Syzkaller report this:
BUG: KASAN: double-free or invalid-free in
stm_source_register_device+0x137/0x2b0 [stm_core]
CPU: 1 PID: 6763 Comm: syz-executor.0 Tainted: G C5.0.0+ #5
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS 1.10.2-1ubuntu1 04/01/2014
Call Trace:
__du
On 4/18/2019 12:52 PM, Pan Bian wrote:
The function stm_register_device() calls put_device(&stm->dev) to
release allocated memory (in stm_device_release()) on error paths.
However, after that, the freed memory stm is released again, resulting
in a double free bug. There is a similar issue in th
The function stm_register_device() calls put_device(&stm->dev) to
release allocated memory (in stm_device_release()) on error paths.
However, after that, the freed memory stm is released again, resulting
in a double free bug. There is a similar issue in the function
stm_source_register_device. This
3 matches
Mail list logo
