FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-23 18:07:03 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
9f8a7658bc
linux/sound
History
Takashi Iwai 9f8a7658bc ALSA: timer: Fix zero-division by continue of uninitialized instance 
When a user timer instance is continued without the explicit start
beforehand, the system gets eventually zero-division error like:

  divide error: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN
  CPU: 1 PID: 27320 Comm: syz-executor Not tainted 4.8.0-rc3-next-20160825+ #8
  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
   task: ffff88003c9b2280 task.stack: ffff880027280000
   RIP: 0010:[<ffffffff858e1a6c>]  [<     inline     >] ktime_divns include/linux/ktime.h:195
   RIP: 0010:[<ffffffff858e1a6c>]  [<ffffffff858e1a6c>] snd_hrtimer_callback+0x1bc/0x3c0 sound/core/hrtimer.c:62
  Call Trace:
   <IRQ>
   [<     inline     >] __run_hrtimer kernel/time/hrtimer.c:1238
   [<ffffffff81504335>] __hrtimer_run_queues+0x325/0xe70 kernel/time/hrtimer.c:1302
   [<ffffffff81506ceb>] hrtimer_interrupt+0x18b/0x420 kernel/time/hrtimer.c:1336
   [<ffffffff8126d8df>] local_apic_timer_interrupt+0x6f/0xe0 arch/x86/kernel/apic/apic.c:933
   [<ffffffff86e13056>] smp_apic_timer_interrupt+0x76/0xa0 arch/x86/kernel/apic/apic.c:957
   [<ffffffff86e1210c>] apic_timer_interrupt+0x8c/0xa0 arch/x86/entry/entry_64.S:487
   <EOI>
   .....

Although a similar issue was spotted and a fix patch was merged in
commit [6b760bb2c6: ALSA: timer: fix division by zero after
SNDRV_TIMER_IOCTL_CONTINUE], it seems covering only a part of
iceberg.

In this patch, we fix the issue a bit more drastically.  Basically the
continue of an uninitialized timer is supposed to be a fresh start, so
we do it for user timers.  For the direct snd_timer_continue() call,
there is no way to pass the initial tick value, so we kick out for the
uninitialized case.

Reported-by: Dmitry Vyukov <dvyukov@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2016-09-08 10:45:05 +02:00
..
aoa
arm ALSA: arm: Fix empty menuconfig SND_ARM 2016-08-01 16:07:53 +02:00
atmel
core ALSA: timer: Fix zero-division by continue of uninitialized instance 2016-09-08 10:45:05 +02:00
drivers ALSA: dummy: Fix a use-after-free at closing 2016-06-24 15:18:32 +02:00
firewire ALSA: fireworks: accessing to user space outside spinlock 2016-08-31 16:17:15 +02:00
hda ALSA: hda: Fix krealloc() with __GFP_ZERO usage 2016-08-03 15:17:22 +02:00
i2c ALSA: ak4114: remove redundant check on err being < 0 2016-07-12 12:28:04 +02:00
isa ALSA: adlib: Utilize the module_isa_driver macro 2016-06-01 07:35:52 +02:00
mips ALSA: Remove deprecated AU1X00 AC97 driver 2016-02-08 08:17:15 +01:00
oss sound: oss: Use kernel_read_file_from_path() for mod_firmware_load() 2016-07-26 10:38:03 +02:00
parisc
pci ALSA: hda - Enable subwoofer on Dell Inspiron 7559 2016-08-30 09:41:05 +02:00
pcmcia
ppc ALSA: ppc/awacs: shut up maybe-uninitialized warning 2016-07-05 08:35:49 +02:00
sh ALSA: sh: aica: Remove deprecated create_workqueue 2016-06-07 11:23:33 +02:00
soc Merge remote-tracking branches 'asoc/fix/max98371', 'asoc/fix/nau8825', 'asoc/fix/omap', 'asoc/fix/samsung', 'asoc/fix/simple' and 'asoc/fix/wm2000' into asoc-linus 2016-08-24 19:05:25 +01:00
sparc ALSA: Add missing dependency on CONFIG_SND_TIMER 2016-01-27 07:10:38 +01:00
spi ALSA: at73c213: manage SSC clock 2016-01-20 09:59:27 +01:00
synth ALSA: emux: constify nrpn_conv_table structures 2016-01-06 10:19:49 +01:00
usb ALSA: usb-audio: Add sample rate inquiry quirk for B850V3 CP2114 2016-08-29 16:49:18 +02:00
ac97_bus.c
Kconfig
last.c
Makefile sound: oss: Use kernel_read_file_from_path() for mod_firmware_load() 2016-07-26 10:38:03 +02:00
sound_core.c sound: fix check for error condition of register_chrdev() 2015-11-07 11:14:30 +01:00