Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp490758pxv; Thu, 15 Jul 2021 08:45:52 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwwDzpLacQoZxeWgouaoOC0a2XXuBgIl/XXyRobCvDCgVijL9j2gkmu3LbFzJB3e6qCiKAs X-Received: by 2002:a92:905:: with SMTP id y5mr3042825ilg.222.1626363952038; Thu, 15 Jul 2021 08:45:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626363952; cv=none; d=google.com; s=arc-20160816; b=af8CgjGkC8Lmv//A5InY+dc8e9RA0plAGHxFlGlGpnTb+rcD9sjVAhJA4WGq+yUt83 xhrAUYTnoQAmCelT/ZEqY1L4v9HhcjkfDRXjM4CwDpYhrE5ev+rR/4RlX2XF/Ev1FIyB C6Lj5CWIPuBcY6bQj1aw4ApclkSL5ka1JwP6WHPRjRdVE/ouP/zau+F9jlZbqt6UFg4P ijverU/Z1Sp4z7FDnzM2q7haB9pxL3NV33D5VNyeCF1PJOKaO6ty01Rh2pjp4id6Glha wLQCRFc17xDwupTsc9XKfWCoG2D+6JzRZIu/FCo0kBh9sGPdUL8z9d8wEpxyCQoP601d Ck3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:subject:cc:to:from:message-id :date:dkim-signature:dkim-signature; bh=eyovRM0UMtQZ4Oa4yMcIsUCbGJmgAfI2MIXkdQ11pOo=; b=C6/MOm9znt4ignxrnWFmqbs08e57kjMxjmDH1qx3l/dwMRwhKMvnZUvWVI+x3vnN38 QC1OwiGuu3Rwx1wF8jyN6Y5enshCv+GM31zFnsQVGCiY57ZqWEob9mMxlwQkklzboQo/ vakkptMimtxMSbM4zN2naGBOmickgh4TySR3AN9LBxjIxVjUdSdPNE6h31PCjYLQUVTy 1lvLtKhdi4SFW5UNqxuswe1MX0GKhnhIT6aoSkd2gqY9F4s+M8BYzNbpGdpKUL8yLwwU BX+4OqJWBNqBW/nyZNxfyUvsmQKgTuO08wJ+b8KF1LVnsxYarVICw+07RfvSbUYYMaEy k9YQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=aXfGJxvb; dkim=neutral (no key) header.i=@suse.de header.b=5hKJdtek; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u21si6821619jak.34.2021.07.15.08.45.38; Thu, 15 Jul 2021 08:45:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=aXfGJxvb; dkim=neutral (no key) header.i=@suse.de header.b=5hKJdtek; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240361AbhGOKgP (ORCPT + 99 others); Thu, 15 Jul 2021 06:36:15 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:42728 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231670AbhGOKgP (ORCPT ); Thu, 15 Jul 2021 06:36:15 -0400 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id AC5441FE0E; Thu, 15 Jul 2021 10:33:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1626345201; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=eyovRM0UMtQZ4Oa4yMcIsUCbGJmgAfI2MIXkdQ11pOo=; b=aXfGJxvbTSic4fnSh0xk2t6YUJtIcem0rdoljN+eYD84oaQMcXBjUZBw8VdP6vCgees1XZ sXPDmtYdnAB3PkMiEHLZ4n7veUDJy9hMD0uAadVVq7bsESrMTuBpjk8lApvN+0JQWb8Geo AaLNe0kFxLpFttvt2MiVei4QSmVfNdw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1626345201; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=eyovRM0UMtQZ4Oa4yMcIsUCbGJmgAfI2MIXkdQ11pOo=; b=5hKJdtek9TPXmcnN3HC6h+m/YrOsTr5zRYqYQUDUuRpxhBMd3Hs4kGItsrZ43PFeoe48GZ KuROtMdIDYr/9bDQ== Received: from alsa1.suse.de (alsa1.suse.de [10.160.4.42]) by relay2.suse.de (Postfix) with ESMTP id 9BA66A3B9A; Thu, 15 Jul 2021 10:33:21 +0000 (UTC) Date: Thu, 15 Jul 2021 12:33:21 +0200 Message-ID: From: Takashi Iwai To: Jia-Ju Bai Cc: perex@perex.cz, tiwai@suse.com, alsa-devel@alsa-project.org, "linux-kernel@vger.kernel.org >> linux-kernel" Subject: Re: [BUG] ALSA: sb16: possible ABBA deadlock in snd_sb_csp_stop() and snd_sb_csp_load() In-Reply-To: <7b0fcdaf-cd4f-4728-2eae-48c151a92e10@gmail.com> References: <7b0fcdaf-cd4f-4728-2eae-48c151a92e10@gmail.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 Emacs/25.3 (x86_64-suse-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 15 Jul 2021 12:20:36 +0200, Jia-Ju Bai wrote: > > Hello, > > I find there is a possible ABBA deadlock in the SB16 driver in Linux 5.10: > > In snd_sb_csp_stop(): > 876:     spin_lock_irqsave(&p->chip->mixer_lock, flags); > 882:     spin_lock(&p->chip->reg_lock); > > In snd_sb_csp_load(): > 614:     spin_lock_irqsave(&p->chip->reg_lock, flags); > 653:     spin_lock(&p->chip->mixer_lock); > > When snd_sb_csp_stop() and snd_sb_csp_load() are concurrently > executed, the deadlock can occur. > > I check the code and find a possible case of such concurrent execution: > > #CPU1: > snd_sb16_playback_close >   snd_sb16_csp_playback_close (csp->ops.csp_stop(csp)) >     snd_sb_csp_stop > > #CPU2: > snd_sb_csp_ioctl >   snd_sb_csp_riff_load >     snd_sb_csp_load_user >       snd_sb_csp_load > > I am not quite sure whether this possible deadlock is real and how to > fix it if it is real. > Any feedback would be appreciated, thanks The impact must be quite low, as both functions run in different state (running or stopped), so those are basically exclusive. And, above all, there is no VM supporting this chip, hence it's only for the real hardware and it's about very old ISA boards that maybe only less than handful people in the world can run now. About the fix: just split the locks in snb_sb_csp_stop() (also snd_sb_csp_start()) like below should suffice. thanks, Takashi --- a/sound/isa/sb/sb16_csp.c +++ b/sound/isa/sb/sb16_csp.c @@ -816,6 +816,7 @@ static int snd_sb_csp_start(struct snd_sb_csp * p, int sample_width, int channel mixR = snd_sbmixer_read(p->chip, SB_DSP4_PCM_DEV + 1); snd_sbmixer_write(p->chip, SB_DSP4_PCM_DEV, mixL & 0x7); snd_sbmixer_write(p->chip, SB_DSP4_PCM_DEV + 1, mixR & 0x7); + spin_unlock_irqrestore(&p->chip->mixer_lock, flags); spin_lock(&p->chip->reg_lock); set_mode_register(p->chip, 0xc0); /* c0 = STOP */ @@ -855,6 +856,7 @@ static int snd_sb_csp_start(struct snd_sb_csp * p, int sample_width, int channel spin_unlock(&p->chip->reg_lock); /* restore PCM volume */ + spin_lock_irqsave(&p->chip->mixer_lock, flags); snd_sbmixer_write(p->chip, SB_DSP4_PCM_DEV, mixL); snd_sbmixer_write(p->chip, SB_DSP4_PCM_DEV + 1, mixR); spin_unlock_irqrestore(&p->chip->mixer_lock, flags); @@ -880,6 +882,7 @@ static int snd_sb_csp_stop(struct snd_sb_csp * p) mixR = snd_sbmixer_read(p->chip, SB_DSP4_PCM_DEV + 1); snd_sbmixer_write(p->chip, SB_DSP4_PCM_DEV, mixL & 0x7); snd_sbmixer_write(p->chip, SB_DSP4_PCM_DEV + 1, mixR & 0x7); + spin_unlock_irqrestore(&p->chip->mixer_lock, flags); spin_lock(&p->chip->reg_lock); if (p->running & SNDRV_SB_CSP_ST_QSOUND) { @@ -894,6 +897,7 @@ static int snd_sb_csp_stop(struct snd_sb_csp * p) spin_unlock(&p->chip->reg_lock); /* restore PCM volume */ + spin_lock_irqsave(&p->chip->mixer_lock, flags); snd_sbmixer_write(p->chip, SB_DSP4_PCM_DEV, mixL); snd_sbmixer_write(p->chip, SB_DSP4_PCM_DEV + 1, mixR); spin_unlock_irqrestore(&p->chip->mixer_lock, flags);