On Mon, 07 Mar 2022 09:05:20 +0100, Hillf Danton wrote: > > Walk around the deadlock by trying to lock tasklist_lock for write on > timer irq and scheduling workqueue work if any lock owner detected. Oh no, that's toooo ugly. And the problem isn't only here; take a look at commits f671a691e299 and 2f488f698fda. There are other users of kill_fasync() with the hard-IRQ disabled, too. So, IMO, the handling of tasklist_lock around kill_fasync() looks broken and the fix should be needed there (or other core part), instead of messing round each caller's code. thanks, Takashi > > Only for thoughts now. > > Hillf > > #syz test: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ 38f80f42147f > > --- x/sound/core/timer.c > +++ y/sound/core/timer.c > @@ -916,7 +916,14 @@ void snd_timer_interrupt(struct snd_time > } > > /* now process all fast callbacks */ > - snd_timer_process_callbacks(timer, &timer->ack_list_head); > + if (write_trylock(&tasklist_lock)) { > + write_unlock(&tasklist_lock); > + snd_timer_process_callbacks(timer, &timer->ack_list_head); > + } else { > + /* go the slow path to avoid deadlock by calling kill_fasync() */ > + list_splice_init(&timer->ack_list_head, > + &timer->sack_list_head); > + } > > /* do we have any slow callbacks? */ > use_work = !list_empty(&timer->sack_list_head); > -- >
