syzbot


KASAN: use-after-free Read in snd_timer_open
Status: fixed on 2019/12/13 00:31
Reported-by: syzbot+4476917c053f60112c99@syzkaller.appspotmail.com
Fix commit: 0c4f09ceec3d ALSA: timer: Fix the breakage of slave link open
First crash: 754d, last: 753d

Cause bisection: introduced by (bisect log) :
commit 6a34367e52caea1413eb0a0dcbb524f0c9b67e82
Author: Takashi Iwai <tiwai@suse.de>
Date: Thu Nov 7 19:20:08 2019 +0000

  ALSA: timer: Fix possible race at assigning a timer instance

Crash: KASAN: use-after-free Read in snd_timer_open (log)
Repro: C syz .config
duplicates (3):
Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
KASAN: use-after-free Read in check_matching_master_slave 1 754d 754d 0/22 closed as dup on 2019/11/22 10:55
general protection fault in snd_timer_open 1 754d 754d 0/22 closed as dup on 2019/11/11 17:38
KASAN: use-after-free Read in snd_timer_close_locked 6 754d 754d 0/22 closed as dup on 2019/11/11 17:38

Sample crash report:

Crashes (87):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-linux-next-kasan-gce-root 2019/11/11 16:43 linux-next 6980b7f6f9db dc438b91 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/11/11 16:24 linux-next 6980b7f6f9db dc438b91 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/11/11 16:02 linux-next 6980b7f6f9db dc438b91 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/11/11 15:40 linux-next 6980b7f6f9db dc438b91 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/11/12 06:59 linux-next 6980b7f6f9db 048f2d49 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/12 05:57 linux-next 6980b7f6f9db 048f2d49 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/12 03:42 linux-next 6980b7f6f9db 048f2d49 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/12 01:57 linux-next 6980b7f6f9db 048f2d49 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/12 00:57 linux-next 6980b7f6f9db 048f2d49 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 22:48 linux-next 6980b7f6f9db 048f2d49 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 20:01 linux-next 6980b7f6f9db 048f2d49 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 15:04 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 13:40 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 13:39 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 13:33 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 13:33 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 13:18 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 13:18 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 13:09 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 13:00 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 12:50 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 12:44 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 12:18 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 11:36 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 11:33 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 11:31 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 11:27 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 11:26 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 11:15 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 11:12 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 11:08 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 10:56 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 10:49 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 10:48 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 10:28 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 10:12 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:48 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:45 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:40 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:37 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:34 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:29 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:23 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:23 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:23 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:10 linux-next 6980b7f6f9db dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/11 09:08 linux-next 6980b7f6f9db dc438b91 .config log report