Re: KASAN: use-after-free Read in rt_cache_valid

From: syzbot
Date: Sat Mar 23 2019 - 17:10:10 EST


syzbot has bisected this bug to:

commit 6b27e27729270a2478fdebea2db9c4f57bb4e8e6
Author: Colin Ian King <colin.king@xxxxxxxxxxxxx>
Date: Wed Oct 31 19:31:43 2018 +0000

ASoC: stm32: sai: fix less than zero comparison on unsigned int

bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=10c0298b200000
start commit: aa0c38cf Merge branch 'fixes' of git://git.kernel.org/pub/..
git tree: upstream
final crash: https://syzkaller.appspot.com/x/report.txt?x=12c0298b200000
console output: https://syzkaller.appspot.com/x/log.txt?x=14c0298b200000
kernel config: https://syzkaller.appspot.com/x/.config?x=ee434566c893c7b1
dashboard link: https://syzkaller.appspot.com/bug?extid=c4c4b2bb358bb936ad7e
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1197cb88c00000

Reported-by: syzbot+c4c4b2bb358bb936ad7e@xxxxxxxxxxxxxxxxxxxxxxxxx
Fixes: 6b27e2772927 ("ASoC: stm32: sai: fix less than zero comparison on unsigned int")

For information about bisection process see: https://goo.gl/tpsmEJ#bisection