From patchwork Tue Apr 5 05:46:42 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Henningsson X-Patchwork-Id: 89767 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from chlorine.canonical.com (chlorine.canonical.com [91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 29568B6EEB for ; Tue, 5 Apr 2011 15:47:00 +1000 (EST) Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1Q6z6C-0001vu-RD; Tue, 05 Apr 2011 05:46:44 +0000 Received: from adelie.canonical.com ([91.189.90.139]) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1Q6z6A-0001vp-RM for kernel-team@lists.ubuntu.com; Tue, 05 Apr 2011 05:46:42 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by adelie.canonical.com with esmtp (Exim 4.71 #1 (Debian)) id 1Q6z6A-0000rQ-NF for ; Tue, 05 Apr 2011 05:46:42 +0000 Received: from c-83-233-18-148.cust.bredband2.com ([83.233.18.148] helo=[192.168.8.102]) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1Q6z6A-0006uf-Kc for kernel-team@lists.ubuntu.com; Tue, 05 Apr 2011 05:46:42 +0000 Message-ID: <4D9AACC2.1080708@canonical.com> Date: Tue, 05 Apr 2011 07:46:42 +0200 From: David Henningsson User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.15) Gecko/20110307 Thunderbird/3.1.9 MIME-Version: 1.0 To: kernel-team@lists.ubuntu.com Subject: UBUNTU (pre-stable) Natty: ALSA: pcm: fix infinite loop in snd_pcm_update_hw_ptr0() X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.13 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: kernel-team-bounces@lists.ubuntu.com Errors-To: kernel-team-bounces@lists.ubuntu.com While this hasn't reached all trees yet, I think we should pick it up ASAP, due to what it prevents: hard lockups with interrupts disabled. From 12ff414e2e4512f59fe191dc18e856e2939a1c79 Mon Sep 17 00:00:00 2001 From: Kelly Anderson Date: Fri, 1 Apr 2011 11:58:25 +0200 Subject: [PATCH] ALSA: pcm: fix infinite loop in snd_pcm_update_hw_ptr0() When period interrupts are disabled, snd_pcm_update_hw_ptr0() compares the current time against the time estimated for the current hardware pointer to detect xruns. The somewhat fuzzy threshold in the while loop makes it possible that hdelta becomes negative; the comparison being done with unsigned types then makes the loop go through the entire 263 negative range, and, depending on the value, never reach an unsigned value that is small enough to stop the loop. Doing this with interrupts disabled results in the machine locking up. To prevent this, ensure that the loop condition uses signed types for both operands so that the comparison is correctly done. Many thanks to Kelly Anderson for debugging this. Reported-by: Nix Reported-by: "Christopher K." Reported-and-tested-by: Kelly Anderson Signed-off-by: Kelly Anderson [cl: remove unneeded casts; use a temp variable] Signed-off-by: Clemens Ladisch Cc: 2.6.38 Signed-off-by: Takashi Iwai --- sound/core/pcm_lib.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/sound/core/pcm_lib.c b/sound/core/pcm_lib.c index a82e3756..64449cb 100644 --- a/sound/core/pcm_lib.c +++ b/sound/core/pcm_lib.c @@ -375,6 +375,7 @@ static int snd_pcm_update_hw_ptr0(struct snd_pcm_substream *substream, } if (runtime->no_period_wakeup) { + snd_pcm_sframes_t xrun_threshold; /* * Without regular period interrupts, we have to check * the elapsed time to detect xruns. @@ -383,7 +384,8 @@ static int snd_pcm_update_hw_ptr0(struct snd_pcm_substream *substream, if (jdelta < runtime->hw_ptr_buffer_jiffies / 2) goto no_delta_check; hdelta = jdelta - delta * HZ / runtime->rate; - while (hdelta > runtime->hw_ptr_buffer_jiffies / 2 + 1) { + xrun_threshold = runtime->hw_ptr_buffer_jiffies / 2 + 1; + while (hdelta > xrun_threshold) { delta += runtime->buffer_size; hw_base += runtime->buffer_size; if (hw_base >= runtime->boundary) -- 1.7.4.1