Re: [syzbot] [sound?] possible deadlock in snd_pcm_period_elapsed (4)
From: Hillf Danton
Date: Fri Mar 15 2024 - 21:23:33 EST
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
--- x/sound/core/timer.c
+++ y/sound/core/timer.c
@@ -409,8 +409,9 @@ static void snd_timer_close_locked(struc
struct snd_timer *timer = timeri->timer;
if (timer) {
- guard(spinlock)(&timer->lock);
+ spin_lock_irq(&timer->lock);
timeri->flags |= SNDRV_TIMER_IFLG_DEAD;
+ spin_unlock_irq(&timer->lock);
}
if (!list_empty(&timeri->open_list)) {
--- x/drivers/virtio/virtio_ring.c
+++ y/drivers/virtio/virtio_ring.c
@@ -316,7 +316,13 @@ static void *vring_alloc_queue(struct vi
return dma_alloc_coherent(dma_dev, size,
dma_handle, flag);
} else {
- void *queue = alloc_pages_exact(PAGE_ALIGN(size), flag);
+ void *queue;
+ unsigned long sz = PAGE_ALIGN(size);
+ unsigned int order = 0;
+
+ while ((PAGE_SIZE << order) < sz)
+ order++;
+ queue = (void *) __get_free_pages(flag, order);
if (queue) {
phys_addr_t phys_addr = virt_to_phys(queue);
@@ -334,7 +340,7 @@ static void *vring_alloc_queue(struct vi
* unrepresentable address.
*/
if (WARN_ON_ONCE(*dma_handle != phys_addr)) {
- free_pages_exact(queue, PAGE_ALIGN(size));
+ free_pages((unsigned long) queue, order);
return NULL;
}
}
@@ -348,8 +354,14 @@ static void vring_free_queue(struct virt
{
if (vring_use_dma_api(vdev))
dma_free_coherent(dma_dev, size, queue, dma_handle);
- else
- free_pages_exact(queue, PAGE_ALIGN(size));
+ else {
+ unsigned long sz = PAGE_ALIGN(size);
+ unsigned int order = 0;
+
+ while ((PAGE_SIZE << order) < sz)
+ order++;
+ free_pages((unsigned long) queue, order);
+ }
}
/*
--