From: Arnd Bergmann <arnd@arndb.de>
To: Dan Carpenter <error27@gmail.com>
Cc: Jaroslav Kysela <perex@perex.cz>, Takashi Iwai <tiwai@suse.de>,
alsa-devel@alsa-project.org, kernel-janitors@vger.kernel.org,
linux-sparse@vger.kernel.org, Josh Triplett <josh@kernel.org>
Subject: Re: [patch 1/2] OSS: soundcard: locking bug in sound_ioctl()
Date: Mon, 11 Oct 2010 10:13:27 +0200 [thread overview]
Message-ID: <201010111013.28952.arnd@arndb.de> (raw)
In-Reply-To: <201010102039.34858.arnd@arndb.de>
On Sunday 10 October 2010 20:39:34 Arnd Bergmann wrote:
> On Sunday 10 October 2010 19:33:52 Dan Carpenter wrote:
> > We shouldn't return directly here because we're still holding the
> > &soundcard_mutex.
> >
> > This bug goes all the way back to the start of git. It's strange that
> > no one has complained about it as a runtime bug.
> >
> > CC: stable@kernel.org
> > Signed-off-by: Dan Carpenter <error27@gmail.com>
>
> It was only recently converted to a mutex from the BKL, which is much
> more friendly to misusage because it is automatically released when
> the kernel sleeps or when the program exits.
>
> The behavior was already broken with the BKL but the problem was far
> less visible. I fear we might be seeing more of these as fallout from
> the BKL removal. Sparse should be able to detect most of these cases
> though, so maybe we can look more carefully for them.
Hmm, actually sparse does *not* warn about sound_ioctl returning in
different lock contexts. Sparse developers: is there a known limitation
in sparse for this? I expected to see context warnings because
sound_ioctl normally releases soundcard_mutex (previously lock_kernel)
in some cases returns while holding the lock.
Arnd
WARNING: multiple messages have this Message-ID (diff)
From: Arnd Bergmann <arnd@arndb.de>
To: Dan Carpenter <error27@gmail.com>
Cc: Jaroslav Kysela <perex@perex.cz>, Takashi Iwai <tiwai@suse.de>,
alsa-devel@alsa-project.org, kernel-janitors@vger.kernel.org,
linux-sparse@vger.kernel.org, Josh Triplett <josh@kernel.org>
Subject: Re: [patch 1/2] OSS: soundcard: locking bug in sound_ioctl()
Date: Mon, 11 Oct 2010 08:13:27 +0000 [thread overview]
Message-ID: <201010111013.28952.arnd@arndb.de> (raw)
In-Reply-To: <201010102039.34858.arnd@arndb.de>
On Sunday 10 October 2010 20:39:34 Arnd Bergmann wrote:
> On Sunday 10 October 2010 19:33:52 Dan Carpenter wrote:
> > We shouldn't return directly here because we're still holding the
> > &soundcard_mutex.
> >
> > This bug goes all the way back to the start of git. It's strange that
> > no one has complained about it as a runtime bug.
> >
> > CC: stable@kernel.org
> > Signed-off-by: Dan Carpenter <error27@gmail.com>
>
> It was only recently converted to a mutex from the BKL, which is much
> more friendly to misusage because it is automatically released when
> the kernel sleeps or when the program exits.
>
> The behavior was already broken with the BKL but the problem was far
> less visible. I fear we might be seeing more of these as fallout from
> the BKL removal. Sparse should be able to detect most of these cases
> though, so maybe we can look more carefully for them.
Hmm, actually sparse does *not* warn about sound_ioctl returning in
different lock contexts. Sparse developers: is there a known limitation
in sparse for this? I expected to see context warnings because
sound_ioctl normally releases soundcard_mutex (previously lock_kernel)
in some cases returns while holding the lock.
Arnd
next prev parent reply other threads:[~2010-10-11 8:13 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-10 17:33 [patch 1/2] OSS: soundcard: locking bug in sound_ioctl() Dan Carpenter
2010-10-10 17:33 ` Dan Carpenter
2010-10-10 18:39 ` Arnd Bergmann
2010-10-10 18:39 ` Arnd Bergmann
2010-10-11 8:13 ` Arnd Bergmann [this message]
2010-10-11 8:13 ` Arnd Bergmann
2010-10-11 8:50 ` Johannes Berg
2010-10-11 8:50 ` Johannes Berg
2010-10-11 10:50 ` Arnd Bergmann
2010-10-11 10:50 ` Arnd Bergmann
2010-10-11 10:52 ` Johannes Berg
2010-10-11 10:52 ` Johannes Berg
2010-10-11 18:54 ` Josh Triplett
2010-10-11 18:54 ` Josh Triplett
2010-10-11 20:42 ` Arnd Bergmann
2010-10-11 20:42 ` Arnd Bergmann
2010-10-11 22:23 ` Josh Triplett
2010-10-11 22:23 ` Josh Triplett
2010-10-12 6:39 ` Arnd Bergmann
2010-10-12 6:39 ` Arnd Bergmann
2010-10-12 6:43 ` Josh Triplett
2010-10-12 6:43 ` Josh Triplett
2010-10-11 11:59 ` Takashi Iwai
2010-10-11 11:59 ` Takashi Iwai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201010111013.28952.arnd@arndb.de \
--to=arnd@arndb.de \
--cc=alsa-devel@alsa-project.org \
--cc=error27@gmail.com \
--cc=josh@kernel.org \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-sparse@vger.kernel.org \
--cc=perex@perex.cz \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.