Commit c6482dde authored by Arjan van de Ven's avatar Arjan van de Ven Committed by Linus Torvalds
[PATCH] fix AB-BA deadlock inversion at cs46xx_dsp_remove_scb

There is a code sequence where the locking is substream->self_group.lock
-> ins->scbs[index].lock

substream->self_group.lock is interrupt safe, and taken from irq context
as well (trace is snipped for brevity)

so what can happen is

   cpu 0                   	cpu 1
   user context			user context

				take ins->scbs[index].lock without disabling interrupts

   get substream->self_group.lock (irqsafe)
   try to get ins->scbs[index].lock (spins)

				interrupt happens
				try to get substream->self_group.lock (spins)

which is an obvious AB-BA deadlock

fix is to just take the lock with _irqsafe
Signed-off-by: default avatarArjan van de Ven <>
Cc: Jaroslav Kysela <>
Acked-by: default avatarTakashi Iwai <>
Signed-off-by: default avatarAndrew Morton <>
Signed-off-by: default avatarLinus Torvalds <>
parent a46f9484
......@@ -180,6 +180,7 @@ static void _dsp_clear_sample_buffer (struct snd_cs46xx *chip, u32 sample_buffer
void cs46xx_dsp_remove_scb (struct snd_cs46xx *chip, struct dsp_scb_descriptor * scb)
struct dsp_spos_instance * ins = chip->dsp_spos_instance;
unsigned long flags;
/* check integrety */
snd_assert ( (scb->index >= 0 &&
......@@ -194,9 +195,9 @@ void cs46xx_dsp_remove_scb (struct snd_cs46xx *chip, struct dsp_scb_descriptor *
goto _end);
spin_lock_irqsave(&scb->lock, flags);
_dsp_unlink_scb (chip,scb);
spin_unlock_irqrestore(&scb->lock, flags);
snd_assert (scb->scb_symbol != NULL, return );
