• Takashi Iwai's avatar
    ALSA: seq: Fix concurrent access to queue current tick/time · dc749779
    Takashi Iwai authored
    snd_seq_check_queue() passes the current tick and time of the given
    queue as a pointer to snd_seq_prioq_cell_out(), but those might be
    updated concurrently by the seq timer update.
    
    Fix it by retrieving the current tick and time via the proper helper
    functions at first, and pass those values to snd_seq_prioq_cell_out()
    later in the loops.
    
    snd_seq_timer_get_cur_time() takes a new argument and adjusts with the
    current system time only when it's requested so; this update isn't
    needed for snd_seq_check_queue(), as it's called either from the
    interrupt handler or right after queuing.
    
    Also, snd_seq_timer_get_cur_tick() is changed to read the value in the
    spinlock for the concurrency, too.
    
    Reported-by: syzbot+fd5e0eaa1a32999173b2@syzkaller.appspotmail.com
    Link: https://lore.kernel.org/r/20200214111316.26939-3-tiwai@suse.deSigned-off-by: default avatarTakashi Iwai <tiwai@suse.de>
    dc749779
seq_queue.c 18.9 KB