On Wed, 2019-03-06 at 10:19 +0100, Jaroslav Kysela wrote: > Dne 06. 03. 19 v 9:46 KaiChieh Chuang napsal(a): > > the dpcm get from fe_clients/be_clients > > may be free before use > > > > @@ -1294,9 +1294,11 @@ void dpcm_be_disconnect(struct snd_soc_pcm_runtime *fe, int stream) > > #ifdef CONFIG_DEBUG_FS > > debugfs_remove(dpcm->debugfs_state); > > #endif > > + spin_lock(&fe->card->dpcm_lock); > > list_del(&dpcm->list_be); > > list_del(&dpcm->list_fe); > > kfree(dpcm); > > + spin_unlock(&fe->card->dpcm_lock); > > The unlock might be moved before kfree(). Also, I don't see the > list_add() spin lock protection in your patch. > > Jaroslav > The dpcm_lock in this patch is to protect the instance of dpcm, e.g. protect dpcm not to be free while dereference from the be_clients/fe_clients. The lock is not meant to protect the list "be_clients" and "fe_client", e.g. not meant to protect add/remove dpcm from these list. The lock is added only at the places that may have race with dpcm_be_disconnect(), e.g. kfree(dpcm). And note that, many places that call for_each_dpcm_be/fe() cannot use spin_lock, since there are pcm callbacks which can sleep. _______________________________________________ Alsa-devel mailing list Alsa-devel@xxxxxxxxxxxxxxxx https://mailman.alsa-project.org/mailman/listinfo/alsa-devel
