| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Aug 2016 10:52:46 -0400 From: Dave Jones <davej@...emonkey.org.uk> To: Linux Kernel <linux-kernel@...r.kernel.org> Cc: Al Viro <viro@...iv.linux.org.uk> Subject: 4.8-rc1 kasan warning from seq_read Just hit this for the first time (though it looks similar to what I thought was a false alarm around a month ago). I'll see if I can narrow down which proc file it was reading if this is repeatable. [ 3072.688939] BUG: KASAN: slab-out-of-bounds in seq_read+0x658/0x13f0 at addr ffff88043a95c5c3 [ 3072.701997] Read of size 4064 by task trinity-c16/23828 [ 3072.715038] CPU: 0 PID: 23828 Comm: trinity-c16 Not tainted 4.8.0-rc1-think+ #4 [ 3072.728303] 00000000ffffffff 000000009af8b65a ffff8803deac7890 ffffffffb7a93c6d [ 3072.741628] ffff880460c0ec40 ffff88043a95c588 ffff88043a95d6c8 0000000000000839 [ 3072.755030] ffff8803deac78b8 ffffffffb75ab971 ffff8803deac7950 ffff880460c0ec40 [ 3072.768402] Call Trace: [ 3072.781729] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3072.795001] [<ffffffffb75ab971>] kasan_object_err+0x21/0x70 [ 3072.808282] [<ffffffffb75abc02>] kasan_report_error+0x1f2/0x4e0 [ 3072.821542] [<ffffffffb7673fe2>] ? seq_read+0xe2/0x13f0 [ 3072.834883] [<ffffffffb75ac508>] kasan_report+0x58/0x60 [ 3072.848037] [<ffffffffb75a5b00>] ? ___slab_alloc.constprop.69+0x220/0x5c0 [ 3072.861308] [<ffffffffb7674558>] ? seq_read+0x658/0x13f0 [ 3072.874430] [<ffffffffb75aac2b>] check_memory_region+0x13b/0x1a0 [ 3072.887634] [<ffffffffb75aaca1>] kasan_check_read+0x11/0x20 [ 3072.900735] [<ffffffffb7674558>] seq_read+0x658/0x13f0 [ 3072.913889] [<ffffffffb7673f00>] ? seq_hlist_start_percpu+0x230/0x230 [ 3072.927006] [<ffffffffb75f231e>] ? __check_object_size+0xde/0x557 [ 3072.940133] [<ffffffffb7602f59>] ? rw_copy_check_uvector+0x1d9/0x280 [ 3072.953247] [<ffffffffb776676b>] proc_reg_read+0xfb/0x180 [ 3072.966282] [<ffffffffb7673f00>] ? seq_hlist_start_percpu+0x230/0x230 [ 3072.979338] [<ffffffffb75fb147>] do_loop_readv_writev+0x157/0x200 [ 3072.992411] [<ffffffffb7ad21a0>] ? iov_iter_get_pages_alloc+0x840/0x840 [ 3073.005468] [<ffffffffb7766670>] ? proc_reg_write+0x180/0x180 [ 3073.018509] [<ffffffffb7766670>] ? proc_reg_write+0x180/0x180 [ 3073.031392] [<ffffffffb75ff9cf>] do_readv_writev+0x64f/0x740 [ 3073.044263] [<ffffffffb75ff380>] ? vfs_write+0x4a0/0x4a0 [ 3073.057145] [<ffffffffb723cf2f>] ? mark_held_locks+0xcf/0x130 [ 3073.069984] [<ffffffffb723d389>] ? trace_hardirqs_on_caller+0x3f9/0x580 [ 3073.082742] [<ffffffffb8a4fe08>] ? mutex_lock_nested+0x508/0x8d0 [ 3073.095533] [<ffffffffb765ffc7>] ? __fdget_pos+0xa7/0xd0 [ 3073.108318] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3073.121190] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3073.133781] [<ffffffffb765ffc7>] ? __fdget_pos+0xa7/0xd0 [ 3073.146406] [<ffffffffb723d389>] ? trace_hardirqs_on_caller+0x3f9/0x580 [ 3073.158967] [<ffffffffb8a4f900>] ? mutex_lock_interruptible_nested+0x9e0/0x9e0 [ 3073.171630] [<ffffffffb7af766c>] ? debug_smp_processor_id+0x1c/0x20 [ 3073.184267] [<ffffffffb7232afd>] ? get_lock_stats+0x1d/0x90 [ 3073.196830] [<ffffffffb75ffb56>] vfs_readv+0x96/0xd0 [ 3073.209339] [<ffffffffb75ffc7b>] do_readv+0xeb/0x250 [ 3073.221822] [<ffffffffb75ffb90>] ? vfs_readv+0xd0/0xd0 [ 3073.234416] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3073.246937] [<ffffffffb760302c>] SyS_readv+0x2c/0x40 [ 3073.259397] [<ffffffffb70063f3>] do_syscall_64+0x1c3/0x580 [ 3073.271815] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3073.284241] [<ffffffffb8a5a71a>] entry_SYSCALL64_slow_path+0x25/0x25 [ 3073.296604] Object at ffff88043a95c588, in cache kmalloc-4096 size: 4096 [ 3073.308983] Allocated: [ 3073.321371] PID = 1267 [ 3073.333608] [<ffffffffb7078c5b>] save_stack_trace+0x2b/0x50 [ 3073.345960] [<ffffffffb75aad56>] save_stack+0x46/0xd0 [ 3073.358144] [<ffffffffb75aafcd>] kasan_kmalloc+0xad/0xe0 [ 3073.370368] [<ffffffffb75a6907>] __kmalloc+0x177/0x440 [ 3073.382522] [<ffffffffb7671786>] seq_buf_alloc+0x66/0x80 [ 3073.394589] [<ffffffffb7672915>] traverse.isra.7+0x4a5/0x920 [ 3073.406477] [<ffffffffb7674897>] seq_read+0x997/0x13f0 [ 3073.418265] [<ffffffffb776676b>] proc_reg_read+0xfb/0x180 [ 3073.430040] [<ffffffffb75fb147>] do_loop_readv_writev+0x157/0x200 [ 3073.441699] [<ffffffffb75ff9cf>] do_readv_writev+0x64f/0x740 [ 3073.453358] [<ffffffffb75ffb56>] vfs_readv+0x96/0xd0 [ 3073.464982] [<ffffffffb75fff48>] do_preadv+0x168/0x1a0 [ 3073.476547] [<ffffffffb76030b5>] SyS_preadv+0x35/0x40 [ 3073.488026] [<ffffffffb70063f3>] do_syscall_64+0x1c3/0x580 [ 3073.499506] [<ffffffffb8a5a71a>] return_from_SYSCALL_64+0x0/0x7a [ 3073.511008] Freed: [ 3073.522490] PID = 3230 [ 3073.533747] [<ffffffffb7078c5b>] save_stack_trace+0x2b/0x50 [ 3073.545177] [<ffffffffb75aad56>] save_stack+0x46/0xd0 [ 3073.556489] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3073.567685] [<ffffffffb75a7950>] kfree+0xd0/0x330 [ 3073.578772] [<ffffffffb8930b39>] __addrconf_sysctl_unregister.isra.46+0x89/0xb0 [ 3073.589978] [<ffffffffb8930be0>] addrconf_exit_net+0x80/0x100 [ 3073.601165] [<ffffffffb862b673>] ops_exit_list.isra.4+0xb3/0x160 [ 3073.612428] [<ffffffffb862e5e7>] cleanup_net+0x327/0x5f0 [ 3073.623607] [<ffffffffb7185f01>] process_one_work+0x7c1/0x1650 [ 3073.634779] [<ffffffffb7186e70>] worker_thread+0xe0/0xfc0 [ 3073.645860] [<ffffffffb7196b92>] kthread+0x252/0x2e0 [ 3073.656957] [<ffffffffb8a5a87f>] ret_from_fork+0x1f/0x40 [ 3073.667999] Memory state around the buggy address: [ 3073.679018] ffff88043a95d480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3073.690114] ffff88043a95d500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3073.701081] >ffff88043a95d580: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 3073.712041] ^ [ 3073.722912] ffff88043a95d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 3073.733802] ffff88043a95d680: fc fc fc fc fc fc fc fc fc fc fc fc fc 00 00 00 [ 3073.744667] ================================================================== [ 3073.755514] Disabling lock debugging due to kernel taint [ 3073.779499] usercopy: kernel memory exposure attempt detected from ffff88043a95c5c3 (kmalloc-4096) (4064 bytes) [ 3073.794731] ------------[ cut here ]------------ [ 3073.805856] kernel BUG at mm/usercopy.c:75! [ 3073.816711] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC KASAN [ 3073.827511] CPU: 1 PID: 23828 Comm: trinity-c16 Tainted: G B 4.8.0-rc1-think+ #4 [ 3073.849407] task: ffff880444b93840 task.stack: ffff8803deac0000 [ 3073.860239] RIP: 0010:[<ffffffffb75f22d5>] [<ffffffffb75f22d5>] __check_object_size+0x95/0x557 [ 3073.871167] RSP: 0018:ffff8803deac7970 EFLAGS: 00010282 [ 3073.881898] RAX: 0000000000000063 RBX: ffff88043a95c5c3 RCX: 0000000000000000 [ 3073.892701] RDX: 0000000000000000 RSI: ffffffffb8c908e0 RDI: ffff880444b940ec [ 3073.903559] RBP: ffff8803deac79b0 R08: 0000000000000001 R09: 0000000000000001 [ 3073.914278] R10: 0000000000001160 R11: ffffed0089185031 R12: ffffffffb916801c [ 3073.924979] R13: 0000000000000fe0 R14: ffffffffb8cf7e20 R15: ffffffffb8cf7de0 [ 3073.935744] FS: 00007fc7f6fe6700(0000) GS:ffff880464200000(0000) knlGS:0000000000000000 [ 3073.946379] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3073.956928] CR2: 00007fc7f6fe69d0 CR3: 000000044d072000 CR4: 00000000001406e0 [ 3073.967428] DR0: 00007f16d9200000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3073.977830] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 3073.988082] Stack: [ 3073.998121] 0000000000000839 ffffea0010ea5601 ffff88043a95d5a3 ffff8803cc4f57c8 [ 3074.008303] ffff8803cc4f57d8 ffff88043a95c5c3 0000000000000839 0000000000000fe0 [ 3074.018561] ffff8803deac7b18 ffffffffb7674579 000000000000011e 000000000086dddf [ 3074.028747] Call Trace: [ 3074.038761] [<ffffffffb7674579>] seq_read+0x679/0x13f0 [ 3074.048868] [<ffffffffb7673f00>] ? seq_hlist_start_percpu+0x230/0x230 [ 3074.059039] [<ffffffffb75f231e>] ? __check_object_size+0xde/0x557 [ 3074.069226] [<ffffffffb7602f59>] ? rw_copy_check_uvector+0x1d9/0x280 [ 3074.079512] [<ffffffffb776676b>] proc_reg_read+0xfb/0x180 [ 3074.089725] [<ffffffffb7673f00>] ? seq_hlist_start_percpu+0x230/0x230 [ 3074.099982] [<ffffffffb75fb147>] do_loop_readv_writev+0x157/0x200 [ 3074.110265] [<ffffffffb7ad21a0>] ? iov_iter_get_pages_alloc+0x840/0x840 [ 3074.120546] [<ffffffffb7766670>] ? proc_reg_write+0x180/0x180 [ 3074.130771] [<ffffffffb7766670>] ? proc_reg_write+0x180/0x180 [ 3074.140922] [<ffffffffb75ff9cf>] do_readv_writev+0x64f/0x740 [ 3074.151052] [<ffffffffb75ff380>] ? vfs_write+0x4a0/0x4a0 [ 3074.161141] [<ffffffffb723cf2f>] ? mark_held_locks+0xcf/0x130 [ 3074.171251] [<ffffffffb723d389>] ? trace_hardirqs_on_caller+0x3f9/0x580 [ 3074.181385] [<ffffffffb8a4fe08>] ? mutex_lock_nested+0x508/0x8d0 [ 3074.191454] [<ffffffffb765ffc7>] ? __fdget_pos+0xa7/0xd0 [ 3074.201523] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3074.211639] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3074.221746] [<ffffffffb765ffc7>] ? __fdget_pos+0xa7/0xd0 [ 3074.231810] [<ffffffffb723d389>] ? trace_hardirqs_on_caller+0x3f9/0x580 [ 3074.241940] [<ffffffffb8a4f900>] ? mutex_lock_interruptible_nested+0x9e0/0x9e0 [ 3074.252137] [<ffffffffb7af766c>] ? debug_smp_processor_id+0x1c/0x20 [ 3074.262313] [<ffffffffb7232afd>] ? get_lock_stats+0x1d/0x90 [ 3074.272518] [<ffffffffb75ffb56>] vfs_readv+0x96/0xd0 [ 3074.282630] [<ffffffffb75ffc7b>] do_readv+0xeb/0x250 [ 3074.292698] [<ffffffffb75ffb90>] ? vfs_readv+0xd0/0xd0 [ 3074.302892] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3074.313042] [<ffffffffb760302c>] SyS_readv+0x2c/0x40 [ 3074.323167] [<ffffffffb70063f3>] do_syscall_64+0x1c3/0x580 [ 3074.333273] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3074.343344] [<ffffffffb8a5a71a>] entry_SYSCALL64_slow_path+0x25/0x25 [ 3074.353424] Code: 7e cf b8 4c 0f 44 fa 4c 0f 44 f6 e8 36 bb d5 ff 4d 89 e9 4d 89 e0 48 89 d9 4c 89 fa 4c 89 f6 48 c7 c7 20 7f cf b8 e8 ff 7d e9 ff <0f> 0b e8 14 bb d5 ff 4c 89 e2 4c 89 ee 48 89 df e8 a6 75 fb ff [ 3074.374530] RIP [<ffffffffb75f22d5>] __check_object_size+0x95/0x557 [ 3074.384963] RSP <ffff8803deac7970> [ 3104.585833] ---[ end trace e2f9e9f6b0d0c7d3 ]--- [ 3104.596787] ================================================================== [ 3104.607560] BUG: KASAN: stack-out-of-bounds in memcmp+0x137/0x150 at addr ffff8803deac77a8 [ 3104.618386] Read of size 1 by task trinity-c16/23828 [ 3104.629231] page:ffffea000f7ab1c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 3104.640193] flags: 0x8000000000000000() [ 3104.651016] page dumped because: kasan: bad access detected [ 3104.661951] CPU: 3 PID: 23828 Comm: trinity-c16 Tainted: G B D 4.8.0-rc1-think+ #4 [ 3104.684243] 00000000ffffffff 000000009af8b65a ffff8803deac7608 ffffffffb7a93c6d [ 3104.695612] ffff8803deac76a0 ffff8803deac77a8 0000000000000002 ffff8803deac7808 [ 3104.707063] ffff8803deac7690 ffffffffb75abec7 0000000000000000 ffff880444b93840 [ 3104.718472] Call Trace: [ 3104.729811] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3104.741294] [<ffffffffb75abec7>] kasan_report_error+0x4b7/0x4e0 [ 3104.752754] [<ffffffffb738aa85>] ? is_ftrace_trampoline+0xe5/0x120 [ 3104.764223] [<ffffffffb75abf51>] __asan_report_load1_noabort+0x61/0x70 [ 3104.775713] [<ffffffffb7ab1727>] ? memcmp+0x137/0x150 [ 3104.787189] [<ffffffffb7ab1727>] memcmp+0x137/0x150 [ 3104.798629] [<ffffffffb7b39375>] depot_save_stack+0x185/0x5f0 [ 3104.810152] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3104.821679] [<ffffffffb75aadc1>] save_stack+0xb1/0xd0 [ 3104.833170] [<ffffffffb7078c5b>] ? save_stack_trace+0x2b/0x50 [ 3104.844613] [<ffffffffb75aad56>] ? save_stack+0x46/0xd0 [ 3104.856100] [<ffffffffb75ab583>] ? kasan_slab_free+0x73/0xc0 [ 3104.867560] [<ffffffffb75a7185>] ? kmem_cache_free+0x95/0x380 [ 3104.878981] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3104.890446] [<ffffffffb75b9bc2>] ? zap_huge_pmd+0x482/0x830 [ 3104.901866] [<ffffffffb7535890>] ? unmap_page_range+0x1210/0x16c0 [ 3104.913306] [<ffffffffb7535e46>] ? unmap_single_vma+0x106/0x270 [ 3104.924699] [<ffffffffb75367d6>] ? unmap_vmas+0xf6/0x1b0 [ 3104.936043] [<ffffffffb754f439>] ? exit_mmap+0x1f9/0x3f0 [ 3104.947323] [<ffffffffb7126a20>] ? mmput+0x100/0x2d0 [ 3104.958605] [<ffffffffb713be8d>] ? do_exit+0x6fd/0x2ba0 [ 3104.969859] [<ffffffffb8a5c797>] ? rewind_stack_do_exit+0x17/0x20 [ 3104.981162] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3104.992530] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3105.003804] [<ffffffffb74c5388>] ? release_pages+0x328/0x9a0 [ 3105.015004] [<ffffffffb7ac9356>] ? debug_locks_off+0x86/0xa0 [ 3105.026299] [<ffffffffb8a59b38>] ? _raw_spin_lock_irqsave+0x78/0x90 [ 3105.037556] [<ffffffffb75c1bdf>] ? deferred_split_huge_page+0xbf/0x190 [ 3105.048829] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3105.060061] [<ffffffffb75a7185>] kmem_cache_free+0x95/0x380 [ 3105.071299] [<ffffffffb754190d>] ptlock_free+0x3d/0x50 [ 3105.082480] [<ffffffffb75b9bc2>] zap_huge_pmd+0x482/0x830 [ 3105.093567] [<ffffffffb7535890>] unmap_page_range+0x1210/0x16c0 [ 3105.104556] [<ffffffffb7534680>] ? vm_normal_page_pmd+0x230/0x230 [ 3105.115409] [<ffffffffb7535e46>] unmap_single_vma+0x106/0x270 [ 3105.126295] [<ffffffffb75367d6>] unmap_vmas+0xf6/0x1b0 [ 3105.137055] [<ffffffffb754f439>] exit_mmap+0x1f9/0x3f0 [ 3105.147670] [<ffffffffb754f240>] ? SyS_munmap+0xb0/0xb0 [ 3105.158153] [<ffffffffb723d51d>] ? trace_hardirqs_on+0xd/0x10 [ 3105.168545] [<ffffffffb7126a20>] mmput+0x100/0x2d0 [ 3105.178829] [<ffffffffb713be8d>] do_exit+0x6fd/0x2ba0 [ 3105.189022] [<ffffffffb713b790>] ? mm_update_next_owner+0x640/0x640 [ 3105.199238] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3105.209461] [<ffffffffb760302c>] ? SyS_readv+0x2c/0x40 [ 3105.219575] [<ffffffffb70063f3>] ? do_syscall_64+0x1c3/0x580 [ 3105.229669] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3105.239817] [<ffffffffb8a5c797>] rewind_stack_do_exit+0x17/0x20 [ 3105.249882] Memory state around the buggy address: [ 3105.259937] ffff8803deac7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3105.270029] ffff8803deac7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3105.280085] >ffff8803deac7780: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 3105.290122] ^ [ 3105.300011] ffff8803deac7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3105.310004] ffff8803deac7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3105.319857] ================================================================== [ 3105.329896] ================================================================== [ 3105.339772] BUG: KASAN: stack-out-of-bounds in memcmp+0xe9/0x150 at addr ffff8803deac77a9 [ 3105.349676] Read of size 1 by task trinity-c16/23828 [ 3105.359579] page:ffffea000f7ab1c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 3105.369577] flags: 0x8000000000000000() [ 3105.379515] page dumped because: kasan: bad access detected [ 3105.389515] CPU: 3 PID: 23828 Comm: trinity-c16 Tainted: G B D 4.8.0-rc1-think+ #4 [ 3105.409863] 00000000ffffffff 000000009af8b65a ffff8803deac7608 ffffffffb7a93c6d [ 3105.420213] ffff8803deac76a0 ffff8803deac77a9 ffff8803deac7810 ffff8803deac7808 [ 3105.430559] ffff8803deac7690 ffffffffb75abec7 0000000000000010 ffff880400000000 [ 3105.440986] Call Trace: [ 3105.451347] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3105.461810] [<ffffffffb75abec7>] kasan_report_error+0x4b7/0x4e0 [ 3105.472345] [<ffffffffb75abf51>] __asan_report_load1_noabort+0x61/0x70 [ 3105.482830] [<ffffffffb7ab16d9>] ? memcmp+0xe9/0x150 [ 3105.493325] [<ffffffffb7ab16d9>] memcmp+0xe9/0x150 [ 3105.503738] [<ffffffffb7b39375>] depot_save_stack+0x185/0x5f0 [ 3105.514173] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3105.524685] [<ffffffffb75aadc1>] save_stack+0xb1/0xd0 [ 3105.535143] [<ffffffffb7078c5b>] ? save_stack_trace+0x2b/0x50 [ 3105.545604] [<ffffffffb75aad56>] ? save_stack+0x46/0xd0 [ 3105.555993] [<ffffffffb75ab583>] ? kasan_slab_free+0x73/0xc0 [ 3105.566374] [<ffffffffb75a7185>] ? kmem_cache_free+0x95/0x380 [ 3105.576707] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3105.586993] [<ffffffffb75b9bc2>] ? zap_huge_pmd+0x482/0x830 [ 3105.597334] [<ffffffffb7535890>] ? unmap_page_range+0x1210/0x16c0 [ 3105.607710] [<ffffffffb7535e46>] ? unmap_single_vma+0x106/0x270 [ 3105.618023] [<ffffffffb75367d6>] ? unmap_vmas+0xf6/0x1b0 [ 3105.628333] [<ffffffffb754f439>] ? exit_mmap+0x1f9/0x3f0 [ 3105.638628] [<ffffffffb7126a20>] ? mmput+0x100/0x2d0 [ 3105.648857] [<ffffffffb713be8d>] ? do_exit+0x6fd/0x2ba0 [ 3105.659063] [<ffffffffb8a5c797>] ? rewind_stack_do_exit+0x17/0x20 [ 3105.669181] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3105.679237] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3105.689111] [<ffffffffb74c5388>] ? release_pages+0x328/0x9a0 [ 3105.698934] [<ffffffffb7ac9356>] ? debug_locks_off+0x86/0xa0 [ 3105.708785] [<ffffffffb8a59b38>] ? _raw_spin_lock_irqsave+0x78/0x90 [ 3105.718574] [<ffffffffb75c1bdf>] ? deferred_split_huge_page+0xbf/0x190 [ 3105.728312] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3105.737909] [<ffffffffb75a7185>] kmem_cache_free+0x95/0x380 [ 3105.747421] [<ffffffffb754190d>] ptlock_free+0x3d/0x50 [ 3105.756862] [<ffffffffb75b9bc2>] zap_huge_pmd+0x482/0x830 [ 3105.766274] [<ffffffffb7535890>] unmap_page_range+0x1210/0x16c0 [ 3105.775595] [<ffffffffb7534680>] ? vm_normal_page_pmd+0x230/0x230 [ 3105.784777] [<ffffffffb7535e46>] unmap_single_vma+0x106/0x270 [ 3105.793869] [<ffffffffb75367d6>] unmap_vmas+0xf6/0x1b0 [ 3105.802903] [<ffffffffb754f439>] exit_mmap+0x1f9/0x3f0 [ 3105.811923] [<ffffffffb754f240>] ? SyS_munmap+0xb0/0xb0 [ 3105.820849] [<ffffffffb723d51d>] ? trace_hardirqs_on+0xd/0x10 [ 3105.829785] [<ffffffffb7126a20>] mmput+0x100/0x2d0 [ 3105.838681] [<ffffffffb713be8d>] do_exit+0x6fd/0x2ba0 [ 3105.847533] [<ffffffffb713b790>] ? mm_update_next_owner+0x640/0x640 [ 3105.856442] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3105.865314] [<ffffffffb760302c>] ? SyS_readv+0x2c/0x40 [ 3105.874207] [<ffffffffb70063f3>] ? do_syscall_64+0x1c3/0x580 [ 3105.883076] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3105.892012] [<ffffffffb8a5c797>] rewind_stack_do_exit+0x17/0x20 [ 3105.900928] Memory state around the buggy address: [ 3105.909885] ffff8803deac7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3105.918966] ffff8803deac7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3105.928020] >ffff8803deac7780: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 3105.937027] ^ [ 3105.946015] ffff8803deac7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3105.955089] ffff8803deac7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3105.964099] ================================================================== [ 3105.973278] ================================================================== [ 3105.982403] BUG: KASAN: stack-out-of-bounds in memcmp+0xe9/0x150 at addr ffff8803deac77aa [ 3105.991588] Read of size 1 by task trinity-c16/23828 [ 3106.000785] page:ffffea000f7ab1c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 3106.010181] flags: 0x8000000000000000() [ 3106.019465] page dumped because: kasan: bad access detected [ 3106.028808] CPU: 3 PID: 23828 Comm: trinity-c16 Tainted: G B D 4.8.0-rc1-think+ #4 [ 3106.048015] 00000000ffffffff 000000009af8b65a ffff8803deac7608 ffffffffb7a93c6d [ 3106.057852] ffff8803deac76a0 ffff8803deac77aa ffff8803deac7810 ffff8803deac7808 [ 3106.067677] ffff8803deac7690 ffffffffb75abec7 0000000000000010 ffff880400000000 [ 3106.077512] Call Trace: [ 3106.087231] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3106.097021] [<ffffffffb75abec7>] kasan_report_error+0x4b7/0x4e0 [ 3106.106890] [<ffffffffb75abf51>] __asan_report_load1_noabort+0x61/0x70 [ 3106.116781] [<ffffffffb7ab16d9>] ? memcmp+0xe9/0x150 [ 3106.126681] [<ffffffffb7ab16d9>] memcmp+0xe9/0x150 [ 3106.136508] [<ffffffffb7b39375>] depot_save_stack+0x185/0x5f0 [ 3106.146354] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3106.156216] [<ffffffffb75aadc1>] save_stack+0xb1/0xd0 [ 3106.166067] [<ffffffffb7078c5b>] ? save_stack_trace+0x2b/0x50 [ 3106.176003] [<ffffffffb75aad56>] ? save_stack+0x46/0xd0 [ 3106.185878] [<ffffffffb75ab583>] ? kasan_slab_free+0x73/0xc0 [ 3106.195743] [<ffffffffb75a7185>] ? kmem_cache_free+0x95/0x380 [ 3106.205590] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3106.215437] [<ffffffffb75b9bc2>] ? zap_huge_pmd+0x482/0x830 [ 3106.225289] [<ffffffffb7535890>] ? unmap_page_range+0x1210/0x16c0 [ 3106.235116] [<ffffffffb7535e46>] ? unmap_single_vma+0x106/0x270 [ 3106.244931] [<ffffffffb75367d6>] ? unmap_vmas+0xf6/0x1b0 [ 3106.254710] [<ffffffffb754f439>] ? exit_mmap+0x1f9/0x3f0 [ 3106.264460] [<ffffffffb7126a20>] ? mmput+0x100/0x2d0 [ 3106.274145] [<ffffffffb713be8d>] ? do_exit+0x6fd/0x2ba0 [ 3106.283753] [<ffffffffb8a5c797>] ? rewind_stack_do_exit+0x17/0x20 [ 3106.293486] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3106.303297] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3106.313001] [<ffffffffb74c5388>] ? release_pages+0x328/0x9a0 [ 3106.322644] [<ffffffffb7ac9356>] ? debug_locks_off+0x86/0xa0 [ 3106.332344] [<ffffffffb8a59b38>] ? _raw_spin_lock_irqsave+0x78/0x90 [ 3106.342121] [<ffffffffb75c1bdf>] ? deferred_split_huge_page+0xbf/0x190 [ 3106.351869] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3106.361530] [<ffffffffb75a7185>] kmem_cache_free+0x95/0x380 [ 3106.371051] [<ffffffffb754190d>] ptlock_free+0x3d/0x50 [ 3106.380551] [<ffffffffb75b9bc2>] zap_huge_pmd+0x482/0x830 [ 3106.389968] [<ffffffffb7535890>] unmap_page_range+0x1210/0x16c0 [ 3106.399371] [<ffffffffb7534680>] ? vm_normal_page_pmd+0x230/0x230 [ 3106.408680] [<ffffffffb7535e46>] unmap_single_vma+0x106/0x270 [ 3106.417807] [<ffffffffb75367d6>] unmap_vmas+0xf6/0x1b0 [ 3106.426840] [<ffffffffb754f439>] exit_mmap+0x1f9/0x3f0 [ 3106.435829] [<ffffffffb754f240>] ? SyS_munmap+0xb0/0xb0 [ 3106.444823] [<ffffffffb723d51d>] ? trace_hardirqs_on+0xd/0x10 [ 3106.453729] [<ffffffffb7126a20>] mmput+0x100/0x2d0 [ 3106.462622] [<ffffffffb713be8d>] do_exit+0x6fd/0x2ba0 [ 3106.471467] [<ffffffffb713b790>] ? mm_update_next_owner+0x640/0x640 [ 3106.480373] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3106.489247] [<ffffffffb760302c>] ? SyS_readv+0x2c/0x40 [ 3106.498106] [<ffffffffb70063f3>] ? do_syscall_64+0x1c3/0x580 [ 3106.507004] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3106.515900] [<ffffffffb8a5c797>] rewind_stack_do_exit+0x17/0x20 [ 3106.524835] Memory state around the buggy address: [ 3106.533747] ffff8803deac7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3106.542809] ffff8803deac7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3106.551804] >ffff8803deac7780: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 3106.560814] ^ [ 3106.569779] ffff8803deac7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3106.578874] ffff8803deac7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3106.587860] ================================================================== [ 3106.597952] ================================================================== [ 3106.606999] BUG: KASAN: stack-out-of-bounds in memcmp+0xe9/0x150 at addr ffff8803deac77ab [ 3106.616180] Read of size 1 by task trinity-c16/23828 [ 3106.625405] page:ffffea000f7ab1c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 3106.634741] flags: 0x8000000000000000() [ 3106.644042] page dumped because: kasan: bad access detected [ 3106.653364] CPU: 3 PID: 23828 Comm: trinity-c16 Tainted: G B D 4.8.0-rc1-think+ #4 [ 3106.672590] 00000000ffffffff 000000009af8b65a ffff8803deac7608 ffffffffb7a93c6d [ 3106.682385] ffff8803deac76a0 ffff8803deac77ab ffff8803deac7810 ffff8803deac7808 [ 3106.692263] ffff8803deac7690 ffffffffb75abec7 0000000000000010 ffff880400000000 [ 3106.702062] Call Trace: [ 3106.711818] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3106.721661] [<ffffffffb75abec7>] kasan_report_error+0x4b7/0x4e0 [ 3106.731540] [<ffffffffb75abf51>] __asan_report_load1_noabort+0x61/0x70 [ 3106.741462] [<ffffffffb7ab16d9>] ? memcmp+0xe9/0x150 [ 3106.751360] [<ffffffffb7ab16d9>] memcmp+0xe9/0x150 [ 3106.761239] [<ffffffffb7b39375>] depot_save_stack+0x185/0x5f0 [ 3106.771085] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3106.780956] [<ffffffffb75aadc1>] save_stack+0xb1/0xd0 [ 3106.790860] [<ffffffffb7078c5b>] ? save_stack_trace+0x2b/0x50 [ 3106.800785] [<ffffffffb75aad56>] ? save_stack+0x46/0xd0 [ 3106.810716] [<ffffffffb75ab583>] ? kasan_slab_free+0x73/0xc0 [ 3106.820598] [<ffffffffb75a7185>] ? kmem_cache_free+0x95/0x380 [ 3106.830493] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3106.840308] [<ffffffffb75b9bc2>] ? zap_huge_pmd+0x482/0x830 [ 3106.850114] [<ffffffffb7535890>] ? unmap_page_range+0x1210/0x16c0 [ 3106.859957] [<ffffffffb7535e46>] ? unmap_single_vma+0x106/0x270 [ 3106.869769] [<ffffffffb75367d6>] ? unmap_vmas+0xf6/0x1b0 [ 3106.879564] [<ffffffffb754f439>] ? exit_mmap+0x1f9/0x3f0 [ 3106.889291] [<ffffffffb7126a20>] ? mmput+0x100/0x2d0 [ 3106.898931] [<ffffffffb713be8d>] ? do_exit+0x6fd/0x2ba0 [ 3106.908565] [<ffffffffb8a5c797>] ? rewind_stack_do_exit+0x17/0x20 [ 3106.918278] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3106.928071] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3106.937784] [<ffffffffb74c5388>] ? release_pages+0x328/0x9a0 [ 3106.947496] [<ffffffffb7ac9356>] ? debug_locks_off+0x86/0xa0 [ 3106.957193] [<ffffffffb8a59b38>] ? _raw_spin_lock_irqsave+0x78/0x90 [ 3106.966817] [<ffffffffb75c1bdf>] ? deferred_split_huge_page+0xbf/0x190 [ 3106.976572] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3106.986159] [<ffffffffb75a7185>] kmem_cache_free+0x95/0x380 [ 3106.995725] [<ffffffffb754190d>] ptlock_free+0x3d/0x50 [ 3107.005148] [<ffffffffb75b9bc2>] zap_huge_pmd+0x482/0x830 [ 3107.014546] [<ffffffffb7535890>] unmap_page_range+0x1210/0x16c0 [ 3107.023940] [<ffffffffb7534680>] ? vm_normal_page_pmd+0x230/0x230 [ 3107.033184] [<ffffffffb7535e46>] unmap_single_vma+0x106/0x270 [ 3107.042336] [<ffffffffb75367d6>] unmap_vmas+0xf6/0x1b0 [ 3107.051329] [<ffffffffb754f439>] exit_mmap+0x1f9/0x3f0 [ 3107.060306] [<ffffffffb754f240>] ? SyS_munmap+0xb0/0xb0 [ 3107.069263] [<ffffffffb723d51d>] ? trace_hardirqs_on+0xd/0x10 [ 3107.078171] [<ffffffffb7126a20>] mmput+0x100/0x2d0 [ 3107.087047] [<ffffffffb713be8d>] do_exit+0x6fd/0x2ba0 [ 3107.095899] [<ffffffffb713b790>] ? mm_update_next_owner+0x640/0x640 [ 3107.104753] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3107.113627] [<ffffffffb760302c>] ? SyS_readv+0x2c/0x40 [ 3107.122477] [<ffffffffb70063f3>] ? do_syscall_64+0x1c3/0x580 [ 3107.131371] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3107.140284] [<ffffffffb8a5c797>] rewind_stack_do_exit+0x17/0x20 [ 3107.149175] Memory state around the buggy address: [ 3107.158152] ffff8803deac7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3107.167221] ffff8803deac7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3107.176257] >ffff8803deac7780: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 3107.185223] ^ [ 3107.194199] ffff8803deac7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3107.203288] ffff8803deac7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3107.212297] ================================================================== [ 3107.221687] ================================================================== [ 3107.230850] BUG: KASAN: stack-out-of-bounds in memcmp+0xe9/0x150 at addr ffff8803deac77ac [ 3107.240013] Read of size 1 by task trinity-c16/23828 [ 3107.249197] page:ffffea000f7ab1c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 3107.258569] flags: 0x8000000000000000() [ 3107.267842] page dumped because: kasan: bad access detected [ 3107.277199] CPU: 3 PID: 23828 Comm: trinity-c16 Tainted: G B D 4.8.0-rc1-think+ #4 [ 3107.296445] 00000000ffffffff 000000009af8b65a ffff8803deac7608 ffffffffb7a93c6d [ 3107.306271] ffff8803deac76a0 ffff8803deac77ac ffff8803deac7810 ffff8803deac7808 [ 3107.316074] ffff8803deac7690 ffffffffb75abec7 0000000000000010 ffff880400000000 [ 3107.325908] Call Trace: [ 3107.335764] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3107.345619] [<ffffffffb75abec7>] kasan_report_error+0x4b7/0x4e0 [ 3107.355476] [<ffffffffb75abf51>] __asan_report_load1_noabort+0x61/0x70 [ 3107.365383] [<ffffffffb7ab16d9>] ? memcmp+0xe9/0x150 [ 3107.375316] [<ffffffffb7ab16d9>] memcmp+0xe9/0x150 [ 3107.385166] [<ffffffffb7b39375>] depot_save_stack+0x185/0x5f0 [ 3107.395054] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3107.404919] [<ffffffffb75aadc1>] save_stack+0xb1/0xd0 [ 3107.414814] [<ffffffffb7078c5b>] ? save_stack_trace+0x2b/0x50 [ 3107.424735] [<ffffffffb75aad56>] ? save_stack+0x46/0xd0 [ 3107.434615] [<ffffffffb75ab583>] ? kasan_slab_free+0x73/0xc0 [ 3107.444528] [<ffffffffb75a7185>] ? kmem_cache_free+0x95/0x380 [ 3107.454371] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3107.464217] [<ffffffffb75b9bc2>] ? zap_huge_pmd+0x482/0x830 [ 3107.474043] [<ffffffffb7535890>] ? unmap_page_range+0x1210/0x16c0 [ 3107.483885] [<ffffffffb7535e46>] ? unmap_single_vma+0x106/0x270 [ 3107.493751] [<ffffffffb75367d6>] ? unmap_vmas+0xf6/0x1b0 [ 3107.503535] [<ffffffffb754f439>] ? exit_mmap+0x1f9/0x3f0 [ 3107.513311] [<ffffffffb7126a20>] ? mmput+0x100/0x2d0 [ 3107.522983] [<ffffffffb713be8d>] ? do_exit+0x6fd/0x2ba0 [ 3107.532605] [<ffffffffb8a5c797>] ? rewind_stack_do_exit+0x17/0x20 [ 3107.542338] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3107.552149] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3107.561896] [<ffffffffb74c5388>] ? release_pages+0x328/0x9a0 [ 3107.571565] [<ffffffffb7ac9356>] ? debug_locks_off+0x86/0xa0 [ 3107.581264] [<ffffffffb8a59b38>] ? _raw_spin_lock_irqsave+0x78/0x90 [ 3107.590945] [<ffffffffb75c1bdf>] ? deferred_split_huge_page+0xbf/0x190 [ 3107.600720] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3107.610390] [<ffffffffb75a7185>] kmem_cache_free+0x95/0x380 [ 3107.619932] [<ffffffffb754190d>] ptlock_free+0x3d/0x50 [ 3107.629431] [<ffffffffb75b9bc2>] zap_huge_pmd+0x482/0x830 [ 3107.638835] [<ffffffffb7535890>] unmap_page_range+0x1210/0x16c0 [ 3107.648265] [<ffffffffb7534680>] ? vm_normal_page_pmd+0x230/0x230 [ 3107.657559] [<ffffffffb7535e46>] unmap_single_vma+0x106/0x270 [ 3107.666704] [<ffffffffb75367d6>] unmap_vmas+0xf6/0x1b0 [ 3107.675732] [<ffffffffb754f439>] exit_mmap+0x1f9/0x3f0 [ 3107.684700] [<ffffffffb754f240>] ? SyS_munmap+0xb0/0xb0 [ 3107.693669] [<ffffffffb723d51d>] ? trace_hardirqs_on+0xd/0x10 [ 3107.702536] [<ffffffffb7126a20>] mmput+0x100/0x2d0 [ 3107.711449] [<ffffffffb713be8d>] do_exit+0x6fd/0x2ba0 [ 3107.720308] [<ffffffffb713b790>] ? mm_update_next_owner+0x640/0x640 [ 3107.729168] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3107.738028] [<ffffffffb760302c>] ? SyS_readv+0x2c/0x40 [ 3107.746895] [<ffffffffb70063f3>] ? do_syscall_64+0x1c3/0x580 [ 3107.755761] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3107.764677] [<ffffffffb8a5c797>] rewind_stack_do_exit+0x17/0x20 [ 3107.773583] Memory state around the buggy address: [ 3107.782505] ffff8803deac7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3107.791600] ffff8803deac7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3107.800604] >ffff8803deac7780: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 3107.809601] ^ [ 3107.818555] ffff8803deac7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3107.827651] ffff8803deac7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3107.836644] ================================================================== [ 3107.846917] ================================================================== [ 3107.856034] BUG: KASAN: stack-out-of-bounds in memcmp+0xe9/0x150 at addr ffff8803deac77ad [ 3107.865222] Read of size 1 by task trinity-c16/23828 [ 3107.874428] page:ffffea000f7ab1c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 3107.883773] flags: 0x8000000000000000() [ 3107.893090] page dumped because: kasan: bad access detected [ 3107.902443] CPU: 3 PID: 23828 Comm: trinity-c16 Tainted: G B D 4.8.0-rc1-think+ #4 [ 3107.921690] 00000000ffffffff 000000009af8b65a ffff8803deac7608 ffffffffb7a93c6d [ 3107.931524] ffff8803deac76a0 ffff8803deac77ad ffff8803deac7810 ffff8803deac7808 [ 3107.941360] ffff8803deac7690 ffffffffb75abec7 0000000000000010 ffff880400000000 [ 3107.951175] Call Trace: [ 3107.960926] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3107.970777] [<ffffffffb75abec7>] kasan_report_error+0x4b7/0x4e0 [ 3107.980691] [<ffffffffb75abf51>] __asan_report_load1_noabort+0x61/0x70 [ 3107.990607] [<ffffffffb7ab16d9>] ? memcmp+0xe9/0x150 [ 3108.000479] [<ffffffffb7ab16d9>] memcmp+0xe9/0x150 [ 3108.010363] [<ffffffffb7b39375>] depot_save_stack+0x185/0x5f0 [ 3108.020221] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3108.030129] [<ffffffffb75aadc1>] save_stack+0xb1/0xd0 [ 3108.039999] [<ffffffffb7078c5b>] ? save_stack_trace+0x2b/0x50 [ 3108.049910] [<ffffffffb75aad56>] ? save_stack+0x46/0xd0 [ 3108.059819] [<ffffffffb75ab583>] ? kasan_slab_free+0x73/0xc0 [ 3108.069701] [<ffffffffb75a7185>] ? kmem_cache_free+0x95/0x380 [ 3108.079559] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3108.089377] [<ffffffffb75b9bc2>] ? zap_huge_pmd+0x482/0x830 [ 3108.099195] [<ffffffffb7535890>] ? unmap_page_range+0x1210/0x16c0 [ 3108.109040] [<ffffffffb7535e46>] ? unmap_single_vma+0x106/0x270 [ 3108.118856] [<ffffffffb75367d6>] ? unmap_vmas+0xf6/0x1b0 [ 3108.128665] [<ffffffffb754f439>] ? exit_mmap+0x1f9/0x3f0 [ 3108.138399] [<ffffffffb7126a20>] ? mmput+0x100/0x2d0 [ 3108.148088] [<ffffffffb713be8d>] ? do_exit+0x6fd/0x2ba0 [ 3108.157691] [<ffffffffb8a5c797>] ? rewind_stack_do_exit+0x17/0x20 [ 3108.167387] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3108.177207] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3108.186917] [<ffffffffb74c5388>] ? release_pages+0x328/0x9a0 [ 3108.196597] [<ffffffffb7ac9356>] ? debug_locks_off+0x86/0xa0 [ 3108.206261] [<ffffffffb8a59b38>] ? _raw_spin_lock_irqsave+0x78/0x90 [ 3108.215933] [<ffffffffb75c1bdf>] ? deferred_split_huge_page+0xbf/0x190 [ 3108.225691] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3108.235352] [<ffffffffb75a7185>] kmem_cache_free+0x95/0x380 [ 3108.244901] [<ffffffffb754190d>] ptlock_free+0x3d/0x50 [ 3108.254379] [<ffffffffb75b9bc2>] zap_huge_pmd+0x482/0x830 [ 3108.263803] [<ffffffffb7535890>] unmap_page_range+0x1210/0x16c0 [ 3108.273166] [<ffffffffb7534680>] ? vm_normal_page_pmd+0x230/0x230 [ 3108.282449] [<ffffffffb7535e46>] unmap_single_vma+0x106/0x270 [ 3108.291553] [<ffffffffb75367d6>] unmap_vmas+0xf6/0x1b0 [ 3108.300540] [<ffffffffb754f439>] exit_mmap+0x1f9/0x3f0 [ 3108.309544] [<ffffffffb754f240>] ? SyS_munmap+0xb0/0xb0 [ 3108.318463] [<ffffffffb723d51d>] ? trace_hardirqs_on+0xd/0x10 [ 3108.327362] [<ffffffffb7126a20>] mmput+0x100/0x2d0 [ 3108.336195] [<ffffffffb713be8d>] do_exit+0x6fd/0x2ba0 [ 3108.345038] [<ffffffffb713b790>] ? mm_update_next_owner+0x640/0x640 [ 3108.353911] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3108.362783] [<ffffffffb760302c>] ? SyS_readv+0x2c/0x40 [ 3108.371651] [<ffffffffb70063f3>] ? do_syscall_64+0x1c3/0x580 [ 3108.380538] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3108.389425] [<ffffffffb8a5c797>] rewind_stack_do_exit+0x17/0x20 [ 3108.398340] Memory state around the buggy address: [ 3108.407230] ffff8803deac7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3108.416283] ffff8803deac7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3108.425322] >ffff8803deac7780: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 3108.434292] ^ [ 3108.443266] ffff8803deac7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3108.452341] ffff8803deac7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3108.461380] ================================================================== [ 3108.471600] ================================================================== [ 3108.480758] BUG: KASAN: stack-out-of-bounds in memcmp+0xe9/0x150 at addr ffff8803deac77ae [ 3108.489928] Read of size 1 by task trinity-c16/23828 [ 3108.499133] page:ffffea000f7ab1c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 3108.508488] flags: 0x8000000000000000() [ 3108.517750] page dumped because: kasan: bad access detected [ 3108.527082] CPU: 3 PID: 23828 Comm: trinity-c16 Tainted: G B D 4.8.0-rc1-think+ #4 [ 3108.546305] 00000000ffffffff 000000009af8b65a ffff8803deac7608 ffffffffb7a93c6d [ 3108.556112] ffff8803deac76a0 ffff8803deac77ae ffff8803deac7810 ffff8803deac7808 [ 3108.565943] ffff8803deac7690 ffffffffb75abec7 0000000000000010 ffff880400000000 [ 3108.575780] Call Trace: [ 3108.585521] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3108.595402] [<ffffffffb75abec7>] kasan_report_error+0x4b7/0x4e0 [ 3108.605262] [<ffffffffb75abf51>] __asan_report_load1_noabort+0x61/0x70 [ 3108.615186] [<ffffffffb7ab16d9>] ? memcmp+0xe9/0x150 [ 3108.625071] [<ffffffffb7ab16d9>] memcmp+0xe9/0x150 [ 3108.634929] [<ffffffffb7b39375>] depot_save_stack+0x185/0x5f0 [ 3108.644829] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3108.654740] [<ffffffffb75aadc1>] save_stack+0xb1/0xd0 [ 3108.664632] [<ffffffffb7078c5b>] ? save_stack_trace+0x2b/0x50 [ 3108.674533] [<ffffffffb75aad56>] ? save_stack+0x46/0xd0 [ 3108.684413] [<ffffffffb75ab583>] ? kasan_slab_free+0x73/0xc0 [ 3108.694300] [<ffffffffb75a7185>] ? kmem_cache_free+0x95/0x380 [ 3108.704131] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3108.713971] [<ffffffffb75b9bc2>] ? zap_huge_pmd+0x482/0x830 [ 3108.723788] [<ffffffffb7535890>] ? unmap_page_range+0x1210/0x16c0 [ 3108.733591] [<ffffffffb7535e46>] ? unmap_single_vma+0x106/0x270 [ 3108.743421] [<ffffffffb75367d6>] ? unmap_vmas+0xf6/0x1b0 [ 3108.753180] [<ffffffffb754f439>] ? exit_mmap+0x1f9/0x3f0 [ 3108.762929] [<ffffffffb7126a20>] ? mmput+0x100/0x2d0 [ 3108.772585] [<ffffffffb713be8d>] ? do_exit+0x6fd/0x2ba0 [ 3108.782207] [<ffffffffb8a5c797>] ? rewind_stack_do_exit+0x17/0x20 [ 3108.791926] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3108.801749] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3108.811454] [<ffffffffb74c5388>] ? release_pages+0x328/0x9a0 [ 3108.821096] [<ffffffffb7ac9356>] ? debug_locks_off+0x86/0xa0 [ 3108.830819] [<ffffffffb8a59b38>] ? _raw_spin_lock_irqsave+0x78/0x90 [ 3108.840472] [<ffffffffb75c1bdf>] ? deferred_split_huge_page+0xbf/0x190 [ 3108.850224] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3108.859896] [<ffffffffb75a7185>] kmem_cache_free+0x95/0x380 [ 3108.869423] [<ffffffffb754190d>] ptlock_free+0x3d/0x50 [ 3108.878890] [<ffffffffb75b9bc2>] zap_huge_pmd+0x482/0x830 [ 3108.888291] [<ffffffffb7535890>] unmap_page_range+0x1210/0x16c0 [ 3108.897745] [<ffffffffb7534680>] ? vm_normal_page_pmd+0x230/0x230 [ 3108.907002] [<ffffffffb7535e46>] unmap_single_vma+0x106/0x270 [ 3108.916156] [<ffffffffb75367d6>] unmap_vmas+0xf6/0x1b0 [ 3108.925149] [<ffffffffb754f439>] exit_mmap+0x1f9/0x3f0 [ 3108.934115] [<ffffffffb754f240>] ? SyS_munmap+0xb0/0xb0 [ 3108.943067] [<ffffffffb723d51d>] ? trace_hardirqs_on+0xd/0x10 [ 3108.951956] [<ffffffffb7126a20>] mmput+0x100/0x2d0 [ 3108.960829] [<ffffffffb713be8d>] do_exit+0x6fd/0x2ba0 [ 3108.969669] [<ffffffffb713b790>] ? mm_update_next_owner+0x640/0x640 [ 3108.978542] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3108.987414] [<ffffffffb760302c>] ? SyS_readv+0x2c/0x40 [ 3108.996281] [<ffffffffb70063f3>] ? do_syscall_64+0x1c3/0x580 [ 3109.005151] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3109.014072] [<ffffffffb8a5c797>] rewind_stack_do_exit+0x17/0x20 [ 3109.022998] Memory state around the buggy address: [ 3109.031940] ffff8803deac7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3109.041005] ffff8803deac7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3109.050047] >ffff8803deac7780: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 3109.059029] ^ [ 3109.067983] ffff8803deac7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3109.077070] ffff8803deac7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3109.086070] ================================================================== [ 3109.096268] ================================================================== [ 3109.105223] BUG: KASAN: stack-out-of-bounds in memcmp+0xe9/0x150 at addr ffff8803deac77af [ 3109.114324] Read of size 1 by task trinity-c16/23828 [ 3109.123435] page:ffffea000f7ab1c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 3109.132721] flags: 0x8000000000000000() [ 3109.141935] page dumped because: kasan: bad access detected [ 3109.151189] CPU: 3 PID: 23828 Comm: trinity-c16 Tainted: G B D 4.8.0-rc1-think+ #4 [ 3109.170274] 00000000ffffffff 000000009af8b65a ffff8803deac7608 ffffffffb7a93c6d [ 3109.180032] ffff8803deac76a0 ffff8803deac77af ffff8803deac7810 ffff8803deac7808 [ 3109.189818] ffff8803deac7690 ffffffffb75abec7 0000000000000010 ffff880400000000 [ 3109.199566] Call Trace: [ 3109.209201] [<ffffffffb7a93c6d>] dump_stack+0x95/0xe8 [ 3109.218941] [<ffffffffb75abec7>] kasan_report_error+0x4b7/0x4e0 [ 3109.228739] [<ffffffffb75abf51>] __asan_report_load1_noabort+0x61/0x70 [ 3109.238550] [<ffffffffb7ab16d9>] ? memcmp+0xe9/0x150 [ 3109.248358] [<ffffffffb7ab16d9>] memcmp+0xe9/0x150 [ 3109.258126] [<ffffffffb7b39375>] depot_save_stack+0x185/0x5f0 [ 3109.267902] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3109.277737] [<ffffffffb75aadc1>] save_stack+0xb1/0xd0 [ 3109.287526] [<ffffffffb7078c5b>] ? save_stack_trace+0x2b/0x50 [ 3109.297370] [<ffffffffb75aad56>] ? save_stack+0x46/0xd0 [ 3109.307181] [<ffffffffb75ab583>] ? kasan_slab_free+0x73/0xc0 [ 3109.316981] [<ffffffffb75a7185>] ? kmem_cache_free+0x95/0x380 [ 3109.326765] [<ffffffffb754190d>] ? ptlock_free+0x3d/0x50 [ 3109.336547] [<ffffffffb75b9bc2>] ? zap_huge_pmd+0x482/0x830 [ 3109.346299] [<ffffffffb7535890>] ? unmap_page_range+0x1210/0x16c0 [ 3109.356059] [<ffffffffb7535e46>] ? unmap_single_vma+0x106/0x270 [ 3109.365836] [<ffffffffb75367d6>] ? unmap_vmas+0xf6/0x1b0 [ 3109.375547] [<ffffffffb754f439>] ? exit_mmap+0x1f9/0x3f0 [ 3109.385218] [<ffffffffb7126a20>] ? mmput+0x100/0x2d0 [ 3109.394849] [<ffffffffb713be8d>] ? do_exit+0x6fd/0x2ba0 [ 3109.404349] [<ffffffffb8a5c797>] ? rewind_stack_do_exit+0x17/0x20 [ 3109.413995] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3109.423706] [<ffffffffb723daa0>] ? debug_check_no_locks_freed+0x280/0x280 [ 3109.433307] [<ffffffffb74c5388>] ? release_pages+0x328/0x9a0 [ 3109.442862] [<ffffffffb7ac9356>] ? debug_locks_off+0x86/0xa0 [ 3109.452473] [<ffffffffb8a59b38>] ? _raw_spin_lock_irqsave+0x78/0x90 [ 3109.462033] [<ffffffffb75c1bdf>] ? deferred_split_huge_page+0xbf/0x190 [ 3109.471750] [<ffffffffb75ab583>] kasan_slab_free+0x73/0xc0 [ 3109.481336] [<ffffffffb75a7185>] kmem_cache_free+0x95/0x380 [ 3109.490825] [<ffffffffb754190d>] ptlock_free+0x3d/0x50 [ 3109.500213] [<ffffffffb75b9bc2>] zap_huge_pmd+0x482/0x830 [ 3109.509529] [<ffffffffb7535890>] unmap_page_range+0x1210/0x16c0 [ 3109.518858] [<ffffffffb7534680>] ? vm_normal_page_pmd+0x230/0x230 [ 3109.528090] [<ffffffffb7535e46>] unmap_single_vma+0x106/0x270 [ 3109.537150] [<ffffffffb75367d6>] unmap_vmas+0xf6/0x1b0 [ 3109.546106] [<ffffffffb754f439>] exit_mmap+0x1f9/0x3f0 [ 3109.554977] [<ffffffffb754f240>] ? SyS_munmap+0xb0/0xb0 [ 3109.563856] [<ffffffffb723d51d>] ? trace_hardirqs_on+0xd/0x10 [ 3109.572690] [<ffffffffb7126a20>] mmput+0x100/0x2d0 [ 3109.581471] [<ffffffffb713be8d>] do_exit+0x6fd/0x2ba0 [ 3109.590217] [<ffffffffb713b790>] ? mm_update_next_owner+0x640/0x640 [ 3109.599011] [<ffffffffb7603000>] ? rw_copy_check_uvector+0x280/0x280 [ 3109.607788] [<ffffffffb760302c>] ? SyS_readv+0x2c/0x40 [ 3109.616590] [<ffffffffb70063f3>] ? do_syscall_64+0x1c3/0x580 [ 3109.625380] [<ffffffffb700301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3109.634251] [<ffffffffb8a5c797>] rewind_stack_do_exit+0x17/0x20 [ 3109.643086] Memory state around the buggy address: [ 3109.651925] ffff8803deac7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3109.660922] ffff8803deac7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3109.669880] >ffff8803deac7780: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 3109.678798] ^ [ 3109.687655] ffff8803deac7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3109.696668] ffff8803deac7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3109.705605] ==================================================================
Powered by blists - more mailing lists