all the
waiters (including reads) queued after it.
As a workaround, in this patch, we replace the standard down_write()
with an spinning loop. This is far from optimal, but it's good
enough, as the spinning time is supposed to be relatively short for
normal PCM operations, and the code paths requiring the write lock
aren't called so often.
Reported-by: Vinod Koul <vinod.koul@intel.com>
Tested-by: Ramesh Babu <ramesh.babu@intel.com>
Cc: <stable@vger.kernel.org> # v3.18+
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
| -rw-r--r-- | sound/core/pcm_native.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c index 46a78c16dd36..b04802c6ffb9 100644 --- a/sound/core/pcm_native.c +++ b/sound/core/pcm_native.c @@ -77,6 +77,18 @@ static int snd_pcm_open(struct file *file, struct snd_pcm *pcm, int stream); static DEFINE_RWLOCK(snd_pcm_link_rwlock); static DECLARE_RWSEM(snd_pcm_link_rwsem); +/* Writer in rwsem may block readers even during its waiting in queue, + * and this may lead to a deadlock when the code path takes read sem + * twice (e.g. one in snd_pcm_action_nonatomic() and another in + * snd_pcm_stream_lock()). As a (suboptimal) workaround, let writer to + * spin until it gets the lock. + */ +static inline void down_write_nonblock(struct rw_semaphore *lock) +{ + while (!down_write_trylock(lock)) + cond_resched(); +} + /** * snd_pcm_stream_lock - Lock the PCM stream * @substream: PCM substream @@ -1782,7 +1794,7 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd) res = -ENOMEM; goto _nolock; } - down_write(&snd_pcm_link_rwsem); + down_write_nonblock(&snd_pcm_link_rwsem); write_lock_irq(&snd_pcm_link_rwlock); if (substream->runtime->status->state == SNDRV_PCM_STATE_OPEN || substream->runtime->status->state != substream1->runtime->status->state || @@ -1829,7 +1841,7 @@ static int snd_pcm_unlink(struct snd_pcm_substream *substream) struct snd_pcm_substream *s; int res = 0; - down_write(&snd_pcm_link_rwsem); + down_write_nonblock(&snd_pcm_link_rwsem); write_lock_irq(&snd_pcm_link_rwlock); if (!snd_pcm_stream_linked(substream)) { res = -EALREADY; |