[alsa-devel] [PATCH] ASoC: dmaengine: add runtime status checking in dmaengine_pcm_dma_complete

Mark Brown broonie at kernel.org
Fri Jun 7 16:34:28 CEST 2013

On Fri, Jun 07, 2013 at 07:57:29PM +0800, Qiao Zhou wrote:
> the dmaengine_pcm_dma_complete callback is usually executed after
> the dma interrupt, which uses tasklet_schedule, workqueue, or other
> method for quick int handler return.
> in some corner case, where pcm stream is released unexpected, like
> media server is killed, the runtime parameter will be freed. if it
> happens between the t1 and t2 in below chart, then the callback
> will try to access members of paramters which is already freed,
> and kernel panics.
> to avoid this issue, add runtime checking before other handling in
> dmaengine_pcm_dma_complete. if pcm stream is already released,
> just ignore the current handling and return.

This doesn't seem like a good or robust way of fixing this, if we're
tearing down the resources the DMA is using while the DMA is in progress
then in the worst case that might include the memory being DMAed and of
course there's races if you just check the pointer - the pointer can be
checked at the same time as it's being freed (or between the free and
the clear).

I think we should be either halting the DMA or waiting for it to finish
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mailman.alsa-project.org/pipermail/alsa-devel/attachments/20130607/417e8389/attachment.sig>

More information about the Alsa-devel mailing list