From: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com>
To: "Gyeongtaek Lee" <gt82.lee@samsung.com>
Cc: alsa-devel@alsa-project.org, khw0178.kim@samsung.com,
'Takashi Iwai' <tiwai@suse.de>,
'Pierre-Louis Bossart' <pierre-louis.bossart@linux.intel.com>,
lgirdwood@gmail.com, kimty@samsung.com, donggyun.ko@samsung.com,
hmseo@samsung.com, cpgs@samsung.com, s47.kang@samsung.com,
pilsun.jang@samsung.com, tkjung@samsung.com
Subject: Re: [PATCH] ASoC: dpcm: acquire dpcm_lock in dpcm_do_trigger()
Date: 03 Dec 2020 07:33:03 +0900 [thread overview]
Message-ID: <87tut3c08p.wl-kuninori.morimoto.gx@renesas.com> (raw)
In-Reply-To: <2038148563.21606894682167.JavaMail.epsvc@epcpadp4>
Hi Gyeongtaek
Thank you for your patch
> If stop by underrun and DPCM BE disconnection is run simultaneously,
> data abort can be occurred by the sequence below.
>
> /* In core X, running dpcm_be_dai_trigger() */
> for_each_dpcm_be(fe, stream, dpcm) {
> /* In core Y, running dpcm_be_disconnect() */
> spin_lock_irqsave(&fe->card->dpcm_lock, flags);
> list_del(&dpcm->list_be);
> list_del(&dpcm->list_fe);
> spin_unlock_irqrestore(&fe->card->dpcm_lock, flags);
> kfree(dpcm);
> /* In core X, running dpcm_be_dai_trigger() */
> struct snd_soc_pcm_runtime *be = dpcm->be; <== Accessing freed memory
It is easy to read/understand if this code has alignment.
> To prevent this situation, dpcm_lock should be acquired during
> iteration of dpcm list in dpcm_do_trigger().
>
> Signed-off-by: Gyeongtaek Lee <gt82.lee@samsung.com>
> Cc: stable@vger.kernel.org
> ---
Is this bugfix patch for some recent commit ?
If so, having Fixes: tag is helpful.
Thank you for your help !!
Best regards
---
Kuninori Morimoto
next prev parent reply other threads:[~2020-12-02 22:34 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20201202072607epcas2p43171cd23ab1752db8d71b2ed5f581aa8@epcas2p4.samsung.com>
2020-12-02 7:26 ` [PATCH] ASoC: dpcm: acquire dpcm_lock in dpcm_do_trigger() Gyeongtaek Lee
2020-12-02 22:33 ` Kuninori Morimoto [this message]
2020-12-03 1:06 ` Gyeongtaek Lee
[not found] <CGME20201127014343epcas2p10bf524de048e0a659aa2486080375a75@epcas2p1.samsung.com>
2020-11-27 1:43 ` Gyeongtaek Lee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87tut3c08p.wl-kuninori.morimoto.gx@renesas.com \
--to=kuninori.morimoto.gx@renesas.com \
--cc=alsa-devel@alsa-project.org \
--cc=cpgs@samsung.com \
--cc=donggyun.ko@samsung.com \
--cc=gt82.lee@samsung.com \
--cc=hmseo@samsung.com \
--cc=khw0178.kim@samsung.com \
--cc=kimty@samsung.com \
--cc=lgirdwood@gmail.com \
--cc=pierre-louis.bossart@linux.intel.com \
--cc=pilsun.jang@samsung.com \
--cc=s47.kang@samsung.com \
--cc=tiwai@suse.de \
--cc=tkjung@samsung.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).