Re: sound: use-after-free in snd_timer_interrupt

2016-04-21 Thread Takashi Iwai
On Thu, 21 Apr 2016 10:14:10 +0200, Dmitry Vyukov wrote: > > On Wed, Apr 20, 2016 at 12:31 PM, Takashi Iwai wrote: > > On Wed, 20 Apr 2016 10:08:55 +0200, > > Takashi Iwai wrote: > >> > >> On Wed, 20 Apr 2016 09:56:04 +0200, > >> Dmitry Vyukov wrote: > >> > > >> > On Sun, Apr 3, 2016 at 8:33 AM,

Re: sound: use-after-free in snd_timer_interrupt

2016-04-21 Thread Dmitry Vyukov
On Wed, Apr 20, 2016 at 12:31 PM, Takashi Iwai wrote: > On Wed, 20 Apr 2016 10:08:55 +0200, > Takashi Iwai wrote: >> >> On Wed, 20 Apr 2016 09:56:04 +0200, >> Dmitry Vyukov wrote: >> > >> > On Sun, Apr 3, 2016 at 8:33 AM, Takashi Iwai wrote: >> > >> >> It is not easily reproducible. I've hit seve

Re: sound: use-after-free in snd_timer_interrupt

2016-04-20 Thread Takashi Iwai
On Wed, 20 Apr 2016 10:08:55 +0200, Takashi Iwai wrote: > > On Wed, 20 Apr 2016 09:56:04 +0200, > Dmitry Vyukov wrote: > > > > On Sun, Apr 3, 2016 at 8:33 AM, Takashi Iwai wrote: > > >> >> It is not easily reproducible. I've hit several times while running > > >> >> fuzzer for a week. Here is on

Re: sound: use-after-free in snd_timer_interrupt

2016-04-20 Thread Takashi Iwai
On Wed, 20 Apr 2016 09:56:04 +0200, Dmitry Vyukov wrote: > > On Sun, Apr 3, 2016 at 8:33 AM, Takashi Iwai wrote: > >> >> It is not easily reproducible. I've hit several times while running > >> >> fuzzer for a week. Here is one of the logs for the record: > >> >> https://gist.githubusercontent.co

Re: sound: use-after-free in snd_timer_interrupt

2016-04-20 Thread Dmitry Vyukov
On Sun, Apr 3, 2016 at 8:33 AM, Takashi Iwai wrote: >> >> It is not easily reproducible. I've hit several times while running >> >> fuzzer for a week. Here is one of the logs for the record: >> >> https://gist.githubusercontent.com/dvyukov/c84798ee55721563ecb537c4d51dc9f5/raw/f00b865a85877656f13b4

Re: sound: use-after-free in snd_timer_interrupt

2016-04-02 Thread Takashi Iwai
On Sun, 03 Apr 2016 08:06:09 +0200, Dmitry Vyukov wrote: > > On Sat, Apr 2, 2016 at 6:30 PM, Takashi Iwai wrote: > > On Sat, 02 Apr 2016 11:08:40 +0200, > > Dmitry Vyukov wrote: > >> > >> Hello, > >> > >> I am hitting the following use-after-free while running syzkaller > >> fuzzer on commit 8e0f

Re: sound: use-after-free in snd_timer_interrupt

2016-04-02 Thread Dmitry Vyukov
On Sat, Apr 2, 2016 at 6:30 PM, Takashi Iwai wrote: > On Sat, 02 Apr 2016 11:08:40 +0200, > Dmitry Vyukov wrote: >> >> Hello, >> >> I am hitting the following use-after-free while running syzkaller >> fuzzer on commit 8e0f93cda48ed054e1216bab5c60017e1a5fc1e8 >> >> =

Re: sound: use-after-free in snd_timer_interrupt

2016-04-02 Thread Takashi Iwai
On Sat, 02 Apr 2016 11:08:40 +0200, Dmitry Vyukov wrote: > > Hello, > > I am hitting the following use-after-free while running syzkaller > fuzzer on commit 8e0f93cda48ed054e1216bab5c60017e1a5fc1e8 > > == > BUG: KASAN: use-after-free

sound: use-after-free in snd_timer_interrupt

2016-04-02 Thread Dmitry Vyukov
Hello, I am hitting the following use-after-free while running syzkaller fuzzer on commit 8e0f93cda48ed054e1216bab5c60017e1a5fc1e8 == BUG: KASAN: use-after-free in __list_del_entry+0x1d3/0x1e0 at addr 88002ebf6e20 Read of size 8