Re: KASAN: use-after-free Read in device_release_driver_internal

From: Andrey Konovalov
Date: Wed Aug 07 2019 - 09:46:54 EST

Next message: Marc Zyngier: "Re: [PATCH 6/9] KVM: arm64: Provide a PV_TIME device to user space"
Previous message: Andrey Konovalov: "Re: KASAN: use-after-free Read in device_release_driver_internal"
In reply to: Oliver Neukum: "Re: KASAN: use-after-free Read in device_release_driver_internal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 6, 2019 at 5:34 PM Oliver Neukum <oneukum@xxxxxxxx> wrote:
>
> Am Dienstag, den 06.08.2019, 10:19 -0400 schrieb Alan Stern:
> > In any case, I don't know if this missing "get" would cause the
> > problem, but it might well.
>
> Hi,
>
> upon further thought, this should be automated. Checking for
> refcount leaks is KASAN's job. In particular, refcounts
> should not
>
> * decrease in probe()
> * increase in disconnect()
> * change in case probe() fails

It's probably a job for some other refcount debugging tool, but yes,
it would be nice to have a detector for this kind of stuff. It will
probably require some annotations in each place we want this kind of
checks to be performed.

>
> Regards
> Oliver
>

Next message: Marc Zyngier: "Re: [PATCH 6/9] KVM: arm64: Provide a PV_TIME device to user space"
Previous message: Andrey Konovalov: "Re: KASAN: use-after-free Read in device_release_driver_internal"
In reply to: Oliver Neukum: "Re: KASAN: use-after-free Read in device_release_driver_internal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]