Re: sound: use-after-free in snd_timer_interrupt

From: Takashi Iwai
Date: Mon Jan 18 2016 - 08:36:49 EST


On Mon, 18 Jan 2016 14:30:13 +0100,
Dmitry Vyukov wrote:
>
> On Mon, Jan 18, 2016 at 2:06 PM, Takashi Iwai <tiwai@xxxxxxx> wrote:
> >> No, unfortunately the hang still happens with the patch:
> >
> > Thanks for testing. I think I understood the problem. We faced a
> > similar issue and moved hrtimer_cancel() in the past. But this wasn't
> > enough, as the start function may be called also in interrupt, too.
> >
> > How about the one below instead?
>
>
> Yes, this fixes the hang. Thanks!
>
> Tested-by: Dmitry Vyukov <dvyukov@xxxxxxxxxx>

Great, I'll queue the fix.
Thanks for patient testing!


Takashi