ALSA: intel8x0: div by zero in snd_intel8x0_update()
Sergey Senozhatsky
senozhatsky at chromium.org
Sun May 16 13:23:21 CEST 2021
On (21/05/16 11:49), Takashi Iwai wrote:
> Subject: [PATCH] ALSA: intel8x0: Don't update period unless prepared
>
> The interrupt handler of intel8x0 calls snd_intel8x0_update() whenever
> the hardware sets the corresponding status bit for each stream. This
> works fine for most cases as long as the hardware behaves properly.
> But when the hardware gives a wrong bit set, this leads to a NULL
> dereference Oops, and reportedly, this seems what happened on a VM.
VM, yes. I didn't see NULL derefs, my VMs crash because of div by
zero in `% size`.
> For fixing the crash, this patch adds a internal flag indicating that
> the stream is ready to be updated, and check it (as well as the flag
> being in suspended) to ignore such spurious update.
I reproduced the "spurious IRQ" case, and the patch handled it correctly
(VM did not crash).
> Cc: <stable at vger.kernel.org>
> Reported-by: Sergey Senozhatsky <senozhatsky at chromium.org>
> Signed-off-by: Takashi Iwai <tiwai at suse.de>
I'll keep running test, but seems that it works as intended
Tested-by: Sergey Senozhatsky <senozhatsky at chromium.org>
More information about the Alsa-devel
mailing list