ALSA: intel8x0: div by zero in snd_intel8x0_update()

Sergey Senozhatsky senozhatsky at chromium.org
Sun May 16 13:23:21 CEST 2021


On (21/05/16 11:49), Takashi Iwai wrote:
> Subject: [PATCH] ALSA: intel8x0: Don't update period unless prepared
> 
> The interrupt handler of intel8x0 calls snd_intel8x0_update() whenever
> the hardware sets the corresponding status bit for each stream.  This
> works fine for most cases as long as the hardware behaves properly.
> But when the hardware gives a wrong bit set, this leads to a NULL
> dereference Oops, and reportedly, this seems what happened on a VM.

VM, yes. I didn't see NULL derefs, my VMs crash because of div by
zero in `% size`.

> For fixing the crash, this patch adds a internal flag indicating that
> the stream is ready to be updated, and check it (as well as the flag
> being in suspended) to ignore such spurious update.

I reproduced the "spurious IRQ" case, and the patch handled it correctly
(VM did not crash).

> Cc: <stable at vger.kernel.org>
> Reported-by: Sergey Senozhatsky <senozhatsky at chromium.org>
> Signed-off-by: Takashi Iwai <tiwai at suse.de>

I'll keep running test, but seems that it works as intended

Tested-by: Sergey Senozhatsky <senozhatsky at chromium.org>


More information about the Alsa-devel mailing list