Trying 192.168.56.4... Connected to moya.mayfield.sirena.org.uk. Escape character is '^]'. ser2net port telnet,3000 device serialdev, /dev/serial/by-path/pci-0000:00:14.0-usb-0:3.4:1.0-port0, 115200n81, local=false [,115200N81] (Debian GNU/Linux) U-Boot SPL 2023.07.02-dh-stm32mp1-dhcor-avenger96-20230727.02 (Jul 11 2023 - 15:20:44 +0000) Model: Arrow Electronics STM32MP15xx Avenger96 board Code: SoM:rev=0,ddr3=3 Board:rev=1 RAM: DDR3L 32bits 2x4Gb 533MHz WDT: Started watchdog@5a002000 with servicing every 1000ms (32s timeout) Trying to boot from MMC1 image entry point: 0xc0100000 U-Boot 2023.07.02-dh-stm32mp1-dhcor-avenger96-20230727.02 (Jul 11 2023 - 15:20:44 +0000) CPU: STM32MP157AAC Rev.B Model: Arrow Electronics STM32MP15xx Avenger96 board Board: stm32mp1 in basic mode (arrow,stm32mp15xx-avenger96) DRAM: 1 GiB Clocks: - MPU : 650 MHz - MCU : 208.878 MHz - AXI : 266.500 MHz - PER : 24 MHz - DDR : 533 MHz Core: 285 devices, 34 uclasses, devicetree: separate WDT: Started watchdog@5a002000 with servicing every 1000ms (32s timeout) MMC: STM32 SD/MMC: 2, STM32 SD/MMC: 0, STM32 SD/MMC: 1 Loading Environment from SPIFlash... SF: Detected w25q16dw with page size 256 Bytes, erase size 4 KiB, total 2 MiB OK In: serial Out: serial Err: serial Net: eth0: ethernet@5800a000 Hit any key to stop autoboot: 3  0 STM32MP> setenv autoload no setenv autoload no STM32MP> setenv initrd_high 0xffffffff setenv initrd_high 0xffffffff STM32MP> setenv fdt_high 0xffffffff setenv fdt_high 0xffffffff STM32MP> dhcp dhcp ethernet@5800a000 Waiting for PHY auto negotiation to complete............... done BOOTP broadcast 1 BOOTP broadcast 2 BOOTP broadcast 3 BOOTP broadcast 4 BOOTP broadcast 5 *** Unhandled DHCP Option in OFFER/ACK: 42 *** Unhandled DHCP Option in OFFER/ACK: 42 DHCP client bound to address 192.168.56.204 (3820 ms) STM32MP> setenv serverip 192.168.56.193 setenv serverip 192.168.56.193 STM32MP> tftp 0xc2000000 790371/tftp-deploy-349gqebc/kernel/uImage tftp 0xc2000000 790371/tftp-deploy-349gqebc/kernel/uImage Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.204 Filename '790371/tftp-deploy-349gqebc/kernel/uImage'. Load address: 0xc2000000 Loading: *################################################## 15.6 MiB 11.6 MiB/s done Bytes transferred = 16360000 (f9a240 hex) STM32MP> tftp 0xc4400000 790371/tftp-deploy-349gqebc/ramdisk/ramdisk.cpio.gz.uboot tftp 0xc4400000 790371/tftp-deploy-349gqebc/ramdisk/ramdisk.cpio.gz.uboot Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.204 Filename '790371/tftp-deploy-349gqebc/ramdisk/ramdisk.cpio.gz.uboot'. Load address: 0xc4400000 Loading: *################################################## 20.4 MiB 11.5 MiB/s done Bytes transferred = 21381970 (1464352 hex) STM32MP> setenv initrd_size ${filesize} setenv initrd_size ${filesize} STM32MP> tftp 0xc4000000 790371/tftp-deploy-349gqebc/dtb/stm32mp157a-dhcor-avenger96.dtb tftp 0xc4000000 790371/tftp-deploy-349gqebc/dtb/stm32mp157a-dhcor-avenger96.dtb Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.204 Filename '790371/tftp-deploy-349gqebc/dtb/stm32mp157a-dhcor-avenger96.dtb'. Load address: 0xc4000000 Loading: *################################################## 51.6 KiB 8.4 MiB/s done Bytes transferred = 52850 (ce72 hex) STM32MP> setenv bootargs 'console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/790371/extract-nfsrootfs-0z2tjq3r,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp' setenv bootargs 'console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/790371/extract-nfsrootfs-0z2tjq3r,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp' STM32MP> bootm 0xc2000000 0xc4400000 0xc4000000 bootm 0xc2000000 0xc4400000 0xc4000000 ## Booting kernel from Legacy Image at c2000000 ... Image Name: Created: 2024-10-02 7:31:05 UTC Image Type: ARM Linux Kernel Image (uncompressed) Data Size: 16359936 Bytes = 15.6 MiB Load Address: c2000000 Entry Point: c2000000 Verifying Checksum ... OK ## Loading init Ramdisk from Legacy Image at c4400000 ... Image Name: Created: 2024-10-02 7:31:09 UTC Image Type: ARM Linux RAMDisk Image (uncompressed) Data Size: 21381906 Bytes = 20.4 MiB Load Address: 00000000 Entry Point: 00000000 Verifying Checksum ... OK ## Flattened Device Tree blob at c4000000 Booting using the fdt blob at 0xc4000000 Working FDT set to c4000000 Loading Kernel Image Using Device Tree in place at c4000000, end c400fe71 Working FDT set to c4000000 Starting kernel ... [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 6.12.0-rc1-next-20241002 (KernelCI@build-j329354-arm-gcc-12-multi-v7-defconfig-kselftest-22pdv) (arm-linux-gnueabihf-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP Wed Oct 2 06:26:47 UTC 2024 [ 0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c5387d [ 0.000000] CPU: div instructions available: patching division code [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache [ 0.000000] OF: fdt: Machine model: Arrow Electronics STM32MP157A Avenger96 board [ 0.000000] earlycon: stm32 at MMIO 0x40010000 (options '115200n8') [ 0.000000] printk: legacy bootconsole [stm32] enabled [ 0.000000] Memory policy: Data cache writealloc [ 0.000000] efi: UEFI not found. [ 0.000000] Reserved memory: created DMA memory pool at 0x10000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node mcuram2@10000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10000000..0x1003ffff (256 KiB) nomap non-reusable mcuram2@10000000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10040000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0vring0@10040000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10040000..0x10040fff (4 KiB) nomap non-reusable vdev0vring0@10040000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10041000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0vring1@10041000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10041000..0x10041fff (4 KiB) nomap non-reusable vdev0vring1@10041000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10042000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0buffer@10042000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10042000..0x10045fff (16 KiB) nomap non-reusable vdev0buffer@10042000 [ 0.000000] Reserved memory: created DMA memory pool at 0x30000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node mcuram@30000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x30000000..0x3003ffff (256 KiB) nomap non-reusable mcuram@30000000 [ 0.000000] Reserved memory: created DMA memory pool at 0x38000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node retram@38000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x38000000..0x3800ffff (64 KiB) nomap non-reusable retram@38000000 [ 0.000000] cma: Reserved 64 MiB at 0xfb800000 on node -1 [ 0.000000] Zone ranges: [ 0.000000] DMA [mem 0x00000000c0000000-0x00000000efffffff] [ 0.000000] Normal empty [ 0.000000] HighMem [mem 0x00000000f0000000-0x00000000ffffefff] [ 0.000000] Movable zone start for each node [ 0.000000] Early memory node ranges [ 0.000000] node 0: [mem 0x00000000c0000000-0x00000000ffffefff] [ 0.000000] Initmem setup node 0 [mem 0x00000000c0000000-0x00000000ffffefff] [ 0.000000] psci: probing for conduit method from DT. [ 0.000000] psci: PSCIv1.0 detected in firmware. [ 0.000000] psci: Using standard PSCI v0.2 function IDs [ 0.000000] psci: Trusted OS migration not required [ 0.000000] psci: SMC Calling Convention v1.0 [ 0.000000] percpu: Embedded 20 pages/cpu s49292 r8192 d24436 u81920 [ 0.000000] Kernel command line: console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/790371/extract-nfsrootfs-0z2tjq3r,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp <6>[ 0.000000] Dentry cache hash table entries: 131072 (order: 7, 524288 bytes, linear) <6>[ 0.000000] Inode-cache hash table entries: 65536 (order: 6, 262144 bytes, linear) <6>[ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 262143 <6>[ 0.000000] allocated 1056764 bytes of page_ext <6>[ 0.000000] mem auto-init: stack:all(zero), heap alloc:on, heap free:on <6>[ 0.000000] mem auto-init: clearing system memory may take some time... <6>[ 0.000000] stackdepot: allocating hash table via alloc_large_system_hash <6>[ 0.000000] stackdepot hash table entries: 65536 (order: 7, 524288 bytes, linear) <4>[ 0.000000] ********************************************************** <4>[ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** This system shows unhashed kernel memory addresses ** <4>[ 0.000000] ** via the console, logs, and other interfaces. This ** <4>[ 0.000000] ** might reduce the security of your system. ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** If you see this message and you are not debugging ** <4>[ 0.000000] ** the kernel, report this immediately to your system ** <4>[ 0.000000] ** administrator! ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** <4>[ 0.000000] ********************************************************** <6>[ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1 <6>[ 0.000000] ftrace: allocating 71576 entries in 210 pages <6>[ 0.000000] ftrace: allocated 210 pages with 4 groups <6>[ 0.000000] trace event string verifier disabled <6>[ 0.000000] rcu: Hierarchical RCU implementation. <6>[ 0.000000] rcu: RCU event tracing is enabled. <6>[ 0.000000] rcu: RCU restricting CPUs from NR_CPUS=16 to nr_cpu_ids=2. <6>[ 0.000000] Rude variant of Tasks RCU enabled. <6>[ 0.000000] Tracing variant of Tasks RCU enabled. <6>[ 0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. <6>[ 0.000000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2 <6>[ 0.000000] RCU Tasks Rude: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. <6>[ 0.000000] RCU Tasks Trace: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. <6>[ 0.000000] NR_IRQS: 16, nr_irqs: 16, preallocated irqs: 16 <6>[ 0.000000] rcu: srcu_init: Setting srcu_struct sizes based on contention. <6>[ 0.000000] arch_timer: cp15 timer(s) running at 24.00MHz (virt). <6>[ 0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x588fe9dc0, max_idle_ns: 440795202592 ns <6>[ 0.000002] sched_clock: 56 bits at 24MHz, resolution 41ns, wraps every 4398046511097ns <6>[ 0.008292] Switching to timer-based delay loop, resolution 41ns <6>[ 0.025150] Console: colour dummy device 80x30 <6>[ 0.028603] Calibrating delay loop (skipped), value calculated using timer frequency.. 48.00 BogoMIPS (lpj=24000) <6>[ 0.039035] CPU: Testing write buffer coherency: ok <6>[ 0.044188] pid_max: default: 32768 minimum: 301 <6>[ 0.050284] LSM: initializing lsm=capability,landlock,bpf,ima <6>[ 0.055382] landlock: Up and running. <6>[ 0.059140] LSM support for eBPF active <6>[ 0.064182] Mount-cache hash table entries: 2048 (order: 1, 8192 bytes, linear) <6>[ 0.070735] Mountpoint-cache hash table entries: 2048 (order: 1, 8192 bytes, linear) <6>[ 0.086681] CPU0: update cpu_capacity 1024 <6>[ 0.089683] CPU0: thread -1, cpu 0, socket 0, mpidr 80000000 <6>[ 0.103709] Setting up static identity map for 0xc0300000 - 0xc03000ac <6>[ 0.112820] rcu: Hierarchical SRCU implementation. <6>[ 0.116496] rcu: Max phase no-delay instances is 400. <6>[ 0.123786] Timer migration: 1 hierarchy levels; 8 children per group; 1 crossnode level <6>[ 0.155861] EFI services will not be available. <6>[ 0.160695] smp: Bringing up secondary CPUs ... <6>[ 0.168523] CPU1: update cpu_capacity 1024 <6>[ 0.168562] CPU1: thread -1, cpu 1, socket 0, mpidr 80000001 <6>[ 0.168888] smp: Brought up 1 node, 2 CPUs <6>[ 0.182143] SMP: Total of 2 processors activated (96.00 BogoMIPS). <6>[ 0.188614] CPU: All CPU(s) started in SVC mode. <6>[ 0.196222] Memory: 905796K/1048572K available (21504K kernel code, 3772K rwdata, 10404K rodata, 2048K init, 526K bss, 71972K reserved, 65536K cma-reserved, 196604K highmem) <6>[ 0.213460] devtmpfs: initialized <6>[ 0.446955] VFP support v0.3: implementor 41 architecture 2 part 30 variant 7 rev 5 <6>[ 0.455646] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns <6>[ 0.464307] futex hash table entries: 512 (order: 3, 32768 bytes, linear) <6>[ 0.535736] pinctrl core: initialized pinctrl subsystem <6>[ 0.557342] DMI not present or invalid. <6>[ 0.568775] NET: Registered PF_NETLINK/PF_ROUTE protocol family <6>[ 0.586036] DMA: preallocated 256 KiB pool for atomic coherent allocations <6>[ 0.601259] audit: initializing netlink subsys (disabled) <5>[ 0.606760] audit: type=2000 audit(0.420:1): state=initialized audit_enabled=0 res=1 <6>[ 0.622890] thermal_sys: Registered thermal governor 'step_wise' <6>[ 0.623304] cpuidle: using governor menu <6>[ 0.635346] No ATAGs? <6>[ 0.636670] hw-breakpoint: found 5 (+1 reserved) breakpoint and 4 watchpoint registers. <6>[ 0.644774] hw-breakpoint: maximum watchpoint size is 8 bytes. <6>[ 0.672311] Serial: AMBA PL011 UART driver <6>[ 0.773659] platform 5a001000.display-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 0.901798] platform hdmi-out: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 0.922051] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. <6>[ 0.992229] stm32-mdma 58000000.dma-controller: STM32 MDMA driver registered <6>[ 1.012608] iommu: Default domain type: Translated <6>[ 1.016416] iommu: DMA domain TLB invalidation policy: strict mode <5>[ 1.039810] SCSI subsystem initialized <6>[ 1.050178] usbcore: registered new interface driver usbfs <6>[ 1.055019] usbcore: registered new interface driver hub <6>[ 1.060607] usbcore: registered new device driver usb <6>[ 1.073566] pps_core: LinuxPPS API ver. 1 registered <6>[ 1.077406] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <6>[ 1.087082] PTP clock support registered <6>[ 1.092063] EDAC MC: Ver: 3.0.0 <6>[ 1.098541] scmi_core: SCMI protocol bus registered <6>[ 1.119504] NET: Registered PF_ATMPVC protocol family <6>[ 1.123445] NET: Registered PF_ATMSVC protocol family <6>[ 1.133633] nfc: nfc_init: NFC Core ver 0.1 <6>[ 1.137529] NET: Registered PF_NFC protocol family <6>[ 1.142991] vgaarb: loaded <6>[ 1.159745] clocksource: Switched to clocksource arch_sys_counter <6>[ 1.272532] NET: Registered PF_INET protocol family <6>[ 1.277018] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear) <6>[ 1.291274] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear) <6>[ 1.298603] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) <6>[ 1.306814] TCP established hash table entries: 8192 (order: 3, 32768 bytes, linear) <6>[ 1.314760] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear) <6>[ 1.322435] TCP: Hash tables configured (established 8192 bind 8192) <6>[ 1.330625] MPTCP token hash table entries: 1024 (order: 2, 16384 bytes, linear) <6>[ 1.337334] UDP hash table entries: 512 (order: 2, 16384 bytes, linear) <6>[ 1.343989] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear) <6>[ 1.352423] NET: Registered PF_UNIX/PF_LOCAL protocol family <6>[ 1.364004] RPC: Registered named UNIX socket transport module. <6>[ 1.368821] RPC: Registered udp transport module. <6>[ 1.373782] RPC: Registered tcp transport module. <6>[ 1.378757] RPC: Registered tcp-with-tls transport module. <6>[ 1.384520] RPC: Registered tcp NFSv4.1 backchannel transport module. <6>[ 1.391295] NET: Registered PF_XDP protocol family <6>[ 1.396365] PCI: CLS 0 bytes, default 64 <5>[ 1.413437] Initialise system trusted keyrings <6>[ 1.420623] Trying to unpack rootfs image as initramfs... <6>[ 1.429326] workingset: timestamp_bits=14 max_order=18 bucket_order=4 <6>[ 1.523465] squashfs: version 4.0 (2009/01/31) Phillip Lougher <5>[ 1.548831] NFS: Registering the id_resolver key type <5>[ 1.552975] Key type id_resolver registered <5>[ 1.557225] Key type id_legacy registered <6>[ 1.561878] nfs4filelayout_init: NFSv4 File Layout Driver Registering... <6>[ 1.568499] nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering... <6>[ 1.975822] NET: Registered PF_ALG protocol family <5>[ 1.979593] Key type asymmetric registered <5>[ 1.983879] Asymmetric key parser 'x509' registered <6>[ 1.989948] bounce: pool size: 64 pages <6>[ 1.994000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 243) <6>[ 2.000854] io scheduler mq-deadline registered <6>[ 2.005642] io scheduler kyber registered <6>[ 2.010198] io scheduler bfq registered <4>[ 2.016741] test_firmware: interface ready <6>[ 2.033339] /soc/interrupt-controller@5000d000: bank0 <6>[ 2.037312] /soc/interrupt-controller@5000d000: bank1 <6>[ 2.042613] /soc/interrupt-controller@5000d000: bank2 <6>[ 2.086068] Registering stm32-etzpc firewall controller <6>[ 2.258453] ledtrig-cpu: registered to indicate activity on CPUs <6>[ 3.729849] Serial: 8250/16550 driver, 5 ports, IRQ sharing enabled <6>[ 3.783006] msm_serial: driver initialized <6>[ 3.788081] SuperH (H)SCI(F) driver initialized <6>[ 3.792544] STMicroelectronics ASC driver initialized <6>[ 3.797929] STM32 USART driver initialized <5>[ 3.833204] random: crng init done <6>[ 3.852151] [drm] Initialized vgem 1.0.0 for vgem on minor 0 <6>[ 3.979436] brd: module loaded <6>[ 4.059225] loop: module loaded <6>[ 4.063832] lkdtm: No crash points registered, enable through debugfs <6>[ 4.184861] bgmac_bcma: Broadcom 47xx GBit MAC driver loaded <6>[ 4.195119] e1000e: Intel(R) PRO/1000 Network Driver <6>[ 4.198972] e1000e: Copyright(c) 1999 - 2015 Intel Corporation. <6>[ 4.205713] igb: Intel(R) Gigabit Ethernet Network Driver <6>[ 4.210840] igb: Copyright (c) 2007-2014 Intel Corporation. <6>[ 4.240189] pegasus: Pegasus/Pegasus II USB Ethernet driver <6>[ 4.245180] usbcore: registered new interface driver pegasus <6>[ 4.251133] usbcore: registered new interface driver asix <6>[ 4.256784] usbcore: registered new interface driver ax88179_178a <6>[ 4.263143] usbcore: registered new interface driver cdc_ether <6>[ 4.269247] usbcore: registered new interface driver smsc75xx <6>[ 4.275355] usbcore: registered new interface driver smsc95xx <6>[ 4.281337] usbcore: registered new interface driver net1080 <6>[ 4.287328] usbcore: registered new interface driver cdc_subset <6>[ 4.293491] usbcore: registered new interface driver zaurus <6>[ 4.299300] usbcore: registered new interface driver cdc_ncm <6>[ 4.328755] usbcore: registered new interface driver usb-storage <6>[ 4.370880] stm32_rtc 5c004000.rtc: registered as rtc0 <6>[ 4.374966] stm32_rtc 5c004000.rtc: setting system clock to 2000-01-01T00:00:26 UTC (946684826) <4>[ 4.387626] stm32_rtc 5c004000.rtc: Date/Time must be initialized <6>[ 4.392699] stm32_rtc 5c004000.rtc: registered rev:1.2 <6>[ 4.404965] i2c_dev: i2c /dev entries driver <6>[ 4.464365] stm_thermal 50028000.thermal: stm_thermal_probe: Driver initialized successfully <6>[ 4.518594] sdhci: Secure Digital Host Controller Interface driver <6>[ 4.523751] sdhci: Copyright(c) Pierre Ossman <6>[ 4.537335] Synopsys Designware Multimedia Card Interface Driver <6>[ 4.551085] sdhci-pltfm: SDHCI platform and OF driver helper <6>[ 4.578308] hid: raw HID events driver (C) Jiri Kosina <6>[ 4.587390] usbcore: registered new interface driver usbhid <6>[ 4.591877] usbhid: USB HID core driver <6>[ 4.628101] hw perfevents: enabled with armv7_cortex_a7 PMU driver, 5 (8000000f) counters available <6>[ 4.653627] ipip: IPv4 and MPLS over IPv4 tunneling driver <6>[ 4.665005] IPv4 over IPsec tunneling driver <6>[ 4.674370] IPsec XFRM device driver <6>[ 4.677590] NET: Registered PF_INET6 protocol family <6>[ 4.693979] Segment Routing with IPv6 <6>[ 4.697269] In-situ OAM (IOAM) with IPv6 <6>[ 4.708609] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver <6>[ 4.727412] NET: Registered PF_PACKET protocol family <6>[ 4.731704] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. <5>[ 4.748238] Key type dns_resolver registered <6>[ 4.753062] NET: Registered PF_VSOCK protocol family <6>[ 4.757071] mpls_gso: MPLS GSO support <6>[ 4.765066] ThumbEE CPU extension supported. <5>[ 4.768316] Registering SWP/SWPB emulation handler <4>[ 5.018887] unwind: Index not found bf0033e4 <4>[ 5.022135] unwind: Index not found bf0033e4 <4>[ 5.026698] unwind: Index not found bf0033e4 <4>[ 5.031190] unwind: Index not found bf0033e4 <4>[ 5.035756] unwind: Index not found bf0033e4 <4>[ 5.040248] unwind: Index not found bf0033e4 <4>[ 5.044830] unwind: Index not found bf0033e4 <4>[ 5.049347] unwind: Index not found bf0033e4 <4>[ 5.053897] unwind: Index not found bf0033e4 <4>[ 5.058417] unwind: Index not found bf0033e4 <4>[ 5.063008] unwind: Index not found bf0033e4 <4>[ 5.067515] unwind: Index not found bf0033e4 <4>[ 5.072045] unwind: Index not found bf0033e4 <4>[ 5.076826] unwind: Index not found bf0033e4 <4>[ 5.083236] unwind: Index not found bf0033e4 <4>[ 5.086966] unwind: Index not found bf0033e4 <4>[ 5.091472] unwind: Index not found bf0033e4 <4>[ 5.096127] unwind: Index not found bf0033e4 <4>[ 5.100084] unwind: Index not found bf0033e4 <4>[ 5.104603] unwind: Index not found bf0033e4 <4>[ 5.109132] unwind: Index not found bf0033e4 <4>[ 5.113710] unwind: Index not found bf0033e4 <4>[ 5.118215] unwind: Index not found bf0033e4 <4>[ 5.122757] unwind: Index not found bf0033e4 <4>[ 5.127307] unwind: Index not found bf0033e4 <4>[ 5.131839] unwind: Index not found bf0033e4 <4>[ 5.136396] unwind: Index not found bf0033e4 <4>[ 5.140923] unwind: Index not found bf0033e4 <4>[ 5.145470] unwind: Index not found bf0033e4 <4>[ 5.150016] unwind: Index not found bf0033e4 <4>[ 5.154593] unwind: Index not found bf0033e4 <4>[ 5.159108] unwind: Index not found bf0033e4 <4>[ 5.163645] unwind: Index not found bf0033e4 <4>[ 5.168183] unwind: Index not found bf0033e4 <4>[ 5.172778] unwind: Index not found bf0033e4 <4>[ 5.177922] unwind: Index not found bf0033e4 <4>[ 5.182337] unwind: Index not found bf0033e4 <4>[ 5.186971] unwind: Index not found bf0034a8 <4>[ 5.191400] unwind: Index not found bf0034a8 <4>[ 5.195446] unwind: Index not found bf0034a8 <4>[ 5.199977] unwind: Index not found bf0034a8 <4>[ 5.204523] unwind: Index not found bf0034a8 <4>[ 5.209083] unwind: Index not found bf0034a8 <4>[ 5.213692] unwind: Index not found bf0034a8 <4>[ 5.218162] unwind: Index not found bf0034a8 <4>[ 5.222719] unwind: Index not found bf0034a8 <4>[ 5.227236] unwind: Index not found bf0034a8 <4>[ 5.231777] unwind: Index not found bf0034a8 <4>[ 5.236310] unwind: Index not found bf0034a8 <4>[ 5.240853] unwind: Index not found bf0034a8 <4>[ 5.245413] unwind: Index not found bf0034a8 <4>[ 5.249943] unwind: Index not found bf0034a8 <4>[ 5.254490] unwind: Index not found bf0034a8 <4>[ 5.259056] unwind: Index not found bf0034a8 <4>[ 5.264202] unwind: Index not found bf0034a8 <4>[ 5.268610] unwind: Index not found bf0034a8 <4>[ 5.273184] unwind: Index not found bf003660 <4>[ 5.277776] unwind: Index not found bf003660 <4>[ 5.282217] unwind: Index not found bf003660 <4>[ 5.286789] unwind: Index not found bf003660 <5>[ 5.291398] Loading compiled-in X.509 certificates <6>[ 5.742125] Freeing initrd memory: 20884K <5>[ 5.829149] Loaded X.509 cert 'Build time autogenerated kernel key: 613428d43c5dd80c90e67847ccc64e73478ccf86' <6>[ 6.021218] ima: No TPM chip found, activating TPM-bypass! <6>[ 6.025738] ima: Allocated hash algorithm: sha1 <6>[ 6.030649] ima: No architecture policies found <6>[ 6.307735] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOA bank added <6>[ 6.317793] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOB bank added <6>[ 6.328068] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOC bank added <6>[ 6.338275] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOD bank added <6>[ 6.348581] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOE bank added <6>[ 6.360066] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOF bank added <6>[ 6.372435] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOG bank added <6>[ 6.382865] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOH bank added <6>[ 6.395272] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOI bank added <6>[ 6.400786] stm32mp157-pinctrl soc:pinctrl@50002000: Pinctrl STM32 initialized <6>[ 6.437907] stm32mp157-pinctrl soc:pinctrl@54004000: GPIOZ bank added <6>[ 6.443290] stm32mp157-pinctrl soc:pinctrl@54004000: Pinctrl STM32 initialized <6>[ 6.470075] stm32-dma 48000000.dma-controller: STM32 DMA driver registered <6>[ 6.493454] stm32-dma 48001000.dma-controller: STM32 DMA driver registered <6>[ 6.553119] stm32-usart 4000e000.serial: interrupt mode for rx (no dma) <6>[ 6.558745] stm32-usart 4000e000.serial: interrupt mode for tx (no dma) <6>[ 6.569071] 4000e000.serial: ttySTM2 at MMIO 0x4000e000 (irq = 49, base_baud = 4000000) is a stm32-usart <6>[ 6.580994] serial serial0: tty port ttySTM2 registered <6>[ 6.594346] stm32-usart 40010000.serial: interrupt mode for rx (no dma) <6>[ 6.599887] stm32-usart 40010000.serial: interrupt mode for tx (no dma) <6>[ 6.609732] 40010000.serial: ttySTM0 at MMIO 0x40010000 (irq = 50, base_baud = 4000000) is a stm32-usart <6>[ 6.619628] printk: legacy console [ttySTM0] enabled <6>[ 6.619628] printk: legacy console [ttySTM0] enabled <6>[ 6.628704] printk: legacy bootconsole [stm32] disabled <6>[ 6.628704] printk: legacy bootconsole [stm32] disabled <6>[ 6.657646] stm32-usart 40018000.serial: interrupt mode for rx (no dma) <6>[ 6.663306] stm32-usart 40018000.serial: interrupt mode for tx (no dma) <6>[ 6.673147] 40018000.serial: ttySTM1 at MMIO 0x40018000 (irq = 51, base_baud = 4000000) is a stm32-usart <6>[ 6.743377] stm32-dwmac 5800a000.ethernet: IRQ eth_wake_irq not found <6>[ 6.748944] stm32-dwmac 5800a000.ethernet: IRQ eth_lpi not found <6>[ 6.755142] stm32-dwmac 5800a000.ethernet: IRQ sfty not found <6>[ 6.765231] stm32-dwmac 5800a000.ethernet: User ID: 0x40, Synopsys ID: 0x42 <6>[ 6.771381] stm32-dwmac 5800a000.ethernet: DWMAC4/5 <6>[ 6.776422] stm32-dwmac 5800a000.ethernet: DMA HW capability register supported <6>[ 6.784088] stm32-dwmac 5800a000.ethernet: RX Checksum Offload Engine supported <6>[ 6.791587] stm32-dwmac 5800a000.ethernet: TX Checksum insertion supported <6>[ 6.798795] stm32-dwmac 5800a000.ethernet: Wake-Up On Lan supported <6>[ 6.805972] stm32-dwmac 5800a000.ethernet: TSO supported <6>[ 6.810883] stm32-dwmac 5800a000.ethernet: Enable RX Mitigation via HW Watchdog Timer <6>[ 6.819038] stm32-dwmac 5800a000.ethernet: Enabled L3L4 Flow TC (entries=2) <6>[ 6.826275] stm32-dwmac 5800a000.ethernet: Enabled RFS Flow TC (entries=10) <6>[ 6.833490] stm32-dwmac 5800a000.ethernet: TSO feature enabled <6>[ 6.839582] stm32-dwmac 5800a000.ethernet: Using 32/32 bits DMA host/device width <6>[ 6.960605] stm32f7-i2c 40012000.i2c: STM32F7 I2C-0 bus adapter <6>[ 6.999460] stm32f7-i2c 40013000.i2c: STM32F7 I2C-1 bus adapter <6>[ 7.043588] stpmic1 2-0033: PMIC Chip Version: 0x10 <6>[ 7.056547] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/boost <6>[ 7.068703] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/buck2 <6>[ 7.081801] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/buck4 <6>[ 7.108596] platform hdmi-out: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 7.120197] platform 5a001000.display-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 7.132094] i2c 2-003d: Fixed dependency cycle(s) with /soc/bus@5c007000/sai@4400b000/audio-controller@4400b004 <6>[ 7.141507] i2c 2-003d: Fixed dependency cycle(s) with /hdmi-out <6>[ 7.148809] i2c 2-003d: Fixed dependency cycle(s) with /soc/display-controller@5a001000 <4>[ 7.160935] at24 2-0053: supply vcc not found, using dummy regulator <6>[ 7.171054] at24 2-0053: 256 byte 24c02 EEPROM, writable, 16 bytes/write <6>[ 7.177112] stm32f7-i2c 5c002000.i2c: STM32F7 I2C-2 bus adapter <6>[ 7.202241] mmci-pl18x 48004000.mmc: mmc1: PL180 manf 53 rev2 at 0x48004000 irq 61,0 (pio) <6>[ 7.226122] input: pmic_onkey as /devices/platform/soc/5c007000.bus/5c002000.i2c/i2c-2/2-0033/5c002000.i2c:stpmic@33:onkey/input/input0 <6>[ 7.252516] vdda: Bringing 1800000uV into 2900000-2900000uV <6>[ 7.280810] v2v8: Bringing 1800000uV into 2800000-2800000uV <6>[ 7.312264] v1v8: Bringing 1000000uV into 1800000-1800000uV <6>[ 7.372519] mmci-pl18x 58005000.mmc: Got CD GPIO <6>[ 7.385628] mmci-pl18x 58005000.mmc: mmc0: PL180 manf 53 rev2 at 0x58005000 irq 72,0 (pio) <6>[ 7.398505] stm32-dwmac 5800a000.ethernet eth0: Register MEM_TYPE_PAGE_POOL RxQ-0 <6>[ 7.425041] mmci-pl18x 58007000.mmc: mmc2: PL180 manf 53 rev2 at 0x58007000 irq 73,0 (pio) <6>[ 7.429505] stm32-usbphyc 5a006000.usbphyc: registered rev:1.0 <4>[ 7.446516] dwc2 49000000.usb-otg: supply vusb_d not found, using dummy regulator <4>[ 7.454953] dwc2 49000000.usb-otg: supply vusb_a not found, using dummy regulator <6>[ 7.479182] stm32-dwmac 5800a000.ethernet eth0: PHY [stmmac-0:07] driver [Micrel KSZ9031 Gigabit PHY] (irq=POLL) <6>[ 7.488484] dwmac4: Master AXI performs any burst length <6>[ 7.493956] stm32-dwmac 5800a000.ethernet eth0: No Safety Features support found <6>[ 7.536599] mmc0: new high speed SDXC card at address e624 <6>[ 7.556173] mmcblk0: mmc0:e624 SD64G 59.5 GiB <6>[ 7.594355] dwc2 49000000.usb-otg: EPs: 9, dedicated fifos, 952 entries in SPRAM <6>[ 7.638499] mmc2: new DDR MMC card at address 0001 <6>[ 7.656477] mmcblk2: mmc2:0001 DG4008 7.28 GiB <6>[ 7.706096] stm32-dwmac 5800a000.ethernet eth0: IEEE 1588-2008 Advanced Timestamp supported <6>[ 7.717620] stm32-dwmac 5800a000.ethernet eth0: registered PTP clock <6>[ 7.727341] mmc1: new high speed SDIO card at address 0001 <6>[ 7.739176] stm32-dwmac 5800a000.ethernet eth0: configuring for phy/rgmii link mode <6>[ 7.750253] dwc2 49000000.usb-otg: DWC OTG Controller <6>[ 7.754715] dwc2 49000000.usb-otg: new USB bus registered, assigned bus number 1 <6>[ 7.762742] dwc2 49000000.usb-otg: irq 75, io mem 0x49000000 <4>[ 7.771345] GPT:Primary header thinks Alt. header is not at the end of the disk. <4>[ 7.777748] GPT:3145727 != 15273599 <4>[ 7.781442] GPT:Alternate GPT header not at the end of the disk. <6>[ 7.785090] hub 1-0:1.0: USB hub found <4>[ 7.787761] GPT:3145727 != 15273599 <6>[ 7.792116] hub 1-0:1.0: 1 port detected <4>[ 7.795455] GPT: Use GNU Parted to correct GPT errors. <6>[ 7.795644] mmcblk2: p1 p2 p3 p4 <4>[ 7.810164] GPT:Primary header thinks Alt. header is not at the end of the disk. <4>[ 7.816543] GPT:3204245 != 124735487 <4>[ 7.820374] GPT:Alternate GPT header not at the end of the disk. <6>[ 7.820547] ehci-platform 5800d000.usb: EHCI Host Controller <4>[ 7.826689] GPT:3204245 != 124735487 <4>[ 7.826705] GPT: Use GNU Parted to correct GPT errors. <6>[ 7.832856] ehci-platform 5800d000.usb: new USB bus registered, assigned bus number 2 <6>[ 7.836602] mmcblk0: p1 p2 p3 p4 <6>[ 7.859763] ehci-platform 5800d000.usb: irq 76, io mem 0x5800d000 <6>[ 7.870876] ehci-platform 5800d000.usb: USB 2.0 started, EHCI 1.00 <6>[ 7.879002] mmcblk2boot0: mmc2:0001 DG4008 4.00 MiB <6>[ 7.886938] hub 2-0:1.0: USB hub found <6>[ 7.890359] hub 2-0:1.0: 2 ports detected <6>[ 7.925414] mmcblk2boot1: mmc2:0001 DG4008 4.00 MiB <6>[ 7.962606] mmcblk2rpmb: mmc2:0001 DG4008 4.00 MiB, chardev (511:0) <6>[ 8.171753] usb 2-1: new high-speed USB device number 2 using ehci-platform <6>[ 8.309593] hub 2-1:1.0: USB hub found <6>[ 8.312878] hub 2-1:1.0: 3 ports detected <6>[ 17.052757] stm32-dwmac 5800a000.ethernet eth0: Link is Up - 1Gbps/Full - flow control off <5>[ 17.071731] Sending DHCP requests ..., OK <6>[ 23.712799] IP-Config: Got DHCP answer from 192.168.56.254, my address is 192.168.56.204 <6>[ 23.721160] IP-Config: Complete: <6>[ 23.724532] device=eth0, hwaddr=80:1f:12:cc:2a:a4, ipaddr=192.168.56.204, mask=255.255.255.0, gw=192.168.56.254 <6>[ 23.735461] host=192.168.56.204, domain=mayfield.sirena.org.uk, nis-domain=(none) <6>[ 23.743671] bootserver=192.168.56.254, rootserver=192.168.56.193, rootpath= <6>[ 23.743693] nameserver0=192.168.56.254 <6>[ 23.755755] ntpserver0=50.205.244.22, ntpserver1=85.199.214.99 <6>[ 23.767169] clk: Disabling unused clocks <6>[ 23.771156] PM: genpd: Disabling unused power domains <6>[ 23.944730] Freeing unused kernel image (initmem) memory: 2048K <6>[ 23.950616] Run /init as init process Loading, please wait... Starting systemd-udevd version 252.22-1~deb12u1 <6>[ 35.118642] stm32-ipcc 4c001000.mailbox: ipcc rev:1.0 enabled, 6 chans, proc 0 <6>[ 35.409277] stm32-crc32 58009000.crc: Initialized <6>[ 35.590081] etnaviv etnaviv: bound 59000000.gpu (ops gpu_ops [etnaviv]) <6>[ 35.595818] etnaviv-gpu 59000000.gpu: model: GC400, revision: 4652 <6>[ 35.739435] [drm] Initialized etnaviv 1.4.0 for etnaviv on minor 1 <6>[ 36.140271] i2c 2-003d: Fixed dependency cycle(s) with /soc/bus@5c007000/sai@4400b000/audio-controller@4400b004 <6>[ 36.150812] platform 4400b004.audio-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 36.710932] Bluetooth: Core ver 2.22 <6>[ 36.712399] stm32-dwmac 5800a000.ethernet end0: renamed from eth0 (while UP) <6>[ 36.714184] NET: Registered PF_BLUETOOTH protocol family <6>[ 36.726404] Bluetooth: HCI device and connection manager initialized <6>[ 36.733124] Bluetooth: HCI socket layer initialized <6>[ 36.738234] Bluetooth: L2CAP socket layer initialized <6>[ 36.743835] Bluetooth: SCO socket layer initialized <5>[ 36.776345] cfg80211: Loading compiled-in X.509 certificates for regulatory database <6>[ 37.064115] Bluetooth: HCI UART driver ver 2.3 <6>[ 37.067640] Bluetooth: HCI UART protocol H4 registered <6>[ 37.097360] [drm] Initialized stm 1.0.0 for 5a001000.display-controller on minor 2 <6>[ 37.109172] Bluetooth: HCI UART protocol Broadcom registered <4>[ 37.119340] hci_uart_bcm serial0-0: supply vbat not found, using dummy regulator <4>[ 37.127943] hci_uart_bcm serial0-0: supply vddio not found, using dummy regulator <6>[ 37.149105] stm32-display 5a001000.display-controller: [drm] Cannot find any crtc or sizes <6>[ 37.168077] stm32-display 5a001000.display-controller: [drm] Cannot find any crtc or sizes <5>[ 37.201233] Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' <5>[ 37.242100] Loaded X.509 cert 'wens: 61c038651aabdcf94bd0ac7ff06c7248db18c600' <4>[ 37.256376] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 <6>[ 37.264090] cfg80211: failed to load regulatory.db <6>[ 37.584081] Bluetooth: hci0: BCM: chip id 107 <6>[ 37.589193] Bluetooth: hci0: BCM: features 0x2f <6>[ 37.594319] Bluetooth: hci0: BCM4345C0 <6>[ 37.597147] Bluetooth: hci0: BCM4345C0 (003.001.025) build 0000 <3>[ 37.609602] Bluetooth: hci0: BCM: firmware Patch file not found, tried: <3>[ 37.615452] Bluetooth: hci0: BCM: 'brcm/BCM4345C0.arrow,stm32mp157a-avenger96.hcd' <3>[ 37.623388] Bluetooth: hci0: BCM: 'brcm/BCM4345C0.hcd' <3>[ 37.628792] Bluetooth: hci0: BCM: 'brcm/BCM.arrow,stm32mp157a-avenger96.hcd' <3>[ 37.636109] Bluetooth: hci0: BCM: 'brcm/BCM.hcd' <6>[ 37.831186] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6 <4>[ 37.841422] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.arrow,stm32mp157a-avenger96.bin failed with error -2 <4>[ 37.867439] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2 <3>[ 38.888211] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50 <3>[ 39.457122] debugfs: File 'Capture' in directory 'dapm' already present! Begin: Loading essential drivers ... done. Begin: Running /scripts/init-premount ... done. Begin: Mounting root file system ... Begin: Running /scripts/nfs-top ... done. Begin: Running /scripts/nfs-premount ... Waiting up to 60 secs for any ethernet to become available Device /sys/class/net/end0 found done. Begin: Waiting up to 180 secs for any network device to become available ... done. IP-Config: end0 hardware address 80:1f:12:cc:2a:a4 mtu 1500 DHCP IP-Config: end0 complete (dhcp from 192.168.56.254): address: 192.168.56.204 broadcast: 192.168.56.255 netmask: 255.255.255.0 gateway: 192.168.56.254 dns0 : 192.168.56.254 dns1 : 0.0.0.0 domain : mayfield.sirena.org.uk rootserver: 192.168.56.254 rootpath: filename : done. Begin: Running /scripts/nfs-bottom ... done. Begin: Running /scripts/init-bottom ... done. <30>[ 42.865354] systemd[1]: System time before build time, advancing clock. <30>[ 43.171255] systemd[1]: systemd 252.22-1~deb12u1 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) <30>[ 43.203551] systemd[1]: Detected architecture arm. Welcome to [1mDebian GNU/Linux 12 (bookworm)[0m! <30>[ 43.248388] systemd[1]: Hostname set to . <30>[ 47.546061] systemd[1]: Queued start job for default target graphical.target. <30>[ 47.595185] systemd[1]: Created slice system-getty.slice - Slice /system/getty. [[0;32m OK [0m] Created slice [0;1;39msystem-getty.slice[0m - Slice /system/getty. <30>[ 47.624974] systemd[1]: Created slice system-modprobe.slice - Slice /system/modprobe. [[0;32m OK [0m] Created slice [0;1;39msystem-modpr…lice[0m - Slice /system/modprobe. <30>[ 47.653600] systemd[1]: Created slice system-serial\x2dgetty.slice - Slice /system/serial-getty. [[0;32m OK [0m] Created slice [0;1;39msystem-seria…[0m - Slice /system/serial-getty. <30>[ 47.682590] systemd[1]: Created slice user.slice - User and Session Slice. [[0;32m OK [0m] Created slice [0;1;39muser.slice[0m - User and Session Slice. <30>[ 47.700893] systemd[1]: Started systemd-ask-password-console.path - Dispatch Password Requests to Console Directory Watch. [[0;32m OK [0m] Started [0;1;39msystemd-ask-passwo…quests to Console Directory Watch. <30>[ 47.723529] systemd[1]: Started systemd-ask-password-wall.path - Forward Password Requests to Wall Directory Watch. [[0;32m OK [0m] Started [0;1;39msystemd-ask-passwo… Requests to Wall Directory Watch. <30>[ 47.744273] systemd[1]: proc-sys-fs-binfmt_misc.automount - Arbitrary Executable File Formats File System Automount Point was skipped because of an unmet condition check (ConditionPathExists=/proc/sys/fs/binfmt_misc). <30>[ 47.763321] systemd[1]: Expecting device dev-ttySTM0.device - /dev/ttySTM0... Expecting device [0;1;39mdev-ttySTM0.device[0m - /dev/ttySTM0... <30>[ 47.779516] systemd[1]: Reached target cryptsetup.target - Local Encrypted Volumes. [[0;32m OK [0m] Reached target [0;1;39mcryptsetup.…get[0m - Local Encrypted Volumes. <30>[ 47.798784] systemd[1]: Reached target integritysetup.target - Local Integrity Protected Volumes. [[0;32m OK [0m] Reached target [0;1;39mintegrityse…Local Integrity Protected Volumes. <30>[ 47.817985] systemd[1]: Reached target paths.target - Path Units. [[0;32m OK [0m] Reached target [0;1;39mpaths.target[0m - Path Units. <30>[ 47.832631] systemd[1]: Reached target remote-fs.target - Remote File Systems. [[0;32m OK [0m] Reached target [0;1;39mremote-fs.target[0m - Remote File Systems. <30>[ 47.849491] systemd[1]: Reached target slices.target - Slice Units. [[0;32m OK [0m] Reached target [0;1;39mslices.target[0m - Slice Units. <30>[ 47.864825] systemd[1]: Reached target swap.target - Swaps. [[0;32m OK [0m] Reached target [0;1;39mswap.target[0m - Swaps. <30>[ 47.878805] systemd[1]: Reached target veritysetup.target - Local Verity Protected Volumes. [[0;32m OK [0m] Reached target [0;1;39mveritysetup… - Local Verity Protected Volumes. <30>[ 47.900980] systemd[1]: Listening on systemd-initctl.socket - initctl Compatibility Named Pipe. [[0;32m OK [0m] Listening on [0;1;39msystemd-initc… initctl Compatibility Named Pipe. <30>[ 47.928531] systemd[1]: Listening on systemd-journald-audit.socket - Journal Audit Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-journ…socket[0m - Journal Audit Socket. <30>[ 47.953528] systemd[1]: Listening on systemd-journald-dev-log.socket - Journal Socket (/dev/log). [[0;32m OK [0m] Listening on [0;1;39msystemd-journ…t[0m - Journal Socket (/dev/log). <30>[ 47.977158] systemd[1]: Listening on systemd-journald.socket - Journal Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-journald.socket[0m - Journal Socket. <30>[ 48.000925] systemd[1]: Listening on systemd-networkd.socket - Network Service Netlink Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-netwo… - Network Service Netlink Socket. <30>[ 48.032637] systemd[1]: Listening on systemd-udevd-control.socket - udev Control Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-udevd….socket[0m - udev Control Socket. <30>[ 48.054121] systemd[1]: Listening on systemd-udevd-kernel.socket - udev Kernel Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-udevd…l.socket[0m - udev Kernel Socket. <30>[ 48.075611] systemd[1]: dev-hugepages.mount - Huge Pages File System was skipped because of an unmet condition check (ConditionPathExists=/sys/kernel/mm/hugepages). <30>[ 48.091448] systemd[1]: dev-mqueue.mount - POSIX Message Queue File System was skipped because of an unmet condition check (ConditionPathExists=/proc/sys/fs/mqueue). <30>[ 48.140798] systemd[1]: Mounting sys-kernel-debug.mount - Kernel Debug File System... Mounting [0;1;39msys-kernel-debug.…[0m - Kernel Debug File System... <30>[ 48.198461] systemd[1]: Mounting sys-kernel-tracing.mount - Kernel Trace File System... Mounting [0;1;39msys-kernel-tracin…[0m - Kernel Trace File System... <30>[ 48.298110] systemd[1]: Starting kmod-static-nodes.service - Create List of Static Device Nodes... Starting [0;1;39mkmod-static-nodes…ate List of Static Device Nodes... <30>[ 48.387572] systemd[1]: Starting modprobe@configfs.service - Load Kernel Module configfs... Starting [0;1;39mmodprobe@configfs…m - Load Kernel Module configfs... <30>[ 48.468499] systemd[1]: Starting modprobe@dm_mod.service - Load Kernel Module dm_mod... Starting [0;1;39mmodprobe@dm_mod.s…[0m - Load Kernel Module dm_mod... <30>[ 48.531728] systemd[1]: Starting modprobe@drm.service - Load Kernel Module drm... Starting [0;1;39mmodprobe@drm.service[0m - Load Kernel Module drm... <30>[ 48.626054] systemd[1]: Starting modprobe@efi_pstore.service - Load Kernel Module efi_pstore... Starting [0;1;39mmodprobe@efi_psto…- Load Kernel Module efi_pstore... <30>[ 48.697772] systemd[1]: Starting modprobe@fuse.service - Load Kernel Module fuse... Starting [0;1;39mmodprobe@fuse.ser…e[0m - Load Kernel Module fuse... <30>[ 48.773645] systemd[1]: Starting modprobe@loop.service - Load Kernel Module loop... Starting [0;1;39mmodprobe@loop.ser…e[0m - Load Kernel Module loop... <30>[ 48.884364] systemd[1]: Starting systemd-journald.service - Journal Service... Starting [0;1;39msystemd-journald.service[0m - Journal Service... <6>[ 48.910843] fuse: init (API version 7.41) <30>[ 49.002457] systemd[1]: Starting systemd-modules-load.service - Load Kernel Modules... Starting [0;1;39msystemd-modules-l…rvice[0m - Load Kernel Modules... <30>[ 49.082589] systemd[1]: Starting systemd-network-generator.service - Generate network units from Kernel command line... Starting [0;1;39msystemd-network-g… units from Kernel command line... <30>[ 49.190917] systemd[1]: Starting systemd-remount-fs.service - Remount Root and Kernel File Systems... Starting [0;1;39msystemd-remount-f…nt Root and Kernel File Systems... <30>[ 49.311373] systemd[1]: Starting systemd-udev-trigger.service - Coldplug All udev Devices... Starting [0;1;39msystemd-udev-trig…[0m - Coldplug All udev Devices... <30>[ 49.502353] systemd[1]: Mounted sys-kernel-debug.mount - Kernel Debug File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-debug.m…nt[0m - Kernel Debug File System. <30>[ 49.555353] systemd[1]: Mounted sys-kernel-tracing.mount - Kernel Trace File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-tracing…nt[0m - Kernel Trace File System. <30>[ 49.629369] systemd[1]: Finished kmod-static-nodes.service - Create List of Static Device Nodes. [[0;32m OK [0m] Finished [0;1;39mkmod-static-nodes…reate List of Static Device Nodes. <30>[ 49.700445] systemd[1]: modprobe@configfs.service: Deactivated successfully. <30>[ 49.723133] systemd[1]: Finished modprobe@configfs.service - Load Kernel Module configfs. [[0;32m OK [0m] Finished [0;1;39mmodprobe@configfs…[0m - Load Kernel Module configfs. <30>[ 49.776161] systemd[1]: modprobe@dm_mod.service: Deactivated successfully. <30>[ 49.787591] systemd[1]: Finished modprobe@dm_mod.service - Load Kernel Module dm_mod. [[0;32m OK [0m] Finished [0;1;39mmodprobe@dm_mod.s…e[0m - Load Kernel Module dm_mod. <30>[ 49.830965] systemd[1]: modprobe@drm.service: Deactivated successfully. <30>[ 49.852316] systemd[1]: Finished modprobe@drm.service - Load Kernel Module drm. [[0;32m OK [0m] Finished [0;1;39mmodprobe@drm.service[0m - Load Kernel Module drm. <30>[ 49.902652] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. <30>[ 49.925322] systemd[1]: Finished modprobe@efi_pstore.service - Load Kernel Module efi_pstore. [[0;32m OK [0m] Finished [0;1;39mmodprobe@efi_psto…m - Load Kernel Module efi_pstore. <30>[ 49.981881] systemd[1]: modprobe@fuse.service: Deactivated successfully. <30>[ 50.001530] systemd[1]: Finished modprobe@fuse.service - Load Kernel Module fuse. [[0;32m OK [0m] Finished [0;1;39mmodprobe@fuse.service[0m - Load Kernel Module fuse. <30>[ 50.051385] systemd[1]: modprobe@loop.service: Deactivated successfully. <30>[ 50.071791] systemd[1]: Finished modprobe@loop.service - Load Kernel Module loop. [[0;32m OK [0m] Finished [0;1;39mmodprobe@loop.service[0m - Load Kernel Module loop. <30>[ 50.117641] systemd[1]: Finished systemd-modules-load.service - Load Kernel Modules. [[0;32m OK [0m] Finished [0;1;39msystemd-modules-l…service[0m - Load Kernel Modules. <30>[ 50.160236] systemd[1]: Finished systemd-network-generator.service - Generate network units from Kernel command line. [[0;32m OK [0m] Finished [0;1;39msystemd-network-g…rk units from Kernel command line. <30>[ 50.196891] systemd[1]: Finished systemd-remount-fs.service - Remount Root and Kernel File Systems. [[0;32m OK [0m] Finished [0;1;39msystemd-remount-f…ount Root and Kernel File Systems. <30>[ 50.243118] systemd[1]: Reached target network-pre.target - Preparation for Network. [[0;32m OK [0m] Reached target [0;1;39mnetwork-pre…get[0m - Preparation for Network. <30>[ 50.329453] systemd[1]: Mounting sys-fs-fuse-connections.mount - FUSE Control File System... Mounting [0;1;39msys-fs-fuse-conne…[0m - FUSE Control File System... <30>[ 50.420971] systemd[1]: Mounting sys-kernel-config.mount - Kernel Configuration File System... Mounting [0;1;39msys-kernel-config…ernel Configuration File System... <30>[ 50.456787] systemd[1]: systemd-firstboot.service - First Boot Wizard was skipped because of an unmet condition check (ConditionFirstBoot=yes). <30>[ 50.495160] systemd[1]: systemd-pstore.service - Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). <30>[ 50.611798] systemd[1]: Starting systemd-random-seed.service - Load/Save Random Seed... Starting [0;1;39msystemd-random-se…ice[0m - Load/Save Random Seed... <30>[ 50.665893] systemd[1]: systemd-repart.service - Repartition Root Disk was skipped because no trigger condition checks were met. <30>[ 50.765268] systemd[1]: Starting systemd-sysctl.service - Apply Kernel Variables... Starting [0;1;39msystemd-sysctl.se…ce[0m - Apply Kernel Variables... <30>[ 50.902258] systemd[1]: Starting systemd-sysusers.service - Create System Users... Starting [0;1;39msystemd-sysusers.…rvice[0m - Create System Users... <30>[ 51.110819] systemd[1]: Mounted sys-fs-fuse-connections.mount - FUSE Control File System. [[0;32m OK [0m] Mounted [0;1;39msys-fs-fuse-connec…nt[0m - FUSE Control File System. <30>[ 51.151229] systemd[1]: Mounted sys-kernel-config.mount - Kernel Configuration File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-config.… Kernel Configuration File System. <30>[ 51.229948] systemd[1]: Finished systemd-random-seed.service - Load/Save Random Seed. [[0;32m OK [0m] Finished [0;1;39msystemd-random-se…rvice[0m - Load/Save Random Seed. <30>[ 51.273305] systemd[1]: first-boot-complete.target - First Boot Complete was skipped because of an unmet condition check (ConditionFirstBoot=yes). <30>[ 51.319943] systemd[1]: Started systemd-journald.service - Journal Service. [[0;32m OK [0m] Started [0;1;39msystemd-journald.service[0m - Journal Service. Starting [0;1;39msystemd-journal-f…h Journal to Persistent Storage... [[0;32m OK [0m] Finished [0;1;39msystemd-sysctl.service[0m - Apply Kernel Variables. [[0;32m OK [0m] Finished [0;1;39msystemd-sysusers.service[0m - Create System Users. Starting [0;1;39msystemd-tmpfiles-…ate Static Device Nodes in /dev... <46>[ 51.851424] systemd-journald[206]: Received client request to flush runtime journal. [[0;32m OK [0m] Finished [0;1;39msystemd-tmpfiles-…reate Static Device Nodes in /dev. [[0;32m OK [0m] Reached target [0;1;39mlocal-fs-pr…reparation for Local File Systems. [[0;32m OK [0m] Reached target [0;1;39mlocal-fs.target[0m - Local File Systems. Starting [0;1;39msystemd-udevd.ser…ger for Device Events and Files... [[0;32m OK [0m] Finished [0;1;39msystemd-journal-f…ush Journal to Persistent Storage. Starting [0;1;39msystemd-tmpfiles-… Volatile Files and Directories... [[0;32m OK [0m] Started [0;1;39msystemd-udevd.serv…nager for Device Events and Files. Starting [0;1;39msystemd-networkd.…ice[0m - Network Configuration... [[0;32m OK [0m] Finished [0;1;39msystemd-tmpfiles-…te Volatile Files and Directories. Starting [0;1;39msystemd-timesyncd… - Network Time Synchronization... Starting [0;1;39msystemd-update-ut…rd System Boot/Shutdown in UTMP... [[0;32m OK [0m] Finished [0;1;39msystemd-update-ut…cord System Boot/Shutdown in UTMP. [[0;32m OK [0m] Started [0;1;39msystemd-networkd.service[0m - Network Configuration. [[0;32m OK [0m] Reached target [0;1;39mnetwork.target[0m - Network. [[0;32m OK [0m] Started [0;1;39msystemd-timesyncd.…0m - Network Time Synchronization. [[0;32m OK [0m] Reached target [0;1;39mtime-set.target[0m - System Time Set. [[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (11s / no limit) M [K[[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (12s / no limit) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (12s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (13s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (13s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m*[0m] (2 of 2) Job dev-ttySTM0.device/start running (14s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (14s / no limit) M [K[ [0;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (15s / no limit) M [K[ [0;31m*[0;1;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (15s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m*[0m] (2 of 2) Job dev-ttySTM0.device/start running (16s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (16s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (17s / 1min 30s) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (18s / no limit) M [K[[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (19s / no limit) <46>[ 67.496896] systemd-journald[206]: Oldest entry in /var/log/journal/658c871cd7314ccea6115dc5728f8992/system.journal is older than the configured file retention duration (1month), suggesting rotation. <46>[ 67.617073] systemd-journald[206]: /var/log/journal/658c871cd7314ccea6115dc5728f8992/system.journal: Journal header limits reached or header out-of-date, rotating. M [K[[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (20s / no limit) M [K[[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (22s / 1min 30s) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (23s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (23s / 1min 30s) M [K[[0;32m OK [0m] Found device [0;1;39mdev-ttySTM0.device[0m - /dev/ttySTM0. [K[[0;32m OK [0m] Finished [0;1;39msystemd-udev-trig…e[0m - Coldplug All udev Devices. [[0;32m OK [0m] Reached target [0;1;39mbluetooth.target[0m - Bluetooth Support. [[0;32m OK [0m] Reached target [0;1;39musb-gadget.…m - Hardware activated USB gadget. [[0;32m OK [0m] Listening on [0;1;39msystemd-rfkil…l Switch Status /dev/rfkill Watch. Starting [0;1;39mmodprobe@dm_mod.s…[0m - Load Kernel Module dm_mod... Starting [0;1;39mmodprobe@efi_psto…- Load Kernel Module efi_pstore... Starting [0;1;39mmodprobe@loop.ser…e[0m - Load Kernel Module loop... [[0;32m OK [0m] Finished [0;1;39mmodprobe@dm_mod.s…e[0m - Load Kernel Module dm_mod. Starting [0;1;39msystemd-rfkill.se…Load/Save RF Kill Switch Status... [[0;32m OK [0m] Finished [0;1;39mmodprobe@efi_psto…m - Load Kernel Module efi_pstore. [[0;32m OK [0m] Finished [0;1;39mmodprobe@loop.service[0m - Load Kernel Module loop. [[0;32m OK [0m] Reached target [0;1;39msysinit.target[0m - System Initialization. [[0;32m OK [0m] Started [0;1;39mapt-daily.timer[0m - Daily apt download activities. [[0;32m OK [0m] Started [0;1;39mapt-daily-upgrade.… apt upgrade and clean activities. [[0;32m OK [0m] Started [0;1;39mdpkg-db-backup.tim… Daily dpkg database backup timer. [[0;32m OK [0m] Started [0;1;39me2scrub_all.timer…etadata Check for All Filesystems. [[0;32m OK [0m] Started [0;1;39mfstrim.timer[0m - Discard unused blocks once a week. [[0;32m OK [0m] Started [0;1;39msystemd-tmpfiles-c… Cleanup of Temporary Directories. [[0;32m OK [0m] Reached target [0;1;39mtimers.target[0m - Timer Units. [[0;32m OK [0m] Listening on [0;1;39mdbus.socket[…- D-Bus System Message Bus Socket. [[0;32m OK [0m] Reached target [0;1;39msockets.target[0m - Socket Units. [[0;32m OK [0m] Reached target [0;1;39mbasic.target[0m - Basic System. Starting [0;1;39malsa-restore.serv…- Save/Restore Sound Card State... Starting [0;1;39mdbus.service[0m - D-Bus System Message Bus... Starting [0;1;39me2scrub_reap.serv…e ext4 Metadata Check Snapshots... Starting [0;1;39msystemd-logind.se…ice[0m - User Login Management... Starting [0;1;39msystemd-user-sess…vice[0m - Permit User Sessions... [[0;32m OK [0m] Started [0;1;39msystemd-rfkill.ser…- Load/Save RF Kill Switch Status. [[0;32m OK [0m] Finished [0;1;39malsa-restore.serv…m - Save/Restore Sound Card State. [[0;32m OK [0m] Reached target [0;1;39msound.target[0m - Sound Card. [[0;32m OK [0m] Started [0;1;39mdbus.service[0m - D-Bus System Message Bus. Starting [0;1;39msystemd-hostnamed.service[0m - Hostname Service... [[0;32m OK [0m] Finished [0;1;39msystemd-user-sess…ervice[0m - Permit User Sessions. [[0;32m OK [0m] Started [0;1;39mgetty@tty1.service[0m - Getty on tty1. [[0;32m OK [0m] Started [0;1;39mserial-getty@ttyST…ice[0m - Serial Getty on ttySTM0. [[0;32m OK [0m] Reached target [0;1;39mgetty.target[0m - Login Prompts. [[0;32m OK [0m] Started [0;1;39msystemd-logind.service[0m - User Login Management. [[0;32m OK [0m] Finished [0;1;39me2scrub_reap.serv…ine ext4 Metadata Check Snapshots. [[0;32m OK [0m] Reached target [0;1;39mmulti-user.target[0m - Multi-User System. [[0;32m OK [0m] Reached target [0;1;39mgraphical.target[0m - Graphical Interface. Starting [0;1;39msystemd-update-ut… Record Runlevel Change in UTMP... [[0;32m OK [0m] Started [0;1;39msystemd-hostnamed.service[0m - Hostname Service. [[0;32m OK [0m] Finished [0;1;39msystemd-update-ut… - Record Runlevel Change in UTMP. Debian GNU/Linux 12 debian-bookworm-armhf ttySTM0 debian-bookworm-armhf login: root (automatic login) Linux debian-bookworm-armhf 6.12.0-rc1-next-20241002 #1 SMP Wed Oct 2 06:26:47 UTC 2024 armv7l The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. / # / # export NFS_ROOTFS='/var/lib/lava/dispatcher/tmp/790371/extract-nfsrootfs-0z2tjq3r' export NFS_ROOTFS='/var/lib/lava/dispatcher/tmp/790371/extract-nfsrootfs-0z2tjq3r' / # export NFS_SERVER_IP='192.168.56.193' export NFS_SERVER_IP='192.168.56.193' / # # # / # export SHELL=/bin/bash export SHELL=/bin/bash / # . /lava-790371/environment . /lava-790371/environment / # /lava-790371/bin/lava-test-runner /lava-790371/0 /lava-790371/bin/lava-test-runner /lava-790371/0 + export TESTRUN_ID=0_timesync-off + TESTRUN_ID=0_timesync-off + cd /lava-790371/0/tests/0_timesync-off ++ cat uuid + UUID=790371_1.6.2.4.1 + set +x + systemctl stop systemd-timesyncd + set +x + export TESTRUN_ID=1_kselftest-lkdtm + TESTRUN_ID=1_kselftest-lkdtm + cd /lava-790371/0/tests/1_kselftest-lkdtm ++ cat uuid + UUID=790371_1.6.2.4.5 + set +x + cd ./automated/linux/kselftest/ + ./kselftest.sh -c lkdtm -T '' -t kselftest_armhf.tar.gz -s True -u http://storage.kernelci.org/next/master/next-20241002/arm/multi_v7_defconfig+kselftest/gcc-12/kselftest.tar.xz -L '' -S /dev/null -b stm32mp157a-dhcor-avenger96 -g next -e '' -p /opt/kselftests/mainline/ -n 1 -i 1 -E '' INFO: install_deps skipped --2024-10-02 07:33:19-- http://storage.kernelci.org/next/master/next-20241002/arm/multi_v7_defconfig+kselftest/gcc-12/kselftest.tar.xz Resolving storage.kernelci.org (storage.kernelci.org)... 20.171.243.82 Connecting to storage.kernelci.org (storage.kernelci.org)|20.171.243.82|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 4112248 (3.9M) [application/octet-stream] Saving to: 'kselftest_armhf.tar.gz' kselftest_armhf.tar 0%[ ] 0 --.-KB/s kselftest_armhf.tar 1%[ ] 49.92K 170KB/s kselftest_armhf.tar 5%[> ] 216.29K 369KB/s kselftest_armhf.tar 22%[===> ] 893.67K 1017KB/s kselftest_armhf.tar 70%[=============> ] 2.75M 2.55MB/s kselftest_armhf.tar 100%[===================>] 3.92M 3.29MB/s in 1.2s 2024-10-02 07:33:20 (3.29 MB/s) - 'kselftest_armhf.tar.gz' saved [4112248/4112248] skiplist: ======================================== ======================================== lkdtm:PANIC.sh lkdtm:PANIC_STOP_IRQOFF.sh lkdtm:BUG.sh lkdtm:WARNING.sh lkdtm:WARNING_MESSAGE.sh lkdtm:EXCEPTION.sh lkdtm:LOOP.sh lkdtm:EXHAUST_STACK.sh lkdtm:CORRUPT_STACK.sh lkdtm:CORRUPT_STACK_STRONG.sh lkdtm:ARRAY_BOUNDS.sh lkdtm:CORRUPT_LIST_ADD.sh lkdtm:CORRUPT_LIST_DEL.sh lkdtm:STACK_GUARD_PAGE_LEADING.sh lkdtm:STACK_GUARD_PAGE_TRAILING.sh lkdtm:REPORT_STACK_CANARY.sh lkdtm:UNSET_SMEP.sh lkdtm:DOUBLE_FAULT.sh lkdtm:CORRUPT_PAC.sh lkdtm:UNALIGNED_LOAD_STORE_WRITE.sh lkdtm:SLAB_LINEAR_OVERFLOW.sh lkdtm:VMALLOC_LINEAR_OVERFLOW.sh lkdtm:WRITE_AFTER_FREE.sh lkdtm:READ_AFTER_FREE.sh lkdtm:WRITE_BUDDY_AFTER_FREE.sh lkdtm:READ_BUDDY_AFTER_FREE.sh lkdtm:SLAB_INIT_ON_ALLOC.sh lkdtm:BUDDY_INIT_ON_ALLOC.sh lkdtm:SLAB_FREE_DOUBLE.sh lkdtm:SLAB_FREE_CROSS.sh lkdtm:SLAB_FREE_PAGE.sh lkdtm:SOFTLOCKUP.sh lkdtm:HARDLOCKUP.sh lkdtm:SMP_CALL_LOCKUP.sh lkdtm:SPINLOCKUP.sh lkdtm:HUNG_TASK.sh lkdtm:EXEC_DATA.sh lkdtm:EXEC_STACK.sh lkdtm:EXEC_KMALLOC.sh lkdtm:EXEC_VMALLOC.sh lkdtm:EXEC_RODATA.sh lkdtm:EXEC_USERSPACE.sh lkdtm:EXEC_NULL.sh lkdtm:ACCESS_USERSPACE.sh lkdtm:ACCESS_NULL.sh lkdtm:WRITE_RO.sh lkdtm:WRITE_RO_AFTER_INIT.sh lkdtm:WRITE_KERN.sh lkdtm:WRITE_OPD.sh lkdtm:REFCOUNT_INC_OVERFLOW.sh lkdtm:REFCOUNT_ADD_OVERFLOW.sh lkdtm:REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_DEC_ZERO.sh lkdtm:REFCOUNT_DEC_NEGATIVE.sh lkdtm:REFCOUNT_DEC_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_SUB_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_INC_ZERO.sh lkdtm:REFCOUNT_ADD_ZERO.sh lkdtm:REFCOUNT_INC_SATURATED.sh lkdtm:REFCOUNT_DEC_SATURATED.sh lkdtm:REFCOUNT_ADD_SATURATED.sh lkdtm:REFCOUNT_INC_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_DEC_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_SUB_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_TIMING.sh lkdtm:ATOMIC_TIMING.sh lkdtm:USERCOPY_SLAB_SIZE_TO.sh lkdtm:USERCOPY_SLAB_SIZE_FROM.sh lkdtm:USERCOPY_SLAB_WHITELIST_TO.sh lkdtm:USERCOPY_SLAB_WHITELIST_FROM.sh lkdtm:USERCOPY_STACK_FRAME_TO.sh lkdtm:USERCOPY_STACK_FRAME_FROM.sh lkdtm:USERCOPY_STACK_BEYOND.sh lkdtm:USERCOPY_KERNEL.sh lkdtm:STACKLEAK_ERASING.sh lkdtm:CFI_FORWARD_PROTO.sh lkdtm:CFI_BACKWARD.sh lkdtm:FORTIFY_STRSCPY.sh lkdtm:FORTIFY_STR_OBJECT.sh lkdtm:FORTIFY_STR_MEMBER.sh lkdtm:FORTIFY_MEM_OBJECT.sh lkdtm:FORTIFY_MEM_MEMBER.sh lkdtm:PPC_SLB_MULTIHIT.sh lkdtm:stack-entropy.sh ============== Tests to run =============== lkdtm:PANIC.sh lkdtm:PANIC_STOP_IRQOFF.sh lkdtm:BUG.sh lkdtm:WARNING.sh lkdtm:WARNING_MESSAGE.sh lkdtm:EXCEPTION.sh lkdtm:LOOP.sh lkdtm:EXHAUST_STACK.sh lkdtm:CORRUPT_STACK.sh lkdtm:CORRUPT_STACK_STRONG.sh lkdtm:ARRAY_BOUNDS.sh lkdtm:CORRUPT_LIST_ADD.sh lkdtm:CORRUPT_LIST_DEL.sh lkdtm:STACK_GUARD_PAGE_LEADING.sh lkdtm:STACK_GUARD_PAGE_TRAILING.sh lkdtm:REPORT_STACK_CANARY.sh lkdtm:UNSET_SMEP.sh lkdtm:DOUBLE_FAULT.sh lkdtm:CORRUPT_PAC.sh lkdtm:UNALIGNED_LOAD_STORE_WRITE.sh lkdtm:SLAB_LINEAR_OVERFLOW.sh lkdtm:VMALLOC_LINEAR_OVERFLOW.sh lkdtm:WRITE_AFTER_FREE.sh lkdtm:READ_AFTER_FREE.sh lkdtm:WRITE_BUDDY_AFTER_FREE.sh lkdtm:READ_BUDDY_AFTER_FREE.sh lkdtm:SLAB_INIT_ON_ALLOC.sh lkdtm:BUDDY_INIT_ON_ALLOC.sh lkdtm:SLAB_FREE_DOUBLE.sh lkdtm:SLAB_FREE_CROSS.sh lkdtm:SLAB_FREE_PAGE.sh lkdtm:SOFTLOCKUP.sh lkdtm:HARDLOCKUP.sh lkdtm:SMP_CALL_LOCKUP.sh lkdtm:SPINLOCKUP.sh lkdtm:HUNG_TASK.sh lkdtm:EXEC_DATA.sh lkdtm:EXEC_STACK.sh lkdtm:EXEC_KMALLOC.sh lkdtm:EXEC_VMALLOC.sh lkdtm:EXEC_RODATA.sh lkdtm:EXEC_USERSPACE.sh lkdtm:EXEC_NULL.sh lkdtm:ACCESS_USERSPACE.sh lkdtm:ACCESS_NULL.sh lkdtm:WRITE_RO.sh lkdtm:WRITE_RO_AFTER_INIT.sh lkdtm:WRITE_KERN.sh lkdtm:WRITE_OPD.sh lkdtm:REFCOUNT_INC_OVERFLOW.sh lkdtm:REFCOUNT_ADD_OVERFLOW.sh lkdtm:REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_DEC_ZERO.sh lkdtm:REFCOUNT_DEC_NEGATIVE.sh lkdtm:REFCOUNT_DEC_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_SUB_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_INC_ZERO.sh lkdtm:REFCOUNT_ADD_ZERO.sh lkdtm:REFCOUNT_INC_SATURATED.sh lkdtm:REFCOUNT_DEC_SATURATED.sh lkdtm:REFCOUNT_ADD_SATURATED.sh lkdtm:REFCOUNT_INC_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_DEC_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_SUB_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_TIMING.sh lkdtm:ATOMIC_TIMING.sh lkdtm:USERCOPY_SLAB_SIZE_TO.sh lkdtm:USERCOPY_SLAB_SIZE_FROM.sh lkdtm:USERCOPY_SLAB_WHITELIST_TO.sh lkdtm:USERCOPY_SLAB_WHITELIST_FROM.sh lkdtm:USERCOPY_STACK_FRAME_TO.sh lkdtm:USERCOPY_STACK_FRAME_FROM.sh lkdtm:USERCOPY_STACK_BEYOND.sh lkdtm:USERCOPY_KERNEL.sh lkdtm:STACKLEAK_ERASING.sh lkdtm:CFI_FORWARD_PROTO.sh lkdtm:CFI_BACKWARD.sh lkdtm:FORTIFY_STRSCPY.sh lkdtm:FORTIFY_STR_OBJECT.sh lkdtm:FORTIFY_STR_MEMBER.sh lkdtm:FORTIFY_MEM_OBJECT.sh lkdtm:FORTIFY_MEM_MEMBER.sh lkdtm:PPC_SLB_MULTIHIT.sh lkdtm:stack-entropy.sh ===========End Tests to run =============== shardfile-lkdtm pass <12>[ 126.703076] kselftest: Running tests in lkdtm TAP version 13 1..86 # timeout set to 45 # selftests: lkdtm: PANIC.sh # Skipping PANIC: crashes entire system ok 1 selftests: lkdtm: PANIC.sh # SKIP # timeout set to 45 # selftests: lkdtm: PANIC_STOP_IRQOFF.sh # Skipping PANIC_STOP_IRQOFF: Crashes entire system ok 2 selftests: lkdtm: PANIC_STOP_IRQOFF.sh # SKIP # timeout set to 45 # selftests: lkdtm: BUG.sh <6>[ 129.403569] lkdtm: Performing direct entry BUG <4>[ 129.407262] ------------[ cut here ]------------ <2>[ 129.411817] kernel BUG at drivers/misc/lkdtm/bugs.c:105! <0>[ 129.417368] Internal error: Oops - BUG: 0 [#1] SMP ARM <4>[ 129.422822] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 129.459289] CPU: 1 UID: 0 PID: 743 Comm: cat Not tainted 6.12.0-rc1-next-20241002 #1 <4>[ 129.467359] Hardware name: STM32 (Device Tree Support) <4>[ 129.472706] PC is at lkdtm_BUG+0x8/0xc <4>[ 129.476775] LR is at lkdtm_do_action+0x24/0x4c <4>[ 129.481435] pc : [] lr : [] psr: a0080013 <4>[ 129.487989] sp : f1225ec0 ip : 00000000 fp : 0041fe38 <4>[ 129.493539] r10: c89b87c0 r9 : f1225f80 r8 : c278be44 <4>[ 129.498988] r7 : f1225f80 r6 : 00000000 r5 : c7c31000 r4 : 00000004 <4>[ 129.505845] r3 : c0e0127c r2 : 00000000 r1 : 00000000 r0 : c278be44 <4>[ 129.512703] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 129.520066] Control: 10c5387d Table: c7d5406a DAC: 00000051 <1>[ 129.526116] Register r0 information: non-slab/vmalloc memory <1>[ 129.532079] Register r1 information: NULL pointer <1>[ 129.537031] Register r2 information: NULL pointer <1>[ 129.542081] Register r3 information: non-slab/vmalloc memory <1>[ 129.547937] Register r4 information: non-paged memory <1>[ 129.553290] Register r5 information: non-slab/vmalloc memory <1>[ 129.559246] Register r6 information: NULL pointer <1>[ 129.564196] Register r7 information: 2-page vmalloc region starting at 0xf1224000 allocated at kernel_clone+0xac/0x388 <1>[ 129.575207] Register r8 information: non-slab/vmalloc memory <1>[ 129.581164] Register r9 information: 2-page vmalloc region starting at 0xf1224000 allocated at kernel_clone+0xac/0x388 <1>[ 129.592169] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 129.606129] full_proxy_open+0x124/0x24c <6>[ 129.610580] do_dentry_open+0x144/0x4dc <6>[ 129.614941] vfs_open+0x2c/0xec <6>[ 129.618593] path_openat+0x748/0x1198 <6>[ 129.622744] do_filp_open+0x98/0x134 <6>[ 129.626894] do_sys_openat2+0xbc/0xe4 <6>[ 129.631047] sys_openat+0x98/0xd4 <6>[ 129.634899] ret_fast_syscall+0x0/0x1c <4>[ 129.639249] Free path: <6>[ 129.641880] xdr_free_bvec+0x18/0x24 <6>[ 129.646040] xprt_complete_rqst+0x30/0x8c <6>[ 129.650604] xs_stream_data_receive_workfn+0x4c8/0x594 <6>[ 129.656266] process_one_work+0x1b8/0x450 <6>[ 129.660822] worker_thread+0x1d4/0x3c4 <6>[ 129.665074] kthread+0xe8/0x104 <6>[ 129.668721] ret_from_fork+0x14/0x28 <1>[ 129.672869] Register r11 information: non-paged memory <1>[ 129.678324] Register r12 information: NULL pointer <0>[ 129.683376] Process cat (pid: 743, stack limit = 0xf1224000) <0>[ 129.689330] Stack: (0xf1225ec0 to 0xf1226000) <0>[ 129.693986] 5ec0: 00000004 c0e00b90 c0e00a74 c88a8640 b6dd4000 00000004 c3a4f4b8 c0890ff0 <0>[ 129.702461] 5ee0: c88a8640 c0890f94 f1225f80 b6dd4000 c8c62840 00000004 c89b87c0 c0628618 <0>[ 129.710933] 5f00: c7d56db0 00000000 00000000 00000000 00000000 00000004 b6dd4000 0001fffc <0>[ 129.719404] 5f20: 00000001 00000000 c88a8440 00000000 00000000 00000000 00000000 00000000 <0>[ 129.727875] 5f40: 00000000 00000000 00000000 00000000 00000022 cd871ab1 00000000 c88a8640 <0>[ 129.736348] 5f60: c88a8640 00000000 00000000 c03002f0 c8c62840 00000004 0041fe38 c0628b74 <0>[ 129.744819] 5f80: 00000000 00000000 00000000 cd871ab1 000000c0 00000004 00000004 7ff00000 <0>[ 129.753291] 5fa0: 00000004 c03000c0 00000004 00000004 00000001 b6dd4000 00000004 00000001 <0>[ 129.761763] 5fc0: 00000004 00000004 7ff00000 00000004 00000001 b6dd4000 00020000 0041fe38 <0>[ 129.770235] 5fe0: 00000004 be953788 b6e9a33b b6e13616 60080030 00000001 00000000 00000000 <0>[ 129.778698] Call trace: <0>[ 129.778712] lkdtm_BUG from lkdtm_do_action+0x24/0x4c <0>[ 129.786819] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 129.792602] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 129.798276] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 129.803750] vfs_write from ksys_write+0x78/0xf8 <0>[ 129.808727] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 129.814098] Exception stack(0xf1225fa8 to 0xf1225ff0) <0>[ 129.819456] 5fa0: 00000004 00000004 00000001 b6dd4000 00000004 00000001 <0>[ 129.827932] 5fc0: 00000004 00000004 7ff00000 00000004 00000001 b6dd4000 00020000 0041fe38 <0>[ 129.836402] 5fe0: 00000004 be953788 b6e9a33b b6e13616 <0>[ 129.841761] Code: c278bde0 c278bdf4 e52de004 e28dd004 (e7f001f2) <4>[ 129.848118] ---[ end trace 0000000000000000 ]--- <6>[ 129.852965] note: cat[743] exited with irqs disabled # Segmentation fault # [ 129.403569] lkdtm: Performing direct entry BUG # [ 129.407262] ------------[ cut here ]------------ # [ 129.411817] kernel BUG at drivers/misc/lkdtm/bugs.c:105! # [ 129.417368] Internal error: Oops - BUG: 0 [#1] SMP ARM # [ 129.422822] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 129.459289] CPU: 1 UID: 0 PID: 743 Comm: cat Not tainted 6.12.0-rc1-next-20241002 #1 # [ 129.467359] Hardware name: STM32 (Device Tree Support) # [ 129.472706] PC is at lkdtm_BUG+0x8/0xc # [ 129.476775] LR is at lkdtm_do_action+0x24/0x4c # [ 129.481435] pc : [] lr : [] psr: a0080013 # [ 129.487989] sp : f1225ec0 ip : 00000000 fp : 0041fe38 # [ 129.493539] r10: c89b87c0 r9 : f1225f80 r8 : c278be44 # [ 129.498988] r7 : f1225f80 r6 : 00000000 r5 : c7c31000 r4 : 00000004 # [ 129.505845] r3 : c0e0127c r2 : 00000000 r1 : 00000000 r0 : c278be44 # [ 129.512703] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 129.520066] Control: 10c5387d Table: c7d5406a DAC: 00000051 # [ 129.526116] Register r0 information: non-slab/vmalloc memory # [ 129.532079] Register r1 information: NULL pointer # [ 129.537031] Register r2 information: NULL pointer # [ 129.542081] Register r3 information: non-slab/vmalloc memory # [ 129.547937] Register r4 information: non-paged memory # [ 129.553290] Register r5 information: non-slab/vmalloc memory # [ 129.559246] Register r6 information: NULL pointer # [ 129.564196] Register r7 information: 2-page vmalloc region starting at 0xf1224000 allocated at kernel_clone+0xac/0x388 # [ 129.575207] Register r8 information: non-slab/vmalloc memory # [ 129.581164] Register r9 information: 2-page vmalloc region starting at 0xf1224000 allocated at kernel_clone+0xac/0x388 # [ 129.592169] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 129.606129] full_proxy_open+0x124/0x24c # [ 129.610580] do_dentry_open+0x144/0x4dc # [ 129.614941] vfs_open+0x2c/0xec # [ 129.618593] path_openat+0x748/0x1198 # [ 129.622744] do_filp_open+0x98/0x134 # [ 129.626894] do_sys_openat2+0xbc/0xe4 # [ 129.631047] sys_openat+0x98/0xd4 # [ 129.634899] ret_fast_syscall+0x0/0x1c # [ 129.639249] Free path: # [ 129.641880] xdr_free_bvec+0x18/0x24 # [ 129.646040] xprt_complete_rqst+0x30/0x8c # [ 129.650604] xs_stream_data_receive_workfn+0x4c8/0x594 # [ 129.656266] process_one_work+0x1b8/0x450 # [ 129.660822] worker_thread+0x1d4/0x3c4 # [ 129.665074] kthread+0xe8/0x104 # [ 129.668721] ret_from_fork+0x14/0x28 # [ 129.672869] Register r11 information: non-paged memory # [ 129.678324] Register r12 information: NULL pointer # [ 129.683376] Process cat (pid: 743, stack limit = 0xf1224000) # [ 129.689330] Stack: (0xf1225ec0 to 0xf1226000) # [ 129.693986] 5ec0: 00000004 c0e00b90 c0e00a74 c88a8640 b6dd4000 00000004 c3a4f4b8 c0890ff0 # [ 129.702461] 5ee0: c88a8640 c0890f94 f1225f80 b6dd4000 c8c62840 00000004 c89b87c0 c0628618 # [ 129.710933] 5f00: c7d56db0 00000000 00000000 00000000 00000000 00000004 b6dd4000 0001fffc # [ 129.719404] 5f20: 00000001 00000000 c88a8440 00000000 00000000 00000000 00000000 00000000 # [ 129.727875] 5f40: 00000000 00000000 00000000 00000000 00000022 cd871ab1 00000000 c88a8640 # [ 129.736348] 5f60: c88a8640 00000000 00000000 c03002f0 c8c62840 00000004 0041fe38 c0628b74 # [ 129.744819] 5f80: 00000000 00000000 00000000 cd871ab1 000000c0 00000004 00000004 7ff00000 # [ 129.753291] 5fa0: 00000004 c03000c0 00000004 00000004 00000001 b6dd4000 00000004 00000001 # [ 129.761763] 5fc0: 00000004 00000004 7ff00000 00000004 00000001 b6dd4000 00020000 0041fe38 # [ 129.770235] 5fe0: 00000004 be953788 b6e9a33b b6e13616 60080030 00000001 00000000 00000000 # [ 129.778698] Call trace: # [ 129.778712] lkdtm_BUG from lkdtm_do_action+0x24/0x4c # [ 129.786819] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 129.792602] direct_entry from full_proxy_write+0x5c/0x8c # [ 129.798276] full_proxy_write from vfs_write+0xbc/0x3cc # [ 129.803750] vfs_write from ksys_write+0x78/0xf8 # [ 129.808727] ksys_write from ret_fast_syscall+0x0/0x1c # [ 129.814098] Exception stack(0xf1225fa8 to 0xf1225ff0) # [ 129.819456] 5fa0: 00000004 00000004 00000001 b6dd4000 00000004 00000001 # [ 129.827932] 5fc0: 00000004 00000004 7ff00000 00000004 00000001 b6dd4000 00020000 0041fe38 # [ 129.836402] 5fe0: 00000004 be953788 b6e9a33b b6e13616 # [ 129.841761] Code: c278bde0 c278bdf4 e52de004 e28dd004 (e7f001f2) # [ 129.848118] ---[ end trace 0000000000000000 ]--- # [ 129.852965] note: cat[743] exited with irqs disabled # BUG: saw 'kernel BUG at': ok ok 3 selftests: lkdtm: BUG.sh # timeout set to 45 # selftests: lkdtm: WARNING.sh <6>[ 131.331255] lkdtm: Performing direct entry WARNING <4>[ 131.335062] ------------[ cut here ]------------ <4>[ 131.340046] WARNING: CPU: 1 PID: 826 at drivers/misc/lkdtm/bugs.c:112 lkdtm_do_action+0x24/0x4c <4>[ 131.348990] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 131.385389] CPU: 1 UID: 0 PID: 826 Comm: cat Tainted: G D 6.12.0-rc1-next-20241002 #1 <4>[ 131.394890] Tainted: [D]=DIE <4>[ 131.397931] Hardware name: STM32 (Device Tree Support) <4>[ 131.403380] Call trace: <4>[ 131.403395] unwind_backtrace from show_stack+0x18/0x1c <4>[ 131.411708] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 131.417085] dump_stack_lvl from __warn+0x84/0x134 <4>[ 131.422067] __warn from warn_slowpath_fmt+0x190/0x198 <4>[ 131.427548] warn_slowpath_fmt from lkdtm_do_action+0x24/0x4c <4>[ 131.433534] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 131.439315] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 131.444990] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 131.450467] vfs_write from ksys_write+0x78/0xf8 <4>[ 131.455443] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 131.460815] Exception stack(0xf1279fa8 to 0xf1279ff0) <4>[ 131.466173] 9fa0: 00000008 00000008 00000001 b6e78000 00000008 00000001 <4>[ 131.474647] 9fc0: 00000008 00000008 7ff00000 00000004 00000001 b6e78000 00020000 0049fe38 <4>[ 131.483116] 9fe0: 00000004 bef00788 b6f3e33b b6eb7616 <4>[ 131.488580] ---[ end trace 0000000000000000 ]--- # [ 131.331255] lkdtm: Performing direct entry WARNING # [ 131.335062] ------------[ cut here ]------------ # [ 131.340046] WARNING: CPU: 1 PID: 826 at drivers/misc/lkdtm/bugs.c:112 lkdtm_do_action+0x24/0x4c # [ 131.348990] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 131.385389] CPU: 1 UID: 0 PID: 826 Comm: cat Tainted: G D 6.12.0-rc1-next-20241002 #1 # [ 131.394890] Tainted: [D]=DIE # [ 131.397931] Hardware name: STM32 (Device Tree Support) # [ 131.403380] Call trace: # [ 131.403395] unwind_backtrace from show_stack+0x18/0x1c # [ 131.411708] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 131.417085] dump_stack_lvl from __warn+0x84/0x134 # [ 131.422067] __warn from warn_slowpath_fmt+0x190/0x198 # [ 131.427548] warn_slowpath_fmt from lkdtm_do_action+0x24/0x4c # [ 131.433534] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 131.439315] direct_entry from full_proxy_write+0x5c/0x8c # [ 131.444990] full_proxy_write from vfs_write+0xbc/0x3cc # [ 131.450467] vfs_write from ksys_write+0x78/0xf8 # [ 131.455443] ksys_write from ret_fast_syscall+0x0/0x1c # [ 131.460815] Exception stack(0xf1279fa8 to 0xf1279ff0) # [ 131.466173] 9fa0: 00000008 00000008 00000001 b6e78000 00000008 00000001 # [ 131.474647] 9fc0: 00000008 00000008 7ff00000 00000004 00000001 b6e78000 00020000 0049fe38 # [ 131.483116] 9fe0: 00000004 bef00788 b6f3e33b b6eb7616 # [ 131.488580] ---[ end trace 0000000000000000 ]--- # WARNING: saw 'WARNING:': ok ok 4 selftests: lkdtm: WARNING.sh # timeout set to 45 # selftests: lkdtm: WARNING_MESSAGE.sh <6>[ 132.669606] lkdtm: Performing direct entry WARNING_MESSAGE <4>[ 132.674157] ------------[ cut here ]------------ <4>[ 132.679107] WARNING: CPU: 1 PID: 870 at drivers/misc/lkdtm/bugs.c:117 lkdtm_WARNING_MESSAGE+0x44/0x4c <4>[ 132.688649] Warning message trigger count: 2 <4>[ 132.693131] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 132.729646] CPU: 1 UID: 0 PID: 870 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 <4>[ 132.739047] Tainted: [D]=DIE, [W]=WARN <4>[ 132.743094] Hardware name: STM32 (Device Tree Support) <4>[ 132.748444] Call trace: <4>[ 132.748459] unwind_backtrace from show_stack+0x18/0x1c <4>[ 132.756775] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 132.762152] dump_stack_lvl from __warn+0x84/0x134 <4>[ 132.767236] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 132.772617] warn_slowpath_fmt from lkdtm_WARNING_MESSAGE+0x44/0x4c <4>[ 132.779214] lkdtm_WARNING_MESSAGE from lkdtm_do_action+0x24/0x4c <4>[ 132.785600] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 132.791280] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 132.797057] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 132.802535] vfs_write from ksys_write+0x78/0xf8 <4>[ 132.807412] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 132.812784] Exception stack(0xf12b9fa8 to 0xf12b9ff0) <4>[ 132.818144] 9fa0: 00000010 00000010 00000001 b6e68000 00000010 00000001 <4>[ 132.826619] 9fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e68000 00020000 004bfe38 <4>[ 132.835089] 9fe0: 00000004 becce788 b6f2e33b b6ea7616 <4>[ 132.840536] ---[ end trace 0000000000000000 ]--- # [ 132.669606] lkdtm: Performing direct entry WARNING_MESSAGE # [ 132.674157] ------------[ cut here ]------------ # [ 132.679107] WARNING: CPU: 1 PID: 870 at drivers/misc/lkdtm/bugs.c:117 lkdtm_WARNING_MESSAGE+0x44/0x4c # [ 132.688649] Warning message trigger count: 2 # [ 132.693131] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 132.729646] CPU: 1 UID: 0 PID: 870 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 # [ 132.739047] Tainted: [D]=DIE, [W]=WARN # [ 132.743094] Hardware name: STM32 (Device Tree Support) # [ 132.748444] Call trace: # [ 132.748459] unwind_backtrace from show_stack+0x18/0x1c # [ 132.756775] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 132.762152] dump_stack_lvl from __warn+0x84/0x134 # [ 132.767236] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 132.772617] warn_slowpath_fmt from lkdtm_WARNING_MESSAGE+0x44/0x4c # [ 132.779214] lkdtm_WARNING_MESSAGE from lkdtm_do_action+0x24/0x4c # [ 132.785600] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 132.791280] direct_entry from full_proxy_write+0x5c/0x8c # [ 132.797057] full_proxy_write from vfs_write+0xbc/0x3cc # [ 132.802535] vfs_write from ksys_write+0x78/0xf8 # [ 132.807412] ksys_write from ret_fast_syscall+0x0/0x1c # [ 132.812784] Exception stack(0xf12b9fa8 to 0xf12b9ff0) # [ 132.818144] 9fa0: 00000010 00000010 00000001 b6e68000 00000010 00000001 # [ 132.826619] 9fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e68000 00020000 004bfe38 # [ 132.835089] 9fe0: 00000004 becce788 b6f2e33b b6ea7616 # [ 132.840536] ---[ end trace 0000000000000000 ]--- # WARNING_MESSAGE: saw 'message trigger': ok ok 5 selftests: lkdtm: WARNING_MESSAGE.sh # timeout set to 45 # selftests: lkdtm: EXCEPTION.sh <6>[ 133.934763] lkdtm: Performing direct entry EXCEPTION <1>[ 133.938756] 8<--- cut here --- <1>[ 133.942568] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when write <1>[ 133.951565] [00000000] *pgd=00000000 <0>[ 133.955247] Internal error: Oops: 805 [#2] SMP ARM <4>[ 133.960227] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 133.996712] CPU: 1 UID: 0 PID: 909 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 <4>[ 134.006205] Tainted: [D]=DIE, [W]=WARN <4>[ 134.010247] Hardware name: STM32 (Device Tree Support) <4>[ 134.015696] PC is at lkdtm_EXCEPTION+0xc/0x14 <4>[ 134.020273] LR is at lkdtm_do_action+0x24/0x4c <4>[ 134.025034] pc : [] lr : [] psr: a0080013 <4>[ 134.031590] sp : f12fdec0 ip : 00000000 fp : 0048fe38 <4>[ 134.037040] r10: c89b8a40 r9 : f12fdf80 r8 : c278be5c <4>[ 134.042589] r7 : f12fdf80 r6 : 00000000 r5 : c88e7000 r4 : 0000000a <4>[ 134.049346] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : c278be5c <4>[ 134.056205] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 134.063670] Control: 10c5387d Table: c7c7806a DAC: 00000051 <1>[ 134.069619] Register r0 information: non-slab/vmalloc memory <1>[ 134.075585] Register r1 information: NULL pointer <1>[ 134.080639] Register r2 information: NULL pointer <1>[ 134.085590] Register r3 information: NULL pointer <1>[ 134.090541] Register r4 information: non-paged memory <1>[ 134.095893] Register r5 information: non-slab/vmalloc memory <1>[ 134.101850] Register r6 information: NULL pointer <1>[ 134.106801] Register r7 information: 2-page vmalloc region starting at 0xf12fc000 allocated at kernel_clone+0xac/0x388 <1>[ 134.117816] Register r8 information: non-slab/vmalloc memory <1>[ 134.123776] Register r9 information: 2-page vmalloc region starting at 0xf12fc000 allocated at kernel_clone+0xac/0x388 <1>[ 134.134783] Register r10 information: slab kmalloc-192 start c89b8a00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 134.148645] full_proxy_open+0x124/0x24c <6>[ 134.153096] do_dentry_open+0x144/0x4dc <6>[ 134.157552] vfs_open+0x2c/0xec <6>[ 134.161204] path_openat+0x748/0x1198 <6>[ 134.165355] do_filp_open+0x98/0x134 <6>[ 134.169504] do_sys_openat2+0xbc/0xe4 <6>[ 134.173658] sys_openat+0x98/0xd4 <6>[ 134.177510] ret_fast_syscall+0x0/0x1c <4>[ 134.181860] Free path: <6>[ 134.184490] xdr_free_bvec+0x18/0x24 <6>[ 134.188650] xprt_transmit+0x29c/0x4a0 <6>[ 134.192901] call_transmit+0x80/0x8c <6>[ 134.197057] __rpc_execute+0xc8/0x5d0 <6>[ 134.201214] rpc_async_schedule+0x24/0x40 <6>[ 134.205772] process_one_work+0x1b8/0x450 <6>[ 134.210327] worker_thread+0x1d4/0x3c4 <6>[ 134.214579] kthread+0xe8/0x104 <6>[ 134.218227] ret_from_fork+0x14/0x28 <1>[ 134.222375] Register r11 information: non-paged memory <1>[ 134.227831] Register r12 information: NULL pointer <0>[ 134.232883] Process cat (pid: 909, stack limit = 0xf12fc000) <0>[ 134.238838] Stack: (0xf12fdec0 to 0xf12fe000) <0>[ 134.243494] dec0: 0000000a c0e00b90 c0e00a74 c88a8740 b6e58000 0000000a c3a4f4b8 c0890ff0 <0>[ 134.251968] dee0: c88a8740 c0890f94 f12fdf80 b6e58000 c8c60a40 0000000a c89b8a40 c0628618 <0>[ 134.260440] df00: c7c7adb8 00000000 00000000 00000000 00000000 0000000a b6e58000 0001fff6 <0>[ 134.268915] df20: 00000001 00000000 c88a8240 00000000 00000000 00000000 00000000 00000000 <0>[ 134.277388] df40: 00000000 00000000 00000000 00000000 00000022 ddb5cdfd 00000000 c88a8740 <0>[ 134.285861] df60: c88a8740 00000000 00000000 c03002f0 c8c60a40 00000004 0048fe38 c0628b74 <0>[ 134.294334] df80: 00000000 00000000 c8c60a40 ddb5cdfd b6fd5d80 0000000a 0000000a 7ff00000 <0>[ 134.302805] dfa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e58000 0000000a 00000001 <0>[ 134.311278] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e58000 00020000 0048fe38 <0>[ 134.319752] dfe0: 00000004 be811788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 <0>[ 134.328216] Call trace: <0>[ 134.328229] lkdtm_EXCEPTION from lkdtm_do_action+0x24/0x4c <0>[ 134.336843] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 134.342626] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 134.348302] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 134.353879] vfs_write from ksys_write+0x78/0xf8 <0>[ 134.358756] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 134.364129] Exception stack(0xf12fdfa8 to 0xf12fdff0) <0>[ 134.369490] dfa0: 0000000a 0000000a 00000001 b6e58000 0000000a 00000001 <0>[ 134.377970] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e58000 00020000 0048fe38 <0>[ 134.386446] dfe0: 00000004 be811788 b6f1e33b b6e97616 <0>[ 134.391812] Code: eb2507d9 e52de004 e28dd004 e3a03000 (e5833000) <4>[ 134.398312] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 133.934763] lkdtm: Performing direct entry EXCEPTION # [ 133.938756] 8<--- cut here --- # [ 133.942568] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when write # [ 133.951565] [00000000] *pgd=00000000 # [ 133.955247] Internal error: Oops: 805 [#2] SMP ARM # [ 133.960227] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 133.996712] CPU: 1 UID: 0 PID: 909 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 # [ 134.006205] Tainted: [D]=DIE, [W]=WARN # [ 134.010247] Hardware name: STM32 (Device Tree Support) # [ 134.015696] PC is at lkdtm_EXCEPTION+0xc/0x14 # [ 134.020273] LR is at lkdtm_do_action+0x24/0x4c # [ 134.025034] pc : [] lr : [] psr: a0080013 # [ 134.031590] sp : f12fdec0 ip : 00000000 fp : 0048fe38 # [ 134.037040] r10: c89b8a40 r9 : f12fdf80 r8 : c278be5c # [ 134.042589] r7 : f12fdf80 r6 : 00000000 r5 : c88e7000 r4 : 0000000a # [ 134.049346] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : c278be5c # [ 134.056205] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 134.063670] Control: 10c5387d Table: c7c7806a DAC: 00000051 # [ 134.069619] Register r0 information: non-slab/vmalloc memory # [ 134.075585] Register r1 information: NULL pointer # [ 134.080639] Register r2 information: NULL pointer # [ 134.085590] Register r3 information: NULL pointer # [ 134.090541] Register r4 information: non-paged memory # [ 134.095893] Register r5 information: non-slab/vmalloc memory # [ 134.101850] Register r6 information: NULL pointer # [ 134.106801] Register r7 information: 2-page vmalloc region starting at 0xf12fc000 allocated at kernel_clone+0xac/0x388 # [ 134.117816] Register r8 information: non-slab/vmalloc memory # [ 134.123776] Register r9 information: 2-page vmalloc region starting at 0xf12fc000 allocated at kernel_clone+0xac/0x388 # [ 134.134783] Register r10 information: slab kmalloc-192 start c89b8a00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 134.148645] full_proxy_open+0x124/0x24c # [ 134.153096] do_dentry_open+0x144/0x4dc # [ 134.157552] vfs_open+0x2c/0xec # [ 134.161204] path_openat+0x748/0x1198 # [ 134.165355] do_filp_open+0x98/0x134 # [ 134.169504] do_sys_openat2+0xbc/0xe4 # [ 134.173658] sys_openat+0x98/0xd4 # [ 134.177510] ret_fast_syscall+0x0/0x1c # [ 134.181860] Free path: # [ 134.184490] xdr_free_bvec+0x18/0x24 # [ 134.188650] xprt_transmit+0x29c/0x4a0 # [ 134.192901] call_transmit+0x80/0x8c # [ 134.197057] __rpc_execute+0xc8/0x5d0 # [ 134.201214] rpc_async_schedule+0x24/0x40 # [ 134.205772] process_one_work+0x1b8/0x450 # [ 134.210327] worker_thread+0x1d4/0x3c4 # [ 134.214579] kthread+0xe8/0x104 # [ 134.218227] ret_from_fork+0x14/0x28 # [ 134.222375] Register r11 information: non-paged memory # [ 134.227831] Register r12 information: NULL pointer # [ 134.232883] Process cat (pid: 909, stack limit = 0xf12fc000) # [ 134.238838] Stack: (0xf12fdec0 to 0xf12fe000) # [ 134.243494] dec0: 0000000a c0e00b90 c0e00a74 c88a8740 b6e58000 0000000a c3a4f4b8 c0890ff0 # [ 134.251968] dee0: c88a8740 c0890f94 f12fdf80 b6e58000 c8c60a40 0000000a c89b8a40 c0628618 # [ 134.260440] df00: c7c7adb8 00000000 00000000 00000000 00000000 0000000a b6e58000 0001fff6 # [ 134.268915] df20: 00000001 00000000 c88a8240 00000000 00000000 00000000 00000000 00000000 # [ 134.277388] df40: 00000000 00000000 00000000 00000000 00000022 ddb5cdfd 00000000 c88a8740 # [ 134.285861] df60: c88a8740 00000000 00000000 c03002f0 c8c60a40 00000004 0048fe38 c0628b74 # [ 134.294334] df80: 00000000 00000000 c8c60a40 ddb5cdfd b6fd5d80 0000000a 0000000a 7ff00000 # [ 134.302805] dfa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e58000 0000000a 00000001 # [ 134.311278] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e58000 00020000 0048fe38 # [ 134.319752] dfe0: 00000004 be811788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 # [ 134.328216] Call trace: # [ 134.328229] lkdtm_EXCEPTION from lkdtm_do_action+0x24/0x4c # [ 134.336843] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 134.342626] direct_entry from full_proxy_write+0x5c/0x8c # [ 134.348302] full_proxy_write from vfs_write+0xbc/0x3cc # [ 134.353879] vfs_write from ksys_write+0x78/0xf8 # [ 134.358756] ksys_write from ret_fast_syscall+0x0/0x1c # [ 134.364129] Exception stack(0xf12fdfa8 to 0xf12fdff0) # [ 134.369490] dfa0: 0000000a 0000000a 00000001 b6e58000 0000000a 00000001 # [ 134.377970] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e58000 00020000 0048fe38 # [ 134.386446] dfe0: 00000004 be811788 b6f1e33b b6e97616 # [ 134.391812] Code: eb2507d9 e52de004 e28dd004 e3a03000 (e5833000) # [ 134.398312] ---[ end trace 0000000000000000 ]--- # EXCEPTION: saw 'call trace:': ok ok 6 selftests: lkdtm: EXCEPTION.sh # timeout set to 45 # selftests: lkdtm: LOOP.sh # Skipping LOOP: Hangs the system ok 7 selftests: lkdtm: LOOP.sh # SKIP # timeout set to 45 # selftests: lkdtm: EXHAUST_STACK.sh # Skipping EXHAUST_STACK: Corrupts memory on failure ok 8 selftests: lkdtm: EXHAUST_STACK.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_STACK.sh # Skipping CORRUPT_STACK: Crashes entire system on success ok 9 selftests: lkdtm: CORRUPT_STACK.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_STACK_STRONG.sh # Skipping CORRUPT_STACK_STRONG: Crashes entire system on success ok 10 selftests: lkdtm: CORRUPT_STACK_STRONG.sh # SKIP # timeout set to 45 # selftests: lkdtm: ARRAY_BOUNDS.sh <6>[ 138.502459] lkdtm: Performing direct entry ARRAY_BOUNDS <6>[ 138.506759] lkdtm: Array access within bounds ... <6>[ 138.511702] lkdtm: Array access beyond bounds ... <4>[ 138.516690] ------------[ cut here ]------------ <3>[ 138.521545] UBSAN: array-index-out-of-bounds in ../drivers/misc/lkdtm/bugs.c:406:16 <3>[ 138.529541] index 8 is out of range for type 'char [8]' <4>[ 138.535005] CPU: 1 UID: 0 PID: 1134 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 <4>[ 138.544509] Tainted: [D]=DIE, [W]=WARN <4>[ 138.548554] Hardware name: STM32 (Device Tree Support) <4>[ 138.554003] Call trace: <4>[ 138.554017] unwind_backtrace from show_stack+0x18/0x1c <4>[ 138.562230] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 138.567607] dump_stack_lvl from ubsan_epilogue+0x8/0x34 <4>[ 138.573181] ubsan_epilogue from __ubsan_handle_out_of_bounds+0x88/0x8c <4>[ 138.580066] __ubsan_handle_out_of_bounds from lkdtm_ARRAY_BOUNDS+0x13c/0x198 <4>[ 138.587562] lkdtm_ARRAY_BOUNDS from lkdtm_do_action+0x24/0x4c <4>[ 138.593645] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 138.599424] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 138.605099] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 138.610574] vfs_write from ksys_write+0x78/0xf8 <4>[ 138.615450] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 138.620922] Exception stack(0xf145dfa8 to 0xf145dff0) <4>[ 138.626279] dfa0: 0000000d 0000000d 00000001 b6de8000 0000000d 00000001 <4>[ 138.634752] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6de8000 00020000 0043fe38 <4>[ 138.643220] dfe0: 00000004 bea0c788 b6eae33b b6e27616 <4>[ 138.648716] ---[ end trace ]--- <3>[ 138.652102] lkdtm: FAIL: survived array bounds overflow! <4>[ 138.657636] lkdtm: This is probably expected, since this kernel (6.12.0-rc1-next-20241002 armv7l) was built *without* CONFIG_UBSAN_TRAP=y # [ 138.502459] lkdtm: Performing direct entry ARRAY_BOUNDS # [ 138.506759] lkdtm: Array access within bounds ... # [ 138.511702] lkdtm: Array access beyond bounds ... # [ 138.516690] ------------[ cut here ]------------ # [ 138.521545] UBSAN: array-index-out-of-bounds in ../drivers/misc/lkdtm/bugs.c:406:16 # [ 138.529541] index 8 is out of range for type 'char [8]' # [ 138.535005] CPU: 1 UID: 0 PID: 1134 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 # [ 138.544509] Tainted: [D]=DIE, [W]=WARN # [ 138.548554] Hardware name: STM32 (Device Tree Support) # [ 138.554003] Call trace: # [ 138.554017] unwind_backtrace from show_stack+0x18/0x1c # [ 138.562230] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 138.567607] dump_stack_lvl from ubsan_epilogue+0x8/0x34 # [ 138.573181] ubsan_epilogue from __ubsan_handle_out_of_bounds+0x88/0x8c # [ 138.580066] __ubsan_handle_out_of_bounds from lkdtm_ARRAY_BOUNDS+0x13c/0x198 # [ 138.587562] lkdtm_ARRAY_BOUNDS from lkdtm_do_action+0x24/0x4c # [ 138.593645] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 138.599424] direct_entry from full_proxy_write+0x5c/0x8c # [ 138.605099] full_proxy_write from vfs_write+0xbc/0x3cc # [ 138.610574] vfs_write from ksys_write+0x78/0xf8 # [ 138.615450] ksys_write from ret_fast_syscall+0x0/0x1c # [ 138.620922] Exception stack(0xf145dfa8 to 0xf145dff0) # [ 138.626279] dfa0: 0000000d 0000000d 00000001 b6de8000 0000000d 00000001 # [ 138.634752] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6de8000 00020000 0043fe38 # [ 138.643220] dfe0: 00000004 bea0c788 b6eae33b b6e27616 # [ 138.648716] ---[ end trace ]--- # [ 138.652102] lkdtm: FAIL: survived array bounds overflow! # [ 138.657636] lkdtm: This is probably expected, since this kernel (6.12.0-rc1-next-20241002 armv7l) was built *without* CONFIG_UBSAN_TRAP=y # ARRAY_BOUNDS: saw 'call trace:|UBSAN: array-index-out-of-bounds': ok ok 11 selftests: lkdtm: ARRAY_BOUNDS.sh # timeout set to 45 # selftests: lkdtm: CORRUPT_LIST_ADD.sh <6>[ 140.041819] lkdtm: Performing direct entry CORRUPT_LIST_ADD <6>[ 140.046410] lkdtm: attempting good list addition <6>[ 140.051833] lkdtm: attempting corrupted list addition <4>[ 140.056648] ------------[ cut here ]------------ <4>[ 140.061601] WARNING: CPU: 0 PID: 1178 at lib/list_debug.c:29 __list_add_valid_or_report+0xb0/0x104 <4>[ 140.070793] list_add corruption. next->prev should be prev (f1495e80), but was 00000000. (next=f1495e9c). <4>[ 140.080941] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 140.117317] CPU: 0 UID: 0 PID: 1178 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 <4>[ 140.126627] Tainted: [D]=DIE, [W]=WARN <4>[ 140.130667] Hardware name: STM32 (Device Tree Support) <4>[ 140.136116] Call trace: <4>[ 140.136129] unwind_backtrace from show_stack+0x18/0x1c <4>[ 140.144338] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 140.149714] dump_stack_lvl from __warn+0x84/0x134 <4>[ 140.154794] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 140.160175] warn_slowpath_fmt from __list_add_valid_or_report+0xb0/0x104 <4>[ 140.167264] __list_add_valid_or_report from lkdtm_CORRUPT_LIST_ADD+0xa0/0x124 <4>[ 140.174755] lkdtm_CORRUPT_LIST_ADD from lkdtm_do_action+0x24/0x4c <4>[ 140.181246] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 140.187026] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 140.192701] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 140.198176] vfs_write from ksys_write+0x78/0xf8 <4>[ 140.203153] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 140.208524] Exception stack(0xf1495fa8 to 0xf1495ff0) <4>[ 140.213882] 5fa0: 00000011 00000011 00000001 b6e28000 00000011 00000001 <4>[ 140.222356] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 004ffe38 <4>[ 140.230825] 5fe0: 00000004 be93b788 b6eee33b b6e67616 <4>[ 140.236349] ---[ end trace 0000000000000000 ]--- <3>[ 140.241092] lkdtm: Overwrite did not happen, but no BUG?! # [ 140.041819] lkdtm: Performing direct entry CORRUPT_LIST_ADD # [ 140.046410] lkdtm: attempting good list addition # [ 140.051833] lkdtm: attempting corrupted list addition # [ 140.056648] ------------[ cut here ]------------ # [ 140.061601] WARNING: CPU: 0 PID: 1178 at lib/list_debug.c:29 __list_add_valid_or_report+0xb0/0x104 # [ 140.070793] list_add corruption. next->prev should be prev (f1495e80), but was 00000000. (next=f1495e9c). # [ 140.080941] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 140.117317] CPU: 0 UID: 0 PID: 1178 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 # [ 140.126627] Tainted: [D]=DIE, [W]=WARN # [ 140.130667] Hardware name: STM32 (Device Tree Support) # [ 140.136116] Call trace: # [ 140.136129] unwind_backtrace from show_stack+0x18/0x1c # [ 140.144338] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 140.149714] dump_stack_lvl from __warn+0x84/0x134 # [ 140.154794] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 140.160175] warn_slowpath_fmt from __list_add_valid_or_report+0xb0/0x104 # [ 140.167264] __list_add_valid_or_report from lkdtm_CORRUPT_LIST_ADD+0xa0/0x124 # [ 140.174755] lkdtm_CORRUPT_LIST_ADD from lkdtm_do_action+0x24/0x4c # [ 140.181246] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 140.187026] direct_entry from full_proxy_write+0x5c/0x8c # [ 140.192701] full_proxy_write from vfs_write+0xbc/0x3cc # [ 140.198176] vfs_write from ksys_write+0x78/0xf8 # [ 140.203153] ksys_write from ret_fast_syscall+0x0/0x1c # [ 140.208524] Exception stack(0xf1495fa8 to 0xf1495ff0) # [ 140.213882] 5fa0: 00000011 00000011 00000001 b6e28000 00000011 00000001 # [ 140.222356] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 004ffe38 # [ 140.230825] 5fe0: 00000004 be93b788 b6eee33b b6e67616 # [ 140.236349] ---[ end trace 0000000000000000 ]--- # [ 140.241092] lkdtm: Overwrite did not happen, but no BUG?! # CORRUPT_LIST_ADD: saw 'list_add corruption': ok ok 12 selftests: lkdtm: CORRUPT_LIST_ADD.sh # timeout set to 45 # selftests: lkdtm: CORRUPT_LIST_DEL.sh <6>[ 141.676531] lkdtm: Performing direct entry CORRUPT_LIST_DEL <6>[ 141.681149] lkdtm: attempting good list removal <6>[ 141.686019] lkdtm: attempting corrupted list removal <4>[ 141.691205] ------------[ cut here ]------------ <4>[ 141.696062] WARNING: CPU: 0 PID: 1222 at lib/list_debug.c:65 __list_del_entry_valid_or_report+0x140/0x144 <4>[ 141.705955] list_del corruption. next->prev should be f14d5ea0, but was 00000000. (next=f14d5eac) <4>[ 141.715314] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 141.751710] CPU: 0 UID: 0 PID: 1222 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 <4>[ 141.761113] Tainted: [D]=DIE, [W]=WARN <4>[ 141.765158] Hardware name: STM32 (Device Tree Support) <4>[ 141.770508] Call trace: <4>[ 141.770523] unwind_backtrace from show_stack+0x18/0x1c <4>[ 141.778834] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 141.784213] dump_stack_lvl from __warn+0x84/0x134 <4>[ 141.789195] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 141.794676] warn_slowpath_fmt from __list_del_entry_valid_or_report+0x140/0x144 <4>[ 141.802373] __list_del_entry_valid_or_report from lkdtm_CORRUPT_LIST_DEL+0xd4/0x160 <4>[ 141.810371] lkdtm_CORRUPT_LIST_DEL from lkdtm_do_action+0x24/0x4c <4>[ 141.816858] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 141.822638] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 141.828314] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 141.833791] vfs_write from ksys_write+0x78/0xf8 <4>[ 141.838669] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 141.844140] Exception stack(0xf14d5fa8 to 0xf14d5ff0) <4>[ 141.849500] 5fa0: 00000011 00000011 00000001 b6e48000 00000011 00000001 <4>[ 141.857974] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e48000 00020000 004bfe38 <4>[ 141.866443] 5fe0: 00000004 bed65788 b6f0e33b b6e87616 <4>[ 141.871974] ---[ end trace 0000000000000000 ]--- <3>[ 141.876748] lkdtm: Overwrite did not happen, but no BUG?! # [ 141.676531] lkdtm: Performing direct entry CORRUPT_LIST_DEL # [ 141.681149] lkdtm: attempting good list removal # [ 141.686019] lkdtm: attempting corrupted list removal # [ 141.691205] ------------[ cut here ]------------ # [ 141.696062] WARNING: CPU: 0 PID: 1222 at lib/list_debug.c:65 __list_del_entry_valid_or_report+0x140/0x144 # [ 141.705955] list_del corruption. next->prev should be f14d5ea0, but was 00000000. (next=f14d5eac) # [ 141.715314] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 141.751710] CPU: 0 UID: 0 PID: 1222 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 # [ 141.761113] Tainted: [D]=DIE, [W]=WARN # [ 141.765158] Hardware name: STM32 (Device Tree Support) # [ 141.770508] Call trace: # [ 141.770523] unwind_backtrace from show_stack+0x18/0x1c # [ 141.778834] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 141.784213] dump_stack_lvl from __warn+0x84/0x134 # [ 141.789195] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 141.794676] warn_slowpath_fmt from __list_del_entry_valid_or_report+0x140/0x144 # [ 141.802373] __list_del_entry_valid_or_report from lkdtm_CORRUPT_LIST_DEL+0xd4/0x160 # [ 141.810371] lkdtm_CORRUPT_LIST_DEL from lkdtm_do_action+0x24/0x4c # [ 141.816858] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 141.822638] direct_entry from full_proxy_write+0x5c/0x8c # [ 141.828314] full_proxy_write from vfs_write+0xbc/0x3cc # [ 141.833791] vfs_write from ksys_write+0x78/0xf8 # [ 141.838669] ksys_write from ret_fast_syscall+0x0/0x1c # [ 141.844140] Exception stack(0xf14d5fa8 to 0xf14d5ff0) # [ 141.849500] 5fa0: 00000011 00000011 00000001 b6e48000 00000011 00000001 # [ 141.857974] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e48000 00020000 004bfe38 # [ 141.866443] 5fe0: 00000004 bed65788 b6f0e33b b6e87616 # [ 141.871974] ---[ end trace 0000000000000000 ]--- # [ 141.876748] lkdtm: Overwrite did not happen, but no BUG?! # CORRUPT_LIST_DEL: saw 'list_del corruption': ok ok 13 selftests: lkdtm: CORRUPT_LIST_DEL.sh # timeout set to 45 # selftests: lkdtm: STACK_GUARD_PAGE_LEADING.sh <6>[ 142.990800] lkdtm: Performing direct entry STACK_GUARD_PAGE_LEADING <6>[ 142.996099] lkdtm: attempting bad read from page below current stack <1>[ 143.003274] 8<--- cut here --- <1>[ 143.006116] Unable to handle kernel paging request at virtual address f1513fff when read <1>[ 143.014412] [f1513fff] *pgd=c59a2811, *pte=00000000, *ppte=00000000 <0>[ 143.021017] Internal error: Oops: 7 [#3] SMP ARM <4>[ 143.025797] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 143.062286] CPU: 1 UID: 0 PID: 1261 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 <4>[ 143.071883] Tainted: [D]=DIE, [W]=WARN <4>[ 143.075824] Hardware name: STM32 (Device Tree Support) <4>[ 143.081272] PC is at lkdtm_STACK_GUARD_PAGE_LEADING+0x34/0x4c <4>[ 143.087356] LR is at lkdtm_STACK_GUARD_PAGE_LEADING+0x2c/0x4c <4>[ 143.093325] pc : [] lr : [] psr: 60080013 <4>[ 143.099881] sp : f1515eb0 ip : 00000000 fp : 0047fe38 <4>[ 143.105430] r10: c8e7e180 r9 : f1515f80 r8 : c278bef4 <4>[ 143.110881] r7 : f1515f80 r6 : 00000000 r5 : c88fc000 r4 : f1514000 <4>[ 143.117739] r3 : c8c63240 r2 : 00000000 r1 : 00000000 r0 : c20a9a8c <4>[ 143.124597] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 143.131963] Control: 10c5387d Table: c5b5806a DAC: 00000051 <1>[ 143.138013] Register r0 information: non-slab/vmalloc memory <1>[ 143.143979] Register r1 information: NULL pointer <1>[ 143.148931] Register r2 information: NULL pointer <1>[ 143.153882] Register r3 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 143.167657] copy_process+0x1f4/0x1f64 <6>[ 143.171914] kernel_clone+0xac/0x388 <6>[ 143.176069] sys_clone+0x78/0x9c <6>[ 143.179821] ret_fast_syscall+0x0/0x1c <4>[ 143.184072] Free path: <6>[ 143.186802] rcu_core+0x2dc/0xb14 <6>[ 143.190656] handle_softirqs+0x15c/0x430 <6>[ 143.195113] irq_exit+0xac/0xd4 <6>[ 143.198763] call_with_stack+0x18/0x20 <6>[ 143.203023] __irq_svc+0x9c/0xb8 <6>[ 143.206770] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 143.212132] pcpu_alloc_noprof+0x3c8/0x9bc <6>[ 143.216787] mm_init+0x148/0x288 <6>[ 143.220540] copy_process+0x16e0/0x1f64 <6>[ 143.224896] kernel_clone+0xac/0x388 <6>[ 143.229050] sys_clone+0x78/0x9c <6>[ 143.232802] ret_fast_syscall+0x0/0x1c <1>[ 143.237051] Register r4 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 <1>[ 143.248060] Register r5 information: non-slab/vmalloc memory <1>[ 143.254018] Register r6 information: NULL pointer <1>[ 143.258969] Register r7 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 <1>[ 143.269974] Register r8 information: non-slab/vmalloc memory <1>[ 143.275931] Register r9 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 <1>[ 143.286935] Register r10 information: slab kmalloc-192 start c8e7e140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 143.300890] full_proxy_open+0x124/0x24c <6>[ 143.305339] do_dentry_open+0x144/0x4dc <6>[ 143.309695] vfs_open+0x2c/0xec <6>[ 143.313347] path_openat+0x748/0x1198 <6>[ 143.317498] do_filp_open+0x98/0x134 <6>[ 143.321647] do_sys_openat2+0xbc/0xe4 <6>[ 143.325801] sys_openat+0x98/0xd4 <6>[ 143.329652] ret_fast_syscall+0x0/0x1c <4>[ 143.334003] Free path: <6>[ 143.336633] xdr_free_bvec+0x18/0x24 <6>[ 143.340792] xprt_transmit+0x29c/0x4a0 <6>[ 143.345043] call_transmit+0x80/0x8c <6>[ 143.349201] __rpc_execute+0xc8/0x5d0 <6>[ 143.353358] rpc_async_schedule+0x24/0x40 <6>[ 143.357915] process_one_work+0x1b8/0x450 <6>[ 143.362471] worker_thread+0x1d4/0x3c4 <6>[ 143.366728] kthread+0xe8/0x104 <6>[ 143.370379] ret_from_fork+0x14/0x28 <1>[ 143.374537] Register r11 information: non-paged memory <1>[ 143.379903] Register r12 information: NULL pointer <0>[ 143.384963] Process cat (pid: 1261, stack limit = 0xf1514000) <0>[ 143.391026] Stack: (0xf1515eb0 to 0xf1516000) <0>[ 143.395684] 5ea0: f1515f80 00e00b88 00000019 c0e007ac <0>[ 143.404163] 5ec0: 00000019 c0e00b90 c0e00a74 c5877d40 b6e74000 00000019 c3a4f4b8 c0890ff0 <0>[ 143.412642] 5ee0: c5877d40 c0890f94 f1515f80 b6e74000 c8c63240 00000019 c8e7e180 c0628618 <0>[ 143.421116] 5f00: c5b5adb8 00000000 00000000 00000000 00000000 00000019 b6e74000 0001ffe7 <0>[ 143.429588] 5f20: 00000001 00000000 c5877b40 00000000 00000000 00000000 00000000 00000000 <0>[ 143.438061] 5f40: 00000000 00000000 00000000 00000000 00000022 9d0a652e 00000000 c5877d40 <0>[ 143.446536] 5f60: c5877d40 00000000 00000000 c03002f0 c8c63240 00000004 0047fe38 c0628b74 <0>[ 143.455009] 5f80: 00000000 00000000 00000000 9d0a652e 000000c0 00000019 00000019 7ff00000 <0>[ 143.463482] 5fa0: 00000004 c03000c0 00000019 00000019 00000001 b6e74000 00000019 00000001 <0>[ 143.471955] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6e74000 00020000 0047fe38 <0>[ 143.480428] 5fe0: 00000004 bec49788 b6f3a33b b6eb3616 60080030 00000001 00000000 00000000 <0>[ 143.488891] Call trace: <0>[ 143.488906] lkdtm_STACK_GUARD_PAGE_LEADING from lkdtm_do_action+0x24/0x4c <0>[ 143.498840] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 143.504624] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 143.510301] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 143.515879] vfs_write from ksys_write+0x78/0xf8 <0>[ 143.520756] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 143.526128] Exception stack(0xf1515fa8 to 0xf1515ff0) <0>[ 143.531485] 5fa0: 00000019 00000019 00000001 b6e74000 00000019 00000001 <0>[ 143.539958] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6e74000 00020000 0047fe38 <0>[ 143.548427] 5fe0: 00000004 bec49788 b6f3a33b b6eb3616 <0>[ 143.553785] Code: e5934208 ebffc471 e3090a8c e34c020a (e5543001) <4>[ 143.560433] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 142.990800] lkdtm: Performing direct entry STACK_GUARD_PAGE_LEADING # [ 142.996099] lkdtm: attempting bad read from page below current stack # [ 143.003274] 8<--- cut here --- # [ 143.006116] Unable to handle kernel paging request at virtual address f1513fff when read # [ 143.014412] [f1513fff] *pgd=c59a2811, *pte=00000000, *ppte=00000000 # [ 143.021017] Internal error: Oops: 7 [#3] SMP ARM # [ 143.025797] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 143.062286] CPU: 1 UID: 0 PID: 1261 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 # [ 143.071883] Tainted: [D]=DIE, [W]=WARN # [ 143.075824] Hardware name: STM32 (Device Tree Support) # [ 143.081272] PC is at lkdtm_STACK_GUARD_PAGE_LEADING+0x34/0x4c # [ 143.087356] LR is at lkdtm_STACK_GUARD_PAGE_LEADING+0x2c/0x4c # [ 143.093325] pc : [] lr : [] psr: 60080013 # [ 143.099881] sp : f1515eb0 ip : 00000000 fp : 0047fe38 # [ 143.105430] r10: c8e7e180 r9 : f1515f80 r8 : c278bef4 # [ 143.110881] r7 : f1515f80 r6 : 00000000 r5 : c88fc000 r4 : f1514000 # [ 143.117739] r3 : c8c63240 r2 : 00000000 r1 : 00000000 r0 : c20a9a8c # [ 143.124597] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 143.131963] Control: 10c5387d Table: c5b5806a DAC: 00000051 # [ 143.138013] Register r0 information: non-slab/vmalloc memory # [ 143.143979] Register r1 information: NULL pointer # [ 143.148931] Register r2 information: NULL pointer # [ 143.153882] Register r3 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 143.167657] copy_process+0x1f4/0x1f64 # [ 143.171914] kernel_clone+0xac/0x388 # [ 143.176069] sys_clone+0x78/0x9c # [ 143.179821] ret_fast_syscall+0x0/0x1c # [ 143.184072] Free path: # [ 143.186802] rcu_core+0x2dc/0xb14 # [ 143.190656] handle_softirqs+0x15c/0x430 # [ 143.195113] irq_exit+0xac/0xd4 # [ 143.198763] call_with_stack+0x18/0x20 # [ 143.203023] __irq_svc+0x9c/0xb8 # [ 143.206770] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 143.212132] pcpu_alloc_noprof+0x3c8/0x9bc # [ 143.216787] mm_init+0x148/0x288 # [ 143.220540] copy_process+0x16e0/0x1f64 # [ 143.224896] kernel_clone+0xac/0x388 # [ 143.229050] sys_clone+0x78/0x9c # [ 143.232802] ret_fast_syscall+0x0/0x1c # [ 143.237051] Register r4 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 # [ 143.248060] Register r5 information: non-slab/vmalloc memory # [ 143.254018] Register r6 information: NULL pointer # [ 143.258969] Register r7 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 # [ 143.269974] Register r8 information: non-slab/vmalloc memory # [ 143.275931] Register r9 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 # [ 143.286935] Register r10 information: slab kmalloc-192 start c8e7e140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 143.300890] full_proxy_open+0x124/0x24c # [ 143.305339] do_dentry_open+0x144/0x4dc # [ 143.309695] vfs_open+0x2c/0xec # [ 143.313347] path_openat+0x748/0x1198 # [ 143.317498] do_filp_open+0x98/0x134 # [ 143.321647] do_sys_openat2+0xbc/0xe4 # [ 143.325801] sys_openat+0x98/0xd4 # [ 143.329652] ret_fast_syscall+0x0/0x1c # [ 143.334003] Free path: # [ 143.336633] xdr_free_bvec+0x18/0x24 # [ 143.340792] xprt_transmit+0x29c/0x4a0 # [ 143.345043] call_transmit+0x80/0x8c # [ 143.349201] __rpc_execute+0xc8/0x5d0 # [ 143.353358] rpc_async_schedule+0x24/0x40 # [ 143.357915] process_one_work+0x1b8/0x450 # [ 143.362471] worker_thread+0x1d4/0x3c4 # [ 143.366728] kthread+0xe8/0x104 # [ 143.370379] ret_from_fork+0x14/0x28 # [ 143.374537] Register r11 information: non-paged memory # [ 143.379903] Register r12 information: NULL pointer # [ 143.384963] Process cat (pid: 1261, stack limit = 0xf1514000) # [ 143.391026] Stack: (0xf1515eb0 to 0xf1516000) # [ 143.395684] 5ea0: f1515f80 00e00b88 00000019 c0e007ac # [ 143.404163] 5ec0: 00000019 c0e00b90 c0e00a74 c5877d40 b6e74000 00000019 c3a4f4b8 c0890ff0 # [ 143.412642] 5ee0: c5877d40 c0890f94 f1515f80 b6e74000 c8c63240 00000019 c8e7e180 c0628618 # [ 143.421116] 5f00: c5b5adb8 00000000 00000000 00000000 00000000 00000019 b6e74000 0001ffe7 # [ 143.429588] 5f20: 00000001 00000000 c5877b40 00000000 00000000 00000000 00000000 00000000 # [ 143.438061] 5f40: 00000000 00000000 00000000 00000000 00000022 9d0a652e 00000000 c5877d40 # [ 143.446536] 5f60: c5877d40 00000000 00000000 c03002f0 c8c63240 00000004 0047fe38 c0628b74 # [ 143.455009] 5f80: 00000000 00000000 00000000 9d0a652e 000000c0 00000019 00000019 7ff00000 # [ 143.463482] 5fa0: 00000004 c03000c0 00000019 00000019 00000001 b6e74000 00000019 00000001 # [ 143.471955] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6e74000 00020000 0047fe38 # [ 143.480428] 5fe0: 00000004 bec49788 b6f3a33b b6eb3616 60080030 00000001 00000000 00000000 # [ 143.488891] Call trace: # [ 143.488906] lkdtm_STACK_GUARD_PAGE_LEADING from lkdtm_do_action+0x24/0x4c # [ 143.498840] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 143.504624] direct_entry from full_proxy_write+0x5c/0x8c # [ 143.510301] full_proxy_write from vfs_write+0xbc/0x3cc # [ 143.515879] vfs_write from ksys_write+0x78/0xf8 # [ 143.520756] ksys_write from ret_fast_syscall+0x0/0x1c # [ 143.526128] Exception stack(0xf1515fa8 to 0xf1515ff0) # [ 143.531485] 5fa0: 00000019 00000019 00000001 b6e74000 00000019 00000001 # [ 143.539958] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6e74000 00020000 0047fe38 # [ 143.548427] 5fe0: 00000004 bec49788 b6f3a33b b6eb3616 # [ 143.553785] Code: e5934208 ebffc471 e3090a8c e34c020a (e5543001) # [ 143.560433] ---[ end trace 0000000000000000 ]--- # STACK_GUARD_PAGE_LEADING: saw 'call trace:': ok ok 14 selftests: lkdtm: STACK_GUARD_PAGE_LEADING.sh # timeout set to 45 # selftests: lkdtm: STACK_GUARD_PAGE_TRAILING.sh <6>[ 145.087457] lkdtm: Performing direct entry STACK_GUARD_PAGE_TRAILING <6>[ 145.092875] lkdtm: attempting bad read from page above current stack <1>[ 145.100021] 8<--- cut here --- <1>[ 145.102763] Unable to handle kernel paging request at virtual address f15a6000 when read <1>[ 145.111139] [f15a6000] *pgd=c59a2811, *pte=00000000, *ppte=00000000 <0>[ 145.117731] Internal error: Oops: 7 [#4] SMP ARM <4>[ 145.122511] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 145.159001] CPU: 1 UID: 0 PID: 1342 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 <4>[ 145.168599] Tainted: [D]=DIE, [W]=WARN <4>[ 145.172639] Hardware name: STM32 (Device Tree Support) <4>[ 145.177987] PC is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x38/0x50 <4>[ 145.184171] LR is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x2c/0x50 <4>[ 145.190243] pc : [] lr : [] psr: 60080013 <4>[ 145.196800] sp : f15a5eb0 ip : 00000000 fp : 0047fe38 <4>[ 145.202348] r10: c8e7e180 r9 : f15a5f80 r8 : c278befc <4>[ 145.207798] r7 : f15a5f80 r6 : 00000000 r5 : c59d0000 r4 : f15a6000 <4>[ 145.214657] r3 : c5970a40 r2 : 00000000 r1 : 00000000 r0 : c20a9a18 <4>[ 145.221415] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 145.228881] Control: 10c5387d Table: c5b6406a DAC: 00000051 <1>[ 145.234930] Register r0 information: non-slab/vmalloc memory <1>[ 145.240895] Register r1 information: NULL pointer <1>[ 145.245847] Register r2 information: NULL pointer <1>[ 145.250797] Register r3 information: slab task_struct start c5970a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 145.264569] copy_process+0x1f4/0x1f64 <6>[ 145.268825] kernel_clone+0xac/0x388 <6>[ 145.272981] sys_clone+0x78/0x9c <6>[ 145.276733] ret_fast_syscall+0x0/0x1c <4>[ 145.280983] Free path: <6>[ 145.283713] rcu_core+0x2dc/0xb14 <6>[ 145.287566] handle_softirqs+0x15c/0x430 <6>[ 145.292025] irq_exit+0xac/0xd4 <6>[ 145.295675] call_with_stack+0x18/0x20 <6>[ 145.299935] __irq_svc+0x9c/0xb8 <6>[ 145.303682] obj_cgroup_charge+0x1d0/0x254 <6>[ 145.308334] __memcg_slab_post_alloc_hook+0xd0/0x360 <6>[ 145.313890] kmem_cache_alloc_noprof+0x36c/0x3a8 <6>[ 145.319055] anon_vma_clone+0x84/0x214 <6>[ 145.323310] anon_vma_fork+0x2c/0x174 <6>[ 145.327461] copy_process+0x1d54/0x1f64 <6>[ 145.331819] kernel_clone+0xac/0x388 <6>[ 145.335972] sys_clone+0x78/0x9c <6>[ 145.339725] ret_fast_syscall+0x0/0x1c <1>[ 145.343974] Register r4 information: 2-page vmalloc region starting at 0xf15a4000 allocated at kernel_clone+0xac/0x388 <1>[ 145.354983] Register r5 information: non-slab/vmalloc memory <1>[ 145.360940] Register r6 information: NULL pointer <1>[ 145.365992] Register r7 information: 2-page vmalloc region starting at 0xf15a4000 allocated at kernel_clone+0xac/0x388 <1>[ 145.376998] Register r8 information: non-slab/vmalloc memory <1>[ 145.382868] Register r9 information: 2-page vmalloc region starting at 0xf15a4000 allocated at kernel_clone+0xac/0x388 <1>[ 145.393888] Register r10 information: slab kmalloc-192 start c8e7e140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 145.407861] full_proxy_open+0x124/0x24c <6>[ 145.412319] do_dentry_open+0x144/0x4dc <6>[ 145.416677] vfs_open+0x2c/0xec <6>[ 145.420329] path_openat+0x748/0x1198 <6>[ 145.424481] do_filp_open+0x98/0x134 <6>[ 145.428631] do_sys_openat2+0xbc/0xe4 <6>[ 145.432784] sys_openat+0x98/0xd4 <6>[ 145.436636] ret_fast_syscall+0x0/0x1c <4>[ 145.440985] Free path: <6>[ 145.443616] full_proxy_release+0x78/0xc0 <6>[ 145.448168] __fput+0xdc/0x2e8 <6>[ 145.451814] task_work_run+0x98/0xc8 <6>[ 145.455874] do_exit+0x374/0xa1c <6>[ 145.459626] do_group_exit+0x40/0x8c <6>[ 145.463778] pid_child_should_wake+0x0/0x94 <1>[ 145.468434] Register r11 information: non-paged memory <1>[ 145.473893] Register r12 information: NULL pointer <0>[ 145.478947] Process cat (pid: 1342, stack limit = 0xf15a4000) <0>[ 145.485004] Stack: (0xf15a5eb0 to 0xf15a6000) <0>[ 145.489657] 5ea0: f15a5f80 00e00b88 0000001a c0e007ac <0>[ 145.498132] 5ec0: 0000001a c0e00b90 c0e00a74 c8bb3540 b6e58000 0000001a c3a4f4b8 c0890ff0 <0>[ 145.506605] 5ee0: c8bb3540 c0890f94 f15a5f80 b6e58000 c5970a40 0000001a c8e7e180 c0628618 <0>[ 145.515078] 5f00: c5b66db8 00000000 00000000 00000000 00000000 0000001a b6e58000 0001ffe6 <0>[ 145.523549] 5f20: 00000001 00000000 c8bb3840 00000000 00000000 00000000 00000000 00000000 <0>[ 145.532020] 5f40: 00000000 00000000 00000000 00000000 00000022 ffb5d90f 00000000 c8bb3540 <0>[ 145.540493] 5f60: c8bb3540 00000000 00000000 c03002f0 c5970a40 00000004 0047fe38 c0628b74 <0>[ 145.548964] 5f80: 00000000 00000000 00000000 ffb5d90f 000000c0 0000001a 0000001a 7ff00000 <0>[ 145.557437] 5fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e58000 0000001a 00000001 <0>[ 145.565909] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e58000 00020000 0047fe38 <0>[ 145.574482] 5fe0: 00000004 bed91788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 <0>[ 145.582945] Call trace: <0>[ 145.582959] lkdtm_STACK_GUARD_PAGE_TRAILING from lkdtm_do_action+0x24/0x4c <0>[ 145.592991] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 145.598776] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 145.604454] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 145.609930] vfs_write from ksys_write+0x78/0xf8 <0>[ 145.614807] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 145.620278] Exception stack(0xf15a5fa8 to 0xf15a5ff0) <0>[ 145.625534] 5fa0: 0000001a 0000001a 00000001 b6e58000 0000001a 00000001 <0>[ 145.634007] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e58000 00020000 0047fe38 <0>[ 145.642576] 5fe0: 00000004 bed91788 b6f1e33b b6e97616 <0>[ 145.647833] Code: ebffc485 e3090a18 e34c020a e2844a02 (e5d43000) <4>[ 145.654542] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 145.087457] lkdtm: Performing direct entry STACK_GUARD_PAGE_TRAILING # [ 145.092875] lkdtm: attempting bad read from page above current stack # [ 145.100021] 8<--- cut here --- # [ 145.102763] Unable to handle kernel paging request at virtual address f15a6000 when read # [ 145.111139] [f15a6000] *pgd=c59a2811, *pte=00000000, *ppte=00000000 # [ 145.117731] Internal error: Oops: 7 [#4] SMP ARM # [ 145.122511] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 145.159001] CPU: 1 UID: 0 PID: 1342 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 # [ 145.168599] Tainted: [D]=DIE, [W]=WARN # [ 145.172639] Hardware name: STM32 (Device Tree Support) # [ 145.177987] PC is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x38/0x50 # [ 145.184171] LR is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x2c/0x50 # [ 145.190243] pc : [] lr : [] psr: 60080013 # [ 145.196800] sp : f15a5eb0 ip : 00000000 fp : 0047fe38 # [ 145.202348] r10: c8e7e180 r9 : f15a5f80 r8 : c278befc # [ 145.207798] r7 : f15a5f80 r6 : 00000000 r5 : c59d0000 r4 : f15a6000 # [ 145.214657] r3 : c5970a40 r2 : 00000000 r1 : 00000000 r0 : c20a9a18 # [ 145.221415] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 145.228881] Control: 10c5387d Table: c5b6406a DAC: 00000051 # [ 145.234930] Register r0 information: non-slab/vmalloc memory # [ 145.240895] Register r1 information: NULL pointer # [ 145.245847] Register r2 information: NULL pointer # [ 145.250797] Register r3 information: slab task_struct start c5970a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 145.264569] copy_process+0x1f4/0x1f64 # [ 145.268825] kernel_clone+0xac/0x388 # [ 145.272981] sys_clone+0x78/0x9c # [ 145.276733] ret_fast_syscall+0x0/0x1c # [ 145.280983] Free path: # [ 145.283713] rcu_core+0x2dc/0xb14 # [ 145.287566] handle_softirqs+0x15c/0x430 # [ 145.292025] irq_exit+0xac/0xd4 # [ 145.295675] call_with_stack+0x18/0x20 # [ 145.299935] __irq_svc+0x9c/0xb8 # [ 145.303682] obj_cgroup_charge+0x1d0/0x254 # [ 145.308334] __memcg_slab_post_alloc_hook+0xd0/0x360 # [ 145.313890] kmem_cache_alloc_noprof+0x36c/0x3a8 # [ 145.319055] anon_vma_clone+0x84/0x214 # [ 145.323310] anon_vma_fork+0x2c/0x174 # [ 145.327461] copy_process+0x1d54/0x1f64 # [ 145.331819] kernel_clone+0xac/0x388 # [ 145.335972] sys_clone+0x78/0x9c # [ 145.339725] ret_fast_syscall+0x0/0x1c # [ 145.343974] Register r4 information: 2-page vmalloc region starting at 0xf15a4000 allocated at kernel_clone+0xac/0x388 # [ 145.354983] Register r5 information: non-slab/vmalloc memory # [ 145.360940] Register r6 information: NULL pointer # [ 145.365992] Register r7 information: 2-page vmalloc region starting at 0xf15a4000 allocated at kernel_clone+0xac/0x388 # [ 145.376998] Register r8 information: non-slab/vmalloc memory # [ 145.382868] Register r9 information: 2-page vmalloc region starting at 0xf15a4000 allocated at kernel_clone+0xac/0x388 # [ 145.393888] Register r10 information: slab kmalloc-192 start c8e7e140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 145.407861] full_proxy_open+0x124/0x24c # [ 145.412319] do_dentry_open+0x144/0x4dc # [ 145.416677] vfs_open+0x2c/0xec # [ 145.420329] path_openat+0x748/0x1198 # [ 145.424481] do_filp_open+0x98/0x134 # [ 145.428631] do_sys_openat2+0xbc/0xe4 # [ 145.432784] sys_openat+0x98/0xd4 # [ 145.436636] ret_fast_syscall+0x0/0x1c # [ 145.440985] Free path: # [ 145.443616] full_proxy_release+0x78/0xc0 # [ 145.448168] __fput+0xdc/0x2e8 # [ 145.451814] task_work_run+0x98/0xc8 # [ 145.455874] do_exit+0x374/0xa1c # [ 145.459626] do_group_exit+0x40/0x8c # [ 145.463778] pid_child_should_wake+0x0/0x94 # [ 145.468434] Register r11 information: non-paged memory # [ 145.473893] Register r12 information: NULL pointer # [ 145.478947] Process cat (pid: 1342, stack limit = 0xf15a4000) # [ 145.485004] Stack: (0xf15a5eb0 to 0xf15a6000) # [ 145.489657] 5ea0: f15a5f80 00e00b88 0000001a c0e007ac # [ 145.498132] 5ec0: 0000001a c0e00b90 c0e00a74 c8bb3540 b6e58000 0000001a c3a4f4b8 c0890ff0 # [ 145.506605] 5ee0: c8bb3540 c0890f94 f15a5f80 b6e58000 c5970a40 0000001a c8e7e180 c0628618 # [ 145.515078] 5f00: c5b66db8 00000000 00000000 00000000 00000000 0000001a b6e58000 0001ffe6 # [ 145.523549] 5f20: 00000001 00000000 c8bb3840 00000000 00000000 00000000 00000000 00000000 # [ 145.532020] 5f40: 00000000 00000000 00000000 00000000 00000022 ffb5d90f 00000000 c8bb3540 # [ 145.540493] 5f60: c8bb3540 00000000 00000000 c03002f0 c5970a40 00000004 0047fe38 c0628b74 # [ 145.548964] 5f80: 00000000 00000000 00000000 ffb5d90f 000000c0 0000001a 0000001a 7ff00000 # [ 145.557437] 5fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e58000 0000001a 00000001 # [ 145.565909] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e58000 00020000 0047fe38 # [ 145.574482] 5fe0: 00000004 bed91788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 # [ 145.582945] Call trace: # [ 145.582959] lkdtm_STACK_GUARD_PAGE_TRAILING from lkdtm_do_action+0x24/0x4c # [ 145.592991] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 145.598776] direct_entry from full_proxy_write+0x5c/0x8c # [ 145.604454] full_proxy_write from vfs_write+0xbc/0x3cc # [ 145.609930] vfs_write from ksys_write+0x78/0xf8 # [ 145.614807] ksys_write from ret_fast_syscall+0x0/0x1c # [ 145.620278] Exception stack(0xf15a5fa8 to 0xf15a5ff0) # [ 145.625534] 5fa0: 0000001a 0000001a 00000001 b6e58000 0000001a 00000001 # [ 145.634007] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e58000 00020000 0047fe38 # [ 145.642576] 5fe0: 00000004 bed91788 b6f1e33b b6e97616 # [ 145.647833] Code: ebffc485 e3090a18 e34c020a e2844a02 (e5d43000) # [ 145.654542] ---[ end trace 0000000000000000 ]--- # STACK_GUARD_PAGE_TRAILING: saw 'call trace:': ok ok 15 selftests: lkdtm: STACK_GUARD_PAGE_TRAILING.sh # timeout set to 45 # selftests: lkdtm: REPORT_STACK_CANARY.sh <6>[ 147.327736] lkdtm: Performing direct entry REPORT_STACK_CANARY <6>[ 147.332616] lkdtm: Recorded stack canary for pid 1435 at offset 2 <6>[ 147.371857] lkdtm: Performing direct entry REPORT_STACK_CANARY <6>[ 147.376757] lkdtm: ok: stack canaries differ between pid 1435 and pid 1437 at offset 2. # [ 147.327736] lkdtm: Performing direct entry REPORT_STACK_CANARY # [ 147.332616] lkdtm: Recorded stack canary for pid 1435 at offset 2 # [ 147.371857] lkdtm: Performing direct entry REPORT_STACK_CANARY # [ 147.376757] lkdtm: ok: stack canaries differ between pid 1435 and pid 1437 at offset 2. # REPORT_STACK_CANARY: saw 'ok: stack canaries differ': ok ok 16 selftests: lkdtm: REPORT_STACK_CANARY.sh # timeout set to 45 # selftests: lkdtm: UNSET_SMEP.sh <6>[ 148.583343] lkdtm: Performing direct entry UNSET_SMEP <3>[ 148.587455] lkdtm: XFAIL: this test is x86_64-only # [ 148.583343] lkdtm: Performing direct entry UNSET_SMEP # [ 148.587455] lkdtm: XFAIL: this test is x86_64-only # UNSET_SMEP: saw 'XFAIL': [SKIP] ok 17 selftests: lkdtm: UNSET_SMEP.sh # SKIP # timeout set to 45 # selftests: lkdtm: DOUBLE_FAULT.sh <6>[ 149.779775] lkdtm: Performing direct entry DOUBLE_FAULT <3>[ 149.783952] lkdtm: XFAIL: this test is ia32-only # [ 149.779775] lkdtm: Performing direct entry DOUBLE_FAULT # [ 149.783952] lkdtm: XFAIL: this test is ia32-only # DOUBLE_FAULT: saw 'XFAIL': [SKIP] ok 18 selftests: lkdtm: DOUBLE_FAULT.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_PAC.sh <6>[ 150.975774] lkdtm: Performing direct entry CORRUPT_PAC <3>[ 150.979961] lkdtm: XFAIL: this test is arm64-only # [ 150.975774] lkdtm: Performing direct entry CORRUPT_PAC # [ 150.979961] lkdtm: XFAIL: this test is arm64-only # CORRUPT_PAC: saw 'XFAIL': [SKIP] ok 19 selftests: lkdtm: CORRUPT_PAC.sh # SKIP # timeout set to 45 # selftests: lkdtm: UNALIGNED_LOAD_STORE_WRITE.sh <6>[ 152.165769] lkdtm: Performing direct entry UNALIGNED_LOAD_STORE_WRITE <3>[ 152.171256] lkdtm: XFAIL: arch has CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS # [ 152.165769] lkdtm: Performing direct entry UNALIGNED_LOAD_STORE_WRITE # [ 152.171256] lkdtm: XFAIL: arch has CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS # UNALIGNED_LOAD_STORE_WRITE: saw 'XFAIL': [SKIP] ok 20 selftests: lkdtm: UNALIGNED_LOAD_STORE_WRITE.sh # SKIP # timeout set to 45 # selftests: lkdtm: SLAB_LINEAR_OVERFLOW.sh <6>[ 153.385989] lkdtm: Performing direct entry SLAB_LINEAR_OVERFLOW <6>[ 153.390947] lkdtm: Attempting slab linear overflow ... <3>[ 153.396346] ============================================================================= <3>[ 153.404729] BUG kmalloc-1k (Tainted: G D W ): Right Redzone overwritten <3>[ 153.412804] ----------------------------------------------------------------------------- <3>[ 153.412804] <3>[ 153.422976] 0xc8c02000-0xc8c02003 @offset=8192. First byte 0x78 instead of 0xcc <3>[ 153.430545] FIX kmalloc-1k: Restoring Right Redzone 0xc8c02000-0xc8c02003=0xcc <3>[ 153.438118] Allocated in lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 age=5 cpu=1 pid=1645 <4>[ 153.446020] lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 <4>[ 153.450984] lkdtm_do_action+0x24/0x4c <4>[ 153.454941] direct_entry+0x11c/0x140 <4>[ 153.458895] full_proxy_write+0x5c/0x8c <4>[ 153.463046] vfs_write+0xbc/0x3cc <4>[ 153.466602] ksys_write+0x78/0xf8 <4>[ 153.470155] ret_fast_syscall+0x0/0x1c <3>[ 153.474205] Freed in nfs3_proc_create+0x1b4/0x2c4 age=230 cpu=1 pid=1641 <4>[ 153.481187] nfs3_proc_create+0x1b4/0x2c4 <4>[ 153.485442] nfs_do_create+0xa8/0x178 <4>[ 153.489400] nfs_atomic_open_v23+0x84/0xd4 <4>[ 153.493759] path_openat+0xb18/0x1198 <4>[ 153.497709] do_filp_open+0x98/0x134 <4>[ 153.501558] do_sys_openat2+0xbc/0xe4 <4>[ 153.505511] sys_openat+0x98/0xd4 <4>[ 153.509062] ret_fast_syscall+0x0/0x1c <3>[ 153.513110] Slab 0xef834000 objects=10 used=7 fp=0xc8c06400 flags=0x240(workingset|head|zone=0) <3>[ 153.522093] Object 0xc8c01c00 @offset=7168 fp=0xc8c06400 <3>[ 153.522093] <3>[ 153.529460] Redzone c8c01800: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.538532] Redzone c8c01810: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.547601] Redzone c8c01820: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.556670] Redzone c8c01830: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.565839] Redzone c8c01840: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.574908] Redzone c8c01850: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.583976] Redzone c8c01860: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.593046] Redzone c8c01870: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.602118] Redzone c8c01880: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.611287] Redzone c8c01890: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.620357] Redzone c8c018a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.629426] Redzone c8c018b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.638494] Redzone c8c018c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.647562] Redzone c8c018d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.656732] Redzone c8c018e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.665800] Redzone c8c018f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.674869] Redzone c8c01900: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.683938] Redzone c8c01910: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.693006] Redzone c8c01920: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.702175] Redzone c8c01930: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.711243] Redzone c8c01940: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.720312] Redzone c8c01950: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.729380] Redzone c8c01960: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.738549] Redzone c8c01970: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.747618] Redzone c8c01980: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.756689] Redzone c8c01990: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.765759] Redzone c8c019a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.774828] Redzone c8c019b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.783997] Redzone c8c019c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.793066] Redzone c8c019d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.802134] Redzone c8c019e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.811203] Redzone c8c019f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.820271] Redzone c8c01a00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.829440] Redzone c8c01a10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.838509] Redzone c8c01a20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.847577] Redzone c8c01a30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.856645] Redzone c8c01a40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.865714] Redzone c8c01a50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.874885] Redzone c8c01a60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.883961] Redzone c8c01a70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.893034] Redzone c8c01a80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.902109] Redzone c8c01a90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.911180] Redzone c8c01aa0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.920253] Redzone c8c01ab0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.929424] Redzone c8c01ac0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.938494] Redzone c8c01ad0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.947562] Redzone c8c01ae0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.956632] Redzone c8c01af0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.965702] Redzone c8c01b00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.974872] Redzone c8c01b10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.983941] Redzone c8c01b20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.993010] Redzone c8c01b30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.002078] Redzone c8c01b40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.011147] Redzone c8c01b50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.020316] Redzone c8c01b60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.029384] Redzone c8c01b70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.038453] Redzone c8c01b80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.047521] Redzone c8c01b90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.056690] Redzone c8c01ba0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.065759] Redzone c8c01bb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.074827] Redzone c8c01bc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.083896] Redzone c8c01bd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.092966] Redzone c8c01be0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.102135] Redzone c8c01bf0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.111206] Object c8c01c00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.120277] Object c8c01c10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.129346] Object c8c01c20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.138415] Object c8c01c30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.147585] Object c8c01c40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.156654] Object c8c01c50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.165723] Object c8c01c60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.174792] Object c8c01c70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.183861] Object c8c01c80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.193029] Object c8c01c90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.202098] Object c8c01ca0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.211166] Object c8c01cb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.220236] Object c8c01cc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.229405] Object c8c01cd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.238475] Object c8c01ce0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.247545] Object c8c01cf0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.256615] Object c8c01d00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.265685] Object c8c01d10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.274754] Object c8c01d20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.283923] Object c8c01d30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.292992] Object c8c01d40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.302060] Object c8c01d50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.311129] Object c8c01d60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.320198] Object c8c01d70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.329367] Object c8c01d80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.338436] Object c8c01d90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.347505] Object c8c01da0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.356574] Object c8c01db0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.365643] Object c8c01dc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.374811] Object c8c01dd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.383880] Object c8c01de0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.392948] Object c8c01df0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.402017] Object c8c01e00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.411087] Object c8c01e10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.420256] Object c8c01e20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.429325] Object c8c01e30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.438394] Object c8c01e40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.447462] Object c8c01e50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.456531] Object c8c01e60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.465700] Object c8c01e70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.474768] Object c8c01e80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.483837] Object c8c01e90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.492905] Object c8c01ea0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.502074] Object c8c01eb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.511142] Object c8c01ec0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.520211] Object c8c01ed0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.529279] Object c8c01ee0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.538348] Object c8c01ef0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.547517] Object c8c01f00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.556585] Object c8c01f10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.565653] Object c8c01f20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.574722] Object c8c01f30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.583891] Object c8c01f40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.592959] Object c8c01f50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.602027] Object c8c01f60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.611096] Object c8c01f70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.620265] Object c8c01f80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.629334] Object c8c01f90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.638403] Object c8c01fa0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.647472] Object c8c01fb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.656641] Object c8c01fc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.665710] Object c8c01fd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.674778] Object c8c01fe0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.683846] Object c8c01ff0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 cc cc cc cc kkkkkkkkkkk..... <3>[ 154.693016] Redzone c8c02000: cc cc cc cc .... <3>[ 154.700981] Padding c8c02034: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.710150] Padding c8c02044: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.719219] Padding c8c02054: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.728287] Padding c8c02064: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.737356] Padding c8c02074: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.746524] Padding c8c02084: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.755593] Padding c8c02094: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.764662] Padding c8c020a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.773732] Padding c8c020b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.782802] Padding c8c020c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.791971] Padding c8c020d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.801041] Padding c8c020e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.810111] Padding c8c020f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.819180] Padding c8c02104: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.828349] Padding c8c02114: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.837417] Padding c8c02124: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.846486] Padding c8c02134: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.855555] Padding c8c02144: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.864723] Padding c8c02154: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.873792] Padding c8c02164: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.882861] Padding c8c02174: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.891930] Padding c8c02184: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.901099] Padding c8c02194: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.910169] Padding c8c021a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.919237] Padding c8c021b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.928306] Padding c8c021c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.937474] Padding c8c021d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.946543] Padding c8c021e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.955611] Padding c8c021f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.964680] Padding c8c02204: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.973748] Padding c8c02214: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.982917] Padding c8c02224: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.991986] Padding c8c02234: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.001054] Padding c8c02244: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.010122] Padding c8c02254: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.019291] Padding c8c02264: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.028360] Padding c8c02274: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.037428] Padding c8c02284: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.046498] Padding c8c02294: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.055567] Padding c8c022a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.064736] Padding c8c022b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.073804] Padding c8c022c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.082873] Padding c8c022d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.091941] Padding c8c022e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.101009] Padding c8c022f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.110178] Padding c8c02304: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.119247] Padding c8c02314: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.128316] Padding c8c02324: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.137387] Padding c8c02334: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.146557] Padding c8c02344: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.155626] Padding c8c02354: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.164696] Padding c8c02364: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.173765] Padding c8c02374: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.182833] Padding c8c02384: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.192002] Padding c8c02394: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.201070] Padding c8c023a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.210139] Padding c8c023b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.219208] Padding c8c023c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.228376] Padding c8c023d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.237445] Padding c8c023e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.246514] Padding c8c023f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ <4>[ 155.255290] CPU: 1 UID: 0 PID: 1645 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 <4>[ 155.264879] Tainted: [D]=DIE, [W]=WARN <4>[ 155.268919] Hardware name: STM32 (Device Tree Support) <4>[ 155.274269] Call trace: <4>[ 155.274283] unwind_backtrace from show_stack+0x18/0x1c <4>[ 155.282591] show_stack from dump_stack_lvl+0x88/0xb8 <4>[ 155.287968] dump_stack_lvl from check_object+0x1c0/0x474 <4>[ 155.293652] check_object from free_to_partial_list+0x178/0x58c <4>[ 155.299835] free_to_partial_list from kfree+0x224/0x2dc <4>[ 155.305415] kfree from lkdtm_do_action+0x24/0x4c <4>[ 155.310395] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 155.316177] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 155.321852] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 155.327329] vfs_write from ksys_write+0x78/0xf8 <4>[ 155.332305] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 155.337677] Exception stack(0xf175dfa8 to 0xf175dff0) <4>[ 155.343036] dfa0: 00000015 00000015 00000001 b6da8000 00000015 00000001 <4>[ 155.351509] dfc0: 00000015 00000015 7ff00000 00000004 00000001 b6da8000 00020000 0050fe38 <4>[ 155.359978] dfe0: 00000004 bec0a788 b6e6e33b b6de7616 <3>[ 155.365328] FIX kmalloc-1k: Object at 0xc8c01c00 not freed # [ 153.385989] lkdtm: Performing direct entry SLAB_LINEAR_OVERFLOW # [ 153.390947] lkdtm: Attempting slab linear overflow ... # [ 153.396346] ============================================================================= # [ 153.404729] BUG kmalloc-1k (Tainted: G D W ): Right Redzone overwritten # [ 153.412804] ----------------------------------------------------------------------------- # # [ 153.422976] 0xc8c02000-0xc8c02003 @offset=8192. First byte 0x78 instead of 0xcc # [ 153.430545] FIX kmalloc-1k: Restoring Right Redzone 0xc8c02000-0xc8c02003=0xcc # [ 153.438118] Allocated in lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 age=5 cpu=1 pid=1645 # [ 153.446020] lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 # [ 153.450984] lkdtm_do_action+0x24/0x4c # [ 153.454941] direct_entry+0x11c/0x140 # [ 153.458895] full_proxy_write+0x5c/0x8c # [ 153.463046] vfs_write+0xbc/0x3cc # [ 153.466602] ksys_write+0x78/0xf8 # [ 153.470155] ret_fast_syscall+0x0/0x1c # [ 153.474205] Freed in nfs3_proc_create+0x1b4/0x2c4 age=230 cpu=1 pid=1641 # [ 153.481187] nfs3_proc_create+0x1b4/0x2c4 # [ 153.485442] nfs_do_create+0xa8/0x178 # [ 153.489400] nfs_atomic_open_v23+0x84/0xd4 # [ 153.493759] path_openat+0xb18/0x1198 # [ 153.497709] do_filp_open+0x98/0x134 # [ 153.501558] do_sys_openat2+0xbc/0xe4 # [ 153.505511] sys_openat+0x98/0xd4 # [ 153.509062] ret_fast_syscall+0x0/0x1c # [ 153.513110] Slab 0xef834000 objects=10 used=7 fp=0xc8c06400 flags=0x240(workingset|head|zone=0) # [ 153.522093] Object 0xc8c01c00 @offset=7168 fp=0xc8c06400 # # [ 153.529460] Redzone c8c01800: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.538532] Redzone c8c01810: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.547601] Redzone c8c01820: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.556670] Redzone c8c01830: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.565839] Redzone c8c01840: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.574908] Redzone c8c01850: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.583976] Redzone c8c01860: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.593046] Redzone c8c01870: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.602118] Redzone c8c01880: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.611287] Redzone c8c01890: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.620357] Redzone c8c018a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.629426] Redzone c8c018b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.638494] Redzone c8c018c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.647562] Redzone c8c018d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.656732] Redzone c8c018e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.665800] Redzone c8c018f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.674869] Redzone c8c01900: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.683938] Redzone c8c01910: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.693006] Redzone c8c01920: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.702175] Redzone c8c01930: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.711243] Redzone c8c01940: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.720312] Redzone c8c01950: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.729380] Redzone c8c01960: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.738549] Redzone c8c01970: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.747618] Redzone c8c01980: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.756689] Redzone c8c01990: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.765759] Redzone c8c019a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.774828] Redzone c8c019b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.783997] Redzone c8c019c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.793066] Redzone c8c019d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.802134] Redzone c8c019e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.811203] Redzone c8c019f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.820271] Redzone c8c01a00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.829440] Redzone c8c01a10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.838509] Redzone c8c01a20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.847577] Redzone c8c01a30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.856645] Redzone c8c01a40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.865714] Redzone c8c01a50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.874885] Redzone c8c01a60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.883961] Redzone c8c01a70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.893034] Redzone c8c01a80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.902109] Redzone c8c01a90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.911180] Redzone c8c01aa0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.920253] Redzone c8c01ab0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.929424] Redzone c8c01ac0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.938494] Redzone c8c01ad0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.947562] Redzone c8c01ae0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.956632] Redzone c8c01af0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.965702] Redzone c8c01b00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.974872] Redzone c8c01b10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.983941] Redzone c8c01b20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.993010] Redzone c8c01b30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.002078] Redzone c8c01b40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.011147] Redzone c8c01b50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.020316] Redzone c8c01b60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.029384] Redzone c8c01b70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.038453] Redzone c8c01b80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.047521] Redzone c8c01b90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.056690] Redzone c8c01ba0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.065759] Redzone c8c01bb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.074827] Redzone c8c01bc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.083896] Redzone c8c01bd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.092966] Redzone c8c01be0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.102135] Redzone c8c01bf0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.111206] Object c8c01c00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.120277] Object c8c01c10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.129346] Object c8c01c20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.138415] Object c8c01c30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.147585] Object c8c01c40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.156654] Object c8c01c50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.165723] Object c8c01c60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.174792] Object c8c01c70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.183861] Object c8c01c80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.193029] Object c8c01c90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.202098] Object c8c01ca0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.211166] Object c8c01cb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.220236] Object c8c01cc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.229405] Object c8c01cd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.238475] Object c8c01ce0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.247545] Object c8c01cf0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.256615] Object c8c01d00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.265685] Object c8c01d10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.274754] Object c8c01d20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.283923] Object c8c01d30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.292992] Object c8c01d40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.302060] Object c8c01d50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.311129] Object c8c01d60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.320198] Object c8c01d70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.329367] Object c8c01d80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.338436] Object c8c01d90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.347505] Object c8c01da0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.356574] Object c8c01db0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.365643] Object c8c01dc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.374811] Object c8c01dd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.383880] Object c8c01de0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.392948] Object c8c01df0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.402017] Object c8c01e00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.411087] Object c8c01e10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.420256] Object c8c01e20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.429325] Object c8c01e30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.438394] Object c8c01e40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.447462] Object c8c01e50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.456531] Object c8c01e60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.465700] Object c8c01e70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.474768] Object c8c01e80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.483837] Object c8c01e90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.492905] Object c8c01ea0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.502074] Object c8c01eb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.511142] Object c8c01ec0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.520211] Object c8c01ed0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.529279] Object c8c01ee0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.538348] Object c8c01ef0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.547517] Object c8c01f00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.556585] Object c8c01f10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.565653] Object c8c01f20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.574722] Object c8c01f30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.583891] Object c8c01f40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.592959] Object c8c01f50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.602027] Object c8c01f60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.611096] Object c8c01f70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.620265] Object c8c01f80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.629334] Object c8c01f90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.638403] Object c8c01fa0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.647472] Object c8c01fb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.656641] Object c8c01fc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.665710] Object c8c01fd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.674778] Object c8c01fe0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.683846] Object c8c01ff0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 cc cc cc cc kkkkkkkkkkk..... # [ 154.693016] Redzone c8c02000: cc cc cc cc .... # [ 154.700981] Padding c8c02034: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.710150] Padding c8c02044: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.719219] Padding c8c02054: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.728287] Padding c8c02064: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.737356] Padding c8c02074: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.746524] Padding c8c02084: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.755593] Padding c8c02094: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.764662] Padding c8c020a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.773732] Padding c8c020b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.782802] Padding c8c020c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.791971] Padding c8c020d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.801041] Padding c8c020e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.810111] Padding c8c020f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.819180] Padding c8c02104: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.828349] Padding c8c02114: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a <6>[ 157.101283] lkdtm: Performing direct entry VMALLOC_LINEAR_OVERFLOW <6>[ 157.107821] lkdtm: Attempting vmalloc linear overflow ... <1>[ 157.113232] 8<--- cut here --- <1>[ 157.116456] Unable to handle kernel paging request at virtual address f0942000 when write <1>[ 157.124933] [f0942000] *pgd=c3236811, *pte=00000000, *ppte=00000000 <0>[ 157.131516] Internal error: Oops: 807 [#5] SMP ARM <4>[ 157.136497] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 157.172984] CPU: 1 UID: 0 PID: 1684 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 157.182581] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 157.187829] Hardware name: STM32 (Device Tree Support) <4>[ 157.193276] PC is at mmioset+0x84/0xac <4>[ 157.197239] LR is at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 <4>[ 157.203205] pc : [] lr : [] psr: 00080013 <4>[ 157.209763] sp : f1799eb0 ip : f0942000 fp : 0044fe38 <4>[ 157.215212] r10: c8e7ea40 r9 : f1799f80 r8 : c278bf30 <4>[ 157.220762] r7 : f1799f80 r6 : 00000000 r5 : f094b000 r4 : f0941000 <4>[ 157.227620] r3 : aaaaaaaa r2 : ffffffc1 r1 : aaaaaaaa r0 : f0941000 <4>[ 157.234379] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 157.241845] Control: 10c5387d Table: c590806a DAC: 00000051 <1>[ 157.247898] Register r0 information: 1-page vmalloc region starting at 0xf0941000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <1>[ 157.260317] Register r1 information: non-paged memory <1>[ 157.265574] Register r2 information: non-paged memory <1>[ 157.270928] Register r3 information: non-paged memory <1>[ 157.276281] Register r4 information: 1-page vmalloc region starting at 0xf0941000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <1>[ 157.288688] Register r5 information: 1-page vmalloc region starting at 0xf094b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x20/0x60 <1>[ 157.301094] Register r6 information: NULL pointer <1>[ 157.306046] Register r7 information: 2-page vmalloc region starting at 0xf1798000 allocated at kernel_clone+0xac/0x388 <1>[ 157.317056] Register r8 information: non-slab/vmalloc memory <1>[ 157.323016] Register r9 information: 2-page vmalloc region starting at 0xf1798000 allocated at kernel_clone+0xac/0x388 <1>[ 157.334021] Register r10 information: slab kmalloc-192 start c8e7ea00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 157.347984] full_proxy_open+0x124/0x24c <6>[ 157.352434] do_dentry_open+0x144/0x4dc <6>[ 157.356790] vfs_open+0x2c/0xec <6>[ 157.360441] path_openat+0x748/0x1198 <6>[ 157.364692] do_filp_open+0x98/0x134 <6>[ 157.368745] do_sys_openat2+0xbc/0xe4 <6>[ 157.373010] sys_openat+0x98/0xd4 <6>[ 157.376772] ret_fast_syscall+0x0/0x1c <4>[ 157.381133] Free path: <6>[ 157.383769] full_proxy_release+0x78/0xc0 <6>[ 157.388333] __fput+0xdc/0x2e8 <6>[ 157.391885] task_work_run+0x98/0xc8 <6>[ 157.396048] do_exit+0x374/0xa1c <6>[ 157.399801] do_group_exit+0x40/0x8c <6>[ 157.403953] pid_child_should_wake+0x0/0x94 <1>[ 157.408611] Register r11 information: non-paged memory <1>[ 157.414075] Register r12 information: 1-page vmalloc region starting at 0xf0941000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <0>[ 157.426592] Process cat (pid: 1684, stack limit = 0xf1798000) <0>[ 157.432550] Stack: (0xf1799eb0 to 0xf179a000) <0>[ 157.437204] 9ea0: 00000018 c5820000 00000000 c0e007ac <0>[ 157.445679] 9ec0: 00000018 c0e00b90 c0e00a74 c88a8440 b6da8000 00000018 c3a4f4b8 c0890ff0 <0>[ 157.454153] 9ee0: c88a8440 c0890f94 f1799f80 b6da8000 c8c61440 00000018 c8e7ea40 c0628618 <0>[ 157.462626] 9f00: c590adb0 00000000 00000000 00000000 00000000 00000018 b6da8000 0001ffe8 <0>[ 157.471198] 9f20: 00000001 00000000 c88a8540 00000000 00000000 00000000 00000000 00000000 <0>[ 157.479670] 9f40: 00000000 00000000 00000000 00000000 00000022 d6499fac 00000000 c88a8440 <0>[ 157.488143] 9f60: c88a8440 00000000 00000000 c03002f0 c8c61440 00000004 0044fe38 c0628b74 <0>[ 157.496615] 9f80: 00000000 00000000 00000000 d6499fac 000000c0 00000018 00000018 7ff00000 <0>[ 157.505088] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6da8000 00000018 00000001 <0>[ 157.513560] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6da8000 00020000 0044fe38 <0>[ 157.522033] 9fe0: 00000004 be9cd788 b6e6e33b b6de7616 60080030 00000001 00000000 00000000 <0>[ 157.530497] Call trace: <0>[ 157.530511] mmioset from lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 <0>[ 157.539715] lkdtm_VMALLOC_LINEAR_OVERFLOW from lkdtm_do_action+0x24/0x4c <0>[ 157.546800] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 157.552581] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 157.558256] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 157.563732] vfs_write from ksys_write+0x78/0xf8 <0>[ 157.568609] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 157.574081] Exception stack(0xf1799fa8 to 0xf1799ff0) <0>[ 157.579337] 9fa0: 00000018 00000018 00000001 b6da8000 00000018 00000001 <0>[ 157.587810] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6da8000 00020000 0044fe38 <0>[ 157.596379] 9fe0: 00000004 be9cd788 b6e6e33b b6de7616 <0>[ 157.601636] Code: e3120002 14cc1001 14cc1001 e3120001 (14cc1001) <4>[ 157.608387] ---[ end trace 0000000000000000 ]--- 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.837417] Padding c8c02124: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.846486] Padding c8c02134: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.855555] Padding c8c02144: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.864723] Padding c8c02154: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.873792] Padding c8c02164: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.882861] Padding c8c02174: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.891930] Padding c8c02184: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.901099] Padding c8c02194: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.910169] Padding c8c021a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.919237] Padding c8c021b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.928306] Padding c8c021c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.937474] Padding c8c021d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.946543] Padding c8c021e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.955611] Padding c8c021f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.964680] Padding c8c02204: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.973748] Padding c8c02214: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.982917] Padding c8c02224: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.991986] Padding c8c02234: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.001054] Padding c8c02244: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.010122] Padding c8c02254: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.019291] Padding c8c02264: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.028360] Padding c8c02274: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.037428] Padding c8c02284: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.046498] Padding c8c02294: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.055567] Padding c8c022a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.064736] Padding c8c022b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.073804] Padding c8c022c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.082873] Padding c8c022d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.091941] Padding c8c022e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.101009] Padding c8c022f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.110178] Padding c8c02304: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.119247] Padding c8c02314: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.128316] Padding c8c02324: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.137387] Padding c8c02334: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.146557] Padding c8c02344: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.155626] Padding c8c02354: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.164696] Padding c8c02364: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.173765] Padding c8c02374: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.182833] Padding c8c02384: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.192002] Padding c8c02394: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.201070] Padding c8c023a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.210139] Padding c8c023b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.219208] Padding c8c023c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.228376] Padding c8c023d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.237445] Padding c8c023e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.246514] Padding c8c023f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ # [ 155.255290] CPU: 1 UID: 0 PID: 1645 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241002 #1 # [ 155.264879] Tainted: [D]=DIE, [W]=WARN # [ 155.268919] Hardware name: STM32 (Device Tree Support) # [ 155.274269] Call trace: # [ 155.274283] unwind_backtrace from show_stack+0x18/0x1c # [ 155.282591] show_stack from dump_stack_lvl+0x88/0xb8 # [ 155.287968] dump_stack_lvl from check_object+0x1c0/0x474 # [ 155.293652] check_object from free_to_partial_list+0x178/0x58c # [ 155.299835] free_to_partial_list from kfree+0x224/0x2dc # [ 155.305415] kfree from lkdtm_do_action+0x24/0x4c # [ 155.310395] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 155.316177] direct_entry from full_proxy_write+0x5c/0x8c # [ 155.321852] full_proxy_write from vfs_write+0xbc/0x3cc # [ 155.327329] vfs_write from ksys_write+0x78/0xf8 # [ 155.332305] ksys_write from ret_fast_syscall+0x0/0x1c # [ 155.337677] Exception stack(0xf175dfa8 to 0xf175dff0) # [ 155.343036] dfa0: 00000015 00000015 00000001 b6da8000 00000015 00000001 # [ 155.351509] dfc0: 00000015 00000015 7ff00000 00000004 00000001 b6da8000 00020000 0050fe38 # [ 155.359978] dfe0: 00000004 bec0a788 b6e6e33b b6de7616 # [ 155.365328] FIX kmalloc-1k: Object at 0xc8c01c00 not freed # SLAB_LINEAR_OVERFLOW: saw 'call trace:': ok ok 21 selftests: lkdtm: SLAB_LINEAR_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: VMALLOC_LINEAR_OVERFLOW.sh # Segmentation fault # [ 157.101283] lkdtm: Performing direct entry VMALLOC_LINEAR_OVERFLOW # [ 157.107821] lkdtm: Attempting vmalloc linear overflow ... # [ 157.113232] 8<--- cut here --- # [ 157.116456] Unable to handle kernel paging request at virtual address f0942000 when write # [ 157.124933] [f0942000] *pgd=c3236811, *pte=00000000, *ppte=00000000 # [ 157.131516] Internal error: Oops: 807 [#5] SMP ARM # [ 157.136497] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 157.172984] CPU: 1 UID: 0 PID: 1684 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 157.182581] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 157.187829] Hardware name: STM32 (Device Tree Support) # [ 157.193276] PC is at mmioset+0x84/0xac # [ 157.197239] LR is at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 # [ 157.203205] pc : [] lr : [] psr: 00080013 # [ 157.209763] sp : f1799eb0 ip : f0942000 fp : 0044fe38 # [ 157.215212] r10: c8e7ea40 r9 : f1799f80 r8 : c278bf30 # [ 157.220762] r7 : f1799f80 r6 : 00000000 r5 : f094b000 r4 : f0941000 # [ 157.227620] r3 : aaaaaaaa r2 : ffffffc1 r1 : aaaaaaaa r0 : f0941000 # [ 157.234379] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 157.241845] Control: 10c5387d Table: c590806a DAC: 00000051 # [ 157.247898] Register r0 information: 1-page vmalloc region starting at 0xf0941000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 157.260317] Register r1 information: non-paged memory # [ 157.265574] Register r2 information: non-paged memory # [ 157.270928] Register r3 information: non-paged memory # [ 157.276281] Register r4 information: 1-page vmalloc region starting at 0xf0941000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 157.288688] Register r5 information: 1-page vmalloc region starting at 0xf094b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x20/0x60 # [ 157.301094] Register r6 information: NULL pointer # [ 157.306046] Register r7 information: 2-page vmalloc region starting at 0xf1798000 allocated at kernel_clone+0xac/0x388 # [ 157.317056] Register r8 information: non-slab/vmalloc memory # [ 157.323016] Register r9 information: 2-page vmalloc region starting at 0xf1798000 allocated at kernel_clone+0xac/0x388 # [ 157.334021] Register r10 information: slab kmalloc-192 start c8e7ea00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 157.347984] full_proxy_open+0x124/0x24c # [ 157.352434] do_dentry_open+0x144/0x4dc # [ 157.356790] vfs_open+0x2c/0xec # [ 157.360441] path_openat+0x748/0x1198 # [ 157.364692] do_filp_open+0x98/0x134 # [ 157.368745] do_sys_openat2+0xbc/0xe4 # [ 157.373010] sys_openat+0x98/0xd4 # [ 157.376772] ret_fast_syscall+0x0/0x1c # [ 157.381133] Free path: # [ 157.383769] full_proxy_release+0x78/0xc0 # [ 157.388333] __fput+0xdc/0x2e8 # [ 157.391885] task_work_run+0x98/0xc8 # [ 157.396048] do_exit+0x374/0xa1c # [ 157.399801] do_group_exit+0x40/0x8c # [ 157.403953] pid_child_should_wake+0x0/0x94 # [ 157.408611] Register r11 information: non-paged memory # [ 157.414075] Register r12 information: 1-page vmalloc region starting at 0xf0941000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 157.426592] Process cat (pid: 1684, stack limit = 0xf1798000) # [ 157.432550] Stack: (0xf1799eb0 to 0xf179a000) # [ 157.437204] 9ea0: 00000018 c5820000 00000000 c0e007ac # [ 157.445679] 9ec0: 00000018 c0e00b90 c0e00a74 c88a8440 b6da8000 00000018 c3a4f4b8 c0890ff0 # [ 157.454153] 9ee0: c88a8440 c0890f94 f1799f80 b6da8000 c8c61440 00000018 c8e7ea40 c0628618 # [ 157.462626] 9f00: c590adb0 00000000 00000000 00000000 00000000 00000018 b6da8000 0001ffe8 # [ 157.471198] 9f20: 00000001 00000000 c88a8540 00000000 00000000 00000000 00000000 00000000 # [ 157.479670] 9f40: 00000000 00000000 00000000 00000000 00000022 d6499fac 00000000 c88a8440 # [ 157.488143] 9f60: c88a8440 00000000 00000000 c03002f0 c8c61440 00000004 0044fe38 c0628b74 # [ 157.496615] 9f80: 00000000 00000000 00000000 d6499fac 000000c0 00000018 00000018 7ff00000 # [ 157.505088] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6da8000 00000018 00000001 # [ 157.513560] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6da8000 00020000 0044fe38 # [ 157.522033] 9fe0: 00000004 be9cd788 b6e6e33b b6de7616 60080030 00000001 00000000 00000000 # [ 157.530497] Call trace: # [ 157.530511] mmioset from lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 # [ 157.539715] lkdtm_VMALLOC_LINEAR_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 157.546800] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 157.552581] direct_entry from full_proxy_write+0x5c/0x8c # [ 157.558256] full_proxy_write from vfs_write+0xbc/0x3cc # [ 157.563732] vfs_write from ksys_write+0x78/0xf8 # [ 157.568609] ksys_write from ret_fast_syscall+0x0/0x1c # [ 157.574081] Exception stack(0xf1799fa8 to 0xf1799ff0) # [ 157.579337] 9fa0: 00000018 00000018 00000001 b6da8000 00000018 00000001 # [ 157.587810] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6da8000 00020000 0044fe38 # [ 157.596379] 9fe0: 00000004 be9cd788 b6e6e33b b6de7616 # [ 157.601636] Code: e3120002 14cc1001 14cc1001 e3120001 (14cc1001) # [ 157.608387] ---[ end trace 0000000000000000 ]--- # VMALLOC_LINEAR_OVERFLOW: saw 'call trace:': ok ok 22 selftests: lkdtm: VMALLOC_LINEAR_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: WRITE_AFTER_FREE.sh # Skipping WRITE_AFTER_FREE: Corrupts memory on failure ok 23 selftests: lkdtm: WRITE_AFTER_FREE.sh # SKIP # timeout set to 45 # selftests: lkdtm: READ_AFTER_FREE.sh <6>[ 160.006224] lkdtm: Performing direct entry READ_AFTER_FREE <6>[ 160.010837] lkdtm: Value in memory before free: 12345678 <6>[ 160.016354] lkdtm: Attempting bad read from freed memory <6>[ 160.021939] lkdtm: Memory correctly poisoned (6b6b6b6b) # [ 160.006224] lkdtm: Performing direct entry READ_AFTER_FREE # [ 160.010837] lkdtm: Value in memory before free: 12345678 # [ 160.016354] lkdtm: Attempting bad read from freed memory # [ 160.021939] lkdtm: Memory correctly poisoned (6b6b6b6b) # READ_AFTER_FREE: saw 'call trace:|Memory correctly poisoned': ok ok 24 selftests: lkdtm: READ_AFTER_FREE.sh # timeout set to 45 # selftests: lkdtm: WRITE_BUDDY_AFTER_FREE.sh # Skipping WRITE_BUDDY_AFTER_FREE: Corrupts memory on failure ok 25 selftests: lkdtm: WRITE_BUDDY_AFTER_FREE.sh # SKIP # timeout set to 45 # selftests: lkdtm: READ_BUDDY_AFTER_FREE.sh <6>[ 162.027334] lkdtm: Performing direct entry READ_BUDDY_AFTER_FREE <6>[ 162.032426] lkdtm: Value in memory before free: 12345678 <6>[ 162.037969] lkdtm: Attempting to read from freed memory <6>[ 162.043805] lkdtm: Memory correctly poisoned (0) # [ 162.027334] lkdtm: Performing direct entry READ_BUDDY_AFTER_FREE # [ 162.032426] lkdtm: Value in memory before free: 12345678 # [ 162.037969] lkdtm: Attempting to read from freed memory # [ 162.043805] lkdtm: Memory correctly poisoned (0) # READ_BUDDY_AFTER_FREE: saw 'call trace:|Memory correctly poisoned': ok ok 26 selftests: lkdtm: READ_BUDDY_AFTER_FREE.sh # timeout set to 45 # selftests: lkdtm: SLAB_INIT_ON_ALLOC.sh <6>[ 163.360550] lkdtm: Performing direct entry SLAB_INIT_ON_ALLOC <6>[ 163.365473] lkdtm: Memory appears initialized (6b, no earlier values) # [ 163.360550] lkdtm: Performing direct entry SLAB_INIT_ON_ALLOC # [ 163.365473] lkdtm: Memory appears initialized (6b, no earlier values) # SLAB_INIT_ON_ALLOC: saw 'Memory appears initialized': ok ok 27 selftests: lkdtm: SLAB_INIT_ON_ALLOC.sh # timeout set to 45 # selftests: lkdtm: BUDDY_INIT_ON_ALLOC.sh <6>[ 164.675535] lkdtm: Performing direct entry BUDDY_INIT_ON_ALLOC <6>[ 164.680499] lkdtm: Memory appears initialized (0, no earlier values) # [ 164.675535] lkdtm: Performing direct entry BUDDY_INIT_ON_ALLOC # [ 164.680499] lkdtm: Memory appears initialized (0, no earlier values) # BUDDY_INIT_ON_ALLOC: saw 'Memory appears initialized': ok ok 28 selftests: lkdtm: BUDDY_INIT_ON_ALLOC.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_DOUBLE.sh <6>[ 165.900182] lkdtm: Performing direct entry SLAB_FREE_DOUBLE <6>[ 165.905087] lkdtm: Attempting double slab free ... <3>[ 165.909938] ============================================================================= <3>[ 165.918221] BUG lkdtm-heap-double_free (Tainted: G B D W ): Slab has 0 allocated objects but 1 are to be freed <3>[ 165.918221] <3>[ 165.931222] ----------------------------------------------------------------------------- <3>[ 165.931222] <3>[ 165.941494] Slab 0xef838794 objects=32 used=0 fp=0xc8dfd008 flags=0x200(workingset|zone=0) <4>[ 165.950082] CPU: 0 UID: 0 PID: 2012 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 165.959669] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 165.964913] Hardware name: STM32 (Device Tree Support) <4>[ 165.970360] Call trace: <4>[ 165.970373] unwind_backtrace from show_stack+0x18/0x1c <4>[ 165.978582] show_stack from dump_stack_lvl+0x88/0xb8 <4>[ 165.983957] dump_stack_lvl from slab_err+0x78/0xb0 <4>[ 165.989138] slab_err from free_to_partial_list+0x4ec/0x58c <4>[ 165.994924] free_to_partial_list from kmem_cache_free+0x1a8/0x3c0 <4>[ 166.001411] kmem_cache_free from lkdtm_do_action+0x24/0x4c <4>[ 166.007296] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 166.013076] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 166.018751] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 166.024225] vfs_write from ksys_write+0x78/0xf8 <4>[ 166.029101] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 166.034573] Exception stack(0xf1969fa8 to 0xf1969ff0) <4>[ 166.039931] 9fa0: 00000011 00000011 00000001 b6da8000 00000011 00000001 <4>[ 166.048404] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6da8000 00020000 004afe38 <4>[ 166.056872] 9fe0: 00000004 bef88788 b6e6e33b b6de7616 <3>[ 166.062221] FIX lkdtm-heap-double_free: Object at 0xc8dfd008 not freed # [ 165.900182] lkdtm: Performing direct entry SLAB_FREE_DOUBLE # [ 165.905087] lkdtm: Attempting double slab free ... # [ 165.909938] ============================================================================= # [ 165.918221] BUG lkdtm-heap-double_free (Tainted: G B D W ): Slab has 0 allocated objects but 1 are to be freed # # [ 165.931222] ----------------------------------------------------------------------------- # # [ 165.941494] Slab 0xef838794 objects=32 used=0 fp=0xc8dfd008 flags=0x200(workingset|zone=0) # [ 165.950082] CPU: 0 UID: 0 PID: 2012 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 165.959669] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 165.964913] Hardware name: STM32 (Device Tree Support) # [ 165.970360] Call trace: # [ 165.970373] unwind_backtrace from show_stack+0x18/0x1c # [ 165.978582] show_stack from dump_stack_lvl+0x88/0xb8 # [ 165.983957] dump_stack_lvl from slab_err+0x78/0xb0 # [ 165.989138] slab_err from free_to_partial_list+0x4ec/0x58c # [ 165.994924] free_to_partial_list from kmem_cache_free+0x1a8/0x3c0 # [ 166.001411] kmem_cache_free from lkdtm_do_action+0x24/0x4c # [ 166.007296] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 166.013076] direct_entry from full_proxy_write+0x5c/0x8c # [ 166.018751] full_proxy_write from vfs_write+0xbc/0x3cc # [ 166.024225] vfs_write from ksys_write+0x78/0xf8 # [ 166.029101] ksys_write from ret_fast_syscall+0x0/0x1c # [ 166.034573] Exception stack(0xf1969fa8 to 0xf1969ff0) # [ 166.039931] 9fa0: 00000011 00000011 00000001 b6da8000 00000011 00000001 # [ 166.048404] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6da8000 00020000 004afe38 # [ 166.056872] 9fe0: 00000004 bef88788 b6e6e33b b6de7616 # [ 166.062221] FIX lkdtm-heap-double_free: Object at 0xc8dfd008 not freed # SLAB_FREE_DOUBLE: saw 'call trace:': ok ok 29 selftests: lkdtm: SLAB_FREE_DOUBLE.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_CROSS.sh <6>[ 167.356379] lkdtm: Performing direct entry SLAB_FREE_CROSS <6>[ 167.360955] lkdtm: Attempting cross-cache slab free ... <4>[ 167.366503] ------------[ cut here ]------------ <4>[ 167.371283] WARNING: CPU: 1 PID: 2051 at mm/slub.c:4661 kmem_cache_free+0x2bc/0x3c0 <4>[ 167.379180] cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a <4>[ 167.387850] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 167.424255] CPU: 1 UID: 0 PID: 2051 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 167.433760] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 167.439012] Hardware name: STM32 (Device Tree Support) <4>[ 167.444462] Call trace: <4>[ 167.444476] unwind_backtrace from show_stack+0x18/0x1c <4>[ 167.452788] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 167.458064] dump_stack_lvl from __warn+0x84/0x134 <4>[ 167.463146] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 167.468628] warn_slowpath_fmt from kmem_cache_free+0x2bc/0x3c0 <4>[ 167.474817] kmem_cache_free from lkdtm_do_action+0x24/0x4c <4>[ 167.480704] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 167.486384] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 167.492159] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 167.497634] vfs_write from ksys_write+0x78/0xf8 <4>[ 167.502510] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 167.507982] Exception stack(0xf1995fa8 to 0xf1995ff0) <4>[ 167.513241] 5fa0: 00000010 00000010 00000001 b6e58000 00000010 00000001 <4>[ 167.521715] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e58000 00020000 0043fe38 <4>[ 167.530283] 5fe0: 00000004 be82f788 b6f1e33b b6e97616 <4>[ 167.535628] ---[ end trace 0000000000000000 ]--- <3>[ 167.540488] Allocated in lkdtm_SLAB_FREE_CROSS+0x20/0x60 age=179 cpu=1 pid=2051 <4>[ 167.548202] lkdtm_SLAB_FREE_CROSS+0x20/0x60 <4>[ 167.552696] lkdtm_do_action+0x24/0x4c <4>[ 167.556767] direct_entry+0x11c/0x140 <4>[ 167.560596] full_proxy_write+0x5c/0x8c <4>[ 167.564726] vfs_write+0xbc/0x3cc <4>[ 167.568358] ksys_write+0x78/0xf8 <4>[ 167.571891] ret_fast_syscall+0x0/0x1c # [ 167.356379] lkdtm: Performing direct entry SLAB_FREE_CROSS # [ 167.360955] lkdtm: Attempting cross-cache slab free ... # [ 167.366503] ------------[ cut here ]------------ # [ 167.371283] WARNING: CPU: 1 PID: 2051 at mm/slub.c:4661 kmem_cache_free+0x2bc/0x3c0 # [ 167.379180] cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a # [ 167.387850] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 167.424255] CPU: 1 UID: 0 PID: 2051 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 167.433760] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 167.439012] Hardware name: STM32 (Device Tree Support) # [ 167.444462] Call trace: # [ 167.444476] unwind_backtrace from show_stack+0x18/0x1c # [ 167.452788] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 167.458064] dump_stack_lvl from __warn+0x84/0x134 # [ 167.463146] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 167.468628] warn_slowpath_fmt from kmem_cache_free+0x2bc/0x3c0 # [ 167.474817] kmem_cache_free from lkdtm_do_action+0x24/0x4c # [ 167.480704] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 167.486384] direct_entry from full_proxy_write+0x5c/0x8c # [ 167.492159] full_proxy_write from vfs_write+0xbc/0x3cc # [ 167.497634] vfs_write from ksys_write+0x78/0xf8 # [ 167.502510] ksys_write from ret_fast_syscall+0x0/0x1c # [ 167.507982] Exception stack(0xf1995fa8 to 0xf1995ff0) # [ 167.513241] 5fa0: 00000010 00000010 00000001 b6e58000 00000010 00000001 # [ 167.521715] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e58000 00020000 0043fe38 # [ 167.530283] 5fe0: 00000004 be82f788 b6f1e33b b6e97616 # [ 167.535628] ---[ end trace 0000000000000000 ]--- # [ 167.540488] Allocated in lkdtm_SLAB_FREE_CROSS+0x20/0x60 age=179 cpu=1 pid=2051 # [ 167.548202] lkdtm_SLAB_FREE_CROSS+0x20/0x60 # [ 167.552696] lkdtm_do_action+0x24/0x4c # [ 167.556767] direct_entry+0x11c/0x140 # [ 167.560596] full_proxy_write+0x5c/0x8c # [ 167.564726] vfs_write+0xbc/0x3cc # [ 167.568358] ksys_write+0x78/0xf8 # [ 167.571891] ret_fast_syscall+0x0/0x1c # SLAB_FREE_CROSS: saw 'call trace:': ok ok 30 selftests: lkdtm: SLAB_FREE_CROSS.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_PAGE.sh <6>[ 168.836813] lkdtm: Performing direct entry SLAB_FREE_PAGE <6>[ 168.841211] lkdtm: Attempting non-Slab slab free ... <4>[ 168.847032] ------------[ cut here ]------------ <4>[ 168.851417] WARNING: CPU: 1 PID: 2090 at mm/slub.c:4647 kmem_cache_free+0x314/0x3c0 <4>[ 168.859309] virt_to_cache: Object is not a Slab page! <4>[ 168.864631] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 168.901076] CPU: 1 UID: 0 PID: 2090 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 168.910689] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 168.915842] Hardware name: STM32 (Device Tree Support) <4>[ 168.921292] Call trace: <4>[ 168.921308] unwind_backtrace from show_stack+0x18/0x1c <4>[ 168.929618] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 168.934895] dump_stack_lvl from __warn+0x84/0x134 <4>[ 168.939977] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 168.945459] warn_slowpath_fmt from kmem_cache_free+0x314/0x3c0 <4>[ 168.951647] kmem_cache_free from lkdtm_SLAB_FREE_PAGE+0x34/0x44 <4>[ 168.957939] lkdtm_SLAB_FREE_PAGE from lkdtm_do_action+0x24/0x4c <4>[ 168.964224] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 168.970003] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 168.975678] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 168.981153] vfs_write from ksys_write+0x78/0xf8 <4>[ 168.986029] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 168.991501] Exception stack(0xf19c5fa8 to 0xf19c5ff0) <4>[ 168.996859] 5fa0: 0000000f 0000000f 00000001 b6d98000 0000000f 00000001 <4>[ 169.005333] 5fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6d98000 00020000 0043fe38 <4>[ 169.013802] 5fe0: 00000004 be826788 b6e5e33b b6dd7616 <4>[ 169.019288] ---[ end trace 0000000000000000 ]--- # [ 168.836813] lkdtm: Performing direct entry SLAB_FREE_PAGE # [ 168.841211] lkdtm: Attempting non-Slab slab free ... # [ 168.847032] ------------[ cut here ]------------ # [ 168.851417] WARNING: CPU: 1 PID: 2090 at mm/slub.c:4647 kmem_cache_free+0x314/0x3c0 # [ 168.859309] virt_to_cache: Object is not a Slab page! # [ 168.864631] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 168.901076] CPU: 1 UID: 0 PID: 2090 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 168.910689] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 168.915842] Hardware name: STM32 (Device Tree Support) # [ 168.921292] Call trace: # [ 168.921308] unwind_backtrace from show_stack+0x18/0x1c # [ 168.929618] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 168.934895] dump_stack_lvl from __warn+0x84/0x134 # [ 168.939977] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 168.945459] warn_slowpath_fmt from kmem_cache_free+0x314/0x3c0 # [ 168.951647] kmem_cache_free from lkdtm_SLAB_FREE_PAGE+0x34/0x44 # [ 168.957939] lkdtm_SLAB_FREE_PAGE from lkdtm_do_action+0x24/0x4c # [ 168.964224] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 168.970003] direct_entry from full_proxy_write+0x5c/0x8c # [ 168.975678] full_proxy_write from vfs_write+0xbc/0x3cc # [ 168.981153] vfs_write from ksys_write+0x78/0xf8 # [ 168.986029] ksys_write from ret_fast_syscall+0x0/0x1c # [ 168.991501] Exception stack(0xf19c5fa8 to 0xf19c5ff0) # [ 168.996859] 5fa0: 0000000f 0000000f 00000001 b6d98000 0000000f 00000001 # [ 169.005333] 5fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6d98000 00020000 0043fe38 # [ 169.013802] 5fe0: 00000004 be826788 b6e5e33b b6dd7616 # [ 169.019288] ---[ end trace 0000000000000000 ]--- # SLAB_FREE_PAGE: saw 'call trace:': ok ok 31 selftests: lkdtm: SLAB_FREE_PAGE.sh # timeout set to 45 # selftests: lkdtm: SOFTLOCKUP.sh # Skipping SOFTLOCKUP: Hangs the system ok 32 selftests: lkdtm: SOFTLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: HARDLOCKUP.sh # Skipping HARDLOCKUP: Hangs the system ok 33 selftests: lkdtm: HARDLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: SMP_CALL_LOCKUP.sh # Skipping SMP_CALL_LOCKUP: Hangs the system ok 34 selftests: lkdtm: SMP_CALL_LOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: SPINLOCKUP.sh # Skipping SPINLOCKUP: Hangs the system ok 35 selftests: lkdtm: SPINLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: HUNG_TASK.sh # Skipping HUNG_TASK: Hangs the system ok 36 selftests: lkdtm: HUNG_TASK.sh # SKIP # timeout set to 45 # selftests: lkdtm: EXEC_DATA.sh <6>[ 173.709546] lkdtm: Performing direct entry EXEC_DATA <6>[ 173.714018] lkdtm: attempting ok execution at c0e02084 <6>[ 173.718965] lkdtm: attempting bad execution at c290fa38 <1>[ 173.724411] 8<--- cut here --- <1>[ 173.727667] Unable to handle kernel paging request at virtual address c290fa38 when execute <1>[ 173.736339] [c290fa38] *pgd=c281141e(bad) <0>[ 173.740608] Internal error: Oops: 8000000d [#6] SMP ARM <4>[ 173.746163] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 173.782629] CPU: 1 UID: 0 PID: 2304 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 173.792222] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 173.797468] Hardware name: STM32 (Device Tree Support) <4>[ 173.802815] PC is at data_area+0x0/0x40 <4>[ 173.806984] LR is at execute_location+0x9c/0xac <4>[ 173.811749] pc : [] lr : [] psr: 60080013 <4>[ 173.818306] sp : f1b01eb0 ip : 00000000 fp : 0050fe38 <4>[ 173.823855] r10: c89b8e00 r9 : f1b01f80 r8 : c278bfb0 <4>[ 173.829304] r7 : f1b01f80 r6 : 00000001 r5 : c290fa38 r4 : c0e02084 <4>[ 173.836162] r3 : c5c18040 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 173.843021] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 173.850385] Control: 10c5387d Table: c5d2c06a DAC: 00000051 <1>[ 173.856435] Register r0 information: non-paged memory <1>[ 173.861794] Register r1 information: NULL pointer <1>[ 173.866745] Register r2 information: NULL pointer <1>[ 173.871795] Register r3 information: slab task_struct start c5c18000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 173.885467] copy_process+0x1f4/0x1f64 <6>[ 173.889726] kernel_clone+0xac/0x388 <6>[ 173.893883] sys_clone+0x78/0x9c <6>[ 173.897636] ret_fast_syscall+0x0/0x1c <4>[ 173.901886] Free path: <6>[ 173.904616] rcu_core+0x2dc/0xb14 <6>[ 173.908469] handle_softirqs+0x15c/0x430 <6>[ 173.912927] irq_exit+0xac/0xd4 <6>[ 173.916577] call_with_stack+0x18/0x20 <6>[ 173.920838] __irq_svc+0x9c/0xb8 <6>[ 173.924685] step_into+0x300/0x710 <6>[ 173.928534] link_path_walk.part.0.constprop.0+0x22c/0x38c <6>[ 173.934594] path_lookupat+0x3c/0x1a4 <6>[ 173.938844] filename_lookup+0xc0/0x190 <6>[ 173.943197] vfs_statx+0x78/0xe8 <6>[ 173.946948] do_statx+0x74/0xb4 <6>[ 173.950598] sys_statx+0x78/0xf4 <6>[ 173.954348] ret_fast_syscall+0x0/0x1c <1>[ 173.958697] Register r4 information: non-slab/vmalloc memory <1>[ 173.964556] Register r5 information: non-slab/vmalloc memory <1>[ 173.970512] Register r6 information: non-paged memory <1>[ 173.975865] Register r7 information: 2-page vmalloc region starting at 0xf1b00000 allocated at kernel_clone+0xac/0x388 <1>[ 173.986874] Register r8 information: non-slab/vmalloc memory <1>[ 173.992831] Register r9 information: 2-page vmalloc region starting at 0xf1b00000 allocated at kernel_clone+0xac/0x388 <1>[ 174.003835] Register r10 information: slab kmalloc-192 start c89b8dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 174.017792] full_proxy_open+0x124/0x24c <6>[ 174.022241] do_dentry_open+0x144/0x4dc <6>[ 174.026596] vfs_open+0x2c/0xec <6>[ 174.030247] path_openat+0x748/0x1198 <6>[ 174.034497] do_filp_open+0x98/0x134 <6>[ 174.038546] do_sys_openat2+0xbc/0xe4 <6>[ 174.042800] sys_openat+0x98/0xd4 <6>[ 174.046652] ret_fast_syscall+0x0/0x1c <4>[ 174.050901] Free path: <6>[ 174.053631] full_proxy_release+0x78/0xc0 <6>[ 174.058183] __fput+0xdc/0x2e8 <6>[ 174.061727] task_work_run+0x98/0xc8 <6>[ 174.065884] do_exit+0x374/0xa1c <6>[ 174.069633] do_group_exit+0x40/0x8c <6>[ 174.073683] pid_child_should_wake+0x0/0x94 <1>[ 174.078437] Register r11 information: non-paged memory <1>[ 174.083892] Register r12 information: NULL pointer <0>[ 174.088944] Process cat (pid: 2304, stack limit = 0xf1b00000) <0>[ 174.094999] Stack: (0xf1b01eb0 to 0xf1b02000) <0>[ 174.099550] 1ea0: 0000000a c5a38000 00000000 c0e007ac <0>[ 174.108125] 1ec0: 0000000a c0e00b90 c0e00a74 c8bb3b40 b6e28000 0000000a c3a4f4b8 c0890ff0 <0>[ 174.116597] 1ee0: c8bb3b40 c0890f94 f1b01f80 b6e28000 c5c18040 0000000a c89b8e00 c0628618 <0>[ 174.125073] 1f00: c5d2edb8 00000000 00000000 00000000 00000000 0000000a b6e28000 0001fff6 <0>[ 174.133549] 1f20: 00000001 00000000 c8bb3e40 00000000 00000000 00000000 00000000 00000000 <0>[ 174.142028] 1f40: 00000000 00000000 00000000 00000000 00000022 bfc5064b 00000000 c8bb3b40 <0>[ 174.150505] 1f60: c8bb3b40 00000000 00000000 c03002f0 c5c18040 00000004 0050fe38 c0628b74 <0>[ 174.158982] 1f80: 00000000 00000000 00000000 bfc5064b 000000c0 0000000a 0000000a 7ff00000 <0>[ 174.167458] 1fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e28000 0000000a 00000001 <0>[ 174.175931] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 <0>[ 174.184403] 1fe0: 00000004 bece0788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 <0>[ 174.192868] Call trace: <0>[ 174.192887] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 174.201622] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 174.207410] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 174.213087] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 174.218566] vfs_write from ksys_write+0x78/0xf8 <0>[ 174.223445] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 174.228917] Exception stack(0xf1b01fa8 to 0xf1b01ff0) <0>[ 174.234275] 1fa0: 0000000a 0000000a 00000001 b6e28000 0000000a 00000001 <0>[ 174.242748] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 <0>[ 174.251217] 1fe0: 00000004 bece0788 b6eee33b b6e67616 <0>[ 174.256575] Code: 00000002 c36eff40 c661c040 c36efe40 (e52de004) <4>[ 174.262930] ---[ end trace 0000000000000000 ]--- <6>[ 174.267776] note: cat[2304] exited with irqs disabled # Segmentation fault # [ 173.709546] lkdtm: Performing direct entry EXEC_DATA # [ 173.714018] lkdtm: attempting ok execution at c0e02084 # [ 173.718965] lkdtm: attempting bad execution at c290fa38 # [ 173.724411] 8<--- cut here --- # [ 173.727667] Unable to handle kernel paging request at virtual address c290fa38 when execute # [ 173.736339] [c290fa38] *pgd=c281141e(bad) # [ 173.740608] Internal error: Oops: 8000000d [#6] SMP ARM # [ 173.746163] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 173.782629] CPU: 1 UID: 0 PID: 2304 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 173.792222] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 173.797468] Hardware name: STM32 (Device Tree Support) # [ 173.802815] PC is at data_area+0x0/0x40 # [ 173.806984] LR is at execute_location+0x9c/0xac # [ 173.811749] pc : [] lr : [] psr: 60080013 # [ 173.818306] sp : f1b01eb0 ip : 00000000 fp : 0050fe38 # [ 173.823855] r10: c89b8e00 r9 : f1b01f80 r8 : c278bfb0 # [ 173.829304] r7 : f1b01f80 r6 : 00000001 r5 : c290fa38 r4 : c0e02084 # [ 173.836162] r3 : c5c18040 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 173.843021] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 173.850385] Control: 10c5387d Table: c5d2c06a DAC: 00000051 # [ 173.856435] Register r0 information: non-paged memory # [ 173.861794] Register r1 information: NULL pointer # [ 173.866745] Register r2 information: NULL pointer # [ 173.871795] Register r3 information: slab task_struct start c5c18000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 173.885467] copy_process+0x1f4/0x1f64 # [ 173.889726] kernel_clone+0xac/0x388 # [ 173.893883] sys_clone+0x78/0x9c # [ 173.897636] ret_fast_syscall+0x0/0x1c # [ 173.901886] Free path: # [ 173.904616] rcu_core+0x2dc/0xb14 # [ 173.908469] handle_softirqs+0x15c/0x430 # [ 173.912927] irq_exit+0xac/0xd4 # [ 173.916577] call_with_stack+0x18/0x20 # [ 173.920838] __irq_svc+0x9c/0xb8 # [ 173.924685] step_into+0x300/0x710 # [ 173.928534] link_path_walk.part.0.constprop.0+0x22c/0x38c # [ 173.934594] path_lookupat+0x3c/0x1a4 # [ 173.938844] filename_lookup+0xc0/0x190 # [ 173.943197] vfs_statx+0x78/0xe8 # [ 173.946948] do_statx+0x74/0xb4 # [ 173.950598] sys_statx+0x78/0xf4 # [ 173.954348] ret_fast_syscall+0x0/0x1c # [ 173.958697] Register r4 information: non-slab/vmalloc memory # [ 173.964556] Register r5 information: non-slab/vmalloc memory # [ 173.970512] Register r6 information: non-paged memory # [ 173.975865] Register r7 information: 2-page vmalloc region starting at 0xf1b00000 allocated at kernel_clone+0xac/0x388 # [ 173.986874] Register r8 information: non-slab/vmalloc memory # [ 173.992831] Register r9 information: 2-page vmalloc region starting at 0xf1b00000 allocated at kernel_clone+0xac/0x388 # [ 174.003835] Register r10 information: slab kmalloc-192 start c89b8dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 174.017792] full_proxy_open+0x124/0x24c # [ 174.022241] do_dentry_open+0x144/0x4dc # [ 174.026596] vfs_open+0x2c/0xec # [ 174.030247] path_openat+0x748/0x1198 # [ 174.034497] do_filp_open+0x98/0x134 # [ 174.038546] do_sys_openat2+0xbc/0xe4 # [ 174.042800] sys_openat+0x98/0xd4 # [ 174.046652] ret_fast_syscall+0x0/0x1c # [ 174.050901] Free path: # [ 174.053631] full_proxy_release+0x78/0xc0 # [ 174.058183] __fput+0xdc/0x2e8 # [ 174.061727] task_work_run+0x98/0xc8 # [ 174.065884] do_exit+0x374/0xa1c # [ 174.069633] do_group_exit+0x40/0x8c # [ 174.073683] pid_child_should_wake+0x0/0x94 # [ 174.078437] Register r11 information: non-paged memory # [ 174.083892] Register r12 information: NULL pointer # [ 174.088944] Process cat (pid: 2304, stack limit = 0xf1b00000) # [ 174.094999] Stack: (0xf1b01eb0 to 0xf1b02000) # [ 174.099550] 1ea0: 0000000a c5a38000 00000000 c0e007ac # [ 174.108125] 1ec0: 0000000a c0e00b90 c0e00a74 c8bb3b40 b6e28000 0000000a c3a4f4b8 c0890ff0 # [ 174.116597] 1ee0: c8bb3b40 c0890f94 f1b01f80 b6e28000 c5c18040 0000000a c89b8e00 c0628618 # [ 174.125073] 1f00: c5d2edb8 00000000 00000000 00000000 00000000 0000000a b6e28000 0001fff6 # [ 174.133549] 1f20: 00000001 00000000 c8bb3e40 00000000 00000000 00000000 00000000 00000000 # [ 174.142028] 1f40: 00000000 00000000 00000000 00000000 00000022 bfc5064b 00000000 c8bb3b40 # [ 174.150505] 1f60: c8bb3b40 00000000 00000000 c03002f0 c5c18040 00000004 0050fe38 c0628b74 # [ 174.158982] 1f80: 00000000 00000000 00000000 bfc5064b 000000c0 0000000a 0000000a 7ff00000 # [ 174.167458] 1fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e28000 0000000a 00000001 # [ 174.175931] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 # [ 174.184403] 1fe0: 00000004 bece0788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 # [ 174.192868] Call trace: # [ 174.192887] execute_location from lkdtm_do_action+0x24/0x4c # [ 174.201622] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 174.207410] direct_entry from full_proxy_write+0x5c/0x8c # [ 174.213087] full_proxy_write from vfs_write+0xbc/0x3cc # [ 174.218566] vfs_write from ksys_write+0x78/0xf8 # [ 174.223445] ksys_write from ret_fast_syscall+0x0/0x1c # [ 174.228917] Exception stack(0xf1b01fa8 to 0xf1b01ff0) # [ 174.234275] 1fa0: 0000000a 0000000a 00000001 b6e28000 0000000a 00000001 # [ 174.242748] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 # [ 174.251217] 1fe0: 00000004 bece0788 b6eee33b b6e67616 # [ 174.256575] Code: 00000002 c36eff40 c661c040 c36efe40 (e52de004) # [ 174.262930] ---[ end trace 0000000000000000 ]--- # [ 174.267776] note: cat[2304] exited with irqs disabled # EXEC_DATA: saw 'call trace:': ok ok 37 selftests: lkdtm: EXEC_DATA.sh # timeout set to 45 # selftests: lkdtm: EXEC_STACK.sh <6>[ 176.029784] lkdtm: Performing direct entry EXEC_STACK <6>[ 176.034171] lkdtm: attempting ok execution at c0e02084 <6>[ 176.039214] lkdtm: attempting bad execution at f1b5de74 <1>[ 176.044786] 8<--- cut here --- <1>[ 176.048126] Unable to handle kernel execution of memory at virtual address f1b5de74 when execute <1>[ 176.057203] [f1b5de74] *pgd=c7ed1811, *pte=f8f0365f, *ppte=f8f0345f <0>[ 176.063716] Internal error: Oops: 8000000f [#7] SMP ARM <4>[ 176.069202] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 176.105586] CPU: 1 UID: 0 PID: 2385 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 176.115183] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 176.120430] Hardware name: STM32 (Device Tree Support) <4>[ 176.125877] PC is at 0xf1b5de74 <4>[ 176.129331] LR is at execute_location+0x9c/0xac <4>[ 176.134101] pc : [] lr : [] psr: 60080013 <4>[ 176.140658] sp : f1b5de60 ip : 00000000 fp : 004dfe38 <4>[ 176.146208] r10: c89b8e00 r9 : f1b5df80 r8 : c278bfb8 <4>[ 176.151657] r7 : f1b5df80 r6 : 00000001 r5 : f1b5de74 r4 : c0e02084 <4>[ 176.158515] r3 : c8c60a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 176.165273] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 176.172738] Control: 10c5387d Table: c591006a DAC: 00000051 <1>[ 176.178787] Register r0 information: non-paged memory <1>[ 176.184147] Register r1 information: NULL pointer <1>[ 176.189099] Register r2 information: NULL pointer <1>[ 176.194049] Register r3 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 176.207821] copy_process+0x1f4/0x1f64 <6>[ 176.212077] kernel_clone+0xac/0x388 <6>[ 176.216233] sys_clone+0x78/0x9c <6>[ 176.219985] ret_fast_syscall+0x0/0x1c <4>[ 176.224235] Free path: <6>[ 176.226966] rcu_core+0x2dc/0xb14 <6>[ 176.230818] handle_softirqs+0x15c/0x430 <6>[ 176.235276] run_ksoftirqd+0x48/0x60 <6>[ 176.239329] smpboot_thread_fn+0xc0/0x15c <6>[ 176.243882] kthread+0xe8/0x104 <6>[ 176.247530] ret_from_fork+0x14/0x28 <1>[ 176.251678] Register r4 information: non-slab/vmalloc memory <1>[ 176.257637] Register r5 information: 2-page vmalloc region starting at 0xf1b5c000 allocated at kernel_clone+0xac/0x388 <1>[ 176.268647] Register r6 information: non-paged memory <1>[ 176.274000] Register r7 information: 2-page vmalloc region starting at 0xf1b5c000 allocated at kernel_clone+0xac/0x388 <1>[ 176.285005] Register r8 information: non-slab/vmalloc memory <1>[ 176.290962] Register r9 information: 2-page vmalloc region starting at 0xf1b5c000 allocated at kernel_clone+0xac/0x388 <1>[ 176.301966] Register r10 information: slab kmalloc-192 start c89b8dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 176.315820] full_proxy_open+0x124/0x24c <6>[ 176.320270] do_dentry_open+0x144/0x4dc <6>[ 176.324625] vfs_open+0x2c/0xec <6>[ 176.328377] path_openat+0x748/0x1198 <6>[ 176.332528] do_filp_open+0x98/0x134 <6>[ 176.336677] do_sys_openat2+0xbc/0xe4 <6>[ 176.340831] sys_openat+0x98/0xd4 <6>[ 176.344683] ret_fast_syscall+0x0/0x1c <4>[ 176.348932] Free path: <6>[ 176.351662] full_proxy_release+0x78/0xc0 <6>[ 176.356214] __fput+0xdc/0x2e8 <6>[ 176.359758] task_work_run+0x98/0xc8 <6>[ 176.363915] do_exit+0x374/0xa1c <6>[ 176.367664] do_group_exit+0x40/0x8c <6>[ 176.371821] pid_child_should_wake+0x0/0x94 <1>[ 176.376485] Register r11 information: non-paged memory <1>[ 176.381952] Register r12 information: NULL pointer <0>[ 176.387015] Process cat (pid: 2385, stack limit = 0xf1b5c000) <0>[ 176.393080] Stack: (0xf1b5de60 to 0xf1b5e000) <0>[ 176.397642] de60: 0000000b c8bcb000 00000000 c17369a8 c24d4b40 e52de004 e28dd004 e12fff1e <0>[ 176.406121] de80: e92d4010 e52de004 e28dd004 e3a00040 ebdf603d e3a01001 e1a04000 eb24d1f8 <0>[ 176.414599] dea0: e1a00004 e8bd4010 eadf5d13 e92d4010 e52de004 ae1de421 c20a9748 c0e007ac <0>[ 176.423076] dec0: 0000000b c0e00b90 c0e00a74 c8bb3740 b6d88000 0000000b c3a4f4b8 c0890ff0 <0>[ 176.431550] dee0: c8bb3740 c0890f94 f1b5df80 b6d88000 c8c60a40 0000000b c89b8e00 c0628618 <0>[ 176.440022] df00: c5912db0 00000000 00000000 00000000 00000000 0000000b b6d88000 0001fff5 <0>[ 176.448593] df20: 00000001 00000000 c8bb3440 00000000 00000000 00000000 00000000 00000000 <0>[ 176.457066] df40: 00000000 00000000 00000000 00000000 00000022 ae1de421 00000000 c8bb3740 <0>[ 176.465540] df60: c8bb3740 00000000 00000000 c03002f0 c8c60a40 00000004 004dfe38 c0628b74 <0>[ 176.474012] df80: 00000000 00000000 00000000 ae1de421 000000c0 0000000b 0000000b 7ff00000 <0>[ 176.482484] dfa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6d88000 0000000b 00000001 <0>[ 176.490956] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 <0>[ 176.499430] dfe0: 00000004 beba9788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 <0>[ 176.507894] Call trace: <0>[ 176.507911] execute_location from lkdtm_EXEC_STACK+0x3c/0x60 <0>[ 176.516740] lkdtm_EXEC_STACK from lkdtm_do_action+0x24/0x4c <0>[ 176.522735] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 176.528420] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 176.534198] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 176.539676] vfs_write from ksys_write+0x78/0xf8 <0>[ 176.544553] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 176.549926] Exception stack(0xf1b5dfa8 to 0xf1b5dff0) <0>[ 176.555284] dfa0: 0000000b 0000000b 00000001 b6d88000 0000000b 00000001 <0>[ 176.563757] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 <0>[ 176.572327] dfe0: 00000004 beba9788 b6e4e33b b6dc7616 <0>[ 176.577584] Code: c8bcb000 00000000 c17369a8 c24d4b40 (e52de004) <4>[ 176.584199] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 176.029784] lkdtm: Performing direct entry EXEC_STACK # [ 176.034171] lkdtm: attempting ok execution at c0e02084 # [ 176.039214] lkdtm: attempting bad execution at f1b5de74 # [ 176.044786] 8<--- cut here --- # [ 176.048126] Unable to handle kernel execution of memory at virtual address f1b5de74 when execute # [ 176.057203] [f1b5de74] *pgd=c7ed1811, *pte=f8f0365f, *ppte=f8f0345f # [ 176.063716] Internal error: Oops: 8000000f [#7] SMP ARM # [ 176.069202] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 176.105586] CPU: 1 UID: 0 PID: 2385 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 176.115183] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 176.120430] Hardware name: STM32 (Device Tree Support) # [ 176.125877] PC is at 0xf1b5de74 # [ 176.129331] LR is at execute_location+0x9c/0xac # [ 176.134101] pc : [] lr : [] psr: 60080013 # [ 176.140658] sp : f1b5de60 ip : 00000000 fp : 004dfe38 # [ 176.146208] r10: c89b8e00 r9 : f1b5df80 r8 : c278bfb8 # [ 176.151657] r7 : f1b5df80 r6 : 00000001 r5 : f1b5de74 r4 : c0e02084 # [ 176.158515] r3 : c8c60a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 176.165273] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 176.172738] Control: 10c5387d Table: c591006a DAC: 00000051 # [ 176.178787] Register r0 information: non-paged memory # [ 176.184147] Register r1 information: NULL pointer # [ 176.189099] Register r2 information: NULL pointer # [ 176.194049] Register r3 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 176.207821] copy_process+0x1f4/0x1f64 # [ 176.212077] kernel_clone+0xac/0x388 # [ 176.216233] sys_clone+0x78/0x9c # [ 176.219985] ret_fast_syscall+0x0/0x1c # [ 176.224235] Free path: # [ 176.226966] rcu_core+0x2dc/0xb14 # [ 176.230818] handle_softirqs+0x15c/0x430 # [ 176.235276] run_ksoftirqd+0x48/0x60 # [ 176.239329] smpboot_thread_fn+0xc0/0x15c # [ 176.243882] kthread+0xe8/0x104 # [ 176.247530] ret_from_fork+0x14/0x28 # [ 176.251678] Register r4 information: non-slab/vmalloc memory # [ 176.257637] Register r5 information: 2-page vmalloc region starting at 0xf1b5c000 allocated at kernel_clone+0xac/0x388 # [ 176.268647] Register r6 information: non-paged memory # [ 176.274000] Register r7 information: 2-page vmalloc region starting at 0xf1b5c000 allocated at kernel_clone+0xac/0x388 # [ 176.285005] Register r8 information: non-slab/vmalloc memory # [ 176.290962] Register r9 information: 2-page vmalloc region starting at 0xf1b5c000 allocated at kernel_clone+0xac/0x388 # [ 176.301966] Register r10 information: slab kmalloc-192 start c89b8dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 176.315820] full_proxy_open+0x124/0x24c # [ 176.320270] do_dentry_open+0x144/0x4dc # [ 176.324625] vfs_open+0x2c/0xec # [ 176.328377] path_openat+0x748/0x1198 # [ 176.332528] do_filp_open+0x98/0x134 # [ 176.336677] do_sys_openat2+0xbc/0xe4 # [ 176.340831] sys_openat+0x98/0xd4 # [ 176.344683] ret_fast_syscall+0x0/0x1c # [ 176.348932] Free path: # [ 176.351662] full_proxy_release+0x78/0xc0 # [ 176.356214] __fput+0xdc/0x2e8 # [ 176.359758] task_work_run+0x98/0xc8 # [ 176.363915] do_exit+0x374/0xa1c # [ 176.367664] do_group_exit+0x40/0x8c # [ 176.371821] pid_child_should_wake+0x0/0x94 # [ 176.376485] Register r11 information: non-paged memory # [ 176.381952] Register r12 information: NULL pointer # [ 176.387015] Process cat (pid: 2385, stack limit = 0xf1b5c000) # [ 176.393080] Stack: (0xf1b5de60 to 0xf1b5e000) # [ 176.397642] de60: 0000000b c8bcb000 00000000 c17369a8 c24d4b40 e52de004 e28dd004 e12fff1e # [ 176.406121] de80: e92d4010 e52de004 e28dd004 e3a00040 ebdf603d e3a01001 e1a04000 eb24d1f8 # [ 176.414599] dea0: e1a00004 e8bd4010 eadf5d13 e92d4010 e52de004 ae1de421 c20a9748 c0e007ac # [ 176.423076] dec0: 0000000b c0e00b90 c0e00a74 c8bb3740 b6d88000 0000000b c3a4f4b8 c0890ff0 # [ 176.431550] dee0: c8bb3740 c0890f94 f1b5df80 b6d88000 c8c60a40 0000000b c89b8e00 c0628618 # [ 176.440022] df00: c5912db0 00000000 00000000 00000000 00000000 0000000b b6d88000 0001fff5 # [ 176.448593] df20: 00000001 00000000 c8bb3440 00000000 00000000 00000000 00000000 00000000 # [ 176.457066] df40: 00000000 00000000 00000000 00000000 00000022 ae1de421 00000000 c8bb3740 # [ 176.465540] df60: c8bb3740 00000000 00000000 c03002f0 c8c60a40 00000004 004dfe38 c0628b74 # [ 176.474012] df80: 00000000 00000000 00000000 ae1de421 000000c0 0000000b 0000000b 7ff00000 # [ 176.482484] dfa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6d88000 0000000b 00000001 # [ 176.490956] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 # [ 176.499430] dfe0: 00000004 beba9788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 # [ 176.507894] Call trace: # [ 176.507911] execute_location from lkdtm_EXEC_STACK+0x3c/0x60 # [ 176.516740] lkdtm_EXEC_STACK from lkdtm_do_action+0x24/0x4c # [ 176.522735] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 176.528420] direct_entry from full_proxy_write+0x5c/0x8c # [ 176.534198] full_proxy_write from vfs_write+0xbc/0x3cc # [ 176.539676] vfs_write from ksys_write+0x78/0xf8 # [ 176.544553] ksys_write from ret_fast_syscall+0x0/0x1c # [ 176.549926] Exception stack(0xf1b5dfa8 to 0xf1b5dff0) # [ 176.555284] dfa0: 0000000b 0000000b 00000001 b6d88000 0000000b 00000001 # [ 176.563757] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 # [ 176.572327] dfe0: 00000004 beba9788 b6e4e33b b6dc7616 # [ 176.577584] Code: c8bcb000 00000000 c17369a8 c24d4b40 (e52de004) # [ 176.584199] ---[ end trace 0000000000000000 ]--- # EXEC_STACK: saw 'call trace:': ok ok 38 selftests: lkdtm: EXEC_STACK.sh # timeout set to 45 # selftests: lkdtm: EXEC_KMALLOC.sh <6>[ 178.365856] lkdtm: Performing direct entry EXEC_KMALLOC <6>[ 178.370057] lkdtm: attempting ok execution at c0e02084 <6>[ 178.375484] lkdtm: attempting bad execution at c7c937c0 <1>[ 178.381009] 8<--- cut here --- <1>[ 178.384261] Unable to handle kernel paging request at virtual address c7c937c0 when execute <1>[ 178.392933] [c7c937c0] *pgd=c7c1141e(bad) <0>[ 178.397205] Internal error: Oops: 8000000d [#8] SMP ARM <4>[ 178.402664] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 178.439131] CPU: 1 UID: 0 PID: 2469 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 178.448720] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 178.453965] Hardware name: STM32 (Device Tree Support) <4>[ 178.459412] PC is at 0xc7c937c0 <4>[ 178.462863] LR is at execute_location+0x9c/0xac <4>[ 178.467632] pc : [] lr : [] psr: 60080013 <4>[ 178.474188] sp : f1bf1ea8 ip : 00000000 fp : 004efe38 <4>[ 178.479736] r10: c89b8e00 r9 : f1bf1f80 r8 : c278bfc0 <4>[ 178.485185] r7 : f1bf1f80 r6 : 00000001 r5 : c7c937c0 r4 : c0e02084 <4>[ 178.492044] r3 : c8d90a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 178.498803] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 178.506266] Control: 10c5387d Table: c5b3806a DAC: 00000051 <1>[ 178.512316] Register r0 information: non-paged memory <1>[ 178.517674] Register r1 information: NULL pointer <1>[ 178.522624] Register r2 information: NULL pointer <1>[ 178.527574] Register r3 information: slab task_struct start c8d90a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 178.541346] copy_process+0x1f4/0x1f64 <6>[ 178.545602] kernel_clone+0xac/0x388 <6>[ 178.549757] sys_clone+0x78/0x9c <6>[ 178.553510] ret_fast_syscall+0x0/0x1c <4>[ 178.557760] Free path: <6>[ 178.560489] rcu_core+0x2dc/0xb14 <6>[ 178.564342] handle_softirqs+0x15c/0x430 <6>[ 178.568799] irq_exit+0xac/0xd4 <6>[ 178.572449] call_with_stack+0x18/0x20 <6>[ 178.576710] __irq_svc+0x9c/0xb8 <6>[ 178.580456] should_fail_ex+0x58/0x1fc <6>[ 178.584808] should_failslab+0x84/0xe0 <6>[ 178.589063] kmem_cache_alloc_noprof+0x4c/0x3a8 <6>[ 178.594127] anon_vma_clone+0x84/0x214 <6>[ 178.598381] anon_vma_fork+0x2c/0x174 <6>[ 178.602633] copy_process+0x1d54/0x1f64 <6>[ 178.606990] kernel_clone+0xac/0x388 <6>[ 178.611044] sys_clone+0x78/0x9c <6>[ 178.614896] ret_fast_syscall+0x0/0x1c <1>[ 178.619145] Register r4 information: non-slab/vmalloc memory <1>[ 178.625105] Register r5 information: slab kmalloc-64 start c7c93780 data offset 64 pointer offset 0 size 64 allocated at lkdtm_EXEC_KMALLOC+0x24/0x3c <6>[ 178.638759] lkdtm_EXEC_KMALLOC+0x24/0x3c <6>[ 178.643309] lkdtm_do_action+0x24/0x4c <6>[ 178.647668] direct_entry+0x11c/0x140 <6>[ 178.651824] full_proxy_write+0x5c/0x8c <6>[ 178.656175] vfs_write+0xbc/0x3cc <6>[ 178.660032] ksys_write+0x78/0xf8 <6>[ 178.663887] ret_fast_syscall+0x0/0x1c <4>[ 178.668136] Free path: <6>[ 178.670866] xdr_free_bvec+0x18/0x24 <6>[ 178.675024] xprt_transmit+0x29c/0x4a0 <6>[ 178.679275] call_transmit+0x80/0x8c <6>[ 178.683431] __rpc_execute+0xc8/0x5d0 <6>[ 178.687589] rpc_async_schedule+0x24/0x40 <6>[ 178.692146] process_one_work+0x1b8/0x450 <6>[ 178.696700] worker_thread+0x1d4/0x3c4 <6>[ 178.700952] kthread+0xe8/0x104 <6>[ 178.704599] ret_from_fork+0x14/0x28 <1>[ 178.708747] Register r6 information: non-paged memory <1>[ 178.714101] Register r7 information: 2-page vmalloc region starting at 0xf1bf0000 allocated at kernel_clone+0xac/0x388 <1>[ 178.725108] Register r8 information: non-slab/vmalloc memory <1>[ 178.731066] Register r9 information: 2-page vmalloc region starting at 0xf1bf0000 allocated at kernel_clone+0xac/0x388 <1>[ 178.742070] Register r10 information: slab kmalloc-192 start c89b8dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 178.755923] full_proxy_open+0x124/0x24c <6>[ 178.760373] do_dentry_open+0x144/0x4dc <6>[ 178.764727] vfs_open+0x2c/0xec <6>[ 178.768478] path_openat+0x748/0x1198 <6>[ 178.772629] do_filp_open+0x98/0x134 <6>[ 178.776778] do_sys_openat2+0xbc/0xe4 <6>[ 178.780932] sys_openat+0x98/0xd4 <6>[ 178.784784] ret_fast_syscall+0x0/0x1c <4>[ 178.789032] Free path: <6>[ 178.791762] full_proxy_release+0x78/0xc0 <6>[ 178.796312] __fput+0xdc/0x2e8 <6>[ 178.799960] task_work_run+0x98/0xc8 <6>[ 178.804018] do_exit+0x374/0xa1c <6>[ 178.807767] do_group_exit+0x40/0x8c <6>[ 178.811918] pid_child_should_wake+0x0/0x94 <1>[ 178.816572] Register r11 information: non-paged memory <1>[ 178.822027] Register r12 information: NULL pointer <0>[ 178.827079] Process cat (pid: 2469, stack limit = 0xf1bf0000) <0>[ 178.833134] Stack: (0xf1bf1ea8 to 0xf1bf2000) <0>[ 178.837789] 1ea0: c7c937c0 c5c75000 00000000 c0e020ec 0000000d c0e007ac <0>[ 178.846263] 1ec0: 0000000d c0e00b90 c0e00a74 c8bb3e40 b6d88000 0000000d c3a4f4b8 c0890ff0 <0>[ 178.854736] 1ee0: c8bb3e40 c0890f94 f1bf1f80 b6d88000 c8d90a40 0000000d c89b8e00 c0628618 <0>[ 178.863207] 1f00: c5b3adb0 00000000 00000000 00000000 00000000 0000000d b6d88000 0001fff3 <0>[ 178.871681] 1f20: 00000001 00000000 c8bb3440 00000000 00000000 00000000 00000000 00000000 <0>[ 178.880159] 1f40: 00000000 00000000 00000000 00000000 00000022 ca955180 00000000 c8bb3e40 <0>[ 178.888639] 1f60: c8bb3e40 00000000 00000000 c03002f0 c8d90a40 00000004 004efe38 c0628b74 <0>[ 178.897119] 1f80: 00000000 00000000 00000000 ca955180 000000c0 0000000d 0000000d 7ff00000 <0>[ 178.905596] 1fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6d88000 0000000d 00000001 <0>[ 178.914072] 1fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d88000 00020000 004efe38 <0>[ 178.922547] 1fe0: 00000004 bec1b788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 <0>[ 178.931011] Call trace: <0>[ 178.931030] execute_location from lkdtm_EXEC_KMALLOC+0x30/0x3c <0>[ 178.940053] lkdtm_EXEC_KMALLOC from lkdtm_do_action+0x24/0x4c <0>[ 178.946138] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 178.951921] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 178.957600] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 178.963177] vfs_write from ksys_write+0x78/0xf8 <0>[ 178.968054] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 178.973428] Exception stack(0xf1bf1fa8 to 0xf1bf1ff0) <0>[ 178.978788] 1fa0: 0000000d 0000000d 00000001 b6d88000 0000000d 00000001 <0>[ 178.987262] 1fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d88000 00020000 004efe38 <0>[ 178.995731] 1fe0: 00000004 bec1b788 b6e4e33b b6dc7616 <0>[ 179.001089] Code: cccccccc cccccccc cccccccc cccccccc (e52de004) <4>[ 179.007445] ---[ end trace 0000000000000000 ]--- <6>[ 179.012392] note: cat[2469] exited with irqs disabled # Segmentation fault # [ 178.365856] lkdtm: Performing direct entry EXEC_KMALLOC # [ 178.370057] lkdtm: attempting ok execution at c0e02084 # [ 178.375484] lkdtm: attempting bad execution at c7c937c0 # [ 178.381009] 8<--- cut here --- # [ 178.384261] Unable to handle kernel paging request at virtual address c7c937c0 when execute # [ 178.392933] [c7c937c0] *pgd=c7c1141e(bad) # [ 178.397205] Internal error: Oops: 8000000d [#8] SMP ARM # [ 178.402664] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 178.439131] CPU: 1 UID: 0 PID: 2469 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 178.448720] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 178.453965] Hardware name: STM32 (Device Tree Support) # [ 178.459412] PC is at 0xc7c937c0 # [ 178.462863] LR is at execute_location+0x9c/0xac # [ 178.467632] pc : [] lr : [] psr: 60080013 # [ 178.474188] sp : f1bf1ea8 ip : 00000000 fp : 004efe38 # [ 178.479736] r10: c89b8e00 r9 : f1bf1f80 r8 : c278bfc0 # [ 178.485185] r7 : f1bf1f80 r6 : 00000001 r5 : c7c937c0 r4 : c0e02084 # [ 178.492044] r3 : c8d90a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 178.498803] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 178.506266] Control: 10c5387d Table: c5b3806a DAC: 00000051 # [ 178.512316] Register r0 information: non-paged memory # [ 178.517674] Register r1 information: NULL pointer # [ 178.522624] Register r2 information: NULL pointer # [ 178.527574] Register r3 information: slab task_struct start c8d90a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 178.541346] copy_process+0x1f4/0x1f64 # [ 178.545602] kernel_clone+0xac/0x388 # [ 178.549757] sys_clone+0x78/0x9c # [ 178.553510] ret_fast_syscall+0x0/0x1c # [ 178.557760] Free path: # [ 178.560489] rcu_core+0x2dc/0xb14 # [ 178.564342] handle_softirqs+0x15c/0x430 # [ 178.568799] irq_exit+0xac/0xd4 # [ 178.572449] call_with_stack+0x18/0x20 # [ 178.576710] __irq_svc+0x9c/0xb8 # [ 178.580456] should_fail_ex+0x58/0x1fc # [ 178.584808] should_failslab+0x84/0xe0 # [ 178.589063] kmem_cache_alloc_noprof+0x4c/0x3a8 # [ 178.594127] anon_vma_clone+0x84/0x214 # [ 178.598381] anon_vma_fork+0x2c/0x174 # [ 178.602633] copy_process+0x1d54/0x1f64 # [ 178.606990] kernel_clone+0xac/0x388 # [ 178.611044] sys_clone+0x78/0x9c # [ 178.614896] ret_fast_syscall+0x0/0x1c # [ 178.619145] Register r4 information: non-slab/vmalloc memory # [ 178.625105] Register r5 information: slab kmalloc-64 start c7c93780 data offset 64 pointer offset 0 size 64 allocated at lkdtm_EXEC_KMALLOC+0x24/0x3c # [ 178.638759] lkdtm_EXEC_KMALLOC+0x24/0x3c # [ 178.643309] lkdtm_do_action+0x24/0x4c # [ 178.647668] direct_entry+0x11c/0x140 # [ 178.651824] full_proxy_write+0x5c/0x8c # [ 178.656175] vfs_write+0xbc/0x3cc # [ 178.660032] ksys_write+0x78/0xf8 # [ 178.663887] ret_fast_syscall+0x0/0x1c # [ 178.668136] Free path: # [ 178.670866] xdr_free_bvec+0x18/0x24 # [ 178.675024] xprt_transmit+0x29c/0x4a0 # [ 178.679275] call_transmit+0x80/0x8c # [ 178.683431] __rpc_execute+0xc8/0x5d0 # [ 178.687589] rpc_async_schedule+0x24/0x40 # [ 178.692146] process_one_work+0x1b8/0x450 # [ 178.696700] worker_thread+0x1d4/0x3c4 # [ 178.700952] kthread+0xe8/0x104 # [ 178.704599] ret_from_fork+0x14/0x28 # [ 178.708747] Register r6 information: non-paged memory # [ 178.714101] Register r7 information: 2-page vmalloc region starting at 0xf1bf0000 allocated at kernel_clone+0xac/0x388 # [ 178.725108] Register r8 information: non-slab/vmalloc memory # [ 178.731066] Register r9 information: 2-page vmalloc region starting at 0xf1bf0000 allocated at kernel_clone+0xac/0x388 # [ 178.742070] Register r10 information: slab kmalloc-192 start c89b8dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 178.755923] full_proxy_open+0x124/0x24c # [ 178.760373] do_dentry_open+0x144/0x4dc # [ 178.764727] vfs_open+0x2c/0xec # [ 178.768478] path_openat+0x748/0x1198 # [ 178.772629] do_filp_open+0x98/0x134 # [ 178.776778] do_sys_openat2+0xbc/0xe4 # [ 178.780932] sys_openat+0x98/0xd4 # [ 178.784784] ret_fast_syscall+0x0/0x1c # [ 178.789032] Free path: # [ 178.791762] full_proxy_release+0x78/0xc0 # [ 178.796312] __fput+0xdc/0x2e8 # [ 178.799960] task_work_run+0x98/0xc8 # [ 178.804018] do_exit+0x374/0xa1c # [ 178.807767] do_group_exit+0x40/0x8c # [ 178.811918] pid_child_should_wake+0x0/0x94 # [ 178.816572] Register r11 information: non-paged memory # [ 178.822027] Register r12 information: NULL pointer # [ 178.827079] Process cat (pid: 2469, stack limit = 0xf1bf0000) # [ 178.833134] Stack: (0xf1bf1ea8 to 0xf1bf2000) # [ 178.837789] 1ea0: c7c937c0 c5c75000 00000000 c0e020ec 0000000d c0e007ac # [ 178.846263] 1ec0: 0000000d c0e00b90 c0e00a74 c8bb3e40 b6d88000 0000000d c3a4f4b8 c0890ff0 # [ 178.854736] 1ee0: c8bb3e40 c0890f94 f1bf1f80 b6d88000 c8d90a40 0000000d c89b8e00 c0628618 # [ 178.863207] 1f00: c5b3adb0 00000000 00000000 00000000 00000000 0000000d b6d88000 0001fff3 # [ 178.871681] 1f20: 00000001 00000000 c8bb3440 00000000 00000000 00000000 00000000 00000000 # [ 178.880159] 1f40: 00000000 00000000 00000000 00000000 00000022 ca955180 00000000 c8bb3e40 # [ 178.888639] 1f60: c8bb3e40 00000000 00000000 c03002f0 c8d90a40 00000004 004efe38 c0628b74 # [ 178.897119] 1f80: 00000000 00000000 00000000 ca955180 000000c0 0000000d 0000000d 7ff00000 # [ 178.905596] 1fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6d88000 0000000d 00000001 # [ 178.914072] 1fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d88000 00020000 004efe38 # [ 178.922547] 1fe0: 00000004 bec1b788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 # [ 178.931011] Call trace: # [ 178.931030] execute_location from lkdtm_EXEC_KMALLOC+0x30/0x3c # [ 178.940053] lkdtm_EXEC_KMALLOC from lkdtm_do_action+0x24/0x4c # [ 178.946138] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 178.951921] direct_entry from full_proxy_write+0x5c/0x8c # [ 178.957600] full_proxy_write from vfs_write+0xbc/0x3cc # [ 178.963177] vfs_write from ksys_write+0x78/0xf8 # [ 178.968054] ksys_write from ret_fast_syscall+0x0/0x1c # [ 178.973428] Exception stack(0xf1bf1fa8 to 0xf1bf1ff0) # [ 178.978788] 1fa0: 0000000d 0000000d 00000001 b6d88000 0000000d 00000001 # [ 178.987262] 1fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d88000 00020000 004efe38 # [ 178.995731] 1fe0: 00000004 bec1b788 b6e4e33b b6dc7616 # [ 179.001089] Code: cccccccc cccccccc cccccccc cccccccc (e52de004) # [ 179.007445] ---[ end trace 0000000000000000 ]--- # [ 179.012392] note: cat[2469] exited with irqs disabled # EXEC_KMALLOC: saw 'call trace:': ok ok 39 selftests: lkdtm: EXEC_KMALLOC.sh # timeout set to 45 # selftests: lkdtm: EXEC_VMALLOC.sh <6>[ 180.933913] lkdtm: Performing direct entry EXEC_VMALLOC <6>[ 180.938314] lkdtm: attempting ok execution at c0e02084 <6>[ 180.943724] lkdtm: attempting bad execution at f094d000 <1>[ 180.949105] 8<--- cut here --- <1>[ 180.952357] Unable to handle kernel execution of memory at virtual address f094d000 when execute <1>[ 180.961434] [f094d000] *pgd=c3236811, *pte=f8dc065f, *ppte=f8dc045f <0>[ 180.968024] Internal error: Oops: 8000000f [#9] SMP ARM <4>[ 180.973510] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 181.009897] CPU: 1 UID: 0 PID: 2551 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 181.019597] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 181.024744] Hardware name: STM32 (Device Tree Support) <4>[ 181.030192] PC is at 0xf094d000 <4>[ 181.033647] LR is at execute_location+0x9c/0xac <4>[ 181.038417] pc : [] lr : [] psr: 60080013 <4>[ 181.044974] sp : f1c6dea8 ip : 00000000 fp : 0049fe38 <4>[ 181.050523] r10: c89b8e00 r9 : f1c6df80 r8 : c278bfc8 <4>[ 181.055973] r7 : f1c6df80 r6 : 00000001 r5 : f094d000 r4 : c0e02084 <4>[ 181.062830] r3 : c8f09440 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 181.069588] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 181.077053] Control: 10c5387d Table: c598406a DAC: 00000051 <1>[ 181.083103] Register r0 information: non-paged memory <1>[ 181.088462] Register r1 information: NULL pointer <1>[ 181.093414] Register r2 information: NULL pointer <1>[ 181.098364] Register r3 information: slab task_struct start c8f09400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 181.112137] copy_process+0x1f4/0x1f64 <6>[ 181.116394] kernel_clone+0xac/0x388 <6>[ 181.120550] sys_clone+0x78/0x9c <6>[ 181.124302] ret_fast_syscall+0x0/0x1c <1>[ 181.128552] Register r4 information: non-slab/vmalloc memory <1>[ 181.134513] Register r5 information: 1-page vmalloc region starting at 0xf094d000 allocated at lkdtm_EXEC_VMALLOC+0x14/0x2c <1>[ 181.145918] Register r6 information: non-paged memory <1>[ 181.151271] Register r7 information: 2-page vmalloc region starting at 0xf1c6c000 allocated at kernel_clone+0xac/0x388 <1>[ 181.162278] Register r8 information: non-slab/vmalloc memory <1>[ 181.168236] Register r9 information: 2-page vmalloc region starting at 0xf1c6c000 allocated at kernel_clone+0xac/0x388 <1>[ 181.179240] Register r10 information: slab kmalloc-192 start c89b8dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 181.193194] full_proxy_open+0x124/0x24c <6>[ 181.197644] do_dentry_open+0x144/0x4dc <6>[ 181.202000] vfs_open+0x2c/0xec <6>[ 181.205650] path_openat+0x748/0x1198 <6>[ 181.209901] do_filp_open+0x98/0x134 <6>[ 181.213951] do_sys_openat2+0xbc/0xe4 <6>[ 181.218205] sys_openat+0x98/0xd4 <6>[ 181.221956] ret_fast_syscall+0x0/0x1c <4>[ 181.226304] Free path: <6>[ 181.229035] full_proxy_release+0x78/0xc0 <6>[ 181.233585] __fput+0xdc/0x2e8 <6>[ 181.237129] task_work_run+0x98/0xc8 <6>[ 181.241186] do_exit+0x374/0xa1c <6>[ 181.245038] do_group_exit+0x40/0x8c <6>[ 181.249089] pid_child_should_wake+0x0/0x94 <1>[ 181.253844] Register r11 information: non-paged memory <1>[ 181.259198] Register r12 information: NULL pointer <0>[ 181.264350] Process cat (pid: 2551, stack limit = 0xf1c6c000) <0>[ 181.270305] Stack: (0xf1c6dea8 to 0xf1c6e000) <0>[ 181.274959] dea0: f094d000 c8f1c000 00000000 c0e020b0 0000000d c0e007ac <0>[ 181.283432] dec0: 0000000d c0e00b90 c0e00a74 c8bb3c40 b6e38000 0000000d c3a4f4b8 c0890ff0 <0>[ 181.291905] dee0: c8bb3c40 c0890f94 f1c6df80 b6e38000 c8f09440 0000000d c89b8e00 c0628618 <0>[ 181.300377] df00: c5986db8 00000000 00000000 00000000 00000000 0000000d b6e38000 0001fff3 <0>[ 181.308947] df20: 00000001 00000000 c8bb3b40 00000000 00000000 00000000 00000000 00000000 <0>[ 181.317419] df40: 00000000 00000000 00000000 00000000 00000022 a697a4bc 00000000 c8bb3c40 <0>[ 181.325891] df60: c8bb3c40 00000000 00000000 c03002f0 c8f09440 00000004 0049fe38 c0628b74 <0>[ 181.334363] df80: 00000000 00000000 00000000 a697a4bc 000000c0 0000000d 0000000d 7ff00000 <0>[ 181.342835] dfa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6e38000 0000000d 00000001 <0>[ 181.351307] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e38000 00020000 0049fe38 <0>[ 181.359779] dfe0: 00000004 be9e6788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 181.368244] Call trace: <0>[ 181.368264] execute_location from lkdtm_EXEC_VMALLOC+0x20/0x2c <0>[ 181.377288] lkdtm_EXEC_VMALLOC from lkdtm_do_action+0x24/0x4c <0>[ 181.383382] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 181.389177] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 181.394866] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 181.400360] vfs_write from ksys_write+0x78/0xf8 <0>[ 181.405248] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 181.410626] Exception stack(0xf1c6dfa8 to 0xf1c6dff0) <0>[ 181.415989] dfa0: 0000000d 0000000d 00000001 b6e38000 0000000d 00000001 <0>[ 181.424466] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e38000 00020000 0049fe38 <0>[ 181.432936] dfe0: 00000004 be9e6788 b6efe33b b6e77616 <0>[ 181.438294] Code: bad PC value <4>[ 181.441826] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 180.933913] lkdtm: Performing direct entry EXEC_VMALLOC # [ 180.938314] lkdtm: attempting ok execution at c0e02084 # [ 180.943724] lkdtm: attempting bad execution at f094d000 # [ 180.949105] 8<--- cut here --- # [ 180.952357] Unable to handle kernel execution of memory at virtual address f094d000 when execute # [ 180.961434] [f094d000] *pgd=c3236811, *pte=f8dc065f, *ppte=f8dc045f # [ 180.968024] Internal error: Oops: 8000000f [#9] SMP ARM # [ 180.973510] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 181.009897] CPU: 1 UID: 0 PID: 2551 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 181.019597] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 181.024744] Hardware name: STM32 (Device Tree Support) # [ 181.030192] PC is at 0xf094d000 # [ 181.033647] LR is at execute_location+0x9c/0xac # [ 181.038417] pc : [] lr : [] psr: 60080013 # [ 181.044974] sp : f1c6dea8 ip : 00000000 fp : 0049fe38 # [ 181.050523] r10: c89b8e00 r9 : f1c6df80 r8 : c278bfc8 # [ 181.055973] r7 : f1c6df80 r6 : 00000001 r5 : f094d000 r4 : c0e02084 # [ 181.062830] r3 : c8f09440 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 181.069588] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 181.077053] Control: 10c5387d Table: c598406a DAC: 00000051 # [ 181.083103] Register r0 information: non-paged memory # [ 181.088462] Register r1 information: NULL pointer # [ 181.093414] Register r2 information: NULL pointer # [ 181.098364] Register r3 information: slab task_struct start c8f09400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 181.112137] copy_process+0x1f4/0x1f64 # [ 181.116394] kernel_clone+0xac/0x388 # [ 181.120550] sys_clone+0x78/0x9c # [ 181.124302] ret_fast_syscall+0x0/0x1c # [ 181.128552] Register r4 information: non-slab/vmalloc memory # [ 181.134513] Register r5 information: 1-page vmalloc region starting at 0xf094d000 allocated at lkdtm_EXEC_VMALLOC+0x14/0x2c # [ 181.145918] Register r6 information: non-paged memory # [ 181.151271] Register r7 information: 2-page vmalloc region starting at 0xf1c6c000 allocated at kernel_clone+0xac/0x388 # [ 181.162278] Register r8 information: non-slab/vmalloc memory # [ 181.168236] Register r9 information: 2-page vmalloc region starting at 0xf1c6c000 allocated at kernel_clone+0xac/0x388 # [ 181.179240] Register r10 information: slab kmalloc-192 start c89b8dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 181.193194] full_proxy_open+0x124/0x24c # [ 181.197644] do_dentry_open+0x144/0x4dc # [ 181.202000] vfs_open+0x2c/0xec # [ 181.205650] path_openat+0x748/0x1198 # [ 181.209901] do_filp_open+0x98/0x134 # [ 181.213951] do_sys_openat2+0xbc/0xe4 # [ 181.218205] sys_openat+0x98/0xd4 # [ 181.221956] ret_fast_syscall+0x0/0x1c # [ 181.226304] Free path: # [ 181.229035] full_proxy_release+0x78/0xc0 # [ 181.233585] __fput+0xdc/0x2e8 # [ 181.237129] task_work_run+0x98/0xc8 # [ 181.241186] do_exit+0x374/0xa1c # [ 181.245038] do_group_exit+0x40/0x8c # [ 181.249089] pid_child_should_wake+0x0/0x94 # [ 181.253844] Register r11 information: non-paged memory # [ 181.259198] Register r12 information: NULL pointer # [ 181.264350] Process cat (pid: 2551, stack limit = 0xf1c6c000) # [ 181.270305] Stack: (0xf1c6dea8 to 0xf1c6e000) # [ 181.274959] dea0: f094d000 c8f1c000 00000000 c0e020b0 0000000d c0e007ac # [ 181.283432] dec0: 0000000d c0e00b90 c0e00a74 c8bb3c40 b6e38000 0000000d c3a4f4b8 c0890ff0 # [ 181.291905] dee0: c8bb3c40 c0890f94 f1c6df80 b6e38000 c8f09440 0000000d c89b8e00 c0628618 # [ 181.300377] df00: c5986db8 00000000 00000000 00000000 00000000 0000000d b6e38000 0001fff3 # [ 181.308947] df20: 00000001 00000000 c8bb3b40 00000000 00000000 00000000 00000000 00000000 # [ 181.317419] df40: 00000000 00000000 00000000 00000000 00000022 a697a4bc 00000000 c8bb3c40 # [ 181.325891] df60: c8bb3c40 00000000 00000000 c03002f0 c8f09440 00000004 0049fe38 c0628b74 # [ 181.334363] df80: 00000000 00000000 00000000 a697a4bc 000000c0 0000000d 0000000d 7ff00000 # [ 181.342835] dfa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6e38000 0000000d 00000001 # [ 181.351307] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e38000 00020000 0049fe38 # [ 181.359779] dfe0: 00000004 be9e6788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 181.368244] Call trace: # [ 181.368264] execute_location from lkdtm_EXEC_VMALLOC+0x20/0x2c # [ 181.377288] lkdtm_EXEC_VMALLOC from lkdtm_do_action+0x24/0x4c # [ 181.383382] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 181.389177] direct_entry from full_proxy_write+0x5c/0x8c # [ 181.394866] full_proxy_write from vfs_write+0xbc/0x3cc # [ 181.400360] vfs_write from ksys_write+0x78/0xf8 # [ 181.405248] ksys_write from ret_fast_syscall+0x0/0x1c # [ 181.410626] Exception stack(0xf1c6dfa8 to 0xf1c6dff0) # [ 181.415989] dfa0: 0000000d 0000000d 00000001 b6e38000 0000000d 00000001 # [ 181.424466] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e38000 00020000 0049fe38 # [ 181.432936] dfe0: 00000004 be9e6788 b6efe33b b6e77616 # [ 181.438294] Code: bad PC value # [ 181.441826] ---[ end trace 0000000000000000 ]--- # EXEC_VMALLOC: saw 'call trace:': ok ok 40 selftests: lkdtm: EXEC_VMALLOC.sh # timeout set to 45 # selftests: lkdtm: EXEC_RODATA.sh <6>[ 183.286329] lkdtm: Performing direct entry EXEC_RODATA <6>[ 183.290537] lkdtm: attempting ok execution at c0e02084 <6>[ 183.296413] lkdtm: attempting bad execution at c1a71d20 <1>[ 183.301474] 8<--- cut here --- <1>[ 183.304633] Unable to handle kernel paging request at virtual address c1a71d20 when execute <1>[ 183.313306] [c1a71d20] *pgd=c1a1941e(bad) <0>[ 183.317574] Internal error: Oops: 8000000d [#10] SMP ARM <4>[ 183.323130] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 183.359595] CPU: 0 UID: 0 PID: 2633 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 183.369284] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 183.374529] Hardware name: STM32 (Device Tree Support) <4>[ 183.379875] PC is at lkdtm_rodata_do_nothing+0x0/0x4 <4>[ 183.385149] LR is at execute_location+0x9c/0xac <4>[ 183.390013] pc : [] lr : [] psr: 60080013 <4>[ 183.396569] sp : f1cf5eb0 ip : 00000000 fp : 004bfe38 <4>[ 183.402017] r10: c89b87c0 r9 : f1cf5f80 r8 : c278bfd0 <4>[ 183.407566] r7 : f1cf5f80 r6 : 00000000 r5 : c1a71d20 r4 : c0e02084 <4>[ 183.414323] r3 : c7a61e40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 183.421182] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 183.428646] Control: 10c5387d Table: c8e6006a DAC: 00000051 <1>[ 183.434695] Register r0 information: non-paged memory <1>[ 183.439953] Register r1 information: NULL pointer <1>[ 183.445005] Register r2 information: NULL pointer <1>[ 183.449956] Register r3 information: slab task_struct start c7a61e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 183.463624] copy_process+0x1f4/0x1f64 <6>[ 183.467981] kernel_clone+0xac/0x388 <6>[ 183.472035] sys_clone+0x78/0x9c <6>[ 183.475788] ret_fast_syscall+0x0/0x1c <4>[ 183.480139] Free path: <6>[ 183.482868] rcu_core+0x2dc/0xb14 <6>[ 183.486621] handle_softirqs+0x15c/0x430 <6>[ 183.491079] irq_exit+0xac/0xd4 <6>[ 183.494829] call_with_stack+0x18/0x20 <6>[ 183.499090] __irq_svc+0x9c/0xb8 <6>[ 183.502837] __legitimize_path+0x0/0x70 <6>[ 183.507198] try_to_unlazy+0x3c/0xe8 <6>[ 183.511347] complete_walk+0x40/0xbc <6>[ 183.515393] path_lookupat+0xc4/0x1a4 <6>[ 183.519643] filename_lookup+0xc0/0x190 <6>[ 183.523994] vfs_statx+0x78/0xe8 <6>[ 183.527744] do_statx+0x74/0xb4 <6>[ 183.531393] sys_statx+0x78/0xf4 <6>[ 183.535244] ret_fast_syscall+0x0/0x1c <1>[ 183.539493] Register r4 information: non-slab/vmalloc memory <1>[ 183.545452] Register r5 information: non-slab/vmalloc memory <1>[ 183.551408] Register r6 information: NULL pointer <1>[ 183.556358] Register r7 information: 2-page vmalloc region starting at 0xf1cf4000 allocated at kernel_clone+0xac/0x388 <1>[ 183.567366] Register r8 information: non-slab/vmalloc memory <1>[ 183.573323] Register r9 information: 2-page vmalloc region starting at 0xf1cf4000 allocated at kernel_clone+0xac/0x388 <1>[ 183.584328] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 183.598281] full_proxy_open+0x124/0x24c <6>[ 183.602730] do_dentry_open+0x144/0x4dc <6>[ 183.607085] vfs_open+0x2c/0xec <6>[ 183.610736] path_openat+0x748/0x1198 <6>[ 183.614886] do_filp_open+0x98/0x134 <6>[ 183.619037] do_sys_openat2+0xbc/0xe4 <6>[ 183.623202] sys_openat+0x98/0xd4 <6>[ 183.627064] ret_fast_syscall+0x0/0x1c <4>[ 183.631323] Free path: <6>[ 183.634057] nfs_pgio_header_free+0x34/0x48 <6>[ 183.638820] nfs_write_completion+0x60/0x240 <6>[ 183.643573] rpc_free_task+0x34/0x54 <6>[ 183.647732] rpc_async_release+0x24/0x40 <6>[ 183.652187] process_one_work+0x1b8/0x450 <6>[ 183.656743] worker_thread+0x1d4/0x3c4 <6>[ 183.660995] kthread+0xe8/0x104 <6>[ 183.664642] ret_from_fork+0x14/0x28 <1>[ 183.668791] Register r11 information: non-paged memory <1>[ 183.674247] Register r12 information: NULL pointer <0>[ 183.679299] Process cat (pid: 2633, stack limit = 0xf1cf4000) <0>[ 183.685356] Stack: (0xf1cf5eb0 to 0xf1cf6000) <0>[ 183.689908] 5ea0: 0000000c c8f19000 00000000 c0e007ac <0>[ 183.698483] 5ec0: 0000000c c0e00b90 c0e00a74 c8bb3c40 b6db8000 0000000c c3a4f4b8 c0890ff0 <0>[ 183.706956] 5ee0: c8bb3c40 c0890f94 f1cf5f80 b6db8000 c7a61e40 0000000c c89b87c0 c0628618 <0>[ 183.715428] 5f00: c8e62db0 00000000 00000000 00000000 00000000 0000000c b6db8000 0001fff4 <0>[ 183.723899] 5f20: 00000001 00000000 c8bb3440 00000000 00000000 00000000 00000000 00000000 <0>[ 183.732371] 5f40: 00000000 00000000 00000000 00000000 00000022 a7dfd6d6 00000000 c8bb3c40 <0>[ 183.740843] 5f60: c8bb3c40 00000000 00000000 c03002f0 c7a61e40 00000004 004bfe38 c0628b74 <0>[ 183.749315] 5f80: 00000000 00000000 00000000 a7dfd6d6 000000c0 0000000c 0000000c 7ff00000 <0>[ 183.757787] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6db8000 0000000c 00000001 <0>[ 183.766259] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6db8000 00020000 004bfe38 <0>[ 183.774731] 5fe0: 00000004 be950788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 <0>[ 183.783295] Call trace: <0>[ 183.783316] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 183.792037] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 183.797719] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 183.803395] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 183.808971] vfs_write from ksys_write+0x78/0xf8 <0>[ 183.813848] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 183.819219] Exception stack(0xf1cf5fa8 to 0xf1cf5ff0) <0>[ 183.824575] 5fa0: 0000000c 0000000c 00000001 b6db8000 0000000c 00000001 <0>[ 183.833047] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6db8000 00020000 004bfe38 <0>[ 183.841615] 5fe0: 00000004 be950788 b6e7e33b b6df7616 <0>[ 183.846873] Code: 5f727563 6e756f63 00000074 aa55aa55 (e12fff1e) <4>[ 183.853329] ---[ end trace 0000000000000000 ]--- <6>[ 183.858174] note: cat[2633] exited with irqs disabled # Segmentation fault # [ 183.286329] lkdtm: Performing direct entry EXEC_RODATA # [ 183.290537] lkdtm: attempting ok execution at c0e02084 # [ 183.296413] lkdtm: attempting bad execution at c1a71d20 # [ 183.301474] 8<--- cut here --- # [ 183.304633] Unable to handle kernel paging request at virtual address c1a71d20 when execute # [ 183.313306] [c1a71d20] *pgd=c1a1941e(bad) # [ 183.317574] Internal error: Oops: 8000000d [#10] SMP ARM # [ 183.323130] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 183.359595] CPU: 0 UID: 0 PID: 2633 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 183.369284] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 183.374529] Hardware name: STM32 (Device Tree Support) # [ 183.379875] PC is at lkdtm_rodata_do_nothing+0x0/0x4 # [ 183.385149] LR is at execute_location+0x9c/0xac # [ 183.390013] pc : [] lr : [] psr: 60080013 # [ 183.396569] sp : f1cf5eb0 ip : 00000000 fp : 004bfe38 # [ 183.402017] r10: c89b87c0 r9 : f1cf5f80 r8 : c278bfd0 # [ 183.407566] r7 : f1cf5f80 r6 : 00000000 r5 : c1a71d20 r4 : c0e02084 # [ 183.414323] r3 : c7a61e40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 183.421182] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 183.428646] Control: 10c5387d Table: c8e6006a DAC: 00000051 # [ 183.434695] Register r0 information: non-paged memory # [ 183.439953] Register r1 information: NULL pointer # [ 183.445005] Register r2 information: NULL pointer # [ 183.449956] Register r3 information: slab task_struct start c7a61e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 183.463624] copy_process+0x1f4/0x1f64 # [ 183.467981] kernel_clone+0xac/0x388 # [ 183.472035] sys_clone+0x78/0x9c # [ 183.475788] ret_fast_syscall+0x0/0x1c # [ 183.480139] Free path: # [ 183.482868] rcu_core+0x2dc/0xb14 # [ 183.486621] handle_softirqs+0x15c/0x430 # [ 183.491079] irq_exit+0xac/0xd4 # [ 183.494829] call_with_stack+0x18/0x20 # [ 183.499090] __irq_svc+0x9c/0xb8 # [ 183.502837] __legitimize_path+0x0/0x70 # [ 183.507198] try_to_unlazy+0x3c/0xe8 # [ 183.511347] complete_walk+0x40/0xbc # [ 183.515393] path_lookupat+0xc4/0x1a4 # [ 183.519643] filename_lookup+0xc0/0x190 # [ 183.523994] vfs_statx+0x78/0xe8 # [ 183.527744] do_statx+0x74/0xb4 # [ 183.531393] sys_statx+0x78/0xf4 # [ 183.535244] ret_fast_syscall+0x0/0x1c # [ 183.539493] Register r4 information: non-slab/vmalloc memory # [ 183.545452] Register r5 information: non-slab/vmalloc memory # [ 183.551408] Register r6 information: NULL pointer # [ 183.556358] Register r7 information: 2-page vmalloc region starting at 0xf1cf4000 allocated at kernel_clone+0xac/0x388 # [ 183.567366] Register r8 information: non-slab/vmalloc memory # [ 183.573323] Register r9 information: 2-page vmalloc region starting at 0xf1cf4000 allocated at kernel_clone+0xac/0x388 # [ 183.584328] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 183.598281] full_proxy_open+0x124/0x24c # [ 183.602730] do_dentry_open+0x144/0x4dc # [ 183.607085] vfs_open+0x2c/0xec # [ 183.610736] path_openat+0x748/0x1198 # [ 183.614886] do_filp_open+0x98/0x134 # [ 183.619037] do_sys_openat2+0xbc/0xe4 # [ 183.623202] sys_openat+0x98/0xd4 # [ 183.627064] ret_fast_syscall+0x0/0x1c # [ 183.631323] Free path: # [ 183.634057] nfs_pgio_header_free+0x34/0x48 # [ 183.638820] nfs_write_completion+0x60/0x240 # [ 183.643573] rpc_free_task+0x34/0x54 # [ 183.647732] rpc_async_release+0x24/0x40 # [ 183.652187] process_one_work+0x1b8/0x450 # [ 183.656743] worker_thread+0x1d4/0x3c4 # [ 183.660995] kthread+0xe8/0x104 # [ 183.664642] ret_from_fork+0x14/0x28 # [ 183.668791] Register r11 information: non-paged memory # [ 183.674247] Register r12 information: NULL pointer # [ 183.679299] Process cat (pid: 2633, stack limit = 0xf1cf4000) # [ 183.685356] Stack: (0xf1cf5eb0 to 0xf1cf6000) # [ 183.689908] 5ea0: 0000000c c8f19000 00000000 c0e007ac # [ 183.698483] 5ec0: 0000000c c0e00b90 c0e00a74 c8bb3c40 b6db8000 0000000c c3a4f4b8 c0890ff0 # [ 183.706956] 5ee0: c8bb3c40 c0890f94 f1cf5f80 b6db8000 c7a61e40 0000000c c89b87c0 c0628618 # [ 183.715428] 5f00: c8e62db0 00000000 00000000 00000000 00000000 0000000c b6db8000 0001fff4 # [ 183.723899] 5f20: 00000001 00000000 c8bb3440 00000000 00000000 00000000 00000000 00000000 # [ 183.732371] 5f40: 00000000 00000000 00000000 00000000 00000022 a7dfd6d6 00000000 c8bb3c40 # [ 183.740843] 5f60: c8bb3c40 00000000 00000000 c03002f0 c7a61e40 00000004 004bfe38 c0628b74 # [ 183.749315] 5f80: 00000000 00000000 00000000 a7dfd6d6 000000c0 0000000c 0000000c 7ff00000 # [ 183.757787] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6db8000 0000000c 00000001 # [ 183.766259] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6db8000 00020000 004bfe38 # [ 183.774731] 5fe0: 00000004 be950788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 # [ 183.783295] Call trace: # [ 183.783316] execute_location from lkdtm_do_action+0x24/0x4c # [ 183.792037] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 183.797719] direct_entry from full_proxy_write+0x5c/0x8c # [ 183.803395] full_proxy_write from vfs_write+0xbc/0x3cc # [ 183.808971] vfs_write from ksys_write+0x78/0xf8 # [ 183.813848] ksys_write from ret_fast_syscall+0x0/0x1c # [ 183.819219] Exception stack(0xf1cf5fa8 to 0xf1cf5ff0) # [ 183.824575] 5fa0: 0000000c 0000000c 00000001 b6db8000 0000000c 00000001 # [ 183.833047] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6db8000 00020000 004bfe38 # [ 183.841615] 5fe0: 00000004 be950788 b6e7e33b b6df7616 # [ 183.846873] Code: 5f727563 6e756f63 00000074 aa55aa55 (e12fff1e) # [ 183.853329] ---[ end trace 0000000000000000 ]--- # [ 183.858174] note: cat[2633] exited with irqs disabled # EXEC_RODATA: saw 'call trace:': ok ok 41 selftests: lkdtm: EXEC_RODATA.sh # timeout set to 45 # selftests: lkdtm: EXEC_USERSPACE.sh <6>[ 185.735575] lkdtm: Performing direct entry EXEC_USERSPACE <6>[ 185.740153] lkdtm: attempting ok execution at c0e02084 <6>[ 185.747095] lkdtm: attempting bad execution at b6fa5000 <1>[ 185.751850] 8<--- cut here --- <1>[ 185.754509] Unhandled prefetch abort: page domain fault (0x00b) at 0xb6fa5000 <0>[ 185.761985] Internal error: : b [#11] SMP ARM <4>[ 185.766638] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 185.803109] CPU: 0 UID: 0 PID: 2714 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 185.812699] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 185.817945] Hardware name: STM32 (Device Tree Support) <4>[ 185.823391] PC is at 0xb6fa5000 <4>[ 185.826742] LR is at lkdtm_EXEC_USERSPACE+0xb4/0xc4 <4>[ 185.831903] pc : [] lr : [] psr: 60070013 <4>[ 185.838458] sp : f1d59eb0 ip : 00000000 fp : 0048fe38 <4>[ 185.844007] r10: c89b87c0 r9 : f1d59f80 r8 : c278bfd8 <4>[ 185.849456] r7 : f1d59f80 r6 : 00000000 r5 : c5a68000 r4 : b6fa5000 <4>[ 185.856314] r3 : c5be8a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 185.863172] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 185.870536] Control: 10c5387d Table: c8e4406a DAC: 00000051 <1>[ 185.876586] Register r0 information: non-paged memory <1>[ 185.881943] Register r1 information: NULL pointer <1>[ 185.886894] Register r2 information: NULL pointer <1>[ 185.891944] Register r3 information: slab task_struct start c5be8a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 185.905614] copy_process+0x1f4/0x1f64 <6>[ 185.909970] kernel_clone+0xac/0x388 <6>[ 185.914025] sys_clone+0x78/0x9c <6>[ 185.917778] ret_fast_syscall+0x0/0x1c <4>[ 185.922028] Free path: <6>[ 185.924757] rcu_core+0x2dc/0xb14 <6>[ 185.928610] handle_softirqs+0x15c/0x430 <6>[ 185.933068] irq_exit+0xac/0xd4 <6>[ 185.936718] call_with_stack+0x18/0x20 <6>[ 185.941080] __irq_svc+0x9c/0xb8 <6>[ 185.944827] set_ptes+0x60/0x70 <6>[ 185.948478] filemap_map_pages+0x1ec/0x5c8 <6>[ 185.953135] handle_mm_fault+0x918/0x1198 <6>[ 185.957695] do_page_fault+0x1ac/0x470 <6>[ 185.961951] do_PrefetchAbort+0x40/0xa0 <6>[ 185.966301] ret_from_exception+0x0/0x1c <1>[ 185.970753] Register r4 information: non-paged memory <1>[ 185.976107] Register r5 information: non-slab/vmalloc memory <1>[ 185.982065] Register r6 information: NULL pointer <1>[ 185.987015] Register r7 information: 2-page vmalloc region starting at 0xf1d58000 allocated at kernel_clone+0xac/0x388 <1>[ 185.998024] Register r8 information: non-slab/vmalloc memory <1>[ 186.003982] Register r9 information: 2-page vmalloc region starting at 0xf1d58000 allocated at kernel_clone+0xac/0x388 <1>[ 186.014988] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 186.028944] full_proxy_open+0x124/0x24c <6>[ 186.033395] do_dentry_open+0x144/0x4dc <6>[ 186.037750] vfs_open+0x2c/0xec <6>[ 186.041401] path_openat+0x748/0x1198 <6>[ 186.045653] do_filp_open+0x98/0x134 <6>[ 186.049703] do_sys_openat2+0xbc/0xe4 <6>[ 186.053957] sys_openat+0x98/0xd4 <6>[ 186.057809] ret_fast_syscall+0x0/0x1c <4>[ 186.062057] Free path: <6>[ 186.064787] nfs_pgio_header_free+0x34/0x48 <6>[ 186.069446] nfs_write_completion+0x60/0x240 <6>[ 186.074298] rpc_free_task+0x34/0x54 <6>[ 186.078457] rpc_async_release+0x24/0x40 <6>[ 186.082914] process_one_work+0x1b8/0x450 <6>[ 186.087369] worker_thread+0x1d4/0x3c4 <6>[ 186.091721] kthread+0xe8/0x104 <6>[ 186.095369] ret_from_fork+0x14/0x28 <1>[ 186.099517] Register r11 information: non-paged memory <1>[ 186.104872] Register r12 information: NULL pointer <0>[ 186.110024] Process cat (pid: 2714, stack limit = 0xf1d58000) <0>[ 186.115979] Stack: (0xf1d59eb0 to 0xf1d5a000) <0>[ 186.120631] 9ea0: 00000001 00000000 0000000f c0e007ac <0>[ 186.129113] 9ec0: 0000000f c0e00b90 c0e00a74 c88a8940 b6e48000 0000000f c3a4f4b8 c0890ff0 <0>[ 186.137592] 9ee0: c88a8940 c0890f94 f1d59f80 b6e48000 c5be8a40 0000000f c89b87c0 c0628618 <0>[ 186.146067] 9f00: c8e46db8 00000000 00000000 00000000 00000000 0000000f b6e48000 0001fff1 <0>[ 186.154541] 9f20: 00000001 00000000 c88a8340 00000000 00000000 00000000 00000000 00000000 <0>[ 186.163014] 9f40: 00000000 00000000 00000000 00000000 00000022 c50eb240 00000000 c88a8940 <0>[ 186.171587] 9f60: c88a8940 00000000 00000000 c03002f0 c5be8a40 00000004 0048fe38 c0628b74 <0>[ 186.180059] 9f80: 00000000 00000000 00000000 c50eb240 000000c0 0000000f 0000000f 7ff00000 <0>[ 186.188530] 9fa0: 00000004 c03000c0 0000000f 0000000f 00000001 b6e48000 0000000f 00000001 <0>[ 186.197002] 9fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e48000 00020000 0048fe38 <0>[ 186.205475] 9fe0: 00000004 be860788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 186.213939] Call trace: <0>[ 186.213960] lkdtm_EXEC_USERSPACE from lkdtm_do_action+0x24/0x4c <0>[ 186.223081] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 186.228765] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 186.234543] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 186.240022] vfs_write from ksys_write+0x78/0xf8 <0>[ 186.244899] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 186.250371] Exception stack(0xf1d59fa8 to 0xf1d59ff0) <0>[ 186.255628] 9fa0: 0000000f 0000000f 00000001 b6e48000 0000000f 00000001 <0>[ 186.264100] 9fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e48000 00020000 0048fe38 <0>[ 186.272669] 9fe0: 00000004 be860788 b6f0e33b b6e87616 <0>[ 186.277918] Code: bad PC value <4>[ 186.281257] ---[ end trace 0000000000000000 ]--- <6>[ 186.286202] note: cat[2714] exited with irqs disabled # Segmentation fault # [ 185.735575] lkdtm: Performing direct entry EXEC_USERSPACE # [ 185.740153] lkdtm: attempting ok execution at c0e02084 # [ 185.747095] lkdtm: attempting bad execution at b6fa5000 # [ 185.751850] 8<--- cut here --- # [ 185.754509] Unhandled prefetch abort: page domain fault (0x00b) at 0xb6fa5000 # [ 185.761985] Internal error: : b [#11] SMP ARM # [ 185.766638] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 185.803109] CPU: 0 UID: 0 PID: 2714 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 185.812699] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 185.817945] Hardware name: STM32 (Device Tree Support) # [ 185.823391] PC is at 0xb6fa5000 # [ 185.826742] LR is at lkdtm_EXEC_USERSPACE+0xb4/0xc4 # [ 185.831903] pc : [] lr : [] psr: 60070013 # [ 185.838458] sp : f1d59eb0 ip : 00000000 fp : 0048fe38 # [ 185.844007] r10: c89b87c0 r9 : f1d59f80 r8 : c278bfd8 # [ 185.849456] r7 : f1d59f80 r6 : 00000000 r5 : c5a68000 r4 : b6fa5000 # [ 185.856314] r3 : c5be8a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 185.863172] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 185.870536] Control: 10c5387d Table: c8e4406a DAC: 00000051 # [ 185.876586] Register r0 information: non-paged memory # [ 185.881943] Register r1 information: NULL pointer # [ 185.886894] Register r2 information: NULL pointer # [ 185.891944] Register r3 information: slab task_struct start c5be8a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 185.905614] copy_process+0x1f4/0x1f64 # [ 185.909970] kernel_clone+0xac/0x388 # [ 185.914025] sys_clone+0x78/0x9c # [ 185.917778] ret_fast_syscall+0x0/0x1c # [ 185.922028] Free path: # [ 185.924757] rcu_core+0x2dc/0xb14 # [ 185.928610] handle_softirqs+0x15c/0x430 # [ 185.933068] irq_exit+0xac/0xd4 # [ 185.936718] call_with_stack+0x18/0x20 # [ 185.941080] __irq_svc+0x9c/0xb8 # [ 185.944827] set_ptes+0x60/0x70 # [ 185.948478] filemap_map_pages+0x1ec/0x5c8 # [ 185.953135] handle_mm_fault+0x918/0x1198 # [ 185.957695] do_page_fault+0x1ac/0x470 # [ 185.961951] do_PrefetchAbort+0x40/0xa0 # [ 185.966301] ret_from_exception+0x0/0x1c # [ 185.970753] Register r4 information: non-paged memory # [ 185.976107] Register r5 information: non-slab/vmalloc memory # [ 185.982065] Register r6 information: NULL pointer # [ 185.987015] Register r7 information: 2-page vmalloc region starting at 0xf1d58000 allocated at kernel_clone+0xac/0x388 # [ 185.998024] Register r8 information: non-slab/vmalloc memory # [ 186.003982] Register r9 information: 2-page vmalloc region starting at 0xf1d58000 allocated at kernel_clone+0xac/0x388 # [ 186.014988] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 186.028944] full_proxy_open+0x124/0x24c # [ 186.033395] do_dentry_open+0x144/0x4dc # [ 186.037750] vfs_open+0x2c/0xec # [ 186.041401] path_openat+0x748/0x1198 # [ 186.045653] do_filp_open+0x98/0x134 # [ 186.049703] do_sys_openat2+0xbc/0xe4 # [ 186.053957] sys_openat+0x98/0xd4 # [ 186.057809] ret_fast_syscall+0x0/0x1c # [ 186.062057] Free path: # [ 186.064787] nfs_pgio_header_free+0x34/0x48 # [ 186.069446] nfs_write_completion+0x60/0x240 # [ 186.074298] rpc_free_task+0x34/0x54 # [ 186.078457] rpc_async_release+0x24/0x40 # [ 186.082914] process_one_work+0x1b8/0x450 # [ 186.087369] worker_thread+0x1d4/0x3c4 # [ 186.091721] kthread+0xe8/0x104 # [ 186.095369] ret_from_fork+0x14/0x28 # [ 186.099517] Register r11 information: non-paged memory # [ 186.104872] Register r12 information: NULL pointer # [ 186.110024] Process cat (pid: 2714, stack limit = 0xf1d58000) # [ 186.115979] Stack: (0xf1d59eb0 to 0xf1d5a000) # [ 186.120631] 9ea0: 00000001 00000000 0000000f c0e007ac # [ 186.129113] 9ec0: 0000000f c0e00b90 c0e00a74 c88a8940 b6e48000 0000000f c3a4f4b8 c0890ff0 # [ 186.137592] 9ee0: c88a8940 c0890f94 f1d59f80 b6e48000 c5be8a40 0000000f c89b87c0 c0628618 # [ 186.146067] 9f00: c8e46db8 00000000 00000000 00000000 00000000 0000000f b6e48000 0001fff1 # [ 186.154541] 9f20: 00000001 00000000 c88a8340 00000000 00000000 00000000 00000000 00000000 # [ 186.163014] 9f40: 00000000 00000000 00000000 00000000 00000022 c50eb240 00000000 c88a8940 # [ 186.171587] 9f60: c88a8940 00000000 00000000 c03002f0 c5be8a40 00000004 0048fe38 c0628b74 # [ 186.180059] 9f80: 00000000 00000000 00000000 c50eb240 000000c0 0000000f 0000000f 7ff00000 # [ 186.188530] 9fa0: 00000004 c03000c0 0000000f 0000000f 00000001 b6e48000 0000000f 00000001 # [ 186.197002] 9fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e48000 00020000 0048fe38 # [ 186.205475] 9fe0: 00000004 be860788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 186.213939] Call trace: # [ 186.213960] lkdtm_EXEC_USERSPACE from lkdtm_do_action+0x24/0x4c # [ 186.223081] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 186.228765] direct_entry from full_proxy_write+0x5c/0x8c # [ 186.234543] full_proxy_write from vfs_write+0xbc/0x3cc # [ 186.240022] vfs_write from ksys_write+0x78/0xf8 # [ 186.244899] ksys_write from ret_fast_syscall+0x0/0x1c # [ 186.250371] Exception stack(0xf1d59fa8 to 0xf1d59ff0) # [ 186.255628] 9fa0: 0000000f 0000000f 00000001 b6e48000 0000000f 00000001 # [ 186.264100] 9fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e48000 00020000 0048fe38 # [ 186.272669] 9fe0: 00000004 be860788 b6f0e33b b6e87616 # [ 186.277918] Code: bad PC value # [ 186.281257] ---[ end trace 0000000000000000 ]--- # [ 186.286202] note: cat[2714] exited with irqs disabled # EXEC_USERSPACE: saw 'call trace:': ok ok 42 selftests: lkdtm: EXEC_USERSPACE.sh # timeout set to 45 # selftests: lkdtm: EXEC_NULL.sh <6>[ 188.270868] lkdtm: Performing direct entry EXEC_NULL <6>[ 188.274860] lkdtm: attempting ok execution at c0e02084 <6>[ 188.280228] lkdtm: attempting bad execution at 00000000 <1>[ 188.285821] 8<--- cut here --- <1>[ 188.289040] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute <1>[ 188.298632] [00000000] *pgd=00000000 <0>[ 188.302424] Internal error: Oops: 80000005 [#12] SMP ARM <4>[ 188.308008] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 188.344400] CPU: 1 UID: 0 PID: 2794 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 188.354001] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 188.359250] Hardware name: STM32 (Device Tree Support) <4>[ 188.364698] PC is at 0x0 <4>[ 188.367546] LR is at execute_location+0x9c/0xac <4>[ 188.372318] pc : [<00000000>] lr : [] psr: 60080013 <4>[ 188.378876] sp : f1dbdeb0 ip : 00000000 fp : 0043fe38 <4>[ 188.384327] r10: c89b87c0 r9 : f1dbdf80 r8 : c278bfe0 <4>[ 188.389877] r7 : f1dbdf80 r6 : 00000000 r5 : 00000000 r4 : c0e02084 <4>[ 188.396735] r3 : c5de0a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 188.403494] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 188.410958] Control: 10c5387d Table: c5a7c06a DAC: 00000051 <1>[ 188.417009] Register r0 information: non-paged memory <1>[ 188.422368] Register r1 information: NULL pointer <1>[ 188.427320] Register r2 information: NULL pointer <1>[ 188.432271] Register r3 information: slab task_struct start c5de0a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 188.446047] copy_process+0x1f4/0x1f64 <6>[ 188.450303] kernel_clone+0xac/0x388 <6>[ 188.454358] sys_clone+0x78/0x9c <6>[ 188.458211] ret_fast_syscall+0x0/0x1c <4>[ 188.462462] Free path: <6>[ 188.465191] rcu_core+0x2dc/0xb14 <6>[ 188.469045] handle_softirqs+0x15c/0x430 <6>[ 188.473502] irq_exit+0xac/0xd4 <6>[ 188.477153] call_with_stack+0x18/0x20 <6>[ 188.481413] __irq_svc+0x9c/0xb8 <6>[ 188.485160] search_index+0x64/0xd8 <6>[ 188.489217] unwind_frame+0x94/0x92c <6>[ 188.493272] arch_stack_walk+0x84/0x100 <6>[ 188.497722] stack_trace_save+0x50/0x78 <6>[ 188.502082] set_track_prepare+0x40/0x74 <6>[ 188.506540] ___slab_alloc+0xd28/0xd7c <6>[ 188.510798] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 188.515959] vm_area_dup+0x24/0x104 <6>[ 188.520014] copy_process+0x1968/0x1f64 <6>[ 188.524370] kernel_clone+0xac/0x388 <6>[ 188.528424] sys_clone+0x78/0x9c <1>[ 188.532176] Register r4 information: non-slab/vmalloc memory <1>[ 188.538138] Register r5 information: NULL pointer <1>[ 188.543190] Register r6 information: NULL pointer <1>[ 188.548141] Register r7 information: 2-page vmalloc region starting at 0xf1dbc000 allocated at kernel_clone+0xac/0x388 <1>[ 188.559149] Register r8 information: non-slab/vmalloc memory <1>[ 188.565107] Register r9 information: 2-page vmalloc region starting at 0xf1dbc000 allocated at kernel_clone+0xac/0x388 <1>[ 188.576113] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 188.589972] full_proxy_open+0x124/0x24c <6>[ 188.594521] do_dentry_open+0x144/0x4dc <6>[ 188.598878] vfs_open+0x2c/0xec <6>[ 188.602529] path_openat+0x748/0x1198 <6>[ 188.606681] do_filp_open+0x98/0x134 <6>[ 188.610831] do_sys_openat2+0xbc/0xe4 <6>[ 188.614985] sys_openat+0x98/0xd4 <6>[ 188.618838] ret_fast_syscall+0x0/0x1c <4>[ 188.623200] Free path: <6>[ 188.625838] nfs_pgio_header_free+0x34/0x48 <6>[ 188.630610] nfs_write_completion+0x60/0x240 <6>[ 188.635374] rpc_free_task+0x34/0x54 <6>[ 188.639543] rpc_async_release+0x24/0x40 <6>[ 188.644010] process_one_work+0x1b8/0x450 <6>[ 188.648475] worker_thread+0x1d4/0x3c4 <6>[ 188.652833] kthread+0xe8/0x104 <6>[ 188.656483] ret_from_fork+0x14/0x28 <1>[ 188.660532] Register r11 information: non-paged memory <1>[ 188.665995] Register r12 information: NULL pointer <0>[ 188.671054] Process cat (pid: 2794, stack limit = 0xf1dbc000) <0>[ 188.677113] Stack: (0xf1dbdeb0 to 0xf1dbe000) <0>[ 188.681767] dea0: 0000000a c5a6b000 00000000 c0e007ac <0>[ 188.690243] dec0: 0000000a c0e00b90 c0e00a74 c88a8340 b6d88000 0000000a c3a4f4b8 c0890ff0 <0>[ 188.698718] dee0: c88a8340 c0890f94 f1dbdf80 b6d88000 c5de0a40 0000000a c89b87c0 c0628618 <0>[ 188.707191] df00: c5a7edb0 00000000 00000000 00000000 00000000 0000000a b6d88000 0001fff6 <0>[ 188.715663] df20: 00000001 00000000 c88a8d40 00000000 00000000 00000000 00000000 00000000 <0>[ 188.724138] df40: 00000000 00000000 00000000 00000000 00000022 439d6767 00000000 c88a8340 <0>[ 188.732611] df60: c88a8340 00000000 00000000 c03002f0 c5de0a40 00000004 0043fe38 c0628b74 <0>[ 188.741084] df80: 00000000 00000000 00000000 439d6767 000000c0 0000000a 0000000a 7ff00000 <0>[ 188.749556] dfa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6d88000 0000000a 00000001 <0>[ 188.758029] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d88000 00020000 0043fe38 <0>[ 188.766602] dfe0: 00000004 bee27788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 <0>[ 188.775066] Call trace: <0>[ 188.775083] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 188.783812] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 188.789597] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 188.795275] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 188.800755] vfs_write from ksys_write+0x78/0xf8 <0>[ 188.805634] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 188.811107] Exception stack(0xf1dbdfa8 to 0xf1dbdff0) <0>[ 188.816364] dfa0: 0000000a 0000000a 00000001 b6d88000 0000000a 00000001 <0>[ 188.824838] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d88000 00020000 0043fe38 <0>[ 188.833408] dfe0: 00000004 bee27788 b6e4e33b b6dc7616 <0>[ 188.838666] Code: bad PC value <4>[ 188.842171] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 0.000000] Rude variant of Tasks RCU enabled. # [ 0.000000] Tracing variant of Tasks RCU enabled. # [ 0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. # [ 0.000000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2 # [ 0.000000] RCU Tasks Rude: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. # [ 0.000000] RCU Tasks Trace: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. # [ 0.000000] NR_IRQS: 16, nr_irqs: 16, preallocated irqs: 16 # [ 0.000000] rcu: srcu_init: Setting srcu_struct sizes based on contention. # [ 0.000000] arch_timer: cp15 timer(s) running at 24.00MHz (virt). # [ 0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x588fe9dc0, max_idle_ns: 440795202592 ns # [ 188.270868] lkdtm: Performing direct entry EXEC_NULL # [ 188.274860] lkdtm: attempting ok execution at c0e02084 # [ 188.280228] lkdtm: attempting bad execution at 00000000 # [ 188.285821] 8<--- cut here --- # [ 188.289040] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute # [ 188.298632] [00000000] *pgd=00000000 # [ 188.302424] Internal error: Oops: 80000005 [#12] SMP ARM # [ 188.308008] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 188.344400] CPU: 1 UID: 0 PID: 2794 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 188.354001] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 188.359250] Hardware name: STM32 (Device Tree Support) # [ 188.364698] PC is at 0x0 # [ 188.367546] LR is at execute_location+0x9c/0xac # [ 188.372318] pc : [<00000000>] lr : [] psr: 60080013 # [ 188.378876] sp : f1dbdeb0 ip : 00000000 fp : 0043fe38 # [ 188.384327] r10: c89b87c0 r9 : f1dbdf80 r8 : c278bfe0 # [ 188.389877] r7 : f1dbdf80 r6 : 00000000 r5 : 00000000 r4 : c0e02084 # [ 188.396735] r3 : c5de0a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 188.403494] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 188.410958] Control: 10c5387d Table: c5a7c06a DAC: 00000051 # [ 188.417009] Register r0 information: non-paged memory # [ 188.422368] Register r1 information: NULL pointer # [ 188.427320] Register r2 information: NULL pointer # [ 188.432271] Register r3 information: slab task_struct start c5de0a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 188.446047] copy_process+0x1f4/0x1f64 # [ 188.450303] kernel_clone+0xac/0x388 # [ 188.454358] sys_clone+0x78/0x9c # [ 188.458211] ret_fast_syscall+0x0/0x1c # [ 188.462462] Free path: # [ 188.465191] rcu_core+0x2dc/0xb14 # [ 188.469045] handle_softirqs+0x15c/0x430 # [ 188.473502] irq_exit+0xac/0xd4 # [ 188.477153] call_with_stack+0x18/0x20 # [ 188.481413] __irq_svc+0x9c/0xb8 # [ 188.485160] search_index+0x64/0xd8 # [ 188.489217] unwind_frame+0x94/0x92c # [ 188.493272] arch_stack_walk+0x84/0x100 # [ 188.497722] stack_trace_save+0x50/0x78 # [ 188.502082] set_track_prepare+0x40/0x74 # [ 188.506540] ___slab_alloc+0xd28/0xd7c # [ 188.510798] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 188.515959] vm_area_dup+0x24/0x104 # [ 188.520014] copy_process+0x1968/0x1f64 # [ 188.524370] kernel_clone+0xac/0x388 # [ 188.528424] sys_clone+0x78/0x9c # [ 188.532176] Register r4 information: non-slab/vmalloc memory # [ 188.538138] Register r5 information: NULL pointer # [ 188.543190] Register r6 information: NULL pointer # [ 188.548141] Register r7 information: 2-page vmalloc region starting at 0xf1dbc000 allocated at kernel_clone+0xac/0x388 # [ 188.559149] Register r8 information: non-slab/vmalloc memory # [ 188.565107] Register r9 information: 2-page vmalloc region starting at 0xf1dbc000 allocated at kernel_clone+0xac/0x388 # [ 188.576113] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 188.589972] full_proxy_open+0x124/0x24c # [ 188.594521] do_dentry_open+0x144/0x4dc # [ 188.598878] vfs_open+0x2c/0xec # [ 188.602529] path_openat+0x748/0x1198 # [ 188.606681] do_filp_open+0x98/0x134 # [ 188.610831] do_sys_openat2+0xbc/0xe4 # [ 188.614985] sys_openat+0x98/0xd4 # [ 188.618838] ret_fast_syscall+0x0/0x1c # [ 188.623200] Free path: # [ 188.625838] nfs_pgio_header_free+0x34/0x48 # [ 188.630610] nfs_write_completion+0x60/0x240 # [ 188.635374] rpc_free_task+0x34/0x54 # [ 188.639543] rpc_async_release+0x24/0x40 # [ 188.644010] process_one_work+0x1b8/0x450 # [ 188.648475] worker_thread+0x1d4/0x3c4 # [ 188.652833] kthread+0xe8/0x104 # [ 188.656483] ret_from_fork+0x14/0x28 # [ 188.660532] Register r11 information: non-paged memory # [ 188.665995] Register r12 information: NULL pointer # [ 188.671054] Process cat (pid: 2794, stack limit = 0xf1dbc000) # [ 188.677113] Stack: (0xf1dbdeb0 to 0xf1dbe000) # [ 188.681767] dea0: 0000000a c5a6b000 00000000 c0e007ac # [ 188.690243] dec0: 0000000a c0e00b90 c0e00a74 c88a8340 b6d88000 0000000a c3a4f4b8 c0890ff0 # [ 188.698718] dee0: c88a8340 c0890f94 f1dbdf80 b6d88000 c5de0a40 0000000a c89b87c0 c0628618 # [ 188.707191] df00: c5a7edb0 00000000 00000000 00000000 00000000 0000000a b6d88000 0001fff6 # [ 188.715663] df20: 00000001 00000000 c88a8d40 00000000 00000000 00000000 00000000 00000000 # [ 188.724138] df40: 00000000 00000000 00000000 00000000 00000022 439d6767 00000000 c88a8340 # [ 188.732611] df60: c88a8340 00000000 00000000 c03002f0 c5de0a40 00000004 0043fe38 c0628b74 # [ 188.741084] df80: 00000000 00000000 00000000 439d6767 000000c0 0000000a 0000000a 7ff00000 # [ 188.749556] dfa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6d88000 0000000a 00000001 # [ 188.758029] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d88000 00020000 0043fe38 # [ 188.766602] dfe0: 00000004 bee27788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 # [ 188.775066] Call trace: # [ 188.775083] execute_location from lkdtm_do_action+0x24/0x4c # [ 188.783812] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 188.789597] direct_entry from full_proxy_write+0x5c/0x8c # [ 188.795275] full_proxy_write from vfs_write+0xbc/0x3cc # [ 188.800755] vfs_write from ksys_write+0x78/0xf8 # [ 188.805634] ksys_write from ret_fast_syscall+0x0/0x1c # [ 188.811107] Exception stack(0xf1dbdfa8 to 0xf1dbdff0) # [ 188.816364] dfa0: 0000000a 0000000a 00000001 b6d88000 0000000a 00000001 # [ 188.824838] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d88000 00020000 0043fe38 # [ 188.833408] dfe0: 00000004 bee27788 b6e4e33b b6dc7616 # [ 188.838666] Code: bad PC value # [ 188.842171] ---[ end trace 0000000000000000 ]--- # EXEC_NULL: saw 'call trace:': ok ok 43 selftests: lkdtm: EXEC_NULL.sh # timeout set to 45 # selftests: lkdtm: ACCESS_USERSPACE.sh <6>[ 190.750475] lkdtm: Performing direct entry ACCESS_USERSPACE <6>[ 190.755334] lkdtm: attempting bad read at b6f37000 <1>[ 190.760123] 8<--- cut here --- <1>[ 190.763369] Unhandled fault: page domain fault (0x01b) at 0xb6f37000 <1>[ 190.770041] [b6f37000] *pgd=fb754835 <0>[ 190.773812] Internal error: : 1b [#13] SMP ARM <4>[ 190.778571] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 190.815045] CPU: 0 UID: 0 PID: 2875 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 190.824640] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 190.829886] Hardware name: STM32 (Device Tree Support) <4>[ 190.835333] PC is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 <4>[ 190.840704] LR is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 <4>[ 190.846160] pc : [] lr : [] psr: 60080013 <4>[ 190.852716] sp : f1e21ea0 ip : 00000000 fp : 0049fe38 <4>[ 190.858265] r10: c89b87c0 r9 : f1e21f80 r8 : c278bfe8 <4>[ 190.863715] r7 : f1e21f80 r6 : 00000000 r5 : 00000051 r4 : b6f37000 <4>[ 190.870573] r3 : c8c62840 r2 : 00000000 r1 : 00000000 r0 : 00000026 <4>[ 190.877332] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 190.884797] Control: 10c5387d Table: c5c9006a DAC: 00000051 <1>[ 190.890847] Register r0 information: non-paged memory <1>[ 190.896206] Register r1 information: NULL pointer <1>[ 190.901158] Register r2 information: NULL pointer <1>[ 190.906109] Register r3 information: slab task_struct start c8c62800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 190.919882] copy_process+0x1f4/0x1f64 <6>[ 190.924138] kernel_clone+0xac/0x388 <6>[ 190.928293] sys_clone+0x78/0x9c <6>[ 190.932046] ret_fast_syscall+0x0/0x1c <4>[ 190.936296] Free path: <6>[ 190.939026] rcu_core+0x2dc/0xb14 <6>[ 190.942879] handle_softirqs+0x15c/0x430 <6>[ 190.947337] irq_exit+0xac/0xd4 <6>[ 190.950988] call_with_stack+0x18/0x20 <6>[ 190.955250] __irq_svc+0x9c/0xb8 <6>[ 190.958997] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 190.964358] uart_write+0xc4/0x2b8 <6>[ 190.968309] n_tty_write+0x1fc/0x54c <6>[ 190.972459] file_tty_write.constprop.0+0x154/0x28c <6>[ 190.977825] vfs_write+0x238/0x3cc <6>[ 190.981783] ksys_write+0x78/0xf8 <6>[ 190.985638] ret_fast_syscall+0x0/0x1c <1>[ 190.989886] Register r4 information: non-paged memory <1>[ 190.995241] Register r5 information: non-paged memory <1>[ 191.000594] Register r6 information: NULL pointer <1>[ 191.005544] Register r7 information: 2-page vmalloc region starting at 0xf1e20000 allocated at kernel_clone+0xac/0x388 <1>[ 191.016553] Register r8 information: non-slab/vmalloc memory <1>[ 191.022513] Register r9 information: 2-page vmalloc region starting at 0xf1e20000 allocated at kernel_clone+0xac/0x388 <1>[ 191.033519] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 191.047477] full_proxy_open+0x124/0x24c <6>[ 191.051926] do_dentry_open+0x144/0x4dc <6>[ 191.056281] vfs_open+0x2c/0xec <6>[ 191.059936] path_openat+0x748/0x1198 <6>[ 191.064089] do_filp_open+0x98/0x134 <6>[ 191.068241] do_sys_openat2+0xbc/0xe4 <6>[ 191.072395] sys_openat+0x98/0xd4 <6>[ 191.076246] ret_fast_syscall+0x0/0x1c <4>[ 191.080596] Free path: <6>[ 191.083327] nfs_pgio_header_free+0x34/0x48 <6>[ 191.087987] nfs_write_completion+0x60/0x240 <6>[ 191.092840] rpc_free_task+0x34/0x54 <6>[ 191.096899] rpc_async_release+0x24/0x40 <6>[ 191.101353] process_one_work+0x1b8/0x450 <6>[ 191.105909] worker_thread+0x1d4/0x3c4 <6>[ 191.110161] kthread+0xe8/0x104 <6>[ 191.113909] ret_from_fork+0x14/0x28 <1>[ 191.117957] Register r11 information: non-paged memory <1>[ 191.123415] Register r12 information: NULL pointer <0>[ 191.128467] Process cat (pid: 2875, stack limit = 0xf1e20000) <0>[ 191.134523] Stack: (0xf1e21ea0 to 0xf1e22000) <0>[ 191.139180] 1ea0: 00000022 00000000 00000000 e146448d f1e21f80 00000011 c7e31000 c0e007ac <0>[ 191.147655] 1ec0: 00000011 c0e00b90 c0e00a74 c88a8e40 b6dd8000 00000011 c3a4f4b8 c0890ff0 <0>[ 191.156130] 1ee0: c88a8e40 c0890f94 f1e21f80 b6dd8000 c8c62840 00000011 c89b87c0 c0628618 <0>[ 191.164602] 1f00: c5c92db0 00000000 00000000 00000000 00000000 00000011 b6dd8000 0001ffef <0>[ 191.173074] 1f20: 00000001 00000000 c88a8740 00000000 00000000 00000000 00000000 00000000 <0>[ 191.181546] 1f40: 00000000 00000000 00000000 00000000 00000022 e146448d 00000000 c88a8e40 <0>[ 191.190020] 1f60: c88a8e40 00000000 00000000 c03002f0 c8c62840 00000004 0049fe38 c0628b74 <0>[ 191.198493] 1f80: 00000000 00000000 00000000 e146448d 000000c0 00000011 00000011 7ff00000 <0>[ 191.206966] 1fa0: 00000004 c03000c0 00000011 00000011 00000001 b6dd8000 00000011 00000001 <0>[ 191.215439] 1fc0: 00000011 00000011 7ff00000 00000004 00000001 b6dd8000 00020000 0049fe38 <0>[ 191.223912] 1fe0: 00000004 bed77788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 191.232476] Call trace: <0>[ 191.232491] lkdtm_ACCESS_USERSPACE from lkdtm_do_action+0x24/0x4c <0>[ 191.241701] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 191.247484] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 191.253160] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 191.258637] vfs_write from ksys_write+0x78/0xf8 <0>[ 191.263516] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 191.268986] Exception stack(0xf1e21fa8 to 0xf1e21ff0) <0>[ 191.274344] 1fa0: 00000011 00000011 00000001 b6dd8000 00000011 00000001 <0>[ 191.282817] 1fc0: 00000011 00000011 7ff00000 00000004 00000001 b6dd8000 00020000 0049fe38 <0>[ 191.291286] 1fe0: 00000004 bed77788 b6e9e33b b6e17616 <0>[ 191.296643] Code: e1a01004 e30a0e40 e34c020a eb2494c4 (e5943000) <4>[ 191.303000] ---[ end trace 0000000000000000 ]--- <6>[ 191.307845] note: cat[2875] exited with irqs disabled # Segmentation fault # [ 190.750475] lkdtm: Performing direct entry ACCESS_USERSPACE # [ 190.755334] lkdtm: attempting bad read at b6f37000 # [ 190.760123] 8<--- cut here --- # [ 190.763369] Unhandled fault: page domain fault (0x01b) at 0xb6f37000 # [ 190.770041] [b6f37000] *pgd=fb754835 # [ 190.773812] Internal error: : 1b [#13] SMP ARM # [ 190.778571] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 190.815045] CPU: 0 UID: 0 PID: 2875 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 190.824640] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 190.829886] Hardware name: STM32 (Device Tree Support) # [ 190.835333] PC is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 # [ 190.840704] LR is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 # [ 190.846160] pc : [] lr : [] psr: 60080013 # [ 190.852716] sp : f1e21ea0 ip : 00000000 fp : 0049fe38 # [ 190.858265] r10: c89b87c0 r9 : f1e21f80 r8 : c278bfe8 # [ 190.863715] r7 : f1e21f80 r6 : 00000000 r5 : 00000051 r4 : b6f37000 # [ 190.870573] r3 : c8c62840 r2 : 00000000 r1 : 00000000 r0 : 00000026 # [ 190.877332] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 190.884797] Control: 10c5387d Table: c5c9006a DAC: 00000051 # [ 190.890847] Register r0 information: non-paged memory # [ 190.896206] Register r1 information: NULL pointer # [ 190.901158] Register r2 information: NULL pointer # [ 190.906109] Register r3 information: slab task_struct start c8c62800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 190.919882] copy_process+0x1f4/0x1f64 # [ 190.924138] kernel_clone+0xac/0x388 # [ 190.928293] sys_clone+0x78/0x9c # [ 190.932046] ret_fast_syscall+0x0/0x1c # [ 190.936296] Free path: # [ 190.939026] rcu_core+0x2dc/0xb14 # [ 190.942879] handle_softirqs+0x15c/0x430 # [ 190.947337] irq_exit+0xac/0xd4 # [ 190.950988] call_with_stack+0x18/0x20 # [ 190.955250] __irq_svc+0x9c/0xb8 # [ 190.958997] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 190.964358] uart_write+0xc4/0x2b8 # [ 190.968309] n_tty_write+0x1fc/0x54c # [ 190.972459] file_tty_write.constprop.0+0x154/0x28c # [ 190.977825] vfs_write+0x238/0x3cc # [ 190.981783] ksys_write+0x78/0xf8 # [ 190.985638] ret_fast_syscall+0x0/0x1c # [ 190.989886] Register r4 information: non-paged memory # [ 190.995241] Register r5 information: non-paged memory # [ 191.000594] Register r6 information: NULL pointer # [ 191.005544] Register r7 information: 2-page vmalloc region starting at 0xf1e20000 allocated at kernel_clone+0xac/0x388 # [ 191.016553] Register r8 information: non-slab/vmalloc memory # [ 191.022513] Register r9 information: 2-page vmalloc region starting at 0xf1e20000 allocated at kernel_clone+0xac/0x388 # [ 191.033519] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 191.047477] full_proxy_open+0x124/0x24c # [ 191.051926] do_dentry_open+0x144/0x4dc # [ 191.056281] vfs_open+0x2c/0xec # [ 191.059936] path_openat+0x748/0x1198 # [ 191.064089] do_filp_open+0x98/0x134 # [ 191.068241] do_sys_openat2+0xbc/0xe4 # [ 191.072395] sys_openat+0x98/0xd4 # [ 191.076246] ret_fast_syscall+0x0/0x1c # [ 191.080596] Free path: # [ 191.083327] nfs_pgio_header_free+0x34/0x48 # [ 191.087987] nfs_write_completion+0x60/0x240 # [ 191.092840] rpc_free_task+0x34/0x54 # [ 191.096899] rpc_async_release+0x24/0x40 # [ 191.101353] process_one_work+0x1b8/0x450 # [ 191.105909] worker_thread+0x1d4/0x3c4 # [ 191.110161] kthread+0xe8/0x104 # [ 191.113909] ret_from_fork+0x14/0x28 # [ 191.117957] Register r11 information: non-paged memory # [ 191.123415] Register r12 information: NULL pointer # [ 191.128467] Process cat (pid: 2875, stack limit = 0xf1e20000) # [ 191.134523] Stack: (0xf1e21ea0 to 0xf1e22000) # [ 191.139180] 1ea0: 00000022 00000000 00000000 e146448d f1e21f80 00000011 c7e31000 c0e007ac # [ 191.147655] 1ec0: 00000011 c0e00b90 c0e00a74 c88a8e40 b6dd8000 00000011 c3a4f4b8 c0890ff0 # [ 191.156130] 1ee0: c88a8e40 c0890f94 f1e21f80 b6dd8000 c8c62840 00000011 c89b87c0 c0628618 # [ 191.164602] 1f00: c5c92db0 00000000 00000000 00000000 00000000 00000011 b6dd8000 0001ffef # [ 191.173074] 1f20: 00000001 00000000 c88a8740 00000000 00000000 00000000 00000000 00000000 # [ 191.181546] 1f40: 00000000 00000000 00000000 00000000 00000022 e146448d 00000000 c88a8e40 # [ 191.190020] 1f60: c88a8e40 00000000 00000000 c03002f0 c8c62840 00000004 0049fe38 c0628b74 # [ 191.198493] 1f80: 00000000 00000000 00000000 e146448d 000000c0 00000011 00000011 7ff00000 # [ 191.206966] 1fa0: 00000004 c03000c0 00000011 00000011 00000001 b6dd8000 00000011 00000001 # [ 191.215439] 1fc0: 00000011 00000011 7ff00000 00000004 00000001 b6dd8000 00020000 0049fe38 # [ 191.223912] 1fe0: 00000004 bed77788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 191.232476] Call trace: # [ 191.232491] lkdtm_ACCESS_USERSPACE from lkdtm_do_action+0x24/0x4c # [ 191.241701] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 191.247484] direct_entry from full_proxy_write+0x5c/0x8c # [ 191.253160] full_proxy_write from vfs_write+0xbc/0x3cc # [ 191.258637] vfs_write from ksys_write+0x78/0xf8 # [ 191.263516] ksys_write from ret_fast_syscall+0x0/0x1c # [ 191.268986] Exception stack(0xf1e21fa8 to 0xf1e21ff0) # [ 191.274344] 1fa0: 00000011 00000011 00000001 b6dd8000 00000011 00000001 # [ 191.282817] 1fc0: 00000011 00000011 7ff00000 00000004 00000001 b6dd8000 00020000 0049fe38 # [ 191.291286] 1fe0: 00000004 bed77788 b6e9e33b b6e17616 # [ 191.296643] Code: e1a01004 e30a0e40 e34c020a eb2494c4 (e5943000) # [ 191.303000] ---[ end trace 0000000000000000 ]--- # [ 191.307845] note: cat[2875] exited with irqs disabled # ACCESS_USERSPACE: saw 'call trace:': ok ok 44 selftests: lkdtm: ACCESS_USERSPACE.sh # timeout set to 45 # selftests: lkdtm: ACCESS_NULL.sh <6>[ 193.139584] lkdtm: Performing direct entry ACCESS_NULL <6>[ 193.143805] lkdtm: attempting bad read at 00000000 <1>[ 193.148756] 8<--- cut here --- <1>[ 193.152090] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read <1>[ 193.161377] [00000000] *pgd=00000000 <0>[ 193.165241] Internal error: Oops: 5 [#14] SMP ARM <4>[ 193.170121] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 193.206615] CPU: 1 UID: 0 PID: 2956 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 193.216213] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 193.221461] Hardware name: STM32 (Device Tree Support) <4>[ 193.226908] PC is at lkdtm_ACCESS_NULL+0x20/0x60 <4>[ 193.231787] LR is at lkdtm_ACCESS_NULL+0x20/0x60 <4>[ 193.236648] pc : [] lr : [] psr: 60080013 <4>[ 193.243206] sp : f1e85eb0 ip : 00000000 fp : 0044fe38 <4>[ 193.248755] r10: c89b87c0 r9 : f1e85f80 r8 : c278bff0 <4>[ 193.254205] r7 : f1e85f80 r6 : 00000000 r5 : c5b02000 r4 : 00000000 <4>[ 193.261063] r3 : c5e68a40 r2 : 00000000 r1 : 00000000 r0 : 00000026 <4>[ 193.267921] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 193.275286] Control: 10c5387d Table: c8d9006a DAC: 00000051 <1>[ 193.281337] Register r0 information: non-paged memory <1>[ 193.286697] Register r1 information: NULL pointer <1>[ 193.291649] Register r2 information: NULL pointer <1>[ 193.296599] Register r3 information: slab task_struct start c5e68a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 193.310376] copy_process+0x1f4/0x1f64 <6>[ 193.314633] kernel_clone+0xac/0x388 <6>[ 193.318790] sys_clone+0x78/0x9c <6>[ 193.322542] ret_fast_syscall+0x0/0x1c <4>[ 193.326792] Free path: <6>[ 193.329522] rcu_core+0x2dc/0xb14 <6>[ 193.333375] handle_softirqs+0x15c/0x430 <6>[ 193.337834] irq_exit+0xac/0xd4 <6>[ 193.341484] call_with_stack+0x18/0x20 <6>[ 193.345745] __irq_svc+0x9c/0xb8 <6>[ 193.349492] ___slab_alloc+0xcf4/0xd7c <6>[ 193.353853] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 193.359015] anon_vma_fork+0x8c/0x174 <6>[ 193.363171] copy_process+0x1d54/0x1f64 <6>[ 193.367527] kernel_clone+0xac/0x388 <6>[ 193.371682] sys_clone+0x78/0x9c <6>[ 193.375435] ret_fast_syscall+0x0/0x1c <1>[ 193.379684] Register r4 information: NULL pointer <1>[ 193.384638] Register r5 information: non-slab/vmalloc memory <1>[ 193.390596] Register r6 information: NULL pointer <1>[ 193.395648] Register r7 information: 2-page vmalloc region starting at 0xf1e84000 allocated at kernel_clone+0xac/0x388 <1>[ 193.406658] Register r8 information: non-slab/vmalloc memory <1>[ 193.412617] Register r9 information: 2-page vmalloc region starting at 0xf1e84000 allocated at kernel_clone+0xac/0x388 <1>[ 193.423623] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 193.437480] full_proxy_open+0x124/0x24c <6>[ 193.441933] do_dentry_open+0x144/0x4dc <6>[ 193.446289] vfs_open+0x2c/0xec <6>[ 193.450041] path_openat+0x748/0x1198 <6>[ 193.454193] do_filp_open+0x98/0x134 <6>[ 193.458342] do_sys_openat2+0xbc/0xe4 <6>[ 193.462497] sys_openat+0x98/0xd4 <6>[ 193.466349] ret_fast_syscall+0x0/0x1c <4>[ 193.470597] Free path: <6>[ 193.473327] nfs_pgio_header_free+0x34/0x48 <6>[ 193.478087] nfs_write_completion+0x60/0x240 <6>[ 193.482839] rpc_free_task+0x34/0x54 <6>[ 193.486997] rpc_async_release+0x24/0x40 <6>[ 193.491452] process_one_work+0x1b8/0x450 <6>[ 193.496008] worker_thread+0x1d4/0x3c4 <6>[ 193.500260] kthread+0xe8/0x104 <6>[ 193.503908] ret_from_fork+0x14/0x28 <1>[ 193.508056] Register r11 information: non-paged memory <1>[ 193.513411] Register r12 information: NULL pointer <0>[ 193.518563] Process cat (pid: 2956, stack limit = 0xf1e84000) <0>[ 193.524518] Stack: (0xf1e85eb0 to 0xf1e86000) <0>[ 193.529172] 5ea0: 0000000c c5b02000 00000000 c0e007ac <0>[ 193.537646] 5ec0: 0000000c c0e00b90 c0e00a74 c88a8940 b6dd8000 0000000c c3a4f4b8 c0890ff0 <0>[ 193.546120] 5ee0: c88a8940 c0890f94 f1e85f80 b6dd8000 c5e68a40 0000000c c89b87c0 c0628618 <0>[ 193.554692] 5f00: c8d92db0 00000000 00000000 00000000 00000000 0000000c b6dd8000 0001fff4 <0>[ 193.563164] 5f20: 00000001 00000000 c88a8340 00000000 00000000 00000000 00000000 00000000 <0>[ 193.571636] 5f40: 00000000 00000000 00000000 00000000 00000022 a4e263ea 00000000 c88a8940 <0>[ 193.580109] 5f60: c88a8940 00000000 00000000 c03002f0 c5e68a40 00000004 0044fe38 c0628b74 <0>[ 193.588582] 5f80: 00000000 00000000 00000000 a4e263ea 000000c0 0000000c 0000000c 7ff00000 <0>[ 193.597055] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6dd8000 0000000c 00000001 <0>[ 193.605528] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6dd8000 00020000 0044fe38 <0>[ 193.614001] 5fe0: 00000004 beab5788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 193.622468] Call trace: <0>[ 193.622486] lkdtm_ACCESS_NULL from lkdtm_do_action+0x24/0x4c <0>[ 193.631323] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 193.637124] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 193.642817] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 193.648310] vfs_write from ksys_write+0x78/0xf8 <0>[ 193.653202] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 193.658586] Exception stack(0xf1e85fa8 to 0xf1e85ff0) <0>[ 193.663947] 5fa0: 0000000c 0000000c 00000001 b6dd8000 0000000c 00000001 <0>[ 193.672424] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6dd8000 00020000 0044fe38 <0>[ 193.680894] 5fe0: 00000004 beab5788 b6e9e33b b6e17616 <0>[ 193.686254] Code: e30a0e40 e34c020a e1a01004 ebffc3ab (e5945000) <4>[ 193.692757] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 193.139584] lkdtm: Performing direct entry ACCESS_NULL # [ 193.143805] lkdtm: attempting bad read at 00000000 # [ 193.148756] 8<--- cut here --- # [ 193.152090] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read # [ 193.161377] [00000000] *pgd=00000000 # [ 193.165241] Internal error: Oops: 5 [#14] SMP ARM # [ 193.170121] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 193.206615] CPU: 1 UID: 0 PID: 2956 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 193.216213] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 193.221461] Hardware name: STM32 (Device Tree Support) # [ 193.226908] PC is at lkdtm_ACCESS_NULL+0x20/0x60 # [ 193.231787] LR is at lkdtm_ACCESS_NULL+0x20/0x60 # [ 193.236648] pc : [] lr : [] psr: 60080013 # [ 193.243206] sp : f1e85eb0 ip : 00000000 fp : 0044fe38 # [ 193.248755] r10: c89b87c0 r9 : f1e85f80 r8 : c278bff0 # [ 193.254205] r7 : f1e85f80 r6 : 00000000 r5 : c5b02000 r4 : 00000000 # [ 193.261063] r3 : c5e68a40 r2 : 00000000 r1 : 00000000 r0 : 00000026 # [ 193.267921] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 193.275286] Control: 10c5387d Table: c8d9006a DAC: 00000051 # [ 193.281337] Register r0 information: non-paged memory # [ 193.286697] Register r1 information: NULL pointer # [ 193.291649] Register r2 information: NULL pointer # [ 193.296599] Register r3 information: slab task_struct start c5e68a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 193.310376] copy_process+0x1f4/0x1f64 # [ 193.314633] kernel_clone+0xac/0x388 # [ 193.318790] sys_clone+0x78/0x9c # [ 193.322542] ret_fast_syscall+0x0/0x1c # [ 193.326792] Free path: # [ 193.329522] rcu_core+0x2dc/0xb14 # [ 193.333375] handle_softirqs+0x15c/0x430 # [ 193.337834] irq_exit+0xac/0xd4 # [ 193.341484] call_with_stack+0x18/0x20 # [ 193.345745] __irq_svc+0x9c/0xb8 # [ 193.349492] ___slab_alloc+0xcf4/0xd7c # [ 193.353853] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 193.359015] anon_vma_fork+0x8c/0x174 # [ 193.363171] copy_process+0x1d54/0x1f64 # [ 193.367527] kernel_clone+0xac/0x388 # [ 193.371682] sys_clone+0x78/0x9c # [ 193.375435] ret_fast_syscall+0x0/0x1c # [ 193.379684] Register r4 information: NULL pointer # [ 193.384638] Register r5 information: non-slab/vmalloc memory # [ 193.390596] Register r6 information: NULL pointer # [ 193.395648] Register r7 information: 2-page vmalloc region starting at 0xf1e84000 allocated at kernel_clone+0xac/0x388 # [ 193.406658] Register r8 information: non-slab/vmalloc memory # [ 193.412617] Register r9 information: 2-page vmalloc region starting at 0xf1e84000 allocated at kernel_clone+0xac/0x388 # [ 193.423623] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 193.437480] full_proxy_open+0x124/0x24c # [ 193.441933] do_dentry_open+0x144/0x4dc # [ 193.446289] vfs_open+0x2c/0xec # [ 193.450041] path_openat+0x748/0x1198 # [ 193.454193] do_filp_open+0x98/0x134 # [ 193.458342] do_sys_openat2+0xbc/0xe4 # [ 193.462497] sys_openat+0x98/0xd4 # [ 193.466349] ret_fast_syscall+0x0/0x1c # [ 193.470597] Free path: # [ 193.473327] nfs_pgio_header_free+0x34/0x48 # [ 193.478087] nfs_write_completion+0x60/0x240 # [ 193.482839] rpc_free_task+0x34/0x54 # [ 193.486997] rpc_async_release+0x24/0x40 # [ 193.491452] process_one_work+0x1b8/0x450 # [ 193.496008] worker_thread+0x1d4/0x3c4 # [ 193.500260] kthread+0xe8/0x104 # [ 193.503908] ret_from_fork+0x14/0x28 # [ 193.508056] Register r11 information: non-paged memory # [ 193.513411] Register r12 information: NULL pointer # [ 193.518563] Process cat (pid: 2956, stack limit = 0xf1e84000) # [ 193.524518] Stack: (0xf1e85eb0 to 0xf1e86000) # [ 193.529172] 5ea0: 0000000c c5b02000 00000000 c0e007ac # [ 193.537646] 5ec0: 0000000c c0e00b90 c0e00a74 c88a8940 b6dd8000 0000000c c3a4f4b8 c0890ff0 # [ 193.546120] 5ee0: c88a8940 c0890f94 f1e85f80 b6dd8000 c5e68a40 0000000c c89b87c0 c0628618 # [ 193.554692] 5f00: c8d92db0 00000000 00000000 00000000 00000000 0000000c b6dd8000 0001fff4 # [ 193.563164] 5f20: 00000001 00000000 c88a8340 00000000 00000000 00000000 00000000 00000000 # [ 193.571636] 5f40: 00000000 00000000 00000000 00000000 00000022 a4e263ea 00000000 c88a8940 # [ 193.580109] 5f60: c88a8940 00000000 00000000 c03002f0 c5e68a40 00000004 0044fe38 c0628b74 # [ 193.588582] 5f80: 00000000 00000000 00000000 a4e263ea 000000c0 0000000c 0000000c 7ff00000 # [ 193.597055] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6dd8000 0000000c 00000001 # [ 193.605528] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6dd8000 00020000 0044fe38 # [ 193.614001] 5fe0: 00000004 beab5788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 193.622468] Call trace: # [ 193.622486] lkdtm_ACCESS_NULL from lkdtm_do_action+0x24/0x4c # [ 193.631323] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 193.637124] direct_entry from full_proxy_write+0x5c/0x8c # [ 193.642817] full_proxy_write from vfs_write+0xbc/0x3cc # [ 193.648310] vfs_write from ksys_write+0x78/0xf8 # [ 193.653202] ksys_write from ret_fast_syscall+0x0/0x1c # [ 193.658586] Exception stack(0xf1e85fa8 to 0xf1e85ff0) # [ 193.663947] 5fa0: 0000000c 0000000c 00000001 b6dd8000 0000000c 00000001 # [ 193.672424] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6dd8000 00020000 0044fe38 # [ 193.680894] 5fe0: 00000004 beab5788 b6e9e33b b6e17616 # [ 193.686254] Code: e30a0e40 e34c020a e1a01004 ebffc3ab (e5945000) # [ 193.692757] ---[ end trace 0000000000000000 ]--- # ACCESS_NULL: saw 'call trace:': ok ok 45 selftests: lkdtm: ACCESS_NULL.sh # timeout set to 45 # selftests: lkdtm: WRITE_RO.sh <6>[ 195.563001] lkdtm: Performing direct entry WRITE_RO <6>[ 195.566903] lkdtm: attempting bad rodata write at c1a71d1c <1>[ 195.572636] 8<--- cut here --- <1>[ 195.575882] Unable to handle kernel paging request at virtual address c1a71d1c when write <1>[ 195.584361] [c1a71d1c] *pgd=c1a1941e(bad) <0>[ 195.588642] Internal error: Oops: 80d [#15] SMP ARM <4>[ 195.593809] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 195.630293] CPU: 1 UID: 0 PID: 3037 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 195.639893] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 195.645141] Hardware name: STM32 (Device Tree Support) <4>[ 195.650589] PC is at lkdtm_WRITE_RO+0x34/0x48 <4>[ 195.655165] LR is at lkdtm_WRITE_RO+0x24/0x48 <4>[ 195.659827] pc : [] lr : [] psr: 60080013 <4>[ 195.666385] sp : f1f11eb8 ip : 00000000 fp : 0049fe38 <4>[ 195.671834] r10: c89b87c0 r9 : f1f11f80 r8 : c278bf90 <4>[ 195.677384] r7 : f1f11f80 r6 : 00000000 r5 : c8e8e000 r4 : c1a71d1c <4>[ 195.684244] r3 : 0198b861 r2 : aa55aa55 r1 : 00000000 r0 : 0000002e <4>[ 195.691003] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 195.698469] Control: 10c5387d Table: c8d8c06a DAC: 00000051 <1>[ 195.704520] Register r0 information: non-paged memory <1>[ 195.709780] Register r1 information: NULL pointer <1>[ 195.714832] Register r2 information: non-paged memory <1>[ 195.720085] Register r3 information: non-paged memory <1>[ 195.725439] Register r4 information: non-slab/vmalloc memory <1>[ 195.731398] Register r5 information: non-slab/vmalloc memory <1>[ 195.737355] Register r6 information: NULL pointer <1>[ 195.742306] Register r7 information: 2-page vmalloc region starting at 0xf1f10000 allocated at kernel_clone+0xac/0x388 <1>[ 195.753321] Register r8 information: non-slab/vmalloc memory <1>[ 195.759279] Register r9 information: 2-page vmalloc region starting at 0xf1f10000 allocated at kernel_clone+0xac/0x388 <1>[ 195.770286] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 195.784252] full_proxy_open+0x124/0x24c <6>[ 195.788702] do_dentry_open+0x144/0x4dc <6>[ 195.793058] vfs_open+0x2c/0xec <6>[ 195.796710] path_openat+0x748/0x1198 <6>[ 195.800861] do_filp_open+0x98/0x134 <6>[ 195.805011] do_sys_openat2+0xbc/0xe4 <6>[ 195.809265] sys_openat+0x98/0xd4 <6>[ 195.813017] ret_fast_syscall+0x0/0x1c <4>[ 195.817367] Free path: <6>[ 195.820097] nfs_pgio_header_free+0x34/0x48 <6>[ 195.824757] nfs_write_completion+0x60/0x240 <6>[ 195.829609] rpc_free_task+0x34/0x54 <6>[ 195.833667] rpc_async_release+0x24/0x40 <6>[ 195.838123] process_one_work+0x1b8/0x450 <6>[ 195.842679] worker_thread+0x1d4/0x3c4 <6>[ 195.847030] kthread+0xe8/0x104 <6>[ 195.850678] ret_from_fork+0x14/0x28 <1>[ 195.854726] Register r11 information: non-paged memory <1>[ 195.860182] Register r12 information: NULL pointer <0>[ 195.865233] Process cat (pid: 3037, stack limit = 0xf1f10000) <0>[ 195.871291] Stack: (0xf1f11eb8 to 0xf1f12000) <0>[ 195.875945] 1ea0: 00000009 c0e007ac <0>[ 195.884422] 1ec0: 00000009 c0e00b90 c0e00a74 c8b8e740 b6e28000 00000009 c3a4f4b8 c0890ff0 <0>[ 195.892897] 1ee0: c8b8e740 c0890f94 f1f11f80 b6e28000 c5890040 00000009 c89b87c0 c0628618 <0>[ 195.901370] 1f00: c8d8edb8 00000000 00000000 00000000 00000000 00000009 b6e28000 0001fff7 <0>[ 195.909842] 1f20: 00000001 00000000 c7bbff40 00000000 00000000 00000000 00000000 00000000 <0>[ 195.918315] 1f40: 00000000 00000000 00000000 00000000 00000022 96d11dc7 00000000 c8b8e740 <0>[ 195.926790] 1f60: c8b8e740 00000000 00000000 c03002f0 c5890040 00000004 0049fe38 c0628b74 <0>[ 195.935264] 1f80: 00000000 00000000 00000000 96d11dc7 000000c0 00000009 00000009 7ff00000 <0>[ 195.943736] 1fa0: 00000004 c03000c0 00000009 00000009 00000001 b6e28000 00000009 00000001 <0>[ 195.952209] 1fc0: 00000009 00000009 7ff00000 00000004 00000001 b6e28000 00020000 0049fe38 <0>[ 195.960682] 1fe0: 00000004 beaa9788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 <0>[ 195.969247] Call trace: <0>[ 195.969260] lkdtm_WRITE_RO from lkdtm_do_action+0x24/0x4c <0>[ 195.977786] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 195.983570] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 195.989246] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 195.994724] vfs_write from ksys_write+0x78/0xf8 <0>[ 195.999601] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 196.005073] Exception stack(0xf1f11fa8 to 0xf1f11ff0) <0>[ 196.010429] 1fa0: 00000009 00000009 00000001 b6e28000 00000009 00000001 <0>[ 196.018903] 1fc0: 00000009 00000009 7ff00000 00000004 00000001 b6e28000 00020000 0049fe38 <0>[ 196.027372] 1fe0: 00000004 beaa9788 b6eee33b b6e67616 <0>[ 196.032730] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) <4>[ 196.039086] ---[ end trace 0000000000000000 ]--- <6>[ 196.043932] note: cat[3037] exited with irqs disabled # Segmentation fault # [ 195.563001] lkdtm: Performing direct entry WRITE_RO # [ 195.566903] lkdtm: attempting bad rodata write at c1a71d1c # [ 195.572636] 8<--- cut here --- # [ 195.575882] Unable to handle kernel paging request at virtual address c1a71d1c when write # [ 195.584361] [c1a71d1c] *pgd=c1a1941e(bad) # [ 195.588642] Internal error: Oops: 80d [#15] SMP ARM # [ 195.593809] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 195.630293] CPU: 1 UID: 0 PID: 3037 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 195.639893] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 195.645141] Hardware name: STM32 (Device Tree Support) # [ 195.650589] PC is at lkdtm_WRITE_RO+0x34/0x48 # [ 195.655165] LR is at lkdtm_WRITE_RO+0x24/0x48 # [ 195.659827] pc : [] lr : [] psr: 60080013 # [ 195.666385] sp : f1f11eb8 ip : 00000000 fp : 0049fe38 # [ 195.671834] r10: c89b87c0 r9 : f1f11f80 r8 : c278bf90 # [ 195.677384] r7 : f1f11f80 r6 : 00000000 r5 : c8e8e000 r4 : c1a71d1c # [ 195.684244] r3 : 0198b861 r2 : aa55aa55 r1 : 00000000 r0 : 0000002e # [ 195.691003] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 195.698469] Control: 10c5387d Table: c8d8c06a DAC: 00000051 # [ 195.704520] Register r0 information: non-paged memory # [ 195.709780] Register r1 information: NULL pointer # [ 195.714832] Register r2 information: non-paged memory # [ 195.720085] Register r3 information: non-paged memory # [ 195.725439] Register r4 information: non-slab/vmalloc memory # [ 195.731398] Register r5 information: non-slab/vmalloc memory # [ 195.737355] Register r6 information: NULL pointer # [ 195.742306] Register r7 information: 2-page vmalloc region starting at 0xf1f10000 allocated at kernel_clone+0xac/0x388 # [ 195.753321] Register r8 information: non-slab/vmalloc memory # [ 195.759279] Register r9 information: 2-page vmalloc region starting at 0xf1f10000 allocated at kernel_clone+0xac/0x388 # [ 195.770286] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 195.784252] full_proxy_open+0x124/0x24c # [ 195.788702] do_dentry_open+0x144/0x4dc # [ 195.793058] vfs_open+0x2c/0xec # [ 195.796710] path_openat+0x748/0x1198 # [ 195.800861] do_filp_open+0x98/0x134 # [ 195.805011] do_sys_openat2+0xbc/0xe4 # [ 195.809265] sys_openat+0x98/0xd4 # [ 195.813017] ret_fast_syscall+0x0/0x1c # [ 195.817367] Free path: # [ 195.820097] nfs_pgio_header_free+0x34/0x48 # [ 195.824757] nfs_write_completion+0x60/0x240 # [ 195.829609] rpc_free_task+0x34/0x54 # [ 195.833667] rpc_async_release+0x24/0x40 # [ 195.838123] process_one_work+0x1b8/0x450 # [ 195.842679] worker_thread+0x1d4/0x3c4 # [ 195.847030] kthread+0xe8/0x104 # [ 195.850678] ret_from_fork+0x14/0x28 # [ 195.854726] Register r11 information: non-paged memory # [ 195.860182] Register r12 information: NULL pointer # [ 195.865233] Process cat (pid: 3037, stack limit = 0xf1f10000) # [ 195.871291] Stack: (0xf1f11eb8 to 0xf1f12000) # [ 195.875945] 1ea0: 00000009 c0e007ac # [ 195.884422] 1ec0: 00000009 c0e00b90 c0e00a74 c8b8e740 b6e28000 00000009 c3a4f4b8 c0890ff0 # [ 195.892897] 1ee0: c8b8e740 c0890f94 f1f11f80 b6e28000 c5890040 00000009 c89b87c0 c0628618 # [ 195.901370] 1f00: c8d8edb8 00000000 00000000 00000000 00000000 00000009 b6e28000 0001fff7 # [ 195.909842] 1f20: 00000001 00000000 c7bbff40 00000000 00000000 00000000 00000000 00000000 # [ 195.918315] 1f40: 00000000 00000000 00000000 00000000 00000022 96d11dc7 00000000 c8b8e740 # [ 195.926790] 1f60: c8b8e740 00000000 00000000 c03002f0 c5890040 00000004 0049fe38 c0628b74 # [ 195.935264] 1f80: 00000000 00000000 00000000 96d11dc7 000000c0 00000009 00000009 7ff00000 # [ 195.943736] 1fa0: 00000004 c03000c0 00000009 00000009 00000001 b6e28000 00000009 00000001 # [ 195.952209] 1fc0: 00000009 00000009 7ff00000 00000004 00000001 b6e28000 00020000 0049fe38 # [ 195.960682] 1fe0: 00000004 beaa9788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 # [ 195.969247] Call trace: # [ 195.969260] lkdtm_WRITE_RO from lkdtm_do_action+0x24/0x4c # [ 195.977786] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 195.983570] direct_entry from full_proxy_write+0x5c/0x8c # [ 195.989246] full_proxy_write from vfs_write+0xbc/0x3cc # [ 195.994724] vfs_write from ksys_write+0x78/0xf8 # [ 195.999601] ksys_write from ret_fast_syscall+0x0/0x1c # [ 196.005073] Exception stack(0xf1f11fa8 to 0xf1f11ff0) # [ 196.010429] 1fa0: 00000009 00000009 00000001 b6e28000 00000009 00000001 # [ 196.018903] 1fc0: 00000009 00000009 7ff00000 00000004 00000001 b6e28000 00020000 0049fe38 # [ 196.027372] 1fe0: 00000004 beaa9788 b6eee33b b6e67616 # [ 196.032730] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) # [ 196.039086] ---[ end trace 0000000000000000 ]--- # [ 196.043932] note: cat[3037] exited with irqs disabled # WRITE_RO: saw 'call trace:': ok ok 46 selftests: lkdtm: WRITE_RO.sh # timeout set to 45 # selftests: lkdtm: WRITE_RO_AFTER_INIT.sh <6>[ 197.909923] lkdtm: Performing direct entry WRITE_RO_AFTER_INIT <6>[ 197.914826] lkdtm: attempting bad ro_after_init write at c2196cb4 <1>[ 197.921198] 8<--- cut here --- <1>[ 197.924349] Unable to handle kernel paging request at virtual address c2196cb4 when write <1>[ 197.932830] [c2196cb4] *pgd=c201941e(bad) <0>[ 197.937114] Internal error: Oops: 80d [#16] SMP ARM <4>[ 197.942276] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 197.978749] CPU: 0 UID: 0 PID: 3118 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 197.988342] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 197.993588] Hardware name: STM32 (Device Tree Support) <4>[ 197.999036] PC is at lkdtm_WRITE_RO_AFTER_INIT+0x58/0x6c <4>[ 198.004615] LR is at lkdtm_WRITE_RO_AFTER_INIT+0x48/0x6c <4>[ 198.010281] pc : [] lr : [] psr: 60080013 <4>[ 198.016837] sp : f1fadeb8 ip : 00000000 fp : 0050fe38 <4>[ 198.022286] r10: c89b87c0 r9 : f1fadf80 r8 : c278bf98 <4>[ 198.027836] r7 : f1fadf80 r6 : 00000000 r5 : c7eb9000 r4 : c2196cb4 <4>[ 198.034594] r3 : fe67479e r2 : 55aa55aa r1 : 00000000 r0 : 00000035 <4>[ 198.041454] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 198.048918] Control: 10c5387d Table: c5ad006a DAC: 00000051 <1>[ 198.054869] Register r0 information: non-paged memory <1>[ 198.060227] Register r1 information: NULL pointer <1>[ 198.065179] Register r2 information: non-paged memory <1>[ 198.070532] Register r3 information: vmalloc memory <1>[ 198.075687] Register r4 information: non-slab/vmalloc memory <1>[ 198.081645] Register r5 information: non-slab/vmalloc memory <1>[ 198.087602] Register r6 information: NULL pointer <1>[ 198.092553] Register r7 information: 2-page vmalloc region starting at 0xf1fac000 allocated at kernel_clone+0xac/0x388 <1>[ 198.103565] Register r8 information: non-slab/vmalloc memory <1>[ 198.109524] Register r9 information: 2-page vmalloc region starting at 0xf1fac000 allocated at kernel_clone+0xac/0x388 <1>[ 198.120529] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 198.134491] full_proxy_open+0x124/0x24c <6>[ 198.138942] do_dentry_open+0x144/0x4dc <6>[ 198.143298] vfs_open+0x2c/0xec <6>[ 198.146950] path_openat+0x748/0x1198 <6>[ 198.151202] do_filp_open+0x98/0x134 <6>[ 198.155252] do_sys_openat2+0xbc/0xe4 <6>[ 198.159508] sys_openat+0x98/0xd4 <6>[ 198.163260] ret_fast_syscall+0x0/0x1c <4>[ 198.167611] Free path: <6>[ 198.170342] nfs_pgio_header_free+0x34/0x48 <6>[ 198.175002] nfs_write_completion+0x60/0x240 <6>[ 198.179855] rpc_free_task+0x34/0x54 <6>[ 198.183914] rpc_async_release+0x24/0x40 <6>[ 198.188371] process_one_work+0x1b8/0x450 <6>[ 198.192926] worker_thread+0x1d4/0x3c4 <6>[ 198.197278] kthread+0xe8/0x104 <6>[ 198.200926] ret_from_fork+0x14/0x28 <1>[ 198.204975] Register r11 information: non-paged memory <1>[ 198.210431] Register r12 information: NULL pointer <0>[ 198.215484] Process cat (pid: 3118, stack limit = 0xf1fac000) <0>[ 198.221541] Stack: (0xf1fadeb8 to 0xf1fae000) <0>[ 198.226191] dea0: 00000014 c0e007ac <0>[ 198.234666] dec0: 00000014 c0e00b90 c0e00a74 c88a8e40 b6df8000 00000014 c3a4f4b8 c0890ff0 <0>[ 198.243142] dee0: c88a8e40 c0890f94 f1fadf80 b6df8000 c5890040 00000014 c89b87c0 c0628618 <0>[ 198.251616] df00: c5ad2db0 00000000 00000000 00000000 00000000 00000014 b6df8000 0001ffec <0>[ 198.260089] df20: 00000001 00000000 c88a8940 00000000 00000000 00000000 00000000 00000000 <0>[ 198.268562] df40: 00000000 00000000 00000000 00000000 00000022 1ba7837b 00000000 c88a8e40 <0>[ 198.277036] df60: c88a8e40 00000000 00000000 c03002f0 c5890040 00000004 0050fe38 c0628b74 <0>[ 198.285508] df80: 00000000 00000000 00000000 1ba7837b 000000c0 00000014 00000014 7ff00000 <0>[ 198.294082] dfa0: 00000004 c03000c0 00000014 00000014 00000001 b6df8000 00000014 00000001 <0>[ 198.302555] dfc0: 00000014 00000014 7ff00000 00000004 00000001 b6df8000 00020000 0050fe38 <0>[ 198.311028] dfe0: 00000004 be93e788 b6ebe33b b6e37616 60080030 00000001 00000000 00000000 <0>[ 198.319493] Call trace: <0>[ 198.319507] lkdtm_WRITE_RO_AFTER_INIT from lkdtm_do_action+0x24/0x4c <0>[ 198.329032] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 198.334815] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 198.340491] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 198.345967] vfs_write from ksys_write+0x78/0xf8 <0>[ 198.350844] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 198.356315] Exception stack(0xf1fadfa8 to 0xf1fadff0) <0>[ 198.361672] dfa0: 00000014 00000014 00000001 b6df8000 00000014 00000001 <0>[ 198.370146] dfc0: 00000014 00000014 7ff00000 00000004 00000001 b6df8000 00020000 0050fe38 <0>[ 198.378615] dfe0: 00000004 be93e788 b6ebe33b b6e37616 <0>[ 198.383873] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) <4>[ 198.390329] ---[ end trace 0000000000000000 ]--- <6>[ 198.395175] note: cat[3118] exited with irqs disabled # Segmentation fault # [ 197.909923] lkdtm: Performing direct entry WRITE_RO_AFTER_INIT # [ 197.914826] lkdtm: attempting bad ro_after_init write at c2196cb4 # [ 197.921198] 8<--- cut here --- # [ 197.924349] Unable to handle kernel paging request at virtual address c2196cb4 when write # [ 197.932830] [c2196cb4] *pgd=c201941e(bad) # [ 197.937114] Internal error: Oops: 80d [#16] SMP ARM # [ 197.942276] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 197.978749] CPU: 0 UID: 0 PID: 3118 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 197.988342] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 197.993588] Hardware name: STM32 (Device Tree Support) # [ 197.999036] PC is at lkdtm_WRITE_RO_AFTER_INIT+0x58/0x6c # [ 198.004615] LR is at lkdtm_WRITE_RO_AFTER_INIT+0x48/0x6c # [ 198.010281] pc : [] lr : [] psr: 60080013 # [ 198.016837] sp : f1fadeb8 ip : 00000000 fp : 0050fe38 # [ 198.022286] r10: c89b87c0 r9 : f1fadf80 r8 : c278bf98 # [ 198.027836] r7 : f1fadf80 r6 : 00000000 r5 : c7eb9000 r4 : c2196cb4 # [ 198.034594] r3 : fe67479e r2 : 55aa55aa r1 : 00000000 r0 : 00000035 # [ 198.041454] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 198.048918] Control: 10c5387d Table: c5ad006a DAC: 00000051 # [ 198.054869] Register r0 information: non-paged memory # [ 198.060227] Register r1 information: NULL pointer # [ 198.065179] Register r2 information: non-paged memory # [ 198.070532] Register r3 information: vmalloc memory # [ 198.075687] Register r4 information: non-slab/vmalloc memory # [ 198.081645] Register r5 information: non-slab/vmalloc memory # [ 198.087602] Register r6 information: NULL pointer # [ 198.092553] Register r7 information: 2-page vmalloc region starting at 0xf1fac000 allocated at kernel_clone+0xac/0x388 # [ 198.103565] Register r8 information: non-slab/vmalloc memory # [ 198.109524] Register r9 information: 2-page vmalloc region starting at 0xf1fac000 allocated at kernel_clone+0xac/0x388 # [ 198.120529] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 198.134491] full_proxy_open+0x124/0x24c # [ 198.138942] do_dentry_open+0x144/0x4dc # [ 198.143298] vfs_open+0x2c/0xec # [ 198.146950] path_openat+0x748/0x1198 # [ 198.151202] do_filp_open+0x98/0x134 # [ 198.155252] do_sys_openat2+0xbc/0xe4 # [ 198.159508] sys_openat+0x98/0xd4 # [ 198.163260] ret_fast_syscall+0x0/0x1c # [ 198.167611] Free path: # [ 198.170342] nfs_pgio_header_free+0x34/0x48 # [ 198.175002] nfs_write_completion+0x60/0x240 # [ 198.179855] rpc_free_task+0x34/0x54 # [ 198.183914] rpc_async_release+0x24/0x40 # [ 198.188371] process_one_work+0x1b8/0x450 # [ 198.192926] worker_thread+0x1d4/0x3c4 # [ 198.197278] kthread+0xe8/0x104 # [ 198.200926] ret_from_fork+0x14/0x28 # [ 198.204975] Register r11 information: non-paged memory # [ 198.210431] Register r12 information: NULL pointer # [ 198.215484] Process cat (pid: 3118, stack limit = 0xf1fac000) # [ 198.221541] Stack: (0xf1fadeb8 to 0xf1fae000) # [ 198.226191] dea0: 00000014 c0e007ac # [ 198.234666] dec0: 00000014 c0e00b90 c0e00a74 c88a8e40 b6df8000 00000014 c3a4f4b8 c0890ff0 # [ 198.243142] dee0: c88a8e40 c0890f94 f1fadf80 b6df8000 c5890040 00000014 c89b87c0 c0628618 # [ 198.251616] df00: c5ad2db0 00000000 00000000 00000000 00000000 00000014 b6df8000 0001ffec # [ 198.260089] df20: 00000001 00000000 c88a8940 00000000 00000000 00000000 00000000 00000000 # [ 198.268562] df40: 00000000 00000000 00000000 00000000 00000022 1ba7837b 00000000 c88a8e40 # [ 198.277036] df60: c88a8e40 00000000 00000000 c03002f0 c5890040 00000004 0050fe38 c0628b74 # [ 198.285508] df80: 00000000 00000000 00000000 1ba7837b 000000c0 00000014 00000014 7ff00000 # [ 198.294082] dfa0: 00000004 c03000c0 00000014 00000014 00000001 b6df8000 00000014 00000001 # [ 198.302555] dfc0: 00000014 00000014 7ff00000 00000004 00000001 b6df8000 00020000 0050fe38 # [ 198.311028] dfe0: 00000004 be93e788 b6ebe33b b6e37616 60080030 00000001 00000000 00000000 # [ 198.319493] Call trace: # [ 198.319507] lkdtm_WRITE_RO_AFTER_INIT from lkdtm_do_action+0x24/0x4c # [ 198.329032] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 198.334815] direct_entry from full_proxy_write+0x5c/0x8c # [ 198.340491] full_proxy_write from vfs_write+0xbc/0x3cc # [ 198.345967] vfs_write from ksys_write+0x78/0xf8 # [ 198.350844] ksys_write from ret_fast_syscall+0x0/0x1c # [ 198.356315] Exception stack(0xf1fadfa8 to 0xf1fadff0) # [ 198.361672] dfa0: 00000014 00000014 00000001 b6df8000 00000014 00000001 # [ 198.370146] dfc0: 00000014 00000014 7ff00000 00000004 00000001 b6df8000 00020000 0050fe38 # [ 198.378615] dfe0: 00000004 be93e788 b6ebe33b b6e37616 # [ 198.383873] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) # [ 198.390329] ---[ end trace 0000000000000000 ]--- # [ 198.395175] note: cat[3118] exited with irqs disabled # WRITE_RO_AFTER_INIT: saw 'call trace:': ok ok 47 selftests: lkdtm: WRITE_RO_AFTER_INIT.sh # timeout set to 45 # selftests: lkdtm: WRITE_KERN.sh <6>[ 200.220616] lkdtm: Performing direct entry WRITE_KERN <6>[ 200.224770] lkdtm: attempting bad 9651908 byte write at c1736748 <1>[ 200.231529] 8<--- cut here --- <1>[ 200.234290] Unable to handle kernel paging request at virtual address c1736748 when write <1>[ 200.242771] [c1736748] *pgd=c161940e(bad) <0>[ 200.247053] Internal error: Oops: 80d [#17] SMP ARM <4>[ 200.252219] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 200.288702] CPU: 1 UID: 0 PID: 3199 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 200.298307] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 200.303562] Hardware name: STM32 (Device Tree Support) <4>[ 200.308916] PC is at mmiocpy+0x54/0x334 <4>[ 200.313085] LR is at 0xebdf603d <4>[ 200.316433] pc : [] lr : [] psr: 20080013 <4>[ 200.322990] sp : f2011e90 ip : e3a00040 fp : f2011ea0 <4>[ 200.328540] r10: c89b87c0 r9 : e28dd004 r8 : e52de004 <4>[ 200.333989] r7 : f2011f80 r6 : e92d4010 r5 : e12fff1e r4 : e28dd004 <4>[ 200.340848] r3 : e52de004 r2 : 00934624 r1 : c0e020a4 r0 : c1736748 <4>[ 200.347707] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 200.355074] Control: 10c5387d Table: c8dc806a DAC: 00000051 <1>[ 200.361124] Register r0 information: non-slab/vmalloc memory <1>[ 200.367091] Register r1 information: non-slab/vmalloc memory <1>[ 200.373050] Register r2 information: non-paged memory <1>[ 200.378304] Register r3 information: non-slab/vmalloc memory <1>[ 200.384263] Register r4 information: non-slab/vmalloc memory <1>[ 200.390220] Register r5 information: non-slab/vmalloc memory <1>[ 200.396177] Register r6 information: non-slab/vmalloc memory <1>[ 200.402134] Register r7 information: 2-page vmalloc region starting at 0xf2010000 allocated at kernel_clone+0xac/0x388 <1>[ 200.413149] Register r8 information: non-slab/vmalloc memory <1>[ 200.419108] Register r9 information: non-slab/vmalloc memory <1>[ 200.425065] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 200.438928] full_proxy_open+0x124/0x24c <6>[ 200.443379] do_dentry_open+0x144/0x4dc <6>[ 200.447735] vfs_open+0x2c/0xec <6>[ 200.451487] path_openat+0x748/0x1198 <6>[ 200.455639] do_filp_open+0x98/0x134 <6>[ 200.459789] do_sys_openat2+0xbc/0xe4 <6>[ 200.463943] sys_openat+0x98/0xd4 <6>[ 200.467794] ret_fast_syscall+0x0/0x1c <4>[ 200.472045] Free path: <6>[ 200.474775] nfs_pgio_header_free+0x34/0x48 <6>[ 200.479537] nfs_write_completion+0x60/0x240 <6>[ 200.484289] rpc_free_task+0x34/0x54 <6>[ 200.488447] rpc_async_release+0x24/0x40 <6>[ 200.492902] process_one_work+0x1b8/0x450 <6>[ 200.497458] worker_thread+0x1d4/0x3c4 <6>[ 200.501710] kthread+0xe8/0x104 <6>[ 200.505359] ret_from_fork+0x14/0x28 <1>[ 200.509506] Register r11 information: 2-page vmalloc region starting at 0xf2010000 allocated at kernel_clone+0xac/0x388 <1>[ 200.520616] Register r12 information: non-slab/vmalloc memory <0>[ 200.526675] Process cat (pid: 3199, stack limit = 0xf2010000) <0>[ 200.532630] Stack: (0xf2011e90 to 0xf2012000) <0>[ 200.537283] 1e80: c0e02084 009346c4 c278bfa0 f2011f80 <0>[ 200.545757] 1ea0: c1736748 c1736748 004efe38 c1736868 0000000b c8b40000 00000000 c0e007ac <0>[ 200.554229] 1ec0: 0000000b c0e00b90 c0e00a74 c5877f40 b6db8000 0000000b c3a4f4b8 c0890ff0 <0>[ 200.562803] 1ee0: c5877f40 c0890f94 f2011f80 b6db8000 c5990040 0000000b c89b87c0 c0628618 <0>[ 200.571275] 1f00: c8dcadb0 00000000 00000000 00000000 00000000 0000000b b6db8000 0001fff5 <0>[ 200.579747] 1f20: 00000001 00000000 c5877a40 00000000 00000000 00000000 00000000 00000000 <0>[ 200.588220] 1f40: 00000000 00000000 00000000 00000000 00000022 45191ef2 00000000 c5877f40 <0>[ 200.596692] 1f60: c5877f40 00000000 00000000 c03002f0 c5990040 00000004 004efe38 c0628b74 <0>[ 200.605165] 1f80: 00000000 00000000 00000000 45191ef2 000000c0 0000000b 0000000b 7ff00000 <0>[ 200.613637] 1fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6db8000 0000000b 00000001 <0>[ 200.622112] 1fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6db8000 00020000 004efe38 <0>[ 200.630593] 1fe0: 00000004 be8ca788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 <0>[ 200.639066] Call trace: <0>[ 200.639084] mmiocpy from lkdtm_WRITE_KERN+0x44/0x70 <0>[ 200.647106] lkdtm_WRITE_KERN from lkdtm_do_action+0x24/0x4c <0>[ 200.653113] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 200.658802] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 200.664483] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 200.670062] vfs_write from ksys_write+0x78/0xf8 <0>[ 200.674940] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 200.680314] Exception stack(0xf2011fa8 to 0xf2011ff0) <0>[ 200.685671] 1fa0: 0000000b 0000000b 00000001 b6db8000 0000000b 00000001 <0>[ 200.694147] 1fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6db8000 00020000 004efe38 <0>[ 200.702618] 1fe0: 00000004 be8ca788 b6e7e33b b6df7616 <0>[ 200.707976] Code: f5d1f05c f5d1f07c e8b15378 e2522020 (e8a05378) <4>[ 200.714335] ---[ end trace 0000000000000000 ]--- <6>[ 200.719282] note: cat[3199] exited with irqs disabled # Segmentation fault # [ 200.220616] lkdtm: Performing direct entry WRITE_KERN # [ 200.224770] lkdtm: attempting bad 9651908 byte write at c1736748 # [ 200.231529] 8<--- cut here --- # [ 200.234290] Unable to handle kernel paging request at virtual address c1736748 when write # [ 200.242771] [c1736748] *pgd=c161940e(bad) # [ 200.247053] Internal error: Oops: 80d [#17] SMP ARM # [ 200.252219] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 200.288702] CPU: 1 UID: 0 PID: 3199 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 200.298307] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 200.303562] Hardware name: STM32 (Device Tree Support) # [ 200.308916] PC is at mmiocpy+0x54/0x334 # [ 200.313085] LR is at 0xebdf603d # [ 200.316433] pc : [] lr : [] psr: 20080013 # [ 200.322990] sp : f2011e90 ip : e3a00040 fp : f2011ea0 # [ 200.328540] r10: c89b87c0 r9 : e28dd004 r8 : e52de004 # [ 200.333989] r7 : f2011f80 r6 : e92d4010 r5 : e12fff1e r4 : e28dd004 # [ 200.340848] r3 : e52de004 r2 : 00934624 r1 : c0e020a4 r0 : c1736748 # [ 200.347707] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 200.355074] Control: 10c5387d Table: c8dc806a DAC: 00000051 # [ 200.361124] Register r0 information: non-slab/vmalloc memory # [ 200.367091] Register r1 information: non-slab/vmalloc memory # [ 200.373050] Register r2 information: non-paged memory # [ 200.378304] Register r3 information: non-slab/vmalloc memory # [ 200.384263] Register r4 information: non-slab/vmalloc memory # [ 200.390220] Register r5 information: non-slab/vmalloc memory # [ 200.396177] Register r6 information: non-slab/vmalloc memory # [ 200.402134] Register r7 information: 2-page vmalloc region starting at 0xf2010000 allocated at kernel_clone+0xac/0x388 # [ 200.413149] Register r8 information: non-slab/vmalloc memory # [ 200.419108] Register r9 information: non-slab/vmalloc memory # [ 200.425065] Register r10 information: slab kmalloc-192 start c89b8780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 200.438928] full_proxy_open+0x124/0x24c # [ 200.443379] do_dentry_open+0x144/0x4dc # [ 200.447735] vfs_open+0x2c/0xec # [ 200.451487] path_openat+0x748/0x1198 # [ 200.455639] do_filp_open+0x98/0x134 # [ 200.459789] do_sys_openat2+0xbc/0xe4 # [ 200.463943] sys_openat+0x98/0xd4 # [ 200.467794] ret_fast_syscall+0x0/0x1c # [ 200.472045] Free path: # [ 200.474775] nfs_pgio_header_free+0x34/0x48 # [ 200.479537] nfs_write_completion+0x60/0x240 # [ 200.484289] rpc_free_task+0x34/0x54 # [ 200.488447] rpc_async_release+0x24/0x40 # [ 200.492902] process_one_work+0x1b8/0x450 # [ 200.497458] worker_thread+0x1d4/0x3c4 # [ 200.501710] kthread+0xe8/0x104 # [ 200.505359] ret_from_fork+0x14/0x28 # [ 200.509506] Register r11 information: 2-page vmalloc region starting at 0xf2010000 allocated at kernel_clone+0xac/0x388 # [ 200.520616] Register r12 information: non-slab/vmalloc memory # [ 200.526675] Process cat (pid: 3199, stack limit = 0xf2010000) # [ 200.532630] Stack: (0xf2011e90 to 0xf2012000) # [ 200.537283] 1e80: c0e02084 009346c4 c278bfa0 f2011f80 # [ 200.545757] 1ea0: c1736748 c1736748 004efe38 c1736868 0000000b c8b40000 00000000 c0e007ac # [ 200.554229] 1ec0: 0000000b c0e00b90 c0e00a74 c5877f40 b6db8000 0000000b c3a4f4b8 c0890ff0 # [ 200.562803] 1ee0: c5877f40 c0890f94 f2011f80 b6db8000 c5990040 0000000b c89b87c0 c0628618 # [ 200.571275] 1f00: c8dcadb0 00000000 00000000 00000000 00000000 0000000b b6db8000 0001fff5 # [ 200.579747] 1f20: 00000001 00000000 c5877a40 00000000 00000000 00000000 00000000 00000000 # [ 200.588220] 1f40: 00000000 00000000 00000000 00000000 00000022 45191ef2 00000000 c5877f40 # [ 200.596692] 1f60: c5877f40 00000000 00000000 c03002f0 c5990040 00000004 004efe38 c0628b74 # [ 200.605165] 1f80: 00000000 00000000 00000000 45191ef2 000000c0 0000000b 0000000b 7ff00000 # [ 200.613637] 1fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6db8000 0000000b 00000001 # [ 200.622112] 1fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6db8000 00020000 004efe38 # [ 200.630593] 1fe0: 00000004 be8ca788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 # [ 200.639066] Call trace: # [ 200.639084] mmiocpy from lkdtm_WRITE_KERN+0x44/0x70 # [ 200.647106] lkdtm_WRITE_KERN from lkdtm_do_action+0x24/0x4c # [ 200.653113] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 200.658802] direct_entry from full_proxy_write+0x5c/0x8c # [ 200.664483] full_proxy_write from vfs_write+0xbc/0x3cc # [ 200.670062] vfs_write from ksys_write+0x78/0xf8 # [ 200.674940] ksys_write from ret_fast_syscall+0x0/0x1c # [ 200.680314] Exception stack(0xf2011fa8 to 0xf2011ff0) # [ 200.685671] 1fa0: 0000000b 0000000b 00000001 b6db8000 0000000b 00000001 # [ 200.694147] 1fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6db8000 00020000 004efe38 # [ 200.702618] 1fe0: 00000004 be8ca788 b6e7e33b b6df7616 # [ 200.707976] Code: f5d1f05c f5d1f07c e8b15378 e2522020 (e8a05378) # [ 200.714335] ---[ end trace 0000000000000000 ]--- # [ 200.719282] note: cat[3199] exited with irqs disabled # WRITE_KERN: saw 'call trace:': ok ok 48 selftests: lkdtm: WRITE_KERN.sh # timeout set to 45 # selftests: lkdtm: WRITE_OPD.sh <6>[ 202.527975] lkdtm: Performing direct entry WRITE_OPD <6>[ 202.531970] lkdtm: XFAIL: Platform doesn't use function descriptors. # [ 202.527975] lkdtm: Performing direct entry WRITE_OPD # [ 202.531970] lkdtm: XFAIL: Platform doesn't use function descriptors. # WRITE_OPD: saw 'XFAIL': [SKIP] ok 49 selftests: lkdtm: WRITE_OPD.sh # SKIP # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_OVERFLOW.sh <6>[ 203.916223] lkdtm: Performing direct entry REFCOUNT_INC_OVERFLOW <6>[ 203.921240] lkdtm: attempting good refcount_inc() without overflow <6>[ 203.927724] lkdtm: attempting bad refcount_inc() overflow <4>[ 203.933402] ------------[ cut here ]------------ <4>[ 203.938258] WARNING: CPU: 1 PID: 3323 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 <4>[ 203.947348] refcount_t: saturated; leaking memory. <4>[ 203.952486] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 203.988941] CPU: 1 UID: 0 PID: 3323 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 203.998451] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 204.003698] Hardware name: STM32 (Device Tree Support) <4>[ 204.009147] Call trace: <4>[ 204.009162] unwind_backtrace from show_stack+0x18/0x1c <4>[ 204.017371] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 204.022747] dump_stack_lvl from __warn+0x84/0x134 <4>[ 204.027829] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 204.033211] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 <4>[ 204.040306] lkdtm_REFCOUNT_INC_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 204.047201] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 204.052981] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 204.058658] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 204.064136] vfs_write from ksys_write+0x78/0xf8 <4>[ 204.069114] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 204.074487] Exception stack(0xf20e9fa8 to 0xf20e9ff0) <4>[ 204.079846] 9fa0: 00000016 00000016 00000001 b6d84000 00000016 00000001 <4>[ 204.088321] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6d84000 00020000 0044fe38 <4>[ 204.096791] 9fe0: 00000004 bee62788 b6e4a33b b6dc3616 <4>[ 204.102253] ---[ end trace 0000000000000000 ]--- <6>[ 204.107097] lkdtm: Overflow detected: saturated # [ 203.916223] lkdtm: Performing direct entry REFCOUNT_INC_OVERFLOW # [ 203.921240] lkdtm: attempting good refcount_inc() without overflow # [ 203.927724] lkdtm: attempting bad refcount_inc() overflow # [ 203.933402] ------------[ cut here ]------------ # [ 203.938258] WARNING: CPU: 1 PID: 3323 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 # [ 203.947348] refcount_t: saturated; leaking memory. # [ 203.952486] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 203.988941] CPU: 1 UID: 0 PID: 3323 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 203.998451] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 204.003698] Hardware name: STM32 (Device Tree Support) # [ 204.009147] Call trace: # [ 204.009162] unwind_backtrace from show_stack+0x18/0x1c # [ 204.017371] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 204.022747] dump_stack_lvl from __warn+0x84/0x134 # [ 204.027829] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 204.033211] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 # [ 204.040306] lkdtm_REFCOUNT_INC_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 204.047201] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 204.052981] direct_entry from full_proxy_write+0x5c/0x8c # [ 204.058658] full_proxy_write from vfs_write+0xbc/0x3cc # [ 204.064136] vfs_write from ksys_write+0x78/0xf8 # [ 204.069114] ksys_write from ret_fast_syscall+0x0/0x1c # [ 204.074487] Exception stack(0xf20e9fa8 to 0xf20e9ff0) # [ 204.079846] 9fa0: 00000016 00000016 00000001 b6d84000 00000016 00000001 # [ 204.088321] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6d84000 00020000 0044fe38 # [ 204.096791] 9fe0: 00000004 bee62788 b6e4a33b b6dc3616 # [ 204.102253] ---[ end trace 0000000000000000 ]--- # [ 204.107097] lkdtm: Overflow detected: saturated # REFCOUNT_INC_OVERFLOW: saw 'call trace:': ok ok 50 selftests: lkdtm: REFCOUNT_INC_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_OVERFLOW.sh <6>[ 205.509114] lkdtm: Performing direct entry REFCOUNT_ADD_OVERFLOW <6>[ 205.514128] lkdtm: attempting good refcount_add() without overflow <6>[ 205.520570] lkdtm: attempting bad refcount_add() overflow <4>[ 205.526343] ------------[ cut here ]------------ <4>[ 205.531197] WARNING: CPU: 1 PID: 3362 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 <4>[ 205.540284] refcount_t: saturated; leaking memory. <4>[ 205.545330] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 205.581841] CPU: 1 UID: 0 PID: 3362 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 205.591351] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 205.596603] Hardware name: STM32 (Device Tree Support) <4>[ 205.601953] Call trace: <4>[ 205.601968] unwind_backtrace from show_stack+0x18/0x1c <4>[ 205.610278] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 205.615654] dump_stack_lvl from __warn+0x84/0x134 <4>[ 205.620736] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 205.626116] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 <4>[ 205.633214] lkdtm_REFCOUNT_ADD_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 205.640109] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 205.645889] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 205.651565] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 205.657040] vfs_write from ksys_write+0x78/0xf8 <4>[ 205.662017] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 205.667389] Exception stack(0xf2129fa8 to 0xf2129ff0) <4>[ 205.672747] 9fa0: 00000016 00000016 00000001 b6e18000 00000016 00000001 <4>[ 205.681221] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e18000 00020000 0050fe38 <4>[ 205.689690] 9fe0: 00000004 bee47788 b6ede33b b6e57616 <4>[ 205.695201] ---[ end trace 0000000000000000 ]--- <6>[ 205.699943] lkdtm: Overflow detected: saturated # [ 205.509114] lkdtm: Performing direct entry REFCOUNT_ADD_OVERFLOW # [ 205.514128] lkdtm: attempting good refcount_add() without overflow # [ 205.520570] lkdtm: attempting bad refcount_add() overflow # [ 205.526343] ------------[ cut here ]------------ # [ 205.531197] WARNING: CPU: 1 PID: 3362 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 # [ 205.540284] refcount_t: saturated; leaking memory. # [ 205.545330] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 205.581841] CPU: 1 UID: 0 PID: 3362 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 205.591351] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 205.596603] Hardware name: STM32 (Device Tree Support) # [ 205.601953] Call trace: # [ 205.601968] unwind_backtrace from show_stack+0x18/0x1c # [ 205.610278] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 205.615654] dump_stack_lvl from __warn+0x84/0x134 # [ 205.620736] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 205.626116] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 # [ 205.633214] lkdtm_REFCOUNT_ADD_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 205.640109] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 205.645889] direct_entry from full_proxy_write+0x5c/0x8c # [ 205.651565] full_proxy_write from vfs_write+0xbc/0x3cc # [ 205.657040] vfs_write from ksys_write+0x78/0xf8 # [ 205.662017] ksys_write from ret_fast_syscall+0x0/0x1c # [ 205.667389] Exception stack(0xf2129fa8 to 0xf2129ff0) # [ 205.672747] 9fa0: 00000016 00000016 00000001 b6e18000 00000016 00000001 # [ 205.681221] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e18000 00020000 0050fe38 # [ 205.689690] 9fe0: 00000004 bee47788 b6ede33b b6e57616 # [ 205.695201] ---[ end trace 0000000000000000 ]--- # [ 205.699943] lkdtm: Overflow detected: saturated # REFCOUNT_ADD_OVERFLOW: saw 'call trace:': ok ok 51 selftests: lkdtm: REFCOUNT_ADD_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh <6>[ 207.092005] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_OVERFLOW <6>[ 207.097805] lkdtm: attempting bad refcount_inc_not_zero() overflow <4>[ 207.104266] ------------[ cut here ]------------ <4>[ 207.109234] WARNING: CPU: 1 PID: 3401 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 207.118942] refcount_t: saturated; leaking memory. <4>[ 207.124092] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 207.160535] CPU: 1 UID: 0 PID: 3401 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 207.170042] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 207.175299] Hardware name: STM32 (Device Tree Support) <4>[ 207.180658] Call trace: <4>[ 207.180677] unwind_backtrace from show_stack+0x18/0x1c <4>[ 207.189002] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 207.194396] dump_stack_lvl from __warn+0x84/0x134 <4>[ 207.199393] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 207.204886] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 207.212597] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW+0x40/0x80 <4>[ 207.222107] lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 207.229713] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 207.235498] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 207.241177] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 207.246758] vfs_write from ksys_write+0x78/0xf8 <4>[ 207.251637] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 207.257010] Exception stack(0xf215dfa8 to 0xf215dff0) <4>[ 207.262370] dfa0: 0000001f 0000001f 00000001 b6dd8000 0000001f 00000001 <4>[ 207.270845] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 <4>[ 207.279314] dfe0: 00000004 be9eb788 b6e9e33b b6e17616 <4>[ 207.284912] ---[ end trace 0000000000000000 ]--- <6>[ 207.289689] lkdtm: Overflow detected: saturated # [ 207.092005] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_OVERFLOW # [ 207.097805] lkdtm: attempting bad refcount_inc_not_zero() overflow # [ 207.104266] ------------[ cut here ]------------ # [ 207.109234] WARNING: CPU: 1 PID: 3401 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 207.118942] refcount_t: saturated; leaking memory. # [ 207.124092] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 207.160535] CPU: 1 UID: 0 PID: 3401 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 207.170042] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 207.175299] Hardware name: STM32 (Device Tree Support) # [ 207.180658] Call trace: # [ 207.180677] unwind_backtrace from show_stack+0x18/0x1c # [ 207.189002] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 207.194396] dump_stack_lvl from __warn+0x84/0x134 # [ 207.199393] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 207.204886] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 207.212597] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW+0x40/0x80 # [ 207.222107] lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 207.229713] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 207.235498] direct_entry from full_proxy_write+0x5c/0x8c # [ 207.241177] full_proxy_write from vfs_write+0xbc/0x3cc # [ 207.246758] vfs_write from ksys_write+0x78/0xf8 # [ 207.251637] ksys_write from ret_fast_syscall+0x0/0x1c # [ 207.257010] Exception stack(0xf215dfa8 to 0xf215dff0) # [ 207.262370] dfa0: 0000001f 0000001f 00000001 b6dd8000 0000001f 00000001 # [ 207.270845] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 # [ 207.279314] dfe0: 00000004 be9eb788 b6e9e33b b6e17616 # [ 207.284912] ---[ end trace 0000000000000000 ]--- # [ 207.289689] lkdtm: Overflow detected: saturated # REFCOUNT_INC_NOT_ZERO_OVERFLOW: saw 'call trace:': ok ok 52 selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh <6>[ 208.621940] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_OVERFLOW <6>[ 208.627763] lkdtm: attempting bad refcount_add_not_zero() overflow <4>[ 208.634321] ------------[ cut here ]------------ <4>[ 208.639092] WARNING: CPU: 1 PID: 3440 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 208.648896] refcount_t: saturated; leaking memory. <4>[ 208.653949] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 208.690462] CPU: 1 UID: 0 PID: 3440 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 208.699969] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 208.705222] Hardware name: STM32 (Device Tree Support) <4>[ 208.710673] Call trace: <4>[ 208.710689] unwind_backtrace from show_stack+0x18/0x1c <4>[ 208.719002] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 208.724280] dump_stack_lvl from __warn+0x84/0x134 <4>[ 208.729362] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 208.734743] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 208.742545] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW+0x40/0x80 <4>[ 208.752052] lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 208.759750] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 208.765430] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 208.771206] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 208.776682] vfs_write from ksys_write+0x78/0xf8 <4>[ 208.781560] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 208.787033] Exception stack(0xf2191fa8 to 0xf2191ff0) <4>[ 208.792296] 1fa0: 0000001f 0000001f 00000001 b6da8000 0000001f 00000001 <4>[ 208.800771] 1fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6da8000 00020000 004dfe38 <4>[ 208.809240] 1fe0: 00000004 bedfe788 b6e6e33b b6de7616 <4>[ 208.814722] ---[ end trace 0000000000000000 ]--- <6>[ 208.819570] lkdtm: Overflow detected: saturated # [ 208.621940] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_OVERFLOW # [ 208.627763] lkdtm: attempting bad refcount_add_not_zero() overflow # [ 208.634321] ------------[ cut here ]------------ # [ 208.639092] WARNING: CPU: 1 PID: 3440 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 208.648896] refcount_t: saturated; leaking memory. # [ 208.653949] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 208.690462] CPU: 1 UID: 0 PID: 3440 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 208.699969] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 208.705222] Hardware name: STM32 (Device Tree Support) # [ 208.710673] Call trace: # [ 208.710689] unwind_backtrace from show_stack+0x18/0x1c # [ 208.719002] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 208.724280] dump_stack_lvl from __warn+0x84/0x134 # [ 208.729362] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 208.734743] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 208.742545] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW+0x40/0x80 # [ 208.752052] lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 208.759750] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 208.765430] direct_entry from full_proxy_write+0x5c/0x8c # [ 208.771206] full_proxy_write from vfs_write+0xbc/0x3cc # [ 208.776682] vfs_write from ksys_write+0x78/0xf8 # [ 208.781560] ksys_write from ret_fast_syscall+0x0/0x1c # [ 208.787033] Exception stack(0xf2191fa8 to 0xf2191ff0) # [ 208.792296] 1fa0: 0000001f 0000001f 00000001 b6da8000 0000001f 00000001 # [ 208.800771] 1fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6da8000 00020000 004dfe38 # [ 208.809240] 1fe0: 00000004 bedfe788 b6e6e33b b6de7616 # [ 208.814722] ---[ end trace 0000000000000000 ]--- # [ 208.819570] lkdtm: Overflow detected: saturated # REFCOUNT_ADD_NOT_ZERO_OVERFLOW: saw 'call trace:': ok ok 53 selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_ZERO.sh <6>[ 210.181601] lkdtm: Performing direct entry REFCOUNT_DEC_ZERO <6>[ 210.186501] lkdtm: attempting good refcount_dec() <6>[ 210.191448] lkdtm: attempting bad refcount_dec() to zero <4>[ 210.197541] ------------[ cut here ]------------ <4>[ 210.202076] WARNING: CPU: 1 PID: 3479 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 <4>[ 210.210720] refcount_t: decrement hit 0; leaking memory. <4>[ 210.216256] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 210.252928] CPU: 1 UID: 0 PID: 3479 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 210.262243] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 210.267490] Hardware name: STM32 (Device Tree Support) <4>[ 210.272939] Call trace: <4>[ 210.272954] unwind_backtrace from show_stack+0x18/0x1c <4>[ 210.281261] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 210.286637] dump_stack_lvl from __warn+0x84/0x134 <4>[ 210.291617] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 210.297097] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 <4>[ 210.303790] lkdtm_REFCOUNT_DEC_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 210.310383] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 210.316163] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 210.321838] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 210.327314] vfs_write from ksys_write+0x78/0xf8 <4>[ 210.332190] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 210.337662] Exception stack(0xf21c9fa8 to 0xf21c9ff0) <4>[ 210.343021] 9fa0: 00000012 00000012 00000001 b6e18000 00000012 00000001 <4>[ 210.351497] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e18000 00020000 0043fe38 <4>[ 210.359967] 9fe0: 00000004 bebab788 b6ede33b b6e57616 <4>[ 210.365420] ---[ end trace 0000000000000000 ]--- <6>[ 210.370264] lkdtm: Zero detected: saturated # [ 210.181601] lkdtm: Performing direct entry REFCOUNT_DEC_ZERO # [ 210.186501] lkdtm: attempting good refcount_dec() # [ 210.191448] lkdtm: attempting bad refcount_dec() to zero # [ 210.197541] ------------[ cut here ]------------ # [ 210.202076] WARNING: CPU: 1 PID: 3479 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 # [ 210.210720] refcount_t: decrement hit 0; leaking memory. # [ 210.216256] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 210.252928] CPU: 1 UID: 0 PID: 3479 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 210.262243] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 210.267490] Hardware name: STM32 (Device Tree Support) # [ 210.272939] Call trace: # [ 210.272954] unwind_backtrace from show_stack+0x18/0x1c # [ 210.281261] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 210.286637] dump_stack_lvl from __warn+0x84/0x134 # [ 210.291617] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 210.297097] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 # [ 210.303790] lkdtm_REFCOUNT_DEC_ZERO from lkdtm_do_action+0x24/0x4c # [ 210.310383] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 210.316163] direct_entry from full_proxy_write+0x5c/0x8c # [ 210.321838] full_proxy_write from vfs_write+0xbc/0x3cc # [ 210.327314] vfs_write from ksys_write+0x78/0xf8 # [ 210.332190] ksys_write from ret_fast_syscall+0x0/0x1c # [ 210.337662] Exception stack(0xf21c9fa8 to 0xf21c9ff0) # [ 210.343021] 9fa0: 00000012 00000012 00000001 b6e18000 00000012 00000001 # [ 210.351497] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e18000 00020000 0043fe38 # [ 210.359967] 9fe0: 00000004 bebab788 b6ede33b b6e57616 # [ 210.365420] ---[ end trace 0000000000000000 ]--- # [ 210.370264] lkdtm: Zero detected: saturated # REFCOUNT_DEC_ZERO: saw 'call trace:': ok ok 54 selftests: lkdtm: REFCOUNT_DEC_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_NEGATIVE.sh <6>[ 211.815871] lkdtm: Performing direct entry REFCOUNT_DEC_NEGATIVE <6>[ 211.820873] lkdtm: attempting bad refcount_dec() below zero <4>[ 211.827253] ------------[ cut here ]------------ <4>[ 211.831640] WARNING: CPU: 1 PID: 3523 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c <4>[ 211.840711] refcount_t: decrement hit 0; leaking memory. <4>[ 211.846337] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 211.882857] CPU: 1 UID: 0 PID: 3523 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 211.892368] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 211.897516] Hardware name: STM32 (Device Tree Support) <4>[ 211.902965] Call trace: <4>[ 211.902980] unwind_backtrace from show_stack+0x18/0x1c <4>[ 211.911290] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 211.916667] dump_stack_lvl from __warn+0x84/0x134 <4>[ 211.921650] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 211.927131] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c <4>[ 211.934226] lkdtm_REFCOUNT_DEC_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 211.941120] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 211.946901] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 211.952576] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 211.958051] vfs_write from ksys_write+0x78/0xf8 <4>[ 211.962927] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 211.968400] Exception stack(0xf2215fa8 to 0xf2215ff0) <4>[ 211.973759] 5fa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 <4>[ 211.982234] 5fc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 <4>[ 211.990703] 5fe0: 00000004 bee02788 b6e9e33b b6e17616 <4>[ 211.996216] ---[ end trace 0000000000000000 ]--- <6>[ 212.000950] lkdtm: Negative detected: saturated # [ 211.815871] lkdtm: Performing direct entry REFCOUNT_DEC_NEGATIVE # [ 211.820873] lkdtm: attempting bad refcount_dec() below zero # [ 211.827253] ------------[ cut here ]------------ # [ 211.831640] WARNING: CPU: 1 PID: 3523 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c # [ 211.840711] refcount_t: decrement hit 0; leaking memory. # [ 211.846337] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 211.882857] CPU: 1 UID: 0 PID: 3523 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 211.892368] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 211.897516] Hardware name: STM32 (Device Tree Support) # [ 211.902965] Call trace: # [ 211.902980] unwind_backtrace from show_stack+0x18/0x1c # [ 211.911290] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 211.916667] dump_stack_lvl from __warn+0x84/0x134 # [ 211.921650] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 211.927131] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c # [ 211.934226] lkdtm_REFCOUNT_DEC_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 211.941120] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 211.946901] direct_entry from full_proxy_write+0x5c/0x8c # [ 211.952576] full_proxy_write from vfs_write+0xbc/0x3cc # [ 211.958051] vfs_write from ksys_write+0x78/0xf8 # [ 211.962927] ksys_write from ret_fast_syscall+0x0/0x1c # [ 211.968400] Exception stack(0xf2215fa8 to 0xf2215ff0) # [ 211.973759] 5fa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 # [ 211.982234] 5fc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 # [ 211.990703] 5fe0: 00000004 bee02788 b6e9e33b b6e17616 # [ 211.996216] ---[ end trace 0000000000000000 ]--- # [ 212.000950] lkdtm: Negative detected: saturated # REFCOUNT_DEC_NEGATIVE: saw 'Negative detected: saturated': ok ok 55 selftests: lkdtm: REFCOUNT_DEC_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_AND_TEST_NEGATIVE.sh <6>[ 213.453063] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_NEGATIVE <6>[ 213.458873] lkdtm: attempting bad refcount_dec_and_test() below zero <4>[ 213.465507] ------------[ cut here ]------------ <4>[ 213.470477] WARNING: CPU: 1 PID: 3567 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 213.480174] refcount_t: underflow; use-after-free. <4>[ 213.485324] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 213.521751] CPU: 1 UID: 0 PID: 3567 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 213.531257] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 213.536512] Hardware name: STM32 (Device Tree Support) <4>[ 213.541962] Call trace: <4>[ 213.541977] unwind_backtrace from show_stack+0x18/0x1c <4>[ 213.550189] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 213.555567] dump_stack_lvl from __warn+0x84/0x134 <4>[ 213.560649] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 213.566030] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 213.573820] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE+0x3c/0x80 <4>[ 213.583310] lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 213.590998] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 213.596779] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 213.602455] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 213.607932] vfs_write from ksys_write+0x78/0xf8 <4>[ 213.612809] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 213.618282] Exception stack(0xf2255fa8 to 0xf2255ff0) <4>[ 213.623541] 5fa0: 0000001f 0000001f 00000001 b6e38000 0000001f 00000001 <4>[ 213.632016] 5fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 <4>[ 213.640484] 5fe0: 00000004 beb15788 b6efe33b b6e77616 <4>[ 213.645953] ---[ end trace 0000000000000000 ]--- <6>[ 213.650792] lkdtm: Negative detected: saturated # [ 213.453063] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_NEGATIVE # [ 213.458873] lkdtm: attempting bad refcount_dec_and_test() below zero # [ 213.465507] ------------[ cut here ]------------ # [ 213.470477] WARNING: CPU: 1 PID: 3567 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 213.480174] refcount_t: underflow; use-after-free. # [ 213.485324] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 213.521751] CPU: 1 UID: 0 PID: 3567 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 213.531257] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 213.536512] Hardware name: STM32 (Device Tree Support) # [ 213.541962] Call trace: # [ 213.541977] unwind_backtrace from show_stack+0x18/0x1c # [ 213.550189] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 213.555567] dump_stack_lvl from __warn+0x84/0x134 # [ 213.560649] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 213.566030] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 213.573820] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE+0x3c/0x80 # [ 213.583310] lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 213.590998] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 213.596779] direct_entry from full_proxy_write+0x5c/0x8c # [ 213.602455] full_proxy_write from vfs_write+0xbc/0x3cc # [ 213.607932] vfs_write from ksys_write+0x78/0xf8 # [ 213.612809] ksys_write from ret_fast_syscall+0x0/0x1c # [ 213.618282] Exception stack(0xf2255fa8 to 0xf2255ff0) # [ 213.623541] 5fa0: 0000001f 0000001f 00000001 b6e38000 0000001f 00000001 # [ 213.632016] 5fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 # [ 213.640484] 5fe0: 00000004 beb15788 b6efe33b b6e77616 # [ 213.645953] ---[ end trace 0000000000000000 ]--- # [ 213.650792] lkdtm: Negative detected: saturated # REFCOUNT_DEC_AND_TEST_NEGATIVE: saw 'Negative detected: saturated': ok ok 56 selftests: lkdtm: REFCOUNT_DEC_AND_TEST_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_SUB_AND_TEST_NEGATIVE.sh <6>[ 215.085508] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_NEGATIVE <6>[ 215.091325] lkdtm: attempting bad refcount_sub_and_test() below zero <4>[ 215.098482] ------------[ cut here ]------------ <4>[ 215.102876] WARNING: CPU: 1 PID: 3611 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 215.112692] refcount_t: underflow; use-after-free. <4>[ 215.117744] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 215.154167] CPU: 1 UID: 0 PID: 3611 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 215.163680] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 215.168931] Hardware name: STM32 (Device Tree Support) <4>[ 215.174381] Call trace: <4>[ 215.174397] unwind_backtrace from show_stack+0x18/0x1c <4>[ 215.182711] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 215.187989] dump_stack_lvl from __warn+0x84/0x134 <4>[ 215.193072] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 215.198453] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 215.206244] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE+0x40/0x84 <4>[ 215.215733] lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 215.223421] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 215.229200] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 215.234875] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 215.240350] vfs_write from ksys_write+0x78/0xf8 <4>[ 215.245227] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 215.250699] Exception stack(0xf22b1fa8 to 0xf22b1ff0) <4>[ 215.255958] 1fa0: 0000001f 0000001f 00000001 b6dc8000 0000001f 00000001 <4>[ 215.264533] 1fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6dc8000 00020000 0045fe38 <4>[ 215.273003] 1fe0: 00000004 becf8788 b6e8e33b b6e07616 <4>[ 215.278385] ---[ end trace 0000000000000000 ]--- <6>[ 215.283232] lkdtm: Negative detected: saturated # [ 215.085508] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_NEGATIVE # [ 215.091325] lkdtm: attempting bad refcount_sub_and_test() below zero # [ 215.098482] ------------[ cut here ]------------ # [ 215.102876] WARNING: CPU: 1 PID: 3611 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 215.112692] refcount_t: underflow; use-after-free. # [ 215.117744] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 215.154167] CPU: 1 UID: 0 PID: 3611 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 215.163680] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 215.168931] Hardware name: STM32 (Device Tree Support) # [ 215.174381] Call trace: # [ 215.174397] unwind_backtrace from show_stack+0x18/0x1c # [ 215.182711] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 215.187989] dump_stack_lvl from __warn+0x84/0x134 # [ 215.193072] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 215.198453] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 215.206244] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE+0x40/0x84 # [ 215.215733] lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 215.223421] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 215.229200] direct_entry from full_proxy_write+0x5c/0x8c # [ 215.234875] full_proxy_write from vfs_write+0xbc/0x3cc # [ 215.240350] vfs_write from ksys_write+0x78/0xf8 # [ 215.245227] ksys_write from ret_fast_syscall+0x0/0x1c # [ 215.250699] Exception stack(0xf22b1fa8 to 0xf22b1ff0) # [ 215.255958] 1fa0: 0000001f 0000001f 00000001 b6dc8000 0000001f 00000001 # [ 215.264533] 1fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6dc8000 00020000 0045fe38 # [ 215.273003] 1fe0: 00000004 becf8788 b6e8e33b b6e07616 # [ 215.278385] ---[ end trace 0000000000000000 ]--- # [ 215.283232] lkdtm: Negative detected: saturated # REFCOUNT_SUB_AND_TEST_NEGATIVE: saw 'Negative detected: saturated': ok ok 57 selftests: lkdtm: REFCOUNT_SUB_AND_TEST_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_ZERO.sh <6>[ 216.672574] lkdtm: Performing direct entry REFCOUNT_INC_ZERO <6>[ 216.677289] lkdtm: attempting safe refcount_inc_not_zero() from zero <6>[ 216.684342] lkdtm: Good: zero detected <6>[ 216.688015] lkdtm: Correctly stayed at zero <6>[ 216.692350] lkdtm: attempting bad refcount_inc() from zero <4>[ 216.698098] ------------[ cut here ]------------ <4>[ 216.703044] WARNING: CPU: 1 PID: 3650 at lib/refcount.c:25 lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 <4>[ 216.711731] refcount_t: addition on 0; use-after-free. <4>[ 216.717181] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 216.753728] CPU: 1 UID: 0 PID: 3650 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 216.763134] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 216.768386] Hardware name: STM32 (Device Tree Support) <4>[ 216.773835] Call trace: <4>[ 216.773850] unwind_backtrace from show_stack+0x18/0x1c <4>[ 216.782161] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 216.787438] dump_stack_lvl from __warn+0x84/0x134 <4>[ 216.792527] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 216.798013] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 <4>[ 216.804711] lkdtm_REFCOUNT_INC_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 216.811306] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 216.816989] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 216.822666] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 216.828242] vfs_write from ksys_write+0x78/0xf8 <4>[ 216.833118] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 216.838491] Exception stack(0xf22e9fa8 to 0xf22e9ff0) <4>[ 216.843850] 9fa0: 00000012 00000012 00000001 b6e58000 00000012 00000001 <4>[ 216.852325] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e58000 00020000 0044fe38 <4>[ 216.860793] 9fe0: 00000004 beecf788 b6f1e33b b6e97616 <4>[ 216.866278] ---[ end trace 0000000000000000 ]--- <6>[ 216.871121] lkdtm: Zero detected: saturated # [ 216.672574] lkdtm: Performing direct entry REFCOUNT_INC_ZERO # [ 216.677289] lkdtm: attempting safe refcount_inc_not_zero() from zero # [ 216.684342] lkdtm: Good: zero detected # [ 216.688015] lkdtm: Correctly stayed at zero # [ 216.692350] lkdtm: attempting bad refcount_inc() from zero # [ 216.698098] ------------[ cut here ]------------ # [ 216.703044] WARNING: CPU: 1 PID: 3650 at lib/refcount.c:25 lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 # [ 216.711731] refcount_t: addition on 0; use-after-free. # [ 216.717181] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 216.753728] CPU: 1 UID: 0 PID: 3650 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 216.763134] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 216.768386] Hardware name: STM32 (Device Tree Support) # [ 216.773835] Call trace: # [ 216.773850] unwind_backtrace from show_stack+0x18/0x1c # [ 216.782161] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 216.787438] dump_stack_lvl from __warn+0x84/0x134 # [ 216.792527] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 216.798013] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 # [ 216.804711] lkdtm_REFCOUNT_INC_ZERO from lkdtm_do_action+0x24/0x4c # [ 216.811306] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 216.816989] direct_entry from full_proxy_write+0x5c/0x8c # [ 216.822666] full_proxy_write from vfs_write+0xbc/0x3cc # [ 216.828242] vfs_write from ksys_write+0x78/0xf8 # [ 216.833118] ksys_write from ret_fast_syscall+0x0/0x1c # [ 216.838491] Exception stack(0xf22e9fa8 to 0xf22e9ff0) # [ 216.843850] 9fa0: 00000012 00000012 00000001 b6e58000 00000012 00000001 # [ 216.852325] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e58000 00020000 0044fe38 # [ 216.860793] 9fe0: 00000004 beecf788 b6f1e33b b6e97616 # [ 216.866278] ---[ end trace 0000000000000000 ]--- # [ 216.871121] lkdtm: Zero detected: saturated # REFCOUNT_INC_ZERO: saw 'call trace:': ok ok 58 selftests: lkdtm: REFCOUNT_INC_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_ZERO.sh <6>[ 218.262408] lkdtm: Performing direct entry REFCOUNT_ADD_ZERO <6>[ 218.267594] lkdtm: attempting safe refcount_add_not_zero() from zero <6>[ 218.273914] lkdtm: Good: zero detected <6>[ 218.278181] lkdtm: Correctly stayed at zero <6>[ 218.282434] lkdtm: attempting bad refcount_add() from zero <4>[ 218.288002] ------------[ cut here ]------------ <4>[ 218.292830] WARNING: CPU: 1 PID: 3689 at lib/refcount.c:25 lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 <4>[ 218.301650] refcount_t: addition on 0; use-after-free. <4>[ 218.307041] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 218.343472] CPU: 1 UID: 0 PID: 3689 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 218.352978] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 218.358230] Hardware name: STM32 (Device Tree Support) <4>[ 218.363680] Call trace: <4>[ 218.363695] unwind_backtrace from show_stack+0x18/0x1c <4>[ 218.372008] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 218.377287] dump_stack_lvl from __warn+0x84/0x134 <4>[ 218.382370] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 218.387752] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 <4>[ 218.394546] lkdtm_REFCOUNT_ADD_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 218.401039] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 218.406820] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 218.412496] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 218.418072] vfs_write from ksys_write+0x78/0xf8 <4>[ 218.422949] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 218.428321] Exception stack(0xf2311fa8 to 0xf2311ff0) <4>[ 218.433680] 1fa0: 00000012 00000012 00000001 b6e08000 00000012 00000001 <4>[ 218.442155] 1fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e08000 00020000 0049fe38 <4>[ 218.450623] 1fe0: 00000004 beeba788 b6ece33b b6e47616 <4>[ 218.456119] ---[ end trace 0000000000000000 ]--- <6>[ 218.460972] lkdtm: Zero detected: saturated # [ 218.262408] lkdtm: Performing direct entry REFCOUNT_ADD_ZERO # [ 218.267594] lkdtm: attempting safe refcount_add_not_zero() from zero # [ 218.273914] lkdtm: Good: zero detected # [ 218.278181] lkdtm: Correctly stayed at zero # [ 218.282434] lkdtm: attempting bad refcount_add() from zero # [ 218.288002] ------------[ cut here ]------------ # [ 218.292830] WARNING: CPU: 1 PID: 3689 at lib/refcount.c:25 lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 # [ 218.301650] refcount_t: addition on 0; use-after-free. # [ 218.307041] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 218.343472] CPU: 1 UID: 0 PID: 3689 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 218.352978] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 218.358230] Hardware name: STM32 (Device Tree Support) # [ 218.363680] Call trace: # [ 218.363695] unwind_backtrace from show_stack+0x18/0x1c # [ 218.372008] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 218.377287] dump_stack_lvl from __warn+0x84/0x134 # [ 218.382370] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 218.387752] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 # [ 218.394546] lkdtm_REFCOUNT_ADD_ZERO from lkdtm_do_action+0x24/0x4c # [ 218.401039] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 218.406820] direct_entry from full_proxy_write+0x5c/0x8c # [ 218.412496] full_proxy_write from vfs_write+0xbc/0x3cc # [ 218.418072] vfs_write from ksys_write+0x78/0xf8 # [ 218.422949] ksys_write from ret_fast_syscall+0x0/0x1c # [ 218.428321] Exception stack(0xf2311fa8 to 0xf2311ff0) # [ 218.433680] 1fa0: 00000012 00000012 00000001 b6e08000 00000012 00000001 # [ 218.442155] 1fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e08000 00020000 0049fe38 # [ 218.450623] 1fe0: 00000004 beeba788 b6ece33b b6e47616 # [ 218.456119] ---[ end trace 0000000000000000 ]--- # [ 218.460972] lkdtm: Zero detected: saturated # REFCOUNT_ADD_ZERO: saw 'call trace:': ok ok 59 selftests: lkdtm: REFCOUNT_ADD_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_SATURATED.sh <6>[ 219.947262] lkdtm: Performing direct entry REFCOUNT_INC_SATURATED <6>[ 219.952383] lkdtm: attempting bad refcount_inc() from saturated <4>[ 219.958524] ------------[ cut here ]------------ <4>[ 219.963973] WARNING: CPU: 0 PID: 3733 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c <4>[ 219.972725] refcount_t: saturated; leaking memory. <4>[ 219.977776] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 220.014410] CPU: 0 UID: 0 PID: 3733 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 220.023721] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 220.028974] Hardware name: STM32 (Device Tree Support) <4>[ 220.034324] Call trace: <4>[ 220.034337] unwind_backtrace from show_stack+0x18/0x1c <4>[ 220.042649] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 220.048029] dump_stack_lvl from __warn+0x84/0x134 <4>[ 220.053111] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 220.058492] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c <4>[ 220.065690] lkdtm_REFCOUNT_INC_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 220.072686] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 220.078467] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 220.084143] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 220.089619] vfs_write from ksys_write+0x78/0xf8 <4>[ 220.094495] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 220.099967] Exception stack(0xf2365fa8 to 0xf2365ff0) <4>[ 220.105225] 5fa0: 00000017 00000017 00000001 b6e04000 00000017 00000001 <4>[ 220.113700] 5fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e04000 00020000 004ffe38 <4>[ 220.122269] 5fe0: 00000004 be9df788 b6eca33b b6e43616 <4>[ 220.127872] ---[ end trace 0000000000000000 ]--- <6>[ 220.132543] lkdtm: Saturation detected: still saturated # [ 219.947262] lkdtm: Performing direct entry REFCOUNT_INC_SATURATED # [ 219.952383] lkdtm: attempting bad refcount_inc() from saturated # [ 219.958524] ------------[ cut here ]------------ # [ 219.963973] WARNING: CPU: 0 PID: 3733 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c # [ 219.972725] refcount_t: saturated; leaking memory. # [ 219.977776] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 220.014410] CPU: 0 UID: 0 PID: 3733 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 220.023721] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 220.028974] Hardware name: STM32 (Device Tree Support) # [ 220.034324] Call trace: # [ 220.034337] unwind_backtrace from show_stack+0x18/0x1c # [ 220.042649] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 220.048029] dump_stack_lvl from __warn+0x84/0x134 # [ 220.053111] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 220.058492] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c # [ 220.065690] lkdtm_REFCOUNT_INC_SATURATED from lkdtm_do_action+0x24/0x4c # [ 220.072686] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 220.078467] direct_entry from full_proxy_write+0x5c/0x8c # [ 220.084143] full_proxy_write from vfs_write+0xbc/0x3cc # [ 220.089619] vfs_write from ksys_write+0x78/0xf8 # [ 220.094495] ksys_write from ret_fast_syscall+0x0/0x1c # [ 220.099967] Exception stack(0xf2365fa8 to 0xf2365ff0) # [ 220.105225] 5fa0: 00000017 00000017 00000001 b6e04000 00000017 00000001 # [ 220.113700] 5fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e04000 00020000 004ffe38 # [ 220.122269] 5fe0: 00000004 be9df788 b6eca33b b6e43616 # [ 220.127872] ---[ end trace 0000000000000000 ]--- # [ 220.132543] lkdtm: Saturation detected: still saturated # REFCOUNT_INC_SATURATED: saw 'Saturation detected: still saturated': ok ok 60 selftests: lkdtm: REFCOUNT_INC_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_SATURATED.sh <6>[ 221.611194] lkdtm: Performing direct entry REFCOUNT_DEC_SATURATED <6>[ 221.616280] lkdtm: attempting bad refcount_dec() from saturated <4>[ 221.623059] ------------[ cut here ]------------ <4>[ 221.627580] WARNING: CPU: 1 PID: 3777 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 <4>[ 221.636558] refcount_t: decrement hit 0; leaking memory. <4>[ 221.642190] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 221.678743] CPU: 1 UID: 0 PID: 3777 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 221.688157] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 221.693409] Hardware name: STM32 (Device Tree Support) <4>[ 221.698858] Call trace: <4>[ 221.698873] unwind_backtrace from show_stack+0x18/0x1c <4>[ 221.707182] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 221.712457] dump_stack_lvl from __warn+0x84/0x134 <4>[ 221.717539] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 221.723021] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 <4>[ 221.730216] lkdtm_REFCOUNT_DEC_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 221.737211] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 221.742892] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 221.748667] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 221.754143] vfs_write from ksys_write+0x78/0xf8 <4>[ 221.759019] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 221.764492] Exception stack(0xf23a5fa8 to 0xf23a5ff0) <4>[ 221.769751] 5fa0: 00000017 00000017 00000001 b6e18000 00000017 00000001 <4>[ 221.778325] 5fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e18000 00020000 0050fe38 <4>[ 221.786794] 5fe0: 00000004 be9a1788 b6ede33b b6e57616 <4>[ 221.792153] ---[ end trace 0000000000000000 ]--- <6>[ 221.797081] lkdtm: Saturation detected: still saturated # [ 221.611194] lkdtm: Performing direct entry REFCOUNT_DEC_SATURATED # [ 221.616280] lkdtm: attempting bad refcount_dec() from saturated # [ 221.623059] ------------[ cut here ]------------ # [ 221.627580] WARNING: CPU: 1 PID: 3777 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 # [ 221.636558] refcount_t: decrement hit 0; leaking memory. # [ 221.642190] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 221.678743] CPU: 1 UID: 0 PID: 3777 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 221.688157] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 221.693409] Hardware name: STM32 (Device Tree Support) # [ 221.698858] Call trace: # [ 221.698873] unwind_backtrace from show_stack+0x18/0x1c # [ 221.707182] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 221.712457] dump_stack_lvl from __warn+0x84/0x134 # [ 221.717539] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 221.723021] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 # [ 221.730216] lkdtm_REFCOUNT_DEC_SATURATED from lkdtm_do_action+0x24/0x4c # [ 221.737211] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 221.742892] direct_entry from full_proxy_write+0x5c/0x8c # [ 221.748667] full_proxy_write from vfs_write+0xbc/0x3cc # [ 221.754143] vfs_write from ksys_write+0x78/0xf8 # [ 221.759019] ksys_write from ret_fast_syscall+0x0/0x1c # [ 221.764492] Exception stack(0xf23a5fa8 to 0xf23a5ff0) # [ 221.769751] 5fa0: 00000017 00000017 00000001 b6e18000 00000017 00000001 # [ 221.778325] 5fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e18000 00020000 0050fe38 # [ 221.786794] 5fe0: 00000004 be9a1788 b6ede33b b6e57616 # [ 221.792153] ---[ end trace 0000000000000000 ]--- # [ 221.797081] lkdtm: Saturation detected: still saturated # REFCOUNT_DEC_SATURATED: saw 'Saturation detected: still saturated': ok ok 61 selftests: lkdtm: REFCOUNT_DEC_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_SATURATED.sh <6>[ 223.276163] lkdtm: Performing direct entry REFCOUNT_ADD_SATURATED <6>[ 223.281273] lkdtm: attempting bad refcount_dec() from saturated <4>[ 223.288085] ------------[ cut here ]------------ <4>[ 223.292382] WARNING: CPU: 0 PID: 3822 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c <4>[ 223.301487] refcount_t: saturated; leaking memory. <4>[ 223.306633] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 223.343558] CPU: 0 UID: 0 PID: 3822 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 223.352573] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 223.357825] Hardware name: STM32 (Device Tree Support) <4>[ 223.363275] Call trace: <4>[ 223.363291] unwind_backtrace from show_stack+0x18/0x1c <4>[ 223.371604] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 223.376882] dump_stack_lvl from __warn+0x84/0x134 <4>[ 223.381964] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 223.387446] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c <4>[ 223.394542] lkdtm_REFCOUNT_ADD_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 223.401539] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 223.407319] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 223.412995] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 223.418572] vfs_write from ksys_write+0x78/0xf8 <4>[ 223.423449] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 223.428821] Exception stack(0xf23edfa8 to 0xf23edff0) <4>[ 223.434180] dfa0: 00000017 00000017 00000001 b6e78000 00000017 00000001 <4>[ 223.442655] dfc0: 00000017 00000017 7ff00000 00000004 00000001 b6e78000 00020000 0046fe38 <4>[ 223.451124] dfe0: 00000004 bea23788 b6f3e33b b6eb7616 <4>[ 223.456687] ---[ end trace 0000000000000000 ]--- <6>[ 223.461451] lkdtm: Saturation detected: still saturated # [ 223.276163] lkdtm: Performing direct entry REFCOUNT_ADD_SATURATED # [ 223.281273] lkdtm: attempting bad refcount_dec() from saturated # [ 223.288085] ------------[ cut here ]------------ # [ 223.292382] WARNING: CPU: 0 PID: 3822 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c # [ 223.301487] refcount_t: saturated; leaking memory. # [ 223.306633] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 223.343558] CPU: 0 UID: 0 PID: 3822 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 223.352573] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 223.357825] Hardware name: STM32 (Device Tree Support) # [ 223.363275] Call trace: # [ 223.363291] unwind_backtrace from show_stack+0x18/0x1c # [ 223.371604] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 223.376882] dump_stack_lvl from __warn+0x84/0x134 # [ 223.381964] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 223.387446] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c # [ 223.394542] lkdtm_REFCOUNT_ADD_SATURATED from lkdtm_do_action+0x24/0x4c # [ 223.401539] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 223.407319] direct_entry from full_proxy_write+0x5c/0x8c # [ 223.412995] full_proxy_write from vfs_write+0xbc/0x3cc # [ 223.418572] vfs_write from ksys_write+0x78/0xf8 # [ 223.423449] ksys_write from ret_fast_syscall+0x0/0x1c # [ 223.428821] Exception stack(0xf23edfa8 to 0xf23edff0) # [ 223.434180] dfa0: 00000017 00000017 00000001 b6e78000 00000017 00000001 # [ 223.442655] dfc0: 00000017 00000017 7ff00000 00000004 00000001 b6e78000 00020000 0046fe38 # [ 223.451124] dfe0: 00000004 bea23788 b6f3e33b b6eb7616 # [ 223.456687] ---[ end trace 0000000000000000 ]--- # [ 223.461451] lkdtm: Saturation detected: still saturated # REFCOUNT_ADD_SATURATED: saw 'Saturation detected: still saturated': ok ok 62 selftests: lkdtm: REFCOUNT_ADD_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_SATURATED.sh <6>[ 224.884614] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_SATURATED <6>[ 224.890577] lkdtm: attempting bad refcount_inc_not_zero() from saturated <4>[ 224.897718] ------------[ cut here ]------------ <4>[ 224.902461] WARNING: CPU: 1 PID: 3861 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 224.912243] refcount_t: saturated; leaking memory. <4>[ 224.917355] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 224.953921] CPU: 1 UID: 0 PID: 3861 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 224.963331] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 224.968577] Hardware name: STM32 (Device Tree Support) <4>[ 224.974027] Call trace: <4>[ 224.974042] unwind_backtrace from show_stack+0x18/0x1c <4>[ 224.982251] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 224.987627] dump_stack_lvl from __warn+0x84/0x134 <4>[ 224.992709] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 224.998091] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 225.005889] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED+0x40/0x80 <4>[ 225.015398] lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 225.023199] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 225.028980] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 225.034657] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 225.040135] vfs_write from ksys_write+0x78/0xf8 <4>[ 225.045012] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 225.050485] Exception stack(0xf2439fa8 to 0xf2439ff0) <4>[ 225.055844] 9fa0: 00000020 00000020 00000001 b6dd4000 00000020 00000001 <4>[ 225.064320] 9fc0: 00000020 00000020 7ff00000 00000004 00000001 b6dd4000 00020000 0048fe38 <4>[ 225.072789] 9fe0: 00000004 be855788 b6e9a33b b6e13616 <4>[ 225.078260] ---[ end trace 0000000000000000 ]--- <6>[ 225.083101] lkdtm: Saturation detected: still saturated # [ 224.884614] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_SATURATED # [ 224.890577] lkdtm: attempting bad refcount_inc_not_zero() from saturated # [ 224.897718] ------------[ cut here ]------------ # [ 224.902461] WARNING: CPU: 1 PID: 3861 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 224.912243] refcount_t: saturated; leaking memory. # [ 224.917355] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 224.953921] CPU: 1 UID: 0 PID: 3861 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 224.963331] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 224.968577] Hardware name: STM32 (Device Tree Support) # [ 224.974027] Call trace: # [ 224.974042] unwind_backtrace from show_stack+0x18/0x1c # [ 224.982251] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 224.987627] dump_stack_lvl from __warn+0x84/0x134 # [ 224.992709] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 224.998091] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 225.005889] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED+0x40/0x80 # [ 225.015398] lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c # [ 225.023199] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 225.028980] direct_entry from full_proxy_write+0x5c/0x8c # [ 225.034657] full_proxy_write from vfs_write+0xbc/0x3cc # [ 225.040135] vfs_write from ksys_write+0x78/0xf8 # [ 225.045012] ksys_write from ret_fast_syscall+0x0/0x1c # [ 225.050485] Exception stack(0xf2439fa8 to 0xf2439ff0) # [ 225.055844] 9fa0: 00000020 00000020 00000001 b6dd4000 00000020 00000001 # [ 225.064320] 9fc0: 00000020 00000020 7ff00000 00000004 00000001 b6dd4000 00020000 0048fe38 # [ 225.072789] 9fe0: 00000004 be855788 b6e9a33b b6e13616 # [ 225.078260] ---[ end trace 0000000000000000 ]--- # [ 225.083101] lkdtm: Saturation detected: still saturated # REFCOUNT_INC_NOT_ZERO_SATURATED: saw 'call trace:': ok ok 63 selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_SATURATED.sh <6>[ 226.487612] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_SATURATED <6>[ 226.493577] lkdtm: attempting bad refcount_add_not_zero() from saturated <4>[ 226.500522] ------------[ cut here ]------------ <4>[ 226.506007] WARNING: CPU: 1 PID: 3900 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 226.515307] refcount_t: saturated; leaking memory. <4>[ 226.520361] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 226.556869] CPU: 1 UID: 0 PID: 3900 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 226.566282] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 226.571535] Hardware name: STM32 (Device Tree Support) <4>[ 226.576984] Call trace: <4>[ 226.576999] unwind_backtrace from show_stack+0x18/0x1c <4>[ 226.585310] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 226.590585] dump_stack_lvl from __warn+0x84/0x134 <4>[ 226.595668] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 226.601148] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 226.608848] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED+0x40/0x80 <4>[ 226.618457] lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 226.626157] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 226.631938] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 226.637616] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 226.643193] vfs_write from ksys_write+0x78/0xf8 <4>[ 226.648075] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 226.653451] Exception stack(0xf2471fa8 to 0xf2471ff0) <4>[ 226.658811] 1fa0: 00000020 00000020 00000001 b6de8000 00000020 00000001 <4>[ 226.667287] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6de8000 00020000 0050fe38 <4>[ 226.675757] 1fe0: 00000004 beeab788 b6eae33b b6e27616 <4>[ 226.681201] ---[ end trace 0000000000000000 ]--- <6>[ 226.686053] lkdtm: Saturation detected: still saturated # [ 226.487612] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_SATURATED # [ 226.493577] lkdtm: attempting bad refcount_add_not_zero() from saturated # [ 226.500522] ------------[ cut here ]------------ # [ 226.506007] WARNING: CPU: 1 PID: 3900 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 226.515307] refcount_t: saturated; leaking memory. # [ 226.520361] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 226.556869] CPU: 1 UID: 0 PID: 3900 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 226.566282] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 226.571535] Hardware name: STM32 (Device Tree Support) # [ 226.576984] Call trace: # [ 226.576999] unwind_backtrace from show_stack+0x18/0x1c # [ 226.585310] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 226.590585] dump_stack_lvl from __warn+0x84/0x134 # [ 226.595668] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 226.601148] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 226.608848] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED+0x40/0x80 # [ 226.618457] lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c # [ 226.626157] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 226.631938] direct_entry from full_proxy_write+0x5c/0x8c # [ 226.637616] full_proxy_write from vfs_write+0xbc/0x3cc # [ 226.643193] vfs_write from ksys_write+0x78/0xf8 # [ 226.648075] ksys_write from ret_fast_syscall+0x0/0x1c # [ 226.653451] Exception stack(0xf2471fa8 to 0xf2471ff0) # [ 226.658811] 1fa0: 00000020 00000020 00000001 b6de8000 00000020 00000001 # [ 226.667287] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6de8000 00020000 0050fe38 # [ 226.675757] 1fe0: 00000004 beeab788 b6eae33b b6e27616 # [ 226.681201] ---[ end trace 0000000000000000 ]--- # [ 226.686053] lkdtm: Saturation detected: still saturated # REFCOUNT_ADD_NOT_ZERO_SATURATED: saw 'call trace:': ok ok 64 selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_AND_TEST_SATURATED.sh <6>[ 228.213582] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_SATURATED <6>[ 228.219512] lkdtm: attempting bad refcount_dec_and_test() from saturated <4>[ 228.226927] ------------[ cut here ]------------ <4>[ 228.231406] WARNING: CPU: 1 PID: 3944 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 228.241100] refcount_t: underflow; use-after-free. <4>[ 228.246255] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 228.282693] CPU: 1 UID: 0 PID: 3944 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 228.292198] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 228.297451] Hardware name: STM32 (Device Tree Support) <4>[ 228.302901] Call trace: <4>[ 228.302916] unwind_backtrace from show_stack+0x18/0x1c <4>[ 228.311227] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 228.316503] dump_stack_lvl from __warn+0x84/0x134 <4>[ 228.321585] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 228.326967] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 228.334757] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED+0x40/0x80 <4>[ 228.344347] lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 228.352136] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 228.357817] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 228.363592] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 228.369067] vfs_write from ksys_write+0x78/0xf8 <4>[ 228.373944] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 228.379416] Exception stack(0xf24b9fa8 to 0xf24b9ff0) <4>[ 228.384675] 9fa0: 00000020 00000020 00000001 b6e48000 00000020 00000001 <4>[ 228.393152] 9fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e48000 00020000 0050fe38 <4>[ 228.401624] 9fe0: 00000004 bec53788 b6f0e33b b6e87616 <4>[ 228.407099] ---[ end trace 0000000000000000 ]--- <6>[ 228.411962] lkdtm: Saturation detected: still saturated # [ 228.213582] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_SATURATED # [ 228.219512] lkdtm: attempting bad refcount_dec_and_test() from saturated # [ 228.226927] ------------[ cut here ]------------ # [ 228.231406] WARNING: CPU: 1 PID: 3944 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 228.241100] refcount_t: underflow; use-after-free. # [ 228.246255] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 228.282693] CPU: 1 UID: 0 PID: 3944 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 228.292198] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 228.297451] Hardware name: STM32 (Device Tree Support) # [ 228.302901] Call trace: # [ 228.302916] unwind_backtrace from show_stack+0x18/0x1c # [ 228.311227] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 228.316503] dump_stack_lvl from __warn+0x84/0x134 # [ 228.321585] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 228.326967] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 228.334757] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED+0x40/0x80 # [ 228.344347] lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c # [ 228.352136] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 228.357817] direct_entry from full_proxy_write+0x5c/0x8c # [ 228.363592] full_proxy_write from vfs_write+0xbc/0x3cc # [ 228.369067] vfs_write from ksys_write+0x78/0xf8 # [ 228.373944] ksys_write from ret_fast_syscall+0x0/0x1c # [ 228.379416] Exception stack(0xf24b9fa8 to 0xf24b9ff0) # [ 228.384675] 9fa0: 00000020 00000020 00000001 b6e48000 00000020 00000001 # [ 228.393152] 9fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e48000 00020000 0050fe38 # [ 228.401624] 9fe0: 00000004 bec53788 b6f0e33b b6e87616 # [ 228.407099] ---[ end trace 0000000000000000 ]--- # [ 228.411962] lkdtm: Saturation detected: still saturated # REFCOUNT_DEC_AND_TEST_SATURATED: saw 'Saturation detected: still saturated': ok ok 65 selftests: lkdtm: REFCOUNT_DEC_AND_TEST_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_SUB_AND_TEST_SATURATED.sh <6>[ 229.913984] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_SATURATED <6>[ 229.919892] lkdtm: attempting bad refcount_sub_and_test() from saturated <4>[ 229.927378] ------------[ cut here ]------------ <4>[ 229.931787] WARNING: CPU: 1 PID: 3988 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 229.941528] refcount_t: underflow; use-after-free. <4>[ 229.946596] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 229.983040] CPU: 1 UID: 0 PID: 3988 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 229.992643] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 229.997894] Hardware name: STM32 (Device Tree Support) <4>[ 230.003244] Call trace: <4>[ 230.003260] unwind_backtrace from show_stack+0x18/0x1c <4>[ 230.011572] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 230.016949] dump_stack_lvl from __warn+0x84/0x134 <4>[ 230.022032] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 230.027413] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 230.035202] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED+0x40/0x80 <4>[ 230.044692] lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 230.052480] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 230.058261] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 230.063937] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 230.069414] vfs_write from ksys_write+0x78/0xf8 <4>[ 230.074391] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 230.079763] Exception stack(0xf2501fa8 to 0xf2501ff0) <4>[ 230.085122] 1fa0: 00000020 00000020 00000001 b6e08000 00000020 00000001 <4>[ 230.093597] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e08000 00020000 004bfe38 <4>[ 230.102068] 1fe0: 00000004 befc4788 b6ece33b b6e47616 <4>[ 230.107540] ---[ end trace 0000000000000000 ]--- <6>[ 230.112383] lkdtm: Saturation detected: still saturated # [ 229.913984] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_SATURATED # [ 229.919892] lkdtm: attempting bad refcount_sub_and_test() from saturated # [ 229.927378] ------------[ cut here ]------------ # [ 229.931787] WARNING: CPU: 1 PID: 3988 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 229.941528] refcount_t: underflow; use-after-free. # [ 229.946596] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 229.983040] CPU: 1 UID: 0 PID: 3988 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 229.992643] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 229.997894] Hardware name: STM32 (Device Tree Support) # [ 230.003244] Call trace: # [ 230.003260] unwind_backtrace from show_stack+0x18/0x1c # [ 230.011572] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 230.016949] dump_stack_lvl from __warn+0x84/0x134 # [ 230.022032] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 230.027413] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 230.035202] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED+0x40/0x80 # [ 230.044692] lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c # [ 230.052480] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 230.058261] direct_entry from full_proxy_write+0x5c/0x8c # [ 230.063937] full_proxy_write from vfs_write+0xbc/0x3cc # [ 230.069414] vfs_write from ksys_write+0x78/0xf8 # [ 230.074391] ksys_write from ret_fast_syscall+0x0/0x1c # [ 230.079763] Exception stack(0xf2501fa8 to 0xf2501ff0) # [ 230.085122] 1fa0: 00000020 00000020 00000001 b6e08000 00000020 00000001 # [ 230.093597] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e08000 00020000 004bfe38 # [ 230.102068] 1fe0: 00000004 befc4788 b6ece33b b6e47616 # [ 230.107540] ---[ end trace 0000000000000000 ]--- # [ 230.112383] lkdtm: Saturation detected: still saturated # REFCOUNT_SUB_AND_TEST_SATURATED: saw 'Saturation detected: still saturated': ok ok 66 selftests: lkdtm: REFCOUNT_SUB_AND_TEST_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_TIMING.sh # Skipping REFCOUNT_TIMING: timing only ok 67 selftests: lkdtm: REFCOUNT_TIMING.sh # SKIP # timeout set to 45 # selftests: lkdtm: ATOMIC_TIMING.sh # Skipping ATOMIC_TIMING: timing only ok 68 selftests: lkdtm: ATOMIC_TIMING.sh # SKIP # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_SIZE_TO.sh <6>[ 232.867036] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_TO <6>[ 232.872281] lkdtm: attempting good copy_to_user of correct size <6>[ 232.878394] lkdtm: attempting bad copy_to_user of too large size <0>[ 232.884606] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-1k' (offset 16, size 1024)! <4>[ 232.895300] ------------[ cut here ]------------ <2>[ 232.900156] kernel BUG at mm/usercopy.c:102! <0>[ 232.904710] Internal error: Oops - BUG: 0 [#18] SMP ARM <4>[ 232.910170] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 232.946646] CPU: 1 UID: 0 PID: 4097 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 232.956236] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 232.961482] Hardware name: STM32 (Device Tree Support) <4>[ 232.966929] PC is at usercopy_abort+0x98/0x9c <4>[ 232.971604] LR is at usercopy_abort+0x98/0x9c <4>[ 232.976163] pc : [] lr : [] psr: 60080013 <4>[ 232.982719] sp : f25ade28 ip : 00000000 fp : 00000200 <4>[ 232.988268] r10: b6f52010 r9 : c8c01010 r8 : c8c01010 <4>[ 232.993718] r7 : 00000001 r6 : 00000400 r5 : 00000400 r4 : 00000010 <4>[ 233.000575] r3 : c8c62840 r2 : 00000000 r1 : 00000000 r0 : 00000067 <4>[ 233.007434] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 233.014799] Control: 10c5387d Table: c589406a DAC: 00000051 <1>[ 233.020849] Register r0 information: non-paged memory <1>[ 233.026209] Register r1 information: NULL pointer <1>[ 233.031159] Register r2 information: NULL pointer <1>[ 233.036210] Register r3 information: slab task_struct start c8c62800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 233.049883] copy_process+0x1f4/0x1f64 <6>[ 233.054140] kernel_clone+0xac/0x388 <6>[ 233.058295] sys_clone+0x78/0x9c <6>[ 233.062048] ret_fast_syscall+0x0/0x1c <4>[ 233.066300] Free path: <6>[ 233.069030] rcu_core+0x2dc/0xb14 <6>[ 233.072883] handle_softirqs+0x15c/0x430 <6>[ 233.077341] irq_exit+0xac/0xd4 <6>[ 233.080992] __irq_svc+0x8c/0xb8 <6>[ 233.084739] default_idle_call+0x20/0xc0 <6>[ 233.089199] do_idle+0x25c/0x2f4 <6>[ 233.092950] cpu_startup_entry+0x30/0x34 <6>[ 233.097503] rest_init+0xd4/0xd8 <6>[ 233.101258] start_kernel+0x744/0x764 <1>[ 233.105419] Register r4 information: zero-size pointer <1>[ 233.110873] Register r5 information: non-paged memory <1>[ 233.116127] Register r6 information: non-paged memory <1>[ 233.121480] Register r7 information: non-paged memory <1>[ 233.126832] Register r8 information: slab kmalloc-1k start c8c00c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 233.141395] do_usercopy_slab_size+0x30/0x330 <6>[ 233.146247] lkdtm_do_action+0x24/0x4c <6>[ 233.150506] direct_entry+0x11c/0x140 <6>[ 233.154762] full_proxy_write+0x5c/0x8c <6>[ 233.159114] vfs_write+0xbc/0x3cc <6>[ 233.162973] ksys_write+0x78/0xf8 <6>[ 233.166828] ret_fast_syscall+0x0/0x1c <4>[ 233.171083] Free path: <6>[ 233.173814] nfs3_proc_create+0x1b4/0x2c4 <6>[ 233.178376] nfs_do_create+0xa8/0x178 <6>[ 233.182536] nfs_atomic_open_v23+0x84/0xd4 <6>[ 233.187199] path_openat+0xb18/0x1198 <6>[ 233.191351] do_filp_open+0x98/0x134 <6>[ 233.195501] do_sys_openat2+0xbc/0xe4 <6>[ 233.199656] sys_openat+0x98/0xd4 <6>[ 233.203509] ret_fast_syscall+0x0/0x1c <1>[ 233.207758] Register r9 information: slab kmalloc-1k start c8c00c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 233.222319] do_usercopy_slab_size+0x30/0x330 <6>[ 233.227173] lkdtm_do_action+0x24/0x4c <6>[ 233.231430] direct_entry+0x11c/0x140 <6>[ 233.235686] full_proxy_write+0x5c/0x8c <6>[ 233.240035] vfs_write+0xbc/0x3cc <6>[ 233.243891] ksys_write+0x78/0xf8 <6>[ 233.247746] ret_fast_syscall+0x0/0x1c <4>[ 233.251996] Free path: <6>[ 233.254726] nfs3_proc_create+0x1b4/0x2c4 <6>[ 233.259286] nfs_do_create+0xa8/0x178 <6>[ 233.263443] nfs_atomic_open_v23+0x84/0xd4 <6>[ 233.268103] path_openat+0xb18/0x1198 <6>[ 233.272354] do_filp_open+0x98/0x134 <6>[ 233.276403] do_sys_openat2+0xbc/0xe4 <6>[ 233.280658] sys_openat+0x98/0xd4 <6>[ 233.284510] ret_fast_syscall+0x0/0x1c <1>[ 233.288758] Register r10 information: non-paged memory <1>[ 233.294215] Register r11 information: non-paged memory <1>[ 233.299568] Register r12 information: NULL pointer <0>[ 233.304720] Process cat (pid: 4097, stack limit = 0xf25ac000) <0>[ 233.310675] Stack: (0xf25ade28 to 0xf25ae000) <0>[ 233.315329] de20: c1fb4a98 c1faf974 c1f9ec90 00000010 00000400 00000c00 <0>[ 233.323804] de40: ffffffff c05f57b0 00000400 c0317008 c8c01010 ef834000 00000400 00000001 <0>[ 233.332277] de60: c8c01410 c06214ac 00000400 c17275ec f25ade84 00000400 c8c01000 c8c06400 <0>[ 233.340751] de80: b6f52000 00000001 c8c01010 c0e02fdc 00000022 00000000 f25adebc 00000016 <0>[ 233.349224] dea0: c5a6d000 00000000 f25adf80 c278c178 f25adf80 c8e7ecc0 004dfe38 c0e007ac <0>[ 233.357798] dec0: 00000016 c0e00b90 c0e00a74 c5877c40 b6df4000 00000016 c3a4f4b8 c0890ff0 <0>[ 233.366272] dee0: c5877c40 c0890f94 f25adf80 b6df4000 c8c62840 00000016 c8e7ecc0 c0628618 <0>[ 233.374750] df00: c5896db0 00000000 00000000 00000000 00000000 00000016 b6df4000 0001ffea <0>[ 233.383228] df20: 00000001 00000000 c5877140 00000000 00000000 00000000 00000000 00000000 <0>[ 233.391709] df40: 00000000 00000000 00000000 00000000 00000022 c0e5998d 00000000 c5877c40 <0>[ 233.400191] df60: c5877c40 00000000 00000000 c03002f0 c8c62840 00000004 004dfe38 c0628b74 <0>[ 233.408671] df80: 00000000 00000000 00000000 c0e5998d 000000c0 00000016 00000016 7ff00000 <0>[ 233.417151] dfa0: 00000004 c03000c0 00000016 00000016 00000001 b6df4000 00000016 00000001 <0>[ 233.425629] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6df4000 00020000 004dfe38 <0>[ 233.434104] dfe0: 00000004 bed68788 b6eba33b b6e33616 60080030 00000001 00000000 00000000 <0>[ 233.442569] Call trace: <0>[ 233.442585] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 233.451517] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 233.458313] __check_object_size from do_usercopy_slab_size+0x1f4/0x330 <0>[ 233.465196] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c <0>[ 233.471577] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 233.477360] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 233.483035] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 233.488513] vfs_write from ksys_write+0x78/0xf8 <0>[ 233.493490] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 233.498862] Exception stack(0xf25adfa8 to 0xf25adff0) <0>[ 233.504220] dfa0: 00000016 00000016 00000001 b6df4000 00000016 00000001 <0>[ 233.512694] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6df4000 00020000 004dfe38 <0>[ 233.521164] dfe0: 00000004 bed68788 b6eba33b b6e33616 <0>[ 233.526521] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) <4>[ 233.532878] ---[ end trace 0000000000000000 ]--- <6>[ 233.537724] note: cat[4097] exited with irqs disabled # Segmentation fault # [ 232.867036] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_TO # [ 232.872281] lkdtm: attempting good copy_to_user of correct size # [ 232.878394] lkdtm: attempting bad copy_to_user of too large size # [ 232.884606] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-1k' (offset 16, size 1024)! # [ 232.895300] ------------[ cut here ]------------ # [ 232.900156] kernel BUG at mm/usercopy.c:102! # [ 232.904710] Internal error: Oops - BUG: 0 [#18] SMP ARM # [ 232.910170] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 232.946646] CPU: 1 UID: 0 PID: 4097 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 232.956236] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 232.961482] Hardware name: STM32 (Device Tree Support) # [ 232.966929] PC is at usercopy_abort+0x98/0x9c # [ 232.971604] LR is at usercopy_abort+0x98/0x9c # [ 232.976163] pc : [] lr : [] psr: 60080013 # [ 232.982719] sp : f25ade28 ip : 00000000 fp : 00000200 # [ 232.988268] r10: b6f52010 r9 : c8c01010 r8 : c8c01010 # [ 232.993718] r7 : 00000001 r6 : 00000400 r5 : 00000400 r4 : 00000010 # [ 233.000575] r3 : c8c62840 r2 : 00000000 r1 : 00000000 r0 : 00000067 # [ 233.007434] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 233.014799] Control: 10c5387d Table: c589406a DAC: 00000051 # [ 233.020849] Register r0 information: non-paged memory # [ 233.026209] Register r1 information: NULL pointer # [ 233.031159] Register r2 information: NULL pointer # [ 233.036210] Register r3 information: slab task_struct start c8c62800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 233.049883] copy_process+0x1f4/0x1f64 # [ 233.054140] kernel_clone+0xac/0x388 # [ 233.058295] sys_clone+0x78/0x9c # [ 233.062048] ret_fast_syscall+0x0/0x1c # [ 233.066300] Free path: # [ 233.069030] rcu_core+0x2dc/0xb14 # [ 233.072883] handle_softirqs+0x15c/0x430 # [ 233.077341] irq_exit+0xac/0xd4 # [ 233.080992] __irq_svc+0x8c/0xb8 # [ 233.084739] default_idle_call+0x20/0xc0 # [ 233.089199] do_idle+0x25c/0x2f4 # [ 233.092950] cpu_startup_entry+0x30/0x34 # [ 233.097503] rest_init+0xd4/0xd8 # [ 233.101258] start_kernel+0x744/0x764 # [ 233.105419] Register r4 information: zero-size pointer # [ 233.110873] Register r5 information: non-paged memory # [ 233.116127] Register r6 information: non-paged memory # [ 233.121480] Register r7 information: non-paged memory # [ 233.126832] Register r8 information: slab kmalloc-1k start c8c00c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 233.141395] do_usercopy_slab_size+0x30/0x330 # [ 233.146247] lkdtm_do_action+0x24/0x4c # [ 233.150506] direct_entry+0x11c/0x140 # [ 233.154762] full_proxy_write+0x5c/0x8c # [ 233.159114] vfs_write+0xbc/0x3cc # [ 233.162973] ksys_write+0x78/0xf8 # [ 233.166828] ret_fast_syscall+0x0/0x1c # [ 233.171083] Free path: # [ 233.173814] nfs3_proc_create+0x1b4/0x2c4 # [ 233.178376] nfs_do_create+0xa8/0x178 # [ 233.182536] nfs_atomic_open_v23+0x84/0xd4 # [ 233.187199] path_openat+0xb18/0x1198 # [ 233.191351] do_filp_open+0x98/0x134 # [ 233.195501] do_sys_openat2+0xbc/0xe4 # [ 233.199656] sys_openat+0x98/0xd4 # [ 233.203509] ret_fast_syscall+0x0/0x1c # [ 233.207758] Register r9 information: slab kmalloc-1k start c8c00c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 233.222319] do_usercopy_slab_size+0x30/0x330 # [ 233.227173] lkdtm_do_action+0x24/0x4c # [ 233.231430] direct_entry+0x11c/0x140 # [ 233.235686] full_proxy_write+0x5c/0x8c # [ 233.240035] vfs_write+0xbc/0x3cc # [ 233.243891] ksys_write+0x78/0xf8 # [ 233.247746] ret_fast_syscall+0x0/0x1c # [ 233.251996] Free path: # [ 233.254726] nfs3_proc_create+0x1b4/0x2c4 # [ 233.259286] nfs_do_create+0xa8/0x178 # [ 233.263443] nfs_atomic_open_v23+0x84/0xd4 # [ 233.268103] path_openat+0xb18/0x1198 # [ 233.272354] do_filp_open+0x98/0x134 # [ 233.276403] do_sys_openat2+0xbc/0xe4 # [ 233.280658] sys_openat+0x98/0xd4 # [ 233.284510] ret_fast_syscall+0x0/0x1c # [ 233.288758] Register r10 information: non-paged memory # [ 233.294215] Register r11 information: non-paged memory # [ 233.299568] Register r12 information: NULL pointer # [ 233.304720] Process cat (pid: 4097, stack limit = 0xf25ac000) # [ 233.310675] Stack: (0xf25ade28 to 0xf25ae000) # [ 233.315329] de20: c1fb4a98 c1faf974 c1f9ec90 00000010 00000400 00000c00 # [ 233.323804] de40: ffffffff c05f57b0 00000400 c0317008 c8c01010 ef834000 00000400 00000001 # [ 233.332277] de60: c8c01410 c06214ac 00000400 c17275ec f25ade84 00000400 c8c01000 c8c06400 # [ 233.340751] de80: b6f52000 00000001 c8c01010 c0e02fdc 00000022 00000000 f25adebc 00000016 # [ 233.349224] dea0: c5a6d000 00000000 f25adf80 c278c178 f25adf80 c8e7ecc0 004dfe38 c0e007ac # [ 233.357798] dec0: 00000016 c0e00b90 c0e00a74 c5877c40 b6df4000 00000016 c3a4f4b8 c0890ff0 # [ 233.366272] dee0: c5877c40 c0890f94 f25adf80 b6df4000 c8c62840 00000016 c8e7ecc0 c0628618 # [ 233.374750] df00: c5896db0 00000000 00000000 00000000 00000000 00000016 b6df4000 0001ffea # [ 233.383228] df20: 00000001 00000000 c5877140 00000000 00000000 00000000 00000000 00000000 # [ 233.391709] df40: 00000000 00000000 00000000 00000000 00000022 c0e5998d 00000000 c5877c40 # [ 233.400191] df60: c5877c40 00000000 00000000 c03002f0 c8c62840 00000004 004dfe38 c0628b74 # [ 233.408671] df80: 00000000 00000000 00000000 c0e5998d 000000c0 00000016 00000016 7ff00000 # [ 233.417151] dfa0: 00000004 c03000c0 00000016 00000016 00000001 b6df4000 00000016 00000001 # [ 233.425629] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6df4000 00020000 004dfe38 # [ 233.434104] dfe0: 00000004 bed68788 b6eba33b b6e33616 60080030 00000001 00000000 00000000 # [ 233.442569] Call trace: # [ 233.442585] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 233.451517] __check_heap_object from __check_object_size+0x294/0x310 # [ 233.458313] __check_object_size from do_usercopy_slab_size+0x1f4/0x330 # [ 233.465196] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c # [ 233.471577] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 233.477360] direct_entry from full_proxy_write+0x5c/0x8c # [ 233.483035] full_proxy_write from vfs_write+0xbc/0x3cc # [ 233.488513] vfs_write from ksys_write+0x78/0xf8 # [ 233.493490] ksys_write from ret_fast_syscall+0x0/0x1c # [ 233.498862] Exception stack(0xf25adfa8 to 0xf25adff0) # [ 233.504220] dfa0: 00000016 00000016 00000001 b6df4000 00000016 00000001 # [ 233.512694] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6df4000 00020000 004dfe38 # [ 233.521164] dfe0: 00000004 bed68788 b6eba33b b6e33616 # [ 233.526521] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) # [ 233.532878] ---[ end trace 0000000000000000 ]--- # [ 233.537724] note: cat[4097] exited with irqs disabled # USERCOPY_SLAB_SIZE_TO: saw 'call trace:': ok ok 69 selftests: lkdtm: USERCOPY_SLAB_SIZE_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_SIZE_FROM.sh <6>[ 235.498577] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_FROM <6>[ 235.504026] lkdtm: attempting good copy_from_user of correct size <6>[ 235.510223] lkdtm: attempting bad copy_from_user of too large size <0>[ 235.516712] usercopy: Kernel memory overwrite attempt detected to SLUB object 'kmalloc-1k' (offset 16, size 1024)! <4>[ 235.527320] ------------[ cut here ]------------ <2>[ 235.532076] kernel BUG at mm/usercopy.c:102! <0>[ 235.536629] Internal error: Oops - BUG: 0 [#19] SMP ARM <4>[ 235.542186] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 235.578662] CPU: 0 UID: 0 PID: 4184 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 235.588255] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 235.593501] Hardware name: STM32 (Device Tree Support) <4>[ 235.598848] PC is at usercopy_abort+0x98/0x9c <4>[ 235.603521] LR is at usercopy_abort+0x98/0x9c <4>[ 235.608178] pc : [] lr : [] psr: 60080013 <4>[ 235.614735] sp : f2629e28 ip : 00000000 fp : 00000200 <4>[ 235.620184] r10: b6f90010 r9 : c8c14010 r8 : c8c14010 <4>[ 235.625734] r7 : 00000000 r6 : 00000400 r5 : 00000400 r4 : 00000010 <4>[ 235.632592] r3 : c8c66e40 r2 : 00000000 r1 : 00000000 r0 : 00000066 <4>[ 235.639350] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 235.646815] Control: 10c5387d Table: c5b0c06a DAC: 00000051 <1>[ 235.652865] Register r0 information: non-paged memory <1>[ 235.658123] Register r1 information: NULL pointer <1>[ 235.663175] Register r2 information: NULL pointer <1>[ 235.668125] Register r3 information: slab task_struct start c8c66e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 235.681896] copy_process+0x1f4/0x1f64 <6>[ 235.686152] kernel_clone+0xac/0x388 <6>[ 235.690207] sys_clone+0x78/0x9c <6>[ 235.693959] ret_fast_syscall+0x0/0x1c <4>[ 235.698310] Free path: <6>[ 235.701039] rcu_core+0x2dc/0xb14 <6>[ 235.704892] handle_softirqs+0x15c/0x430 <6>[ 235.709350] irq_exit+0xac/0xd4 <6>[ 235.713001] call_with_stack+0x18/0x20 <6>[ 235.717263] __irq_svc+0x9c/0xb8 <6>[ 235.721011] path_init+0xbc/0x4f8 <6>[ 235.724859] path_openat+0x68/0x1198 <6>[ 235.729009] do_filp_open+0x98/0x134 <6>[ 235.733059] do_open_execat+0x6c/0x140 <6>[ 235.737415] open_exec+0x2c/0x44 <6>[ 235.741166] load_elf_binary+0x4c0/0x1374 <6>[ 235.745721] bprm_execve+0x20c/0x5a4 <6>[ 235.749775] do_execveat_common+0x15c/0x1b4 <6>[ 235.754533] sys_execve+0x38/0x40 <6>[ 235.758385] ret_fast_syscall+0x0/0x1c <1>[ 235.762635] Register r4 information: zero-size pointer <1>[ 235.768090] Register r5 information: non-paged memory <1>[ 235.773443] Register r6 information: non-paged memory <1>[ 235.778696] Register r7 information: NULL pointer <1>[ 235.783747] Register r8 information: slab kmalloc-1k start c8c13c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 235.798206] do_usercopy_slab_size+0x30/0x330 <6>[ 235.803159] lkdtm_do_action+0x24/0x4c <6>[ 235.807418] direct_entry+0x11c/0x140 <6>[ 235.811573] full_proxy_write+0x5c/0x8c <6>[ 235.816024] vfs_write+0xbc/0x3cc <6>[ 235.819780] ksys_write+0x78/0xf8 <6>[ 235.823635] ret_fast_syscall+0x0/0x1c <4>[ 235.827984] Free path: <6>[ 235.830614] nfs3_proc_create+0x1b4/0x2c4 <6>[ 235.835175] nfs_do_create+0xa8/0x178 <6>[ 235.839432] nfs_atomic_open_v23+0x84/0xd4 <6>[ 235.843994] path_openat+0xb18/0x1198 <6>[ 235.848245] do_filp_open+0x98/0x134 <6>[ 235.852394] do_sys_openat2+0xbc/0xe4 <6>[ 235.856549] sys_openat+0x98/0xd4 <6>[ 235.860400] ret_fast_syscall+0x0/0x1c <1>[ 235.864649] Register r9 information: slab kmalloc-1k start c8c13c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 235.879209] do_usercopy_slab_size+0x30/0x330 <6>[ 235.884072] lkdtm_do_action+0x24/0x4c <6>[ 235.888334] direct_entry+0x11c/0x140 <6>[ 235.892593] full_proxy_write+0x5c/0x8c <6>[ 235.896943] vfs_write+0xbc/0x3cc <6>[ 235.900801] ksys_write+0x78/0xf8 <6>[ 235.904656] ret_fast_syscall+0x0/0x1c <4>[ 235.908906] Free path: <6>[ 235.911636] nfs3_proc_create+0x1b4/0x2c4 <6>[ 235.916199] nfs_do_create+0xa8/0x178 <6>[ 235.920358] nfs_atomic_open_v23+0x84/0xd4 <6>[ 235.925019] path_openat+0xb18/0x1198 <6>[ 235.929169] do_filp_open+0x98/0x134 <6>[ 235.933319] do_sys_openat2+0xbc/0xe4 <6>[ 235.937474] sys_openat+0x98/0xd4 <6>[ 235.941325] ret_fast_syscall+0x0/0x1c <1>[ 235.945674] Register r10 information: non-paged memory <1>[ 235.951032] Register r11 information: non-paged memory <1>[ 235.956485] Register r12 information: NULL pointer <0>[ 235.961538] Process cat (pid: 4184, stack limit = 0xf2628000) <0>[ 235.967594] Stack: (0xf2629e28 to 0xf262a000) <0>[ 235.972249] 9e20: c1fb4a98 c1faf974 c1f9ec90 00000010 00000400 00000c00 <0>[ 235.980725] 9e40: ffffffff c05f57b0 00000400 c0317008 c8c14010 ef834240 00000400 00000000 <0>[ 235.989198] 9e60: c8c14410 c06214ac 00000400 c17275ec f2629e84 00000400 c8c14000 c8c10400 <0>[ 235.997671] 9e80: b6f90000 00000000 c8c14010 c0e030c8 00000022 00000000 f2629ebc 00000018 <0>[ 236.006144] 9ea0: c5b03000 00000000 f2629f80 c278c180 f2629f80 c8e7ea40 0050fe38 c0e007ac <0>[ 236.014619] 9ec0: 00000018 c0e00b90 c0e00a74 c5877540 b6e28000 00000018 c3a4f4b8 c0890ff0 <0>[ 236.023092] 9ee0: c5877540 c0890f94 f2629f80 b6e28000 c8c66e40 00000018 c8e7ea40 c0628618 <0>[ 236.031565] 9f00: c5b0edb8 00000000 00000000 00000000 00000000 00000018 b6e28000 0001ffe8 <0>[ 236.040037] 9f20: 00000001 00000000 c5877740 00000000 00000000 00000000 00000000 00000000 <0>[ 236.048509] 9f40: 00000000 00000000 00000000 00000000 00000022 e2a8bba7 00000000 c5877540 <0>[ 236.056982] 9f60: c5877540 00000000 00000000 c03002f0 c8c66e40 00000004 0050fe38 c0628b74 <0>[ 236.065555] 9f80: 00000000 00000000 00000000 e2a8bba7 000000c0 00000018 00000018 7ff00000 <0>[ 236.074029] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e28000 00000018 00000001 <0>[ 236.082504] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 <0>[ 236.090977] 9fe0: 00000004 befb5788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 <0>[ 236.099443] Call trace: <0>[ 236.099458] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 236.108483] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 236.115174] __check_object_size from do_usercopy_slab_size+0x2e0/0x330 <0>[ 236.122055] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c <0>[ 236.128434] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 236.134217] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 236.139892] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 236.145468] vfs_write from ksys_write+0x78/0xf8 <0>[ 236.150344] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 236.155716] Exception stack(0xf2629fa8 to 0xf2629ff0) <0>[ 236.161072] 9fa0: 00000018 00000018 00000001 b6e28000 00000018 00000001 <0>[ 236.169545] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 <0>[ 236.178014] 9fe0: 00000004 befb5788 b6eee33b b6e67616 <0>[ 236.183373] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) <4>[ 236.189729] ---[ end trace 0000000000000000 ]--- <6>[ 236.194674] note: cat[4184] exited with irqs disabled # Segmentation fault # [ 235.498577] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_FROM # [ 235.504026] lkdtm: attempting good copy_from_user of correct size # [ 235.510223] lkdtm: attempting bad copy_from_user of too large size # [ 235.516712] usercopy: Kernel memory overwrite attempt detected to SLUB object 'kmalloc-1k' (offset 16, size 1024)! # [ 235.527320] ------------[ cut here ]------------ # [ 235.532076] kernel BUG at mm/usercopy.c:102! # [ 235.536629] Internal error: Oops - BUG: 0 [#19] SMP ARM # [ 235.542186] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 235.578662] CPU: 0 UID: 0 PID: 4184 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 235.588255] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 235.593501] Hardware name: STM32 (Device Tree Support) # [ 235.598848] PC is at usercopy_abort+0x98/0x9c # [ 235.603521] LR is at usercopy_abort+0x98/0x9c # [ 235.608178] pc : [] lr : [] psr: 60080013 # [ 235.614735] sp : f2629e28 ip : 00000000 fp : 00000200 # [ 235.620184] r10: b6f90010 r9 : c8c14010 r8 : c8c14010 # [ 235.625734] r7 : 00000000 r6 : 00000400 r5 : 00000400 r4 : 00000010 # [ 235.632592] r3 : c8c66e40 r2 : 00000000 r1 : 00000000 r0 : 00000066 # [ 235.639350] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 235.646815] Control: 10c5387d Table: c5b0c06a DAC: 00000051 # [ 235.652865] Register r0 information: non-paged memory # [ 235.658123] Register r1 information: NULL pointer # [ 235.663175] Register r2 information: NULL pointer # [ 235.668125] Register r3 information: slab task_struct start c8c66e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 235.681896] copy_process+0x1f4/0x1f64 # [ 235.686152] kernel_clone+0xac/0x388 # [ 235.690207] sys_clone+0x78/0x9c # [ 235.693959] ret_fast_syscall+0x0/0x1c # [ 235.698310] Free path: # [ 235.701039] rcu_core+0x2dc/0xb14 # [ 235.704892] handle_softirqs+0x15c/0x430 # [ 235.709350] irq_exit+0xac/0xd4 # [ 235.713001] call_with_stack+0x18/0x20 # [ 235.717263] __irq_svc+0x9c/0xb8 # [ 235.721011] path_init+0xbc/0x4f8 # [ 235.724859] path_openat+0x68/0x1198 # [ 235.729009] do_filp_open+0x98/0x134 # [ 235.733059] do_open_execat+0x6c/0x140 # [ 235.737415] open_exec+0x2c/0x44 # [ 235.741166] load_elf_binary+0x4c0/0x1374 # [ 235.745721] bprm_execve+0x20c/0x5a4 # [ 235.749775] do_execveat_common+0x15c/0x1b4 # [ 235.754533] sys_execve+0x38/0x40 # [ 235.758385] ret_fast_syscall+0x0/0x1c # [ 235.762635] Register r4 information: zero-size pointer # [ 235.768090] Register r5 information: non-paged memory # [ 235.773443] Register r6 information: non-paged memory # [ 235.778696] Register r7 information: NULL pointer # [ 235.783747] Register r8 information: slab kmalloc-1k start c8c13c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 235.798206] do_usercopy_slab_size+0x30/0x330 # [ 235.803159] lkdtm_do_action+0x24/0x4c # [ 235.807418] direct_entry+0x11c/0x140 # [ 235.811573] full_proxy_write+0x5c/0x8c # [ 235.816024] vfs_write+0xbc/0x3cc # [ 235.819780] ksys_write+0x78/0xf8 # [ 235.823635] ret_fast_syscall+0x0/0x1c # [ 235.827984] Free path: # [ 235.830614] nfs3_proc_create+0x1b4/0x2c4 # [ 235.835175] nfs_do_create+0xa8/0x178 # [ 235.839432] nfs_atomic_open_v23+0x84/0xd4 # [ 235.843994] path_openat+0xb18/0x1198 # [ 235.848245] do_filp_open+0x98/0x134 # [ 235.852394] do_sys_openat2+0xbc/0xe4 # [ 235.856549] sys_openat+0x98/0xd4 # [ 235.860400] ret_fast_syscall+0x0/0x1c # [ 235.864649] Register r9 information: slab kmalloc-1k start c8c13c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 235.879209] do_usercopy_slab_size+0x30/0x330 # [ 235.884072] lkdtm_do_action+0x24/0x4c # [ 235.888334] direct_entry+0x11c/0x140 # [ 235.892593] full_proxy_write+0x5c/0x8c # [ 235.896943] vfs_write+0xbc/0x3cc # [ 235.900801] ksys_write+0x78/0xf8 # [ 235.904656] ret_fast_syscall+0x0/0x1c # [ 235.908906] Free path: # [ 235.911636] nfs3_proc_create+0x1b4/0x2c4 # [ 235.916199] nfs_do_create+0xa8/0x178 # [ 235.920358] nfs_atomic_open_v23+0x84/0xd4 # [ 235.925019] path_openat+0xb18/0x1198 # [ 235.929169] do_filp_open+0x98/0x134 # [ 235.933319] do_sys_openat2+0xbc/0xe4 # [ 235.937474] sys_openat+0x98/0xd4 # [ 235.941325] ret_fast_syscall+0x0/0x1c # [ 235.945674] Register r10 information: non-paged memory # [ 235.951032] Register r11 information: non-paged memory # [ 235.956485] Register r12 information: NULL pointer # [ 235.961538] Process cat (pid: 4184, stack limit = 0xf2628000) # [ 235.967594] Stack: (0xf2629e28 to 0xf262a000) # [ 235.972249] 9e20: c1fb4a98 c1faf974 c1f9ec90 00000010 00000400 00000c00 # [ 235.980725] 9e40: ffffffff c05f57b0 00000400 c0317008 c8c14010 ef834240 00000400 00000000 # [ 235.989198] 9e60: c8c14410 c06214ac 00000400 c17275ec f2629e84 00000400 c8c14000 c8c10400 # [ 235.997671] 9e80: b6f90000 00000000 c8c14010 c0e030c8 00000022 00000000 f2629ebc 00000018 # [ 236.006144] 9ea0: c5b03000 00000000 f2629f80 c278c180 f2629f80 c8e7ea40 0050fe38 c0e007ac # [ 236.014619] 9ec0: 00000018 c0e00b90 c0e00a74 c5877540 b6e28000 00000018 c3a4f4b8 c0890ff0 # [ 236.023092] 9ee0: c5877540 c0890f94 f2629f80 b6e28000 c8c66e40 00000018 c8e7ea40 c0628618 # [ 236.031565] 9f00: c5b0edb8 00000000 00000000 00000000 00000000 00000018 b6e28000 0001ffe8 # [ 236.040037] 9f20: 00000001 00000000 c5877740 00000000 00000000 00000000 00000000 00000000 # [ 236.048509] 9f40: 00000000 00000000 00000000 00000000 00000022 e2a8bba7 00000000 c5877540 # [ 236.056982] 9f60: c5877540 00000000 00000000 c03002f0 c8c66e40 00000004 0050fe38 c0628b74 # [ 236.065555] 9f80: 00000000 00000000 00000000 e2a8bba7 000000c0 00000018 00000018 7ff00000 # [ 236.074029] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e28000 00000018 00000001 # [ 236.082504] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 # [ 236.090977] 9fe0: 00000004 befb5788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 # [ 236.099443] Call trace: # [ 236.099458] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 236.108483] __check_heap_object from __check_object_size+0x294/0x310 # [ 236.115174] __check_object_size from do_usercopy_slab_size+0x2e0/0x330 # [ 236.122055] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c # [ 236.128434] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 236.134217] direct_entry from full_proxy_write+0x5c/0x8c # [ 236.139892] full_proxy_write from vfs_write+0xbc/0x3cc # [ 236.145468] vfs_write from ksys_write+0x78/0xf8 # [ 236.150344] ksys_write from ret_fast_syscall+0x0/0x1c # [ 236.155716] Exception stack(0xf2629fa8 to 0xf2629ff0) # [ 236.161072] 9fa0: 00000018 00000018 00000001 b6e28000 00000018 00000001 # [ 236.169545] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 # [ 236.178014] 9fe0: 00000004 befb5788 b6eee33b b6e67616 # [ 236.183373] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) # [ 236.189729] ---[ end trace 0000000000000000 ]--- # [ 236.194674] note: cat[4184] exited with irqs disabled # USERCOPY_SLAB_SIZE_FROM: saw 'call trace:': ok ok 70 selftests: lkdtm: USERCOPY_SLAB_SIZE_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_WHITELIST_TO.sh <6>[ 238.054227] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_TO <6>[ 238.059992] lkdtm: attempting good copy_to_user inside whitelist <6>[ 238.066079] lkdtm: attempting bad copy_to_user outside whitelist <0>[ 238.072271] usercopy: Kernel memory exposure attempt detected from SLUB object 'lkdtm-usercopy' (offset 255, size 64)! <4>[ 238.083288] ------------[ cut here ]------------ <2>[ 238.088146] kernel BUG at mm/usercopy.c:102! <0>[ 238.092602] Internal error: Oops - BUG: 0 [#20] SMP ARM <4>[ 238.098160] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 238.134635] CPU: 1 UID: 0 PID: 4271 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 238.144225] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 238.149470] Hardware name: STM32 (Device Tree Support) <4>[ 238.154917] PC is at usercopy_abort+0x98/0x9c <4>[ 238.159489] LR is at usercopy_abort+0x98/0x9c <4>[ 238.164147] pc : [] lr : [] psr: 60080013 <4>[ 238.170704] sp : f26b5e28 ip : 00000000 fp : 004afe38 <4>[ 238.176254] r10: c278c0a0 r9 : 00000040 r8 : c5e74107 <4>[ 238.181704] r7 : 00000001 r6 : 00000040 r5 : 00000040 r4 : 000000ff <4>[ 238.188560] r3 : c8c61440 r2 : 00000000 r1 : 00000000 r0 : 0000006a <4>[ 238.195419] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 238.202785] Control: 10c5387d Table: c599006a DAC: 00000051 <1>[ 238.208837] Register r0 information: non-paged memory <1>[ 238.214198] Register r1 information: NULL pointer <1>[ 238.219150] Register r2 information: NULL pointer <1>[ 238.224101] Register r3 information: slab task_struct start c8c61400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 238.237874] copy_process+0x1f4/0x1f64 <6>[ 238.242132] kernel_clone+0xac/0x388 <6>[ 238.246289] sys_clone+0x78/0x9c <6>[ 238.250043] ret_fast_syscall+0x0/0x1c <4>[ 238.254294] Free path: <6>[ 238.257025] rcu_core+0x2dc/0xb14 <6>[ 238.260877] handle_softirqs+0x15c/0x430 <6>[ 238.265336] run_ksoftirqd+0x48/0x60 <6>[ 238.269389] smpboot_thread_fn+0xc0/0x15c <6>[ 238.273942] kthread+0xe8/0x104 <6>[ 238.277691] ret_from_fork+0x14/0x28 <1>[ 238.281738] Register r4 information: non-paged memory <1>[ 238.287093] Register r5 information: non-paged memory <1>[ 238.292446] Register r6 information: non-paged memory <1>[ 238.297799] Register r7 information: non-paged memory <1>[ 238.303151] Register r8 information: slab lkdtm-usercopy start c5e74000 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 238.318214] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 238.323570] lkdtm_do_action+0x24/0x4c <6>[ 238.327828] direct_entry+0x11c/0x140 <6>[ 238.332084] full_proxy_write+0x5c/0x8c <6>[ 238.336435] vfs_write+0xbc/0x3cc <6>[ 238.340295] ksys_write+0x78/0xf8 <6>[ 238.344150] ret_fast_syscall+0x0/0x1c <1>[ 238.348399] Register r9 information: non-paged memory <1>[ 238.353754] Register r10 information: non-slab/vmalloc memory <1>[ 238.359713] Register r11 information: non-paged memory <1>[ 238.365167] Register r12 information: NULL pointer <0>[ 238.370221] Process cat (pid: 4271, stack limit = 0xf26b4000) <0>[ 238.376285] Stack: (0xf26b5e28 to 0xf26b6000) <0>[ 238.380948] 5e20: c1fb4a98 c20ac55c c1f9ec90 000000ff 00000040 00000440 <0>[ 238.389432] 5e40: ffffffff c05f57b0 00000040 c0317008 c5e74107 ef7cd850 00000040 00000001 <0>[ 238.397914] 5e60: c5e74147 c06214ac b6f9d000 c17275ec f26b5e84 b6f9d000 c5e74008 c290fa78 <0>[ 238.406395] 5e80: c5e74107 00000100 00000040 c0e02cf4 00000022 00000000 f26b5ebc 0000001b <0>[ 238.414876] 5ea0: c5cb8000 00000000 f26b5f80 c278c188 f26b5f80 c8e7ea40 004afe38 c0e007ac <0>[ 238.423355] 5ec0: 0000001b c0e00b90 c0e00a74 c5877140 b6e38000 0000001b c3a4f4b8 c0890ff0 <0>[ 238.431830] 5ee0: c5877140 c0890f94 f26b5f80 b6e38000 c8c61440 0000001b c8e7ea40 c0628618 <0>[ 238.440304] 5f00: c5992db8 00000000 00000000 00000000 00000000 0000001b b6e38000 0001ffe5 <0>[ 238.448776] 5f20: 00000001 00000000 c5877a40 00000000 00000000 00000000 00000000 00000000 <0>[ 238.457250] 5f40: 00000000 00000000 00000000 00000000 00000022 ae3b44b7 00000000 c5877140 <0>[ 238.465724] 5f60: c5877140 00000000 00000000 c03002f0 c8c61440 00000004 004afe38 c0628b74 <0>[ 238.474198] 5f80: 00000000 00000000 00000000 ae3b44b7 000000c0 0000001b 0000001b 7ff00000 <0>[ 238.482670] 5fa0: 00000004 c03000c0 0000001b 0000001b 00000001 b6e38000 0000001b 00000001 <0>[ 238.491244] 5fc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 <0>[ 238.499717] 5fe0: 00000004 be9bd788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 238.508181] Call trace: <0>[ 238.508198] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 238.517130] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 238.523920] __check_object_size from do_usercopy_slab_whitelist+0x250/0x324 <0>[ 238.531204] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c <0>[ 238.538086] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 238.543867] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 238.549543] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 238.555020] vfs_write from ksys_write+0x78/0xf8 <0>[ 238.559897] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 238.565370] Exception stack(0xf26b5fa8 to 0xf26b5ff0) <0>[ 238.570727] 5fa0: 0000001b 0000001b 00000001 b6e38000 0000001b 00000001 <0>[ 238.579201] 5fc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 <0>[ 238.587670] 5fe0: 00000004 be9bd788 b6efe33b b6e77616 <0>[ 238.593028] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) <4>[ 238.599385] ---[ end trace 0000000000000000 ]--- <6>[ 238.604233] note: cat[4271] exited with irqs disabled # Segmentation fault # [ 238.054227] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_TO # [ 238.059992] lkdtm: attempting good copy_to_user inside whitelist # [ 238.066079] lkdtm: attempting bad copy_to_user outside whitelist # [ 238.072271] usercopy: Kernel memory exposure attempt detected from SLUB object 'lkdtm-usercopy' (offset 255, size 64)! # [ 238.083288] ------------[ cut here ]------------ # [ 238.088146] kernel BUG at mm/usercopy.c:102! # [ 238.092602] Internal error: Oops - BUG: 0 [#20] SMP ARM # [ 238.098160] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 238.134635] CPU: 1 UID: 0 PID: 4271 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 238.144225] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 238.149470] Hardware name: STM32 (Device Tree Support) # [ 238.154917] PC is at usercopy_abort+0x98/0x9c # [ 238.159489] LR is at usercopy_abort+0x98/0x9c # [ 238.164147] pc : [] lr : [] psr: 60080013 # [ 238.170704] sp : f26b5e28 ip : 00000000 fp : 004afe38 # [ 238.176254] r10: c278c0a0 r9 : 00000040 r8 : c5e74107 # [ 238.181704] r7 : 00000001 r6 : 00000040 r5 : 00000040 r4 : 000000ff # [ 238.188560] r3 : c8c61440 r2 : 00000000 r1 : 00000000 r0 : 0000006a # [ 238.195419] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 238.202785] Control: 10c5387d Table: c599006a DAC: 00000051 # [ 238.208837] Register r0 information: non-paged memory # [ 238.214198] Register r1 information: NULL pointer # [ 238.219150] Register r2 information: NULL pointer # [ 238.224101] Register r3 information: slab task_struct start c8c61400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 238.237874] copy_process+0x1f4/0x1f64 # [ 238.242132] kernel_clone+0xac/0x388 # [ 238.246289] sys_clone+0x78/0x9c # [ 238.250043] ret_fast_syscall+0x0/0x1c # [ 238.254294] Free path: # [ 238.257025] rcu_core+0x2dc/0xb14 # [ 238.260877] handle_softirqs+0x15c/0x430 # [ 238.265336] run_ksoftirqd+0x48/0x60 # [ 238.269389] smpboot_thread_fn+0xc0/0x15c # [ 238.273942] kthread+0xe8/0x104 # [ 238.277691] ret_from_fork+0x14/0x28 # [ 238.281738] Register r4 information: non-paged memory # [ 238.287093] Register r5 information: non-paged memory # [ 238.292446] Register r6 information: non-paged memory # [ 238.297799] Register r7 information: non-paged memory # [ 238.303151] Register r8 information: slab lkdtm-usercopy start c5e74000 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 238.318214] do_usercopy_slab_whitelist+0x38/0x324 # [ 238.323570] lkdtm_do_action+0x24/0x4c # [ 238.327828] direct_entry+0x11c/0x140 # [ 238.332084] full_proxy_write+0x5c/0x8c # [ 238.336435] vfs_write+0xbc/0x3cc # [ 238.340295] ksys_write+0x78/0xf8 # [ 238.344150] ret_fast_syscall+0x0/0x1c # [ 238.348399] Register r9 information: non-paged memory # [ 238.353754] Register r10 information: non-slab/vmalloc memory # [ 238.359713] Register r11 information: non-paged memory # [ 238.365167] Register r12 information: NULL pointer # [ 238.370221] Process cat (pid: 4271, stack limit = 0xf26b4000) # [ 238.376285] Stack: (0xf26b5e28 to 0xf26b6000) # [ 238.380948] 5e20: c1fb4a98 c20ac55c c1f9ec90 000000ff 00000040 00000440 # [ 238.389432] 5e40: ffffffff c05f57b0 00000040 c0317008 c5e74107 ef7cd850 00000040 00000001 # [ 238.397914] 5e60: c5e74147 c06214ac b6f9d000 c17275ec f26b5e84 b6f9d000 c5e74008 c290fa78 # [ 238.406395] 5e80: c5e74107 00000100 00000040 c0e02cf4 00000022 00000000 f26b5ebc 0000001b # [ 238.414876] 5ea0: c5cb8000 00000000 f26b5f80 c278c188 f26b5f80 c8e7ea40 004afe38 c0e007ac # [ 238.423355] 5ec0: 0000001b c0e00b90 c0e00a74 c5877140 b6e38000 0000001b c3a4f4b8 c0890ff0 # [ 238.431830] 5ee0: c5877140 c0890f94 f26b5f80 b6e38000 c8c61440 0000001b c8e7ea40 c0628618 # [ 238.440304] 5f00: c5992db8 00000000 00000000 00000000 00000000 0000001b b6e38000 0001ffe5 # [ 238.448776] 5f20: 00000001 00000000 c5877a40 00000000 00000000 00000000 00000000 00000000 # [ 238.457250] 5f40: 00000000 00000000 00000000 00000000 00000022 ae3b44b7 00000000 c5877140 # [ 238.465724] 5f60: c5877140 00000000 00000000 c03002f0 c8c61440 00000004 004afe38 c0628b74 # [ 238.474198] 5f80: 00000000 00000000 00000000 ae3b44b7 000000c0 0000001b 0000001b 7ff00000 # [ 238.482670] 5fa0: 00000004 c03000c0 0000001b 0000001b 00000001 b6e38000 0000001b 00000001 # [ 238.491244] 5fc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 # [ 238.499717] 5fe0: 00000004 be9bd788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 238.508181] Call trace: # [ 238.508198] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 238.517130] __check_heap_object from __check_object_size+0x294/0x310 # [ 238.523920] __check_object_size from do_usercopy_slab_whitelist+0x250/0x324 # [ 238.531204] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c # [ 238.538086] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 238.543867] direct_entry from full_proxy_write+0x5c/0x8c # [ 238.549543] full_proxy_write from vfs_write+0xbc/0x3cc # [ 238.555020] vfs_write from ksys_write+0x78/0xf8 # [ 238.559897] ksys_write from ret_fast_syscall+0x0/0x1c # [ 238.565370] Exception stack(0xf26b5fa8 to 0xf26b5ff0) # [ 238.570727] 5fa0: 0000001b 0000001b 00000001 b6e38000 0000001b 00000001 # [ 238.579201] 5fc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 # [ 238.587670] 5fe0: 00000004 be9bd788 b6efe33b b6e77616 # [ 238.593028] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) # [ 238.599385] ---[ end trace 0000000000000000 ]--- # [ 238.604233] note: cat[4271] exited with irqs disabled # USERCOPY_SLAB_WHITELIST_TO: saw 'call trace:': ok ok 71 selftests: lkdtm: USERCOPY_SLAB_WHITELIST_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_WHITELIST_FROM.sh <6>[ 240.431115] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_FROM <6>[ 240.436930] lkdtm: attempting good copy_from_user inside whitelist <6>[ 240.443352] lkdtm: attempting bad copy_from_user outside whitelist <0>[ 240.449757] usercopy: Kernel memory overwrite attempt detected to SLUB object 'lkdtm-usercopy' (offset 255, size 64)! <4>[ 240.460653] ------------[ cut here ]------------ <2>[ 240.465410] kernel BUG at mm/usercopy.c:102! <0>[ 240.469965] Internal error: Oops - BUG: 0 [#21] SMP ARM <4>[ 240.475524] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 240.512000] CPU: 1 UID: 0 PID: 4358 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 240.521594] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 240.526840] Hardware name: STM32 (Device Tree Support) <4>[ 240.532188] PC is at usercopy_abort+0x98/0x9c <4>[ 240.536862] LR is at usercopy_abort+0x98/0x9c <4>[ 240.541521] pc : [] lr : [] psr: 60080013 <4>[ 240.548077] sp : f2735e28 ip : 00000000 fp : c5e74548 <4>[ 240.553527] r10: 00000000 r9 : 00000040 r8 : c5e74547 <4>[ 240.559077] r7 : 00000000 r6 : 00000040 r5 : 00000040 r4 : 000000ff <4>[ 240.565934] r3 : c8c60a40 r2 : 00000000 r1 : 00000000 r0 : 00000069 <4>[ 240.572693] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 240.580158] Control: 10c5387d Table: c8eb806a DAC: 00000051 <1>[ 240.586208] Register r0 information: non-paged memory <1>[ 240.591569] Register r1 information: NULL pointer <1>[ 240.596520] Register r2 information: NULL pointer <1>[ 240.601472] Register r3 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 240.615244] copy_process+0x1f4/0x1f64 <6>[ 240.619502] kernel_clone+0xac/0x388 <6>[ 240.623657] sys_clone+0x78/0x9c <6>[ 240.627411] ret_fast_syscall+0x0/0x1c <4>[ 240.631661] Free path: <6>[ 240.634391] rcu_core+0x2dc/0xb14 <6>[ 240.638244] handle_softirqs+0x15c/0x430 <6>[ 240.642703] irq_exit+0xac/0xd4 <6>[ 240.646354] call_with_stack+0x18/0x20 <6>[ 240.650616] __irq_svc+0x9c/0xb8 <6>[ 240.654363] default_idle_call+0x20/0xc0 <6>[ 240.658824] do_idle+0x25c/0x2f4 <6>[ 240.662575] cpu_startup_entry+0x30/0x34 <6>[ 240.667028] secondary_start_kernel+0x138/0x158 <6>[ 240.672189] __enable_mmu+0x0/0x20 <1>[ 240.676038] Register r4 information: non-paged memory <1>[ 240.681393] Register r5 information: non-paged memory <1>[ 240.686746] Register r6 information: non-paged memory <1>[ 240.692098] Register r7 information: NULL pointer <1>[ 240.697049] Register r8 information: slab lkdtm-usercopy start c5e74440 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 240.712213] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 240.717567] lkdtm_do_action+0x24/0x4c <6>[ 240.721825] direct_entry+0x11c/0x140 <6>[ 240.725981] full_proxy_write+0x5c/0x8c <6>[ 240.730433] vfs_write+0xbc/0x3cc <6>[ 240.734190] ksys_write+0x78/0xf8 <6>[ 240.738044] ret_fast_syscall+0x0/0x1c <1>[ 240.742394] Register r9 information: non-paged memory <1>[ 240.747748] Register r10 information: NULL pointer <1>[ 240.752801] Register r11 information: slab lkdtm-usercopy start c5e74440 data offset 8 pointer offset 256 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 240.767960] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 240.773316] lkdtm_do_action+0x24/0x4c <6>[ 240.777572] direct_entry+0x11c/0x140 <6>[ 240.781828] full_proxy_write+0x5c/0x8c <6>[ 240.786178] vfs_write+0xbc/0x3cc <6>[ 240.790034] ksys_write+0x78/0xf8 <6>[ 240.793890] ret_fast_syscall+0x0/0x1c <1>[ 240.798140] Register r12 information: NULL pointer <0>[ 240.803193] Process cat (pid: 4358, stack limit = 0xf2734000) <0>[ 240.809249] Stack: (0xf2735e28 to 0xf2736000) <0>[ 240.813904] 5e20: c1fb4a98 c20ac55c c1f9ec90 000000ff 00000040 00000440 <0>[ 240.822378] 5e40: ffffffff c05f57b0 00000040 c0317008 c5e74547 ef7cd850 00000040 00000000 <0>[ 240.830852] 5e60: c5e74587 c06214ac b6f2e000 c17275ec f2735e84 b6f2e000 c5e74448 c290fa78 <0>[ 240.839327] 5e80: c5e74547 00000100 00000040 c0e02c80 00000022 00000000 f2735ebc 0000001d <0>[ 240.847801] 5ea0: c5ade000 00000000 f2735f80 c278c190 f2735f80 c8e7ea40 004bfe38 c0e007ac <0>[ 240.856275] 5ec0: 0000001d c0e00b90 c0e00a74 c5877d40 b6dc8000 0000001d c3a4f4b8 c0890ff0 <0>[ 240.864849] 5ee0: c5877d40 c0890f94 f2735f80 b6dc8000 c8c60a40 0000001d c8e7ea40 c0628618 <0>[ 240.873326] 5f00: c8ebadb0 00000000 00000000 00000000 00000000 0000001d b6dc8000 0001ffe3 <0>[ 240.881804] 5f20: 00000001 00000000 c5877940 00000000 00000000 00000000 00000000 00000000 <0>[ 240.890286] 5f40: 00000000 00000000 00000000 00000000 00000022 fd326160 00000000 c5877d40 <0>[ 240.898768] 5f60: c5877d40 00000000 00000000 c03002f0 c8c60a40 00000004 004bfe38 c0628b74 <0>[ 240.907246] 5f80: 00000000 00000000 00000000 fd326160 000000c0 0000001d 0000001d 7ff00000 <0>[ 240.915726] 5fa0: 00000004 c03000c0 0000001d 0000001d 00000001 b6dc8000 0000001d 00000001 <0>[ 240.924205] 5fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6dc8000 00020000 004bfe38 <0>[ 240.932678] 5fe0: 00000004 bed4c788 b6e8e33b b6e07616 60080030 00000001 00000000 00000000 <0>[ 240.941145] Call trace: <0>[ 240.941162] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 240.950192] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 240.956884] __check_object_size from do_usercopy_slab_whitelist+0x1dc/0x324 <0>[ 240.964268] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c <0>[ 240.971053] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 240.976835] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 240.982511] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 240.987986] vfs_write from ksys_write+0x78/0xf8 <0>[ 240.992862] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 240.998333] Exception stack(0xf2735fa8 to 0xf2735ff0) <0>[ 241.003691] 5fa0: 0000001d 0000001d 00000001 b6dc8000 0000001d 00000001 <0>[ 241.012166] 5fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6dc8000 00020000 004bfe38 <0>[ 241.020636] 5fe0: 00000004 bed4c788 b6e8e33b b6e07616 <0>[ 241.025994] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) <4>[ 241.032352] ---[ end trace 0000000000000000 ]--- <6>[ 241.037199] note: cat[4358] exited with irqs disabled # Segmentation fault # [ 240.431115] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_FROM # [ 240.436930] lkdtm: attempting good copy_from_user inside whitelist # [ 240.443352] lkdtm: attempting bad copy_from_user outside whitelist # [ 240.449757] usercopy: Kernel memory overwrite attempt detected to SLUB object 'lkdtm-usercopy' (offset 255, size 64)! # [ 240.460653] ------------[ cut here ]------------ # [ 240.465410] kernel BUG at mm/usercopy.c:102! # [ 240.469965] Internal error: Oops - BUG: 0 [#21] SMP ARM # [ 240.475524] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 240.512000] CPU: 1 UID: 0 PID: 4358 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 240.521594] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 240.526840] Hardware name: STM32 (Device Tree Support) # [ 240.532188] PC is at usercopy_abort+0x98/0x9c # [ 240.536862] LR is at usercopy_abort+0x98/0x9c # [ 240.541521] pc : [] lr : [] psr: 60080013 # [ 240.548077] sp : f2735e28 ip : 00000000 fp : c5e74548 # [ 240.553527] r10: 00000000 r9 : 00000040 r8 : c5e74547 # [ 240.559077] r7 : 00000000 r6 : 00000040 r5 : 00000040 r4 : 000000ff # [ 240.565934] r3 : c8c60a40 r2 : 00000000 r1 : 00000000 r0 : 00000069 # [ 240.572693] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 240.580158] Control: 10c5387d Table: c8eb806a DAC: 00000051 # [ 240.586208] Register r0 information: non-paged memory # [ 240.591569] Register r1 information: NULL pointer # [ 240.596520] Register r2 information: NULL pointer # [ 240.601472] Register r3 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 240.615244] copy_process+0x1f4/0x1f64 # [ 240.619502] kernel_clone+0xac/0x388 # [ 240.623657] sys_clone+0x78/0x9c # [ 240.627411] ret_fast_syscall+0x0/0x1c # [ 240.631661] Free path: # [ 240.634391] rcu_core+0x2dc/0xb14 # [ 240.638244] handle_softirqs+0x15c/0x430 # [ 240.642703] irq_exit+0xac/0xd4 # [ 240.646354] call_with_stack+0x18/0x20 # [ 240.650616] __irq_svc+0x9c/0xb8 # [ 240.654363] default_idle_call+0x20/0xc0 # [ 240.658824] do_idle+0x25c/0x2f4 # [ 240.662575] cpu_startup_entry+0x30/0x34 # [ 240.667028] secondary_start_kernel+0x138/0x158 # [ 240.672189] __enable_mmu+0x0/0x20 # [ 240.676038] Register r4 information: non-paged memory # [ 240.681393] Register r5 information: non-paged memory # [ 240.686746] Register r6 information: non-paged memory # [ 240.692098] Register r7 information: NULL pointer # [ 240.697049] Register r8 information: slab lkdtm-usercopy start c5e74440 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 240.712213] do_usercopy_slab_whitelist+0x38/0x324 # [ 240.717567] lkdtm_do_action+0x24/0x4c # [ 240.721825] direct_entry+0x11c/0x140 # [ 240.725981] full_proxy_write+0x5c/0x8c # [ 240.730433] vfs_write+0xbc/0x3cc # [ 240.734190] ksys_write+0x78/0xf8 # [ 240.738044] ret_fast_syscall+0x0/0x1c # [ 240.742394] Register r9 information: non-paged memory # [ 240.747748] Register r10 information: NULL pointer # [ 240.752801] Register r11 information: slab lkdtm-usercopy start c5e74440 data offset 8 pointer offset 256 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 240.767960] do_usercopy_slab_whitelist+0x38/0x324 # [ 240.773316] lkdtm_do_action+0x24/0x4c # [ 240.777572] direct_entry+0x11c/0x140 # [ 240.781828] full_proxy_write+0x5c/0x8c # [ 240.786178] vfs_write+0xbc/0x3cc # [ 240.790034] ksys_write+0x78/0xf8 # [ 240.793890] ret_fast_syscall+0x0/0x1c # [ 240.798140] Register r12 information: NULL pointer # [ 240.803193] Process cat (pid: 4358, stack limit = 0xf2734000) # [ 240.809249] Stack: (0xf2735e28 to 0xf2736000) # [ 240.813904] 5e20: c1fb4a98 c20ac55c c1f9ec90 000000ff 00000040 00000440 # [ 240.822378] 5e40: ffffffff c05f57b0 00000040 c0317008 c5e74547 ef7cd850 00000040 00000000 # [ 240.830852] 5e60: c5e74587 c06214ac b6f2e000 c17275ec f2735e84 b6f2e000 c5e74448 c290fa78 # [ 240.839327] 5e80: c5e74547 00000100 00000040 c0e02c80 00000022 00000000 f2735ebc 0000001d # [ 240.847801] 5ea0: c5ade000 00000000 f2735f80 c278c190 f2735f80 c8e7ea40 004bfe38 c0e007ac # [ 240.856275] 5ec0: 0000001d c0e00b90 c0e00a74 c5877d40 b6dc8000 0000001d c3a4f4b8 c0890ff0 # [ 240.864849] 5ee0: c5877d40 c0890f94 f2735f80 b6dc8000 c8c60a40 0000001d c8e7ea40 c0628618 # [ 240.873326] 5f00: c8ebadb0 00000000 00000000 00000000 00000000 0000001d b6dc8000 0001ffe3 # [ 240.881804] 5f20: 00000001 00000000 c5877940 00000000 00000000 00000000 00000000 00000000 # [ 240.890286] 5f40: 00000000 00000000 00000000 00000000 00000022 fd326160 00000000 c5877d40 # [ 240.898768] 5f60: c5877d40 00000000 00000000 c03002f0 c8c60a40 00000004 004bfe38 c0628b74 # [ 240.907246] 5f80: 00000000 00000000 00000000 fd326160 000000c0 0000001d 0000001d 7ff00000 # [ 240.915726] 5fa0: 00000004 c03000c0 0000001d 0000001d 00000001 b6dc8000 0000001d 00000001 # [ 240.924205] 5fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6dc8000 00020000 004bfe38 # [ 240.932678] 5fe0: 00000004 bed4c788 b6e8e33b b6e07616 60080030 00000001 00000000 00000000 # [ 240.941145] Call trace: # [ 240.941162] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 240.950192] __check_heap_object from __check_object_size+0x294/0x310 # [ 240.956884] __check_object_size from do_usercopy_slab_whitelist+0x1dc/0x324 # [ 240.964268] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c # [ 240.971053] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 240.976835] direct_entry from full_proxy_write+0x5c/0x8c # [ 240.982511] full_proxy_write from vfs_write+0xbc/0x3cc # [ 240.987986] vfs_write from ksys_write+0x78/0xf8 # [ 240.992862] ksys_write from ret_fast_syscall+0x0/0x1c # [ 240.998333] Exception stack(0xf2735fa8 to 0xf2735ff0) # [ 241.003691] 5fa0: 0000001d 0000001d 00000001 b6dc8000 0000001d 00000001 # [ 241.012166] 5fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6dc8000 00020000 004bfe38 # [ 241.020636] 5fe0: 00000004 bed4c788 b6e8e33b b6e07616 # [ 241.025994] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) # [ 241.032352] ---[ end trace 0000000000000000 ]--- # [ 241.037199] note: cat[4358] exited with irqs disabled # USERCOPY_SLAB_WHITELIST_FROM: saw 'call trace:': ok ok 72 selftests: lkdtm: USERCOPY_SLAB_WHITELIST_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_FRAME_TO.sh <6>[ 243.018494] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_TO <6>[ 243.023729] lkdtm: good_stack: f27b9e74-f27b9e94 <6>[ 243.028569] lkdtm: bad_stack : f27b9dec-f27b9e0c <6>[ 243.033790] lkdtm: attempting good copy_to_user of local stack <6>[ 243.039836] lkdtm: attempting bad copy_to_user of distant stack <0>[ 243.045786] usercopy: Kernel memory exposure attempt detected from process stack (offset 84, size 32)! <4>[ 243.059792] ------------[ cut here ]------------ <2>[ 243.063274] kernel BUG at mm/usercopy.c:102! <0>[ 243.067831] Internal error: Oops - BUG: 0 [#22] SMP ARM <4>[ 243.073390] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 243.109867] CPU: 0 UID: 0 PID: 4445 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 243.119461] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 243.124707] Hardware name: STM32 (Device Tree Support) <4>[ 243.130154] PC is at usercopy_abort+0x98/0x9c <4>[ 243.134728] LR is at usercopy_abort+0x98/0x9c <4>[ 243.139388] pc : [] lr : [] psr: 60080013 <4>[ 243.145944] sp : f27b9e20 ip : 00000000 fp : f0f0f0f1 <4>[ 243.151494] r10: c1a71d24 r9 : c8c61440 r8 : f27b9e0c <4>[ 243.156943] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : 00000054 <4>[ 243.163801] r3 : c8c61440 r2 : 00000000 r1 : 00000000 r0 : 0000005a <4>[ 243.170659] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 243.178023] Control: 10c5387d Table: c5d9006a DAC: 00000051 <1>[ 243.184074] Register r0 information: non-paged memory <1>[ 243.189434] Register r1 information: NULL pointer <1>[ 243.194385] Register r2 information: NULL pointer <1>[ 243.199436] Register r3 information: slab task_struct start c8c61400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 243.213110] copy_process+0x1f4/0x1f64 <6>[ 243.217366] kernel_clone+0xac/0x388 <6>[ 243.221521] sys_clone+0x78/0x9c <6>[ 243.225273] ret_fast_syscall+0x0/0x1c <4>[ 243.229524] Free path: <6>[ 243.232254] rcu_core+0x2dc/0xb14 <6>[ 243.236106] handle_softirqs+0x15c/0x430 <6>[ 243.240564] irq_exit+0xac/0xd4 <6>[ 243.244214] call_with_stack+0x18/0x20 <6>[ 243.248575] __irq_svc+0x9c/0xb8 <6>[ 243.252322] __sync_icache_dcache+0x78/0xbc <6>[ 243.256979] set_ptes+0x6c/0x70 <6>[ 243.260729] filemap_map_pages+0x1ec/0x5c8 <6>[ 243.265287] handle_mm_fault+0x918/0x1198 <6>[ 243.269846] do_page_fault+0x1ac/0x470 <6>[ 243.274102] do_PrefetchAbort+0x40/0xa0 <6>[ 243.278556] ret_from_exception+0x0/0x1c <1>[ 243.283009] Register r4 information: non-paged memory <1>[ 243.288266] Register r5 information: non-paged memory <1>[ 243.293620] Register r6 information: non-paged memory <1>[ 243.298973] Register r7 information: non-paged memory <1>[ 243.304326] Register r8 information: 2-page vmalloc region starting at 0xf27b8000 allocated at kernel_clone+0xac/0x388 <1>[ 243.315336] Register r9 information: slab task_struct start c8c61400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 243.329099] copy_process+0x1f4/0x1f64 <6>[ 243.333356] kernel_clone+0xac/0x388 <6>[ 243.337409] sys_clone+0x78/0x9c <6>[ 243.341162] ret_fast_syscall+0x0/0x1c <4>[ 243.345511] Free path: <6>[ 243.348242] rcu_core+0x2dc/0xb14 <6>[ 243.352093] handle_softirqs+0x15c/0x430 <6>[ 243.356550] irq_exit+0xac/0xd4 <6>[ 243.360202] call_with_stack+0x18/0x20 <6>[ 243.364464] __irq_svc+0x9c/0xb8 <6>[ 243.368212] __sync_icache_dcache+0x78/0xbc <6>[ 243.372970] set_ptes+0x6c/0x70 <6>[ 243.376622] filemap_map_pages+0x1ec/0x5c8 <6>[ 243.381279] handle_mm_fault+0x918/0x1198 <6>[ 243.385839] do_page_fault+0x1ac/0x470 <6>[ 243.390095] do_PrefetchAbort+0x40/0xa0 <6>[ 243.394445] ret_from_exception+0x0/0x1c <1>[ 243.398897] Register r10 information: non-slab/vmalloc memory <1>[ 243.404959] Register r11 information: 0-page vmalloc region starting at 0xf0eeb000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 243.417271] Register r12 information: NULL pointer <0>[ 243.422326] Process cat (pid: 4445, stack limit = 0xf27b8000) <0>[ 243.428381] Stack: (0xf27b9e20 to 0xf27ba000) <0>[ 243.433038] 9e20: c1f96a74 c1f96a74 c1f96a74 00000054 00000020 c03ca1b0 f27b9e5c c062137c <0>[ 243.441513] 9e40: 00000020 c17275ec f27b9e5c 00000020 b6fa4000 f27b9dec 00000001 00000001 <0>[ 243.449988] 9e60: c8c61440 c0e03574 00000022 00000000 f27b9dec 73696854 20736920 65742061 <0>[ 243.458462] 9e80: 0a2e7473 69685400 73692073 74206120 2e747365 05f28351 f27b9ebc 00000018 <0>[ 243.466936] 9ea0: c8fa8000 00000000 f27b9f80 c278c198 f27b9f80 c8e7ea40 004ffe38 c0e007ac <0>[ 243.475410] 9ec0: 00000018 c0e00b90 c0e00a74 c5877a40 b6e48000 00000018 c3a4f4b8 c0890ff0 <0>[ 243.483884] 9ee0: c5877a40 c0890f94 f27b9f80 b6e48000 c8c61440 00000018 c8e7ea40 c0628618 <0>[ 243.492358] 9f00: c5d92db8 00000000 00000000 00000000 00000000 00000018 b6e48000 0001ffe8 <0>[ 243.500829] 9f20: 00000001 00000000 c5877f40 00000000 00000000 00000000 00000000 00000000 <0>[ 243.509301] 9f40: 00000000 00000000 00000000 00000000 00000022 05f28351 00000000 c5877a40 <0>[ 243.517773] 9f60: c5877a40 00000000 00000000 c03002f0 c8c61440 00000004 004ffe38 c0628b74 <0>[ 243.526345] 9f80: 00000000 00000000 00000000 05f28351 000000c0 00000018 00000018 7ff00000 <0>[ 243.534818] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e48000 00000018 00000001 <0>[ 243.543290] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 <0>[ 243.551763] 9fe0: 00000004 beecf788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 243.560227] Call trace: <0>[ 243.560245] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 243.569363] __check_object_size from do_usercopy_stack+0x358/0x380 <0>[ 243.575845] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 243.581925] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 243.587707] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 243.593384] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 243.598861] vfs_write from ksys_write+0x78/0xf8 <0>[ 243.603738] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 243.609210] Exception stack(0xf27b9fa8 to 0xf27b9ff0) <0>[ 243.614568] 9fa0: 00000018 00000018 00000001 b6e48000 00000018 00000001 <0>[ 243.623041] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 <0>[ 243.631510] 9fe0: 00000004 beecf788 b6f0e33b b6e87616 <0>[ 243.636868] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) <4>[ 243.643223] ---[ end trace 0000000000000000 ]--- <6>[ 243.648070] note: cat[4445] exited with irqs disabled # Segmentation fault # [ 243.018494] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_TO # [ 243.023729] lkdtm: good_stack: f27b9e74-f27b9e94 # [ 243.028569] lkdtm: bad_stack : f27b9dec-f27b9e0c # [ 243.033790] lkdtm: attempting good copy_to_user of local stack # [ 243.039836] lkdtm: attempting bad copy_to_user of distant stack # [ 243.045786] usercopy: Kernel memory exposure attempt detected from process stack (offset 84, size 32)! # [ 243.059792] ------------[ cut here ]------------ # [ 243.063274] kernel BUG at mm/usercopy.c:102! # [ 243.067831] Internal error: Oops - BUG: 0 [#22] SMP ARM # [ 243.073390] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 243.109867] CPU: 0 UID: 0 PID: 4445 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 243.119461] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 243.124707] Hardware name: STM32 (Device Tree Support) # [ 243.130154] PC is at usercopy_abort+0x98/0x9c # [ 243.134728] LR is at usercopy_abort+0x98/0x9c # [ 243.139388] pc : [] lr : [] psr: 60080013 # [ 243.145944] sp : f27b9e20 ip : 00000000 fp : f0f0f0f1 # [ 243.151494] r10: c1a71d24 r9 : c8c61440 r8 : f27b9e0c # [ 243.156943] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : 00000054 # [ 243.163801] r3 : c8c61440 r2 : 00000000 r1 : 00000000 r0 : 0000005a # [ 243.170659] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 243.178023] Control: 10c5387d Table: c5d9006a DAC: 00000051 # [ 243.184074] Register r0 information: non-paged memory # [ 243.189434] Register r1 information: NULL pointer # [ 243.194385] Register r2 information: NULL pointer # [ 243.199436] Register r3 information: slab task_struct start c8c61400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 243.213110] copy_process+0x1f4/0x1f64 # [ 243.217366] kernel_clone+0xac/0x388 # [ 243.221521] sys_clone+0x78/0x9c # [ 243.225273] ret_fast_syscall+0x0/0x1c # [ 243.229524] Free path: # [ 243.232254] rcu_core+0x2dc/0xb14 # [ 243.236106] handle_softirqs+0x15c/0x430 # [ 243.240564] irq_exit+0xac/0xd4 # [ 243.244214] call_with_stack+0x18/0x20 # [ 243.248575] __irq_svc+0x9c/0xb8 # [ 243.252322] __sync_icache_dcache+0x78/0xbc # [ 243.256979] set_ptes+0x6c/0x70 # [ 243.260729] filemap_map_pages+0x1ec/0x5c8 # [ 243.265287] handle_mm_fault+0x918/0x1198 # [ 243.269846] do_page_fault+0x1ac/0x470 # [ 243.274102] do_PrefetchAbort+0x40/0xa0 # [ 243.278556] ret_from_exception+0x0/0x1c # [ 243.283009] Register r4 information: non-paged memory # [ 243.288266] Register r5 information: non-paged memory # [ 243.293620] Register r6 information: non-paged memory # [ 243.298973] Register r7 information: non-paged memory # [ 243.304326] Register r8 information: 2-page vmalloc region starting at 0xf27b8000 allocated at kernel_clone+0xac/0x388 # [ 243.315336] Register r9 information: slab task_struct start c8c61400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 243.329099] copy_process+0x1f4/0x1f64 # [ 243.333356] kernel_clone+0xac/0x388 # [ 243.337409] sys_clone+0x78/0x9c # [ 243.341162] ret_fast_syscall+0x0/0x1c # [ 243.345511] Free path: # [ 243.348242] rcu_core+0x2dc/0xb14 # [ 243.352093] handle_softirqs+0x15c/0x430 # [ 243.356550] irq_exit+0xac/0xd4 # [ 243.360202] call_with_stack+0x18/0x20 # [ 243.364464] __irq_svc+0x9c/0xb8 # [ 243.368212] __sync_icache_dcache+0x78/0xbc # [ 243.372970] set_ptes+0x6c/0x70 # [ 243.376622] filemap_map_pages+0x1ec/0x5c8 # [ 243.381279] handle_mm_fault+0x918/0x1198 # [ 243.385839] do_page_fault+0x1ac/0x470 # [ 243.390095] do_PrefetchAbort+0x40/0xa0 # [ 243.394445] ret_from_exception+0x0/0x1c # [ 243.398897] Register r10 information: non-slab/vmalloc memory # [ 243.404959] Register r11 information: 0-page vmalloc region starting at 0xf0eeb000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 243.417271] Register r12 information: NULL pointer # [ 243.422326] Process cat (pid: 4445, stack limit = 0xf27b8000) # [ 243.428381] Stack: (0xf27b9e20 to 0xf27ba000) # [ 243.433038] 9e20: c1f96a74 c1f96a74 c1f96a74 00000054 00000020 c03ca1b0 f27b9e5c c062137c # [ 243.441513] 9e40: 00000020 c17275ec f27b9e5c 00000020 b6fa4000 f27b9dec 00000001 00000001 # [ 243.449988] 9e60: c8c61440 c0e03574 00000022 00000000 f27b9dec 73696854 20736920 65742061 # [ 243.458462] 9e80: 0a2e7473 69685400 73692073 74206120 2e747365 05f28351 f27b9ebc 00000018 # [ 243.466936] 9ea0: c8fa8000 00000000 f27b9f80 c278c198 f27b9f80 c8e7ea40 004ffe38 c0e007ac # [ 243.475410] 9ec0: 00000018 c0e00b90 c0e00a74 c5877a40 b6e48000 00000018 c3a4f4b8 c0890ff0 # [ 243.483884] 9ee0: c5877a40 c0890f94 f27b9f80 b6e48000 c8c61440 00000018 c8e7ea40 c0628618 # [ 243.492358] 9f00: c5d92db8 00000000 00000000 00000000 00000000 00000018 b6e48000 0001ffe8 # [ 243.500829] 9f20: 00000001 00000000 c5877f40 00000000 00000000 00000000 00000000 00000000 # [ 243.509301] 9f40: 00000000 00000000 00000000 00000000 00000022 05f28351 00000000 c5877a40 # [ 243.517773] 9f60: c5877a40 00000000 00000000 c03002f0 c8c61440 00000004 004ffe38 c0628b74 # [ 243.526345] 9f80: 00000000 00000000 00000000 05f28351 000000c0 00000018 00000018 7ff00000 # [ 243.534818] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e48000 00000018 00000001 # [ 243.543290] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 # [ 243.551763] 9fe0: 00000004 beecf788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 243.560227] Call trace: # [ 243.560245] usercopy_abort from __check_object_size+0x164/0x310 # [ 243.569363] __check_object_size from do_usercopy_stack+0x358/0x380 # [ 243.575845] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 243.581925] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 243.587707] direct_entry from full_proxy_write+0x5c/0x8c # [ 243.593384] full_proxy_write from vfs_write+0xbc/0x3cc # [ 243.598861] vfs_write from ksys_write+0x78/0xf8 # [ 243.603738] ksys_write from ret_fast_syscall+0x0/0x1c # [ 243.609210] Exception stack(0xf27b9fa8 to 0xf27b9ff0) # [ 243.614568] 9fa0: 00000018 00000018 00000001 b6e48000 00000018 00000001 # [ 243.623041] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 # [ 243.631510] 9fe0: 00000004 beecf788 b6f0e33b b6e87616 # [ 243.636868] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) # [ 243.643223] ---[ end trace 0000000000000000 ]--- # [ 243.648070] note: cat[4445] exited with irqs disabled # USERCOPY_STACK_FRAME_TO: saw 'call trace:': ok ok 73 selftests: lkdtm: USERCOPY_STACK_FRAME_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_FRAME_FROM.sh <6>[ 245.620625] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_FROM <6>[ 245.626630] lkdtm: good_stack: f283de74-f283de94 <6>[ 245.631066] lkdtm: bad_stack : f283ddec-f283de0c <6>[ 245.636098] lkdtm: attempting good copy_from_user of local stack <6>[ 245.642207] lkdtm: attempting bad copy_from_user of distant stack <0>[ 245.648571] usercopy: Kernel memory overwrite attempt detected to process stack (offset 84, size 32)! <4>[ 245.660341] ------------[ cut here ]------------ <2>[ 245.663822] kernel BUG at mm/usercopy.c:102! <0>[ 245.668378] Internal error: Oops - BUG: 0 [#23] SMP ARM <4>[ 245.673936] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 245.710410] CPU: 0 UID: 0 PID: 4531 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 245.720001] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 245.725249] Hardware name: STM32 (Device Tree Support) <4>[ 245.730695] PC is at usercopy_abort+0x98/0x9c <4>[ 245.735269] LR is at usercopy_abort+0x98/0x9c <4>[ 245.739928] pc : [] lr : [] psr: 60080013 <4>[ 245.746484] sp : f283de20 ip : 00000000 fp : f0f0f0f1 <4>[ 245.752034] r10: c1a71d24 r9 : c8c63240 r8 : f283de0c <4>[ 245.757484] r7 : 00000000 r6 : 00000020 r5 : 00000020 r4 : 00000054 <4>[ 245.764341] r3 : c8c63240 r2 : 00000000 r1 : 00000000 r0 : 00000059 <4>[ 245.771100] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 245.778565] Control: 10c5387d Table: c5c9406a DAC: 00000051 <1>[ 245.784615] Register r0 information: non-paged memory <1>[ 245.789974] Register r1 information: NULL pointer <1>[ 245.794925] Register r2 information: NULL pointer <1>[ 245.799876] Register r3 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 245.813649] copy_process+0x1f4/0x1f64 <6>[ 245.817905] kernel_clone+0xac/0x388 <6>[ 245.822061] sys_clone+0x78/0x9c <6>[ 245.825813] ret_fast_syscall+0x0/0x1c <4>[ 245.830064] Free path: <6>[ 245.832794] rcu_core+0x2dc/0xb14 <6>[ 245.836647] handle_softirqs+0x15c/0x430 <6>[ 245.841106] irq_exit+0xac/0xd4 <6>[ 245.844759] call_with_stack+0x18/0x20 <6>[ 245.849021] __irq_svc+0x9c/0xb8 <6>[ 245.852769] unwind_frame+0x500/0x92c <6>[ 245.857028] arch_stack_walk+0x84/0x100 <6>[ 245.861379] stack_trace_save+0x50/0x78 <6>[ 245.865739] set_track_prepare+0x40/0x74 <6>[ 245.870197] ___slab_alloc+0xd28/0xd7c <6>[ 245.874455] __kmalloc_cache_noprof+0x128/0x3b0 <6>[ 245.879522] xprt_alloc_slot+0x144/0x194 <6>[ 245.883974] xprt_reserve+0x50/0xcc <6>[ 245.888022] __rpc_execute+0xc8/0x5d0 <6>[ 245.892181] rpc_async_schedule+0x24/0x40 <6>[ 245.896737] process_one_work+0x1b8/0x450 <1>[ 245.901293] Register r4 information: non-paged memory <1>[ 245.906648] Register r5 information: non-paged memory <1>[ 245.912000] Register r6 information: non-paged memory <1>[ 245.917353] Register r7 information: NULL pointer <1>[ 245.922303] Register r8 information: 2-page vmalloc region starting at 0xf283c000 allocated at kernel_clone+0xac/0x388 <1>[ 245.933312] Register r9 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 245.947076] copy_process+0x1f4/0x1f64 <6>[ 245.951331] kernel_clone+0xac/0x388 <6>[ 245.955385] sys_clone+0x78/0x9c <6>[ 245.959238] ret_fast_syscall+0x0/0x1c <4>[ 245.963487] Free path: <6>[ 245.966217] rcu_core+0x2dc/0xb14 <6>[ 245.970068] handle_softirqs+0x15c/0x430 <6>[ 245.974526] irq_exit+0xac/0xd4 <6>[ 245.978177] call_with_stack+0x18/0x20 <6>[ 245.982436] __irq_svc+0x9c/0xb8 <6>[ 245.986183] unwind_frame+0x500/0x92c <6>[ 245.990442] arch_stack_walk+0x84/0x100 <6>[ 245.994792] stack_trace_save+0x50/0x78 <6>[ 245.999150] set_track_prepare+0x40/0x74 <6>[ 246.003606] ___slab_alloc+0xd28/0xd7c <6>[ 246.007864] __kmalloc_cache_noprof+0x128/0x3b0 <6>[ 246.012928] xprt_alloc_slot+0x144/0x194 <6>[ 246.017379] xprt_reserve+0x50/0xcc <6>[ 246.021428] __rpc_execute+0xc8/0x5d0 <6>[ 246.025583] rpc_async_schedule+0x24/0x40 <6>[ 246.030139] process_one_work+0x1b8/0x450 <1>[ 246.034693] Register r10 information: non-slab/vmalloc memory <1>[ 246.040754] Register r11 information: 0-page vmalloc region starting at 0xf0eeb000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 246.053065] Register r12 information: NULL pointer <0>[ 246.058120] Process cat (pid: 4531, stack limit = 0xf283c000) <0>[ 246.064177] Stack: (0xf283de20 to 0xf283e000) <0>[ 246.068835] de20: c1f96a74 c1f96a74 c1f96a74 00000054 00000020 c03ca1b0 f283de5c c062137c <0>[ 246.077310] de40: 00000020 c17275ec f283de5c 00000020 b6f92000 f283ddec 00000001 00000000 <0>[ 246.085783] de60: c8c63240 c0e03548 00000022 00000000 f283ddec 00000000 00000000 00000000 <0>[ 246.094256] de80: 00000000 00000000 00000000 00000000 00000000 3d84fca7 f283debc 0000001a <0>[ 246.102730] dea0: c8de5000 00000000 f283df80 c278c1a0 f283df80 c8e7ea40 004ffe38 c0e007ac <0>[ 246.111204] dec0: 0000001a c0e00b90 c0e00a74 c5877e40 b6e34000 0000001a c3a4f4b8 c0890ff0 <0>[ 246.119679] dee0: c5877e40 c0890f94 f283df80 b6e34000 c8c63240 0000001a c8e7ea40 c0628618 <0>[ 246.128154] df00: c5c96db8 00000000 00000000 00000000 00000000 0000001a b6e34000 0001ffe6 <0>[ 246.136626] df20: 00000001 00000000 c5877740 00000000 00000000 00000000 00000000 00000000 <0>[ 246.145099] df40: 00000000 00000000 00000000 00000000 00000022 3d84fca7 00000000 c5877e40 <0>[ 246.153671] df60: c5877e40 00000000 00000000 c03002f0 c8c63240 00000004 004ffe38 c0628b74 <0>[ 246.162144] df80: 00000000 00000000 00000000 3d84fca7 000000c0 0000001a 0000001a 7ff00000 <0>[ 246.170617] dfa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e34000 0000001a 00000001 <0>[ 246.179091] dfc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e34000 00020000 004ffe38 <0>[ 246.187564] dfe0: 00000004 bea01788 b6efa33b b6e73616 60080030 00000001 00000000 00000000 <0>[ 246.196029] Call trace: <0>[ 246.196045] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 246.205162] __check_object_size from do_usercopy_stack+0x32c/0x380 <0>[ 246.211642] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 246.217722] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 246.223503] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 246.229180] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 246.234655] vfs_write from ksys_write+0x78/0xf8 <0>[ 246.239532] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 246.245004] Exception stack(0xf283dfa8 to 0xf283dff0) <0>[ 246.250361] dfa0: 0000001a 0000001a 00000001 b6e34000 0000001a 00000001 <0>[ 246.258835] dfc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e34000 00020000 004ffe38 <0>[ 246.267304] dfe0: 00000004 bea01788 b6efa33b b6e73616 <0>[ 246.272662] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) <4>[ 246.279018] ---[ end trace 0000000000000000 ]--- <6>[ 246.283865] note: cat[4531] exited with irqs disabled # Segmentation fault # [ 245.620625] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_FROM # [ 245.626630] lkdtm: good_stack: f283de74-f283de94 # [ 245.631066] lkdtm: bad_stack : f283ddec-f283de0c # [ 245.636098] lkdtm: attempting good copy_from_user of local stack # [ 245.642207] lkdtm: attempting bad copy_from_user of distant stack # [ 245.648571] usercopy: Kernel memory overwrite attempt detected to process stack (offset 84, size 32)! # [ 245.660341] ------------[ cut here ]------------ # [ 245.663822] kernel BUG at mm/usercopy.c:102! # [ 245.668378] Internal error: Oops - BUG: 0 [#23] SMP ARM # [ 245.673936] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 245.710410] CPU: 0 UID: 0 PID: 4531 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 245.720001] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 245.725249] Hardware name: STM32 (Device Tree Support) # [ 245.730695] PC is at usercopy_abort+0x98/0x9c # [ 245.735269] LR is at usercopy_abort+0x98/0x9c # [ 245.739928] pc : [] lr : [] psr: 60080013 # [ 245.746484] sp : f283de20 ip : 00000000 fp : f0f0f0f1 # [ 245.752034] r10: c1a71d24 r9 : c8c63240 r8 : f283de0c # [ 245.757484] r7 : 00000000 r6 : 00000020 r5 : 00000020 r4 : 00000054 # [ 245.764341] r3 : c8c63240 r2 : 00000000 r1 : 00000000 r0 : 00000059 # [ 245.771100] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 245.778565] Control: 10c5387d Table: c5c9406a DAC: 00000051 # [ 245.784615] Register r0 information: non-paged memory # [ 245.789974] Register r1 information: NULL pointer # [ 245.794925] Register r2 information: NULL pointer # [ 245.799876] Register r3 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 245.813649] copy_process+0x1f4/0x1f64 # [ 245.817905] kernel_clone+0xac/0x388 # [ 245.822061] sys_clone+0x78/0x9c # [ 245.825813] ret_fast_syscall+0x0/0x1c # [ 245.830064] Free path: # [ 245.832794] rcu_core+0x2dc/0xb14 # [ 245.836647] handle_softirqs+0x15c/0x430 # [ 245.841106] irq_exit+0xac/0xd4 # [ 245.844759] call_with_stack+0x18/0x20 # [ 245.849021] __irq_svc+0x9c/0xb8 # [ 245.852769] unwind_frame+0x500/0x92c # [ 245.857028] arch_stack_walk+0x84/0x100 # [ 245.861379] stack_trace_save+0x50/0x78 # [ 245.865739] set_track_prepare+0x40/0x74 # [ 245.870197] ___slab_alloc+0xd28/0xd7c # [ 245.874455] __kmalloc_cache_noprof+0x128/0x3b0 # [ 245.879522] xprt_alloc_slot+0x144/0x194 # [ 245.883974] xprt_reserve+0x50/0xcc # [ 245.888022] __rpc_execute+0xc8/0x5d0 # [ 245.892181] rpc_async_schedule+0x24/0x40 # [ 245.896737] process_one_work+0x1b8/0x450 # [ 245.901293] Register r4 information: non-paged memory # [ 245.906648] Register r5 information: non-paged memory # [ 245.912000] Register r6 information: non-paged memory # [ 245.917353] Register r7 information: NULL pointer # [ 245.922303] Register r8 information: 2-page vmalloc region starting at 0xf283c000 allocated at kernel_clone+0xac/0x388 # [ 245.933312] Register r9 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 245.947076] copy_process+0x1f4/0x1f64 # [ 245.951331] kernel_clone+0xac/0x388 # [ 245.955385] sys_clone+0x78/0x9c # [ 245.959238] ret_fast_syscall+0x0/0x1c # [ 245.963487] Free path: # [ 245.966217] rcu_core+0x2dc/0xb14 # [ 245.970068] handle_softirqs+0x15c/0x430 # [ 245.974526] irq_exit+0xac/0xd4 # [ 245.978177] call_with_stack+0x18/0x20 # [ 245.982436] __irq_svc+0x9c/0xb8 # [ 245.986183] unwind_frame+0x500/0x92c # [ 245.990442] arch_stack_walk+0x84/0x100 # [ 245.994792] stack_trace_save+0x50/0x78 # [ 245.999150] set_track_prepare+0x40/0x74 # [ 246.003606] ___slab_alloc+0xd28/0xd7c # [ 246.007864] __kmalloc_cache_noprof+0x128/0x3b0 # [ 246.012928] xprt_alloc_slot+0x144/0x194 # [ 246.017379] xprt_reserve+0x50/0xcc # [ 246.021428] __rpc_execute+0xc8/0x5d0 # [ 246.025583] rpc_async_schedule+0x24/0x40 # [ 246.030139] process_one_work+0x1b8/0x450 # [ 246.034693] Register r10 information: non-slab/vmalloc memory # [ 246.040754] Register r11 information: 0-page vmalloc region starting at 0xf0eeb000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 246.053065] Register r12 information: NULL pointer # [ 246.058120] Process cat (pid: 4531, stack limit = 0xf283c000) # [ 246.064177] Stack: (0xf283de20 to 0xf283e000) # [ 246.068835] de20: c1f96a74 c1f96a74 c1f96a74 00000054 00000020 c03ca1b0 f283de5c c062137c # [ 246.077310] de40: 00000020 c17275ec f283de5c 00000020 b6f92000 f283ddec 00000001 00000000 # [ 246.085783] de60: c8c63240 c0e03548 00000022 00000000 f283ddec 00000000 00000000 00000000 # [ 246.094256] de80: 00000000 00000000 00000000 00000000 00000000 3d84fca7 f283debc 0000001a # [ 246.102730] dea0: c8de5000 00000000 f283df80 c278c1a0 f283df80 c8e7ea40 004ffe38 c0e007ac # [ 246.111204] dec0: 0000001a c0e00b90 c0e00a74 c5877e40 b6e34000 0000001a c3a4f4b8 c0890ff0 # [ 246.119679] dee0: c5877e40 c0890f94 f283df80 b6e34000 c8c63240 0000001a c8e7ea40 c0628618 # [ 246.128154] df00: c5c96db8 00000000 00000000 00000000 00000000 0000001a b6e34000 0001ffe6 # [ 246.136626] df20: 00000001 00000000 c5877740 00000000 00000000 00000000 00000000 00000000 # [ 246.145099] df40: 00000000 00000000 00000000 00000000 00000022 3d84fca7 00000000 c5877e40 # [ 246.153671] df60: c5877e40 00000000 00000000 c03002f0 c8c63240 00000004 004ffe38 c0628b74 # [ 246.162144] df80: 00000000 00000000 00000000 3d84fca7 000000c0 0000001a 0000001a 7ff00000 # [ 246.170617] dfa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e34000 0000001a 00000001 # [ 246.179091] dfc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e34000 00020000 004ffe38 # [ 246.187564] dfe0: 00000004 bea01788 b6efa33b b6e73616 60080030 00000001 00000000 00000000 # [ 246.196029] Call trace: # [ 246.196045] usercopy_abort from __check_object_size+0x164/0x310 # [ 246.205162] __check_object_size from do_usercopy_stack+0x32c/0x380 # [ 246.211642] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 246.217722] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 246.223503] direct_entry from full_proxy_write+0x5c/0x8c # [ 246.229180] full_proxy_write from vfs_write+0xbc/0x3cc # [ 246.234655] vfs_write from ksys_write+0x78/0xf8 # [ 246.239532] ksys_write from ret_fast_syscall+0x0/0x1c # [ 246.245004] Exception stack(0xf283dfa8 to 0xf283dff0) # [ 246.250361] dfa0: 0000001a 0000001a 00000001 b6e34000 0000001a 00000001 # [ 246.258835] dfc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e34000 00020000 004ffe38 # [ 246.267304] dfe0: 00000004 bea01788 b6efa33b b6e73616 # [ 246.272662] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) # [ 246.279018] ---[ end trace 0000000000000000 ]--- # [ 246.283865] note: cat[4531] exited with irqs disabled # USERCOPY_STACK_FRAME_FROM: saw 'call trace:': ok ok 74 selftests: lkdtm: USERCOPY_STACK_FRAME_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_BEYOND.sh <6>[ 248.348553] lkdtm: Performing direct entry USERCOPY_STACK_BEYOND <6>[ 248.353581] lkdtm: good_stack: f28dde74-f28dde94 <6>[ 248.358455] lkdtm: bad_stack : f28ddffc-f28de01c <6>[ 248.363621] lkdtm: attempting good copy_to_user of local stack <6>[ 248.369574] lkdtm: attempting bad copy_to_user of distant stack <0>[ 248.375635] usercopy: Kernel memory exposure attempt detected from process stack (offset 4294966852, size 32)! <4>[ 248.386047] ------------[ cut here ]------------ <2>[ 248.390820] kernel BUG at mm/usercopy.c:102! <0>[ 248.395377] Internal error: Oops - BUG: 0 [#24] SMP ARM <4>[ 248.400841] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 248.437327] CPU: 1 UID: 0 PID: 4617 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 248.446929] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 248.452178] Hardware name: STM32 (Device Tree Support) <4>[ 248.457625] PC is at usercopy_abort+0x98/0x9c <4>[ 248.462200] LR is at usercopy_abort+0x98/0x9c <4>[ 248.466859] pc : [] lr : [] psr: 60080013 <4>[ 248.473417] sp : f28dde20 ip : 00000000 fp : f0f0f0f1 <4>[ 248.478968] r10: c1a71d24 r9 : c8c60a40 r8 : f28de01c <4>[ 248.484418] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : fffffe44 <4>[ 248.491278] r3 : c8c60a40 r2 : 00000000 r1 : 00000000 r0 : 00000062 <4>[ 248.498039] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 248.505506] Control: 10c5387d Table: c5fe406a DAC: 00000051 <1>[ 248.511557] Register r0 information: non-paged memory <1>[ 248.516919] Register r1 information: NULL pointer <1>[ 248.521870] Register r2 information: NULL pointer <1>[ 248.526821] Register r3 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 248.540596] copy_process+0x1f4/0x1f64 <6>[ 248.544853] kernel_clone+0xac/0x388 <6>[ 248.549009] sys_clone+0x78/0x9c <6>[ 248.552761] ret_fast_syscall+0x0/0x1c <4>[ 248.557011] Free path: <6>[ 248.559741] rcu_core+0x2dc/0xb14 <6>[ 248.563594] handle_softirqs+0x15c/0x430 <6>[ 248.568053] irq_exit+0xac/0xd4 <6>[ 248.571703] call_with_stack+0x18/0x20 <6>[ 248.575964] __irq_svc+0x9c/0xb8 <6>[ 248.579711] tcp_options_write.constprop.0+0x6c/0x278 <6>[ 248.585379] __tcp_transmit_skb+0x398/0xd68 <6>[ 248.590038] tcp_write_xmit+0x378/0x18bc <6>[ 248.594496] __tcp_push_pending_frames+0x38/0x11c <6>[ 248.599759] tcp_sock_set_cork+0x44/0x50 <6>[ 248.604211] xs_tcp_send_request+0x1e0/0x288 <6>[ 248.609068] xprt_transmit+0x1a0/0x4a0 <6>[ 248.613318] call_transmit+0x80/0x8c <6>[ 248.617475] __rpc_execute+0xc8/0x5d0 <6>[ 248.621639] rpc_execute+0xa4/0x14c <6>[ 248.625693] rpc_run_task+0x170/0x1b8 <1>[ 248.629853] Register r4 information: non-paged memory <1>[ 248.635215] Register r5 information: non-paged memory <1>[ 248.640471] Register r6 information: non-paged memory <1>[ 248.645824] Register r7 information: non-paged memory <1>[ 248.651177] Register r8 information: vmalloc memory <1>[ 248.656331] Register r9 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 248.670107] copy_process+0x1f4/0x1f64 <6>[ 248.674364] kernel_clone+0xac/0x388 <6>[ 248.678419] sys_clone+0x78/0x9c <6>[ 248.682171] ret_fast_syscall+0x0/0x1c <4>[ 248.686524] Free path: <6>[ 248.689255] rcu_core+0x2dc/0xb14 <6>[ 248.693008] handle_softirqs+0x15c/0x430 <6>[ 248.697467] irq_exit+0xac/0xd4 <6>[ 248.701218] call_with_stack+0x18/0x20 <6>[ 248.705481] __irq_svc+0x9c/0xb8 <6>[ 248.709228] tcp_options_write.constprop.0+0x6c/0x278 <6>[ 248.714796] __tcp_transmit_skb+0x398/0xd68 <6>[ 248.719555] tcp_write_xmit+0x378/0x18bc <6>[ 248.724013] __tcp_push_pending_frames+0x38/0x11c <6>[ 248.729277] tcp_sock_set_cork+0x44/0x50 <6>[ 248.733728] xs_tcp_send_request+0x1e0/0x288 <6>[ 248.738485] xprt_transmit+0x1a0/0x4a0 <6>[ 248.742834] call_transmit+0x80/0x8c <6>[ 248.746890] __rpc_execute+0xc8/0x5d0 <6>[ 248.751147] rpc_execute+0xa4/0x14c <6>[ 248.755101] rpc_run_task+0x170/0x1b8 <1>[ 248.759358] Register r10 information: non-slab/vmalloc memory <1>[ 248.765320] Register r11 information: 0-page vmalloc region starting at 0xf0eeb000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 248.777733] Register r12 information: NULL pointer <0>[ 248.782786] Process cat (pid: 4617, stack limit = 0xf28dc000) <0>[ 248.788743] Stack: (0xf28dde20 to 0xf28de000) <0>[ 248.793400] de20: c1f96a74 c1f96a74 c1f96a74 fffffe44 00000020 c03ca1b0 f28dde5c c062137c <0>[ 248.801877] de40: 00000020 c17275ec f28dde5c 00000020 b6f3e000 f28ddffc 00000000 00000001 <0>[ 248.810352] de60: c8c60a40 c0e03574 00000022 00000000 f28ddffc 73696854 20736920 65742061 <0>[ 248.818827] de80: 0a2e7473 69685400 73692073 74206120 2e747365 5d04232f f28ddebc 00000016 <0>[ 248.827403] dea0: c7d48000 00000000 f28ddf80 c278c1a8 f28ddf80 c8e7ea40 004cfe38 c0e007ac <0>[ 248.835877] dec0: 00000016 c0e00b90 c0e00a74 c5877a40 b6dd8000 00000016 c3a4f4b8 c0890ff0 <0>[ 248.844351] dee0: c5877a40 c0890f94 f28ddf80 b6dd8000 c8c60a40 00000016 c8e7ea40 c0628618 <0>[ 248.852823] df00: c5fe6db0 00000000 00000000 00000000 00000000 00000016 b6dd8000 0001ffea <0>[ 248.861295] df20: 00000001 00000000 c5877b40 00000000 00000000 00000000 00000000 00000000 <0>[ 248.869767] df40: 00000000 00000000 00000000 00000000 00000022 5d04232f 00000000 c5877a40 <0>[ 248.878240] df60: c5877a40 00000000 00000000 c03002f0 c8c60a40 00000004 004cfe38 c0628b74 <0>[ 248.886712] df80: 00000000 00000000 00000000 5d04232f 000000c0 00000016 00000016 7ff00000 <0>[ 248.895185] dfa0: 00000004 c03000c0 00000016 00000016 00000001 b6dd8000 00000016 00000001 <0>[ 248.903660] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 004cfe38 <0>[ 248.912134] dfe0: 00000004 beed6788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 248.920599] Call trace: <0>[ 248.920614] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 248.929731] __check_object_size from do_usercopy_stack+0x358/0x380 <0>[ 248.936312] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 248.942292] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 248.948074] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 248.953750] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 248.959226] vfs_write from ksys_write+0x78/0xf8 <0>[ 248.964202] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 248.969575] Exception stack(0xf28ddfa8 to 0xf28ddff0) <0>[ 248.974933] dfa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 <0>[ 248.983407] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 004cfe38 <0>[ 248.991876] dfe0: 00000004 beed6788 b6e9e33b b6e17616 <0>[ 248.997234] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) <4>[ 249.003590] ---[ end trace 0000000000000000 ]--- <6>[ 249.008538] note: cat[4617] exited with irqs disabled # Segmentation fault # [ 248.348553] lkdtm: Performing direct entry USERCOPY_STACK_BEYOND # [ 248.353581] lkdtm: good_stack: f28dde74-f28dde94 # [ 248.358455] lkdtm: bad_stack : f28ddffc-f28de01c # [ 248.363621] lkdtm: attempting good copy_to_user of local stack # [ 248.369574] lkdtm: attempting bad copy_to_user of distant stack # [ 248.375635] usercopy: Kernel memory exposure attempt detected from process stack (offset 4294966852, size 32)! # [ 248.386047] ------------[ cut here ]------------ # [ 248.390820] kernel BUG at mm/usercopy.c:102! # [ 248.395377] Internal error: Oops - BUG: 0 [#24] SMP ARM # [ 248.400841] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 248.437327] CPU: 1 UID: 0 PID: 4617 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 248.446929] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 248.452178] Hardware name: STM32 (Device Tree Support) # [ 248.457625] PC is at usercopy_abort+0x98/0x9c # [ 248.462200] LR is at usercopy_abort+0x98/0x9c # [ 248.466859] pc : [] lr : [] psr: 60080013 # [ 248.473417] sp : f28dde20 ip : 00000000 fp : f0f0f0f1 # [ 248.478968] r10: c1a71d24 r9 : c8c60a40 r8 : f28de01c # [ 248.484418] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : fffffe44 # [ 248.491278] r3 : c8c60a40 r2 : 00000000 r1 : 00000000 r0 : 00000062 # [ 248.498039] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 248.505506] Control: 10c5387d Table: c5fe406a DAC: 00000051 # [ 248.511557] Register r0 information: non-paged memory # [ 248.516919] Register r1 information: NULL pointer # [ 248.521870] Register r2 information: NULL pointer # [ 248.526821] Register r3 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 248.540596] copy_process+0x1f4/0x1f64 # [ 248.544853] kernel_clone+0xac/0x388 # [ 248.549009] sys_clone+0x78/0x9c # [ 248.552761] ret_fast_syscall+0x0/0x1c # [ 248.557011] Free path: # [ 248.559741] rcu_core+0x2dc/0xb14 # [ 248.563594] handle_softirqs+0x15c/0x430 # [ 248.568053] irq_exit+0xac/0xd4 # [ 248.571703] call_with_stack+0x18/0x20 # [ 248.575964] __irq_svc+0x9c/0xb8 # [ 248.579711] tcp_options_write.constprop.0+0x6c/0x278 # [ 248.585379] __tcp_transmit_skb+0x398/0xd68 # [ 248.590038] tcp_write_xmit+0x378/0x18bc # [ 248.594496] __tcp_push_pending_frames+0x38/0x11c # [ 248.599759] tcp_sock_set_cork+0x44/0x50 # [ 248.604211] xs_tcp_send_request+0x1e0/0x288 # [ 248.609068] xprt_transmit+0x1a0/0x4a0 # [ 248.613318] call_transmit+0x80/0x8c # [ 248.617475] __rpc_execute+0xc8/0x5d0 # [ 248.621639] rpc_execute+0xa4/0x14c # [ 248.625693] rpc_run_task+0x170/0x1b8 # [ 248.629853] Register r4 information: non-paged memory # [ 248.635215] Register r5 information: non-paged memory # [ 248.640471] Register r6 information: non-paged memory # [ 248.645824] Register r7 information: non-paged memory # [ 248.651177] Register r8 information: vmalloc memory # [ 248.656331] Register r9 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 248.670107] copy_process+0x1f4/0x1f64 # [ 248.674364] kernel_clone+0xac/0x388 # [ 248.678419] sys_clone+0x78/0x9c # [ 248.682171] ret_fast_syscall+0x0/0x1c # [ 248.686524] Free path: # [ 248.689255] rcu_core+0x2dc/0xb14 # [ 248.693008] handle_softirqs+0x15c/0x430 # [ 248.697467] irq_exit+0xac/0xd4 # [ 248.701218] call_with_stack+0x18/0x20 # [ 248.705481] __irq_svc+0x9c/0xb8 # [ 248.709228] tcp_options_write.constprop.0+0x6c/0x278 # [ 248.714796] __tcp_transmit_skb+0x398/0xd68 # [ 248.719555] tcp_write_xmit+0x378/0x18bc # [ 248.724013] __tcp_push_pending_frames+0x38/0x11c # [ 248.729277] tcp_sock_set_cork+0x44/0x50 # [ 248.733728] xs_tcp_send_request+0x1e0/0x288 # [ 248.738485] xprt_transmit+0x1a0/0x4a0 # [ 248.742834] call_transmit+0x80/0x8c # [ 248.746890] __rpc_execute+0xc8/0x5d0 # [ 248.751147] rpc_execute+0xa4/0x14c # [ 248.755101] rpc_run_task+0x170/0x1b8 # [ 248.759358] Register r10 information: non-slab/vmalloc memory # [ 248.765320] Register r11 information: 0-page vmalloc region starting at 0xf0eeb000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 248.777733] Register r12 information: NULL pointer # [ 248.782786] Process cat (pid: 4617, stack limit = 0xf28dc000) # [ 248.788743] Stack: (0xf28dde20 to 0xf28de000) # [ 248.793400] de20: c1f96a74 c1f96a74 c1f96a74 fffffe44 00000020 c03ca1b0 f28dde5c c062137c # [ 248.801877] de40: 00000020 c17275ec f28dde5c 00000020 b6f3e000 f28ddffc 00000000 00000001 # [ 248.810352] de60: c8c60a40 c0e03574 00000022 00000000 f28ddffc 73696854 20736920 65742061 # [ 248.818827] de80: 0a2e7473 69685400 73692073 74206120 2e747365 5d04232f f28ddebc 00000016 # [ 248.827403] dea0: c7d48000 00000000 f28ddf80 c278c1a8 f28ddf80 c8e7ea40 004cfe38 c0e007ac # [ 248.835877] dec0: 00000016 c0e00b90 c0e00a74 c5877a40 b6dd8000 00000016 c3a4f4b8 c0890ff0 # [ 248.844351] dee0: c5877a40 c0890f94 f28ddf80 b6dd8000 c8c60a40 00000016 c8e7ea40 c0628618 # [ 248.852823] df00: c5fe6db0 00000000 00000000 00000000 00000000 00000016 b6dd8000 0001ffea # [ 248.861295] df20: 00000001 00000000 c5877b40 00000000 00000000 00000000 00000000 00000000 # [ 248.869767] df40: 00000000 00000000 00000000 00000000 00000022 5d04232f 00000000 c5877a40 # [ 248.878240] df60: c5877a40 00000000 00000000 c03002f0 c8c60a40 00000004 004cfe38 c0628b74 # [ 248.886712] df80: 00000000 00000000 00000000 5d04232f 000000c0 00000016 00000016 7ff00000 # [ 248.895185] dfa0: 00000004 c03000c0 00000016 00000016 00000001 b6dd8000 00000016 00000001 # [ 248.903660] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 004cfe38 # [ 248.912134] dfe0: 00000004 beed6788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 248.920599] Call trace: # [ 248.920614] usercopy_abort from __check_object_size+0x164/0x310 # [ 248.929731] __check_object_size from do_usercopy_stack+0x358/0x380 # [ 248.936312] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 248.942292] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 248.948074] direct_entry from full_proxy_write+0x5c/0x8c # [ 248.953750] full_proxy_write from vfs_write+0xbc/0x3cc # [ 248.959226] vfs_write from ksys_write+0x78/0xf8 # [ 248.964202] ksys_write from ret_fast_syscall+0x0/0x1c # [ 248.969575] Exception stack(0xf28ddfa8 to 0xf28ddff0) # [ 248.974933] dfa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 # [ 248.983407] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 004cfe38 # [ 248.991876] dfe0: 00000004 beed6788 b6e9e33b b6e17616 # [ 248.997234] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) # [ 249.003590] ---[ end trace 0000000000000000 ]--- # [ 249.008538] note: cat[4617] exited with irqs disabled # USERCOPY_STACK_BEYOND: saw 'call trace:': ok ok 75 selftests: lkdtm: USERCOPY_STACK_BEYOND.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_KERNEL.sh <6>[ 251.028939] lkdtm: Performing direct entry USERCOPY_KERNEL <6>[ 251.033601] lkdtm: attempting good copy_to_user from kernel rodata: c1a71d24 <6>[ 251.040928] lkdtm: attempting bad copy_to_user from kernel text: c059d5c8 <0>[ 251.047934] usercopy: Kernel memory exposure attempt detected from kernel text (offset 2741704, size 4096)! <4>[ 251.057929] ------------[ cut here ]------------ <2>[ 251.062689] kernel BUG at mm/usercopy.c:102! <0>[ 251.067241] Internal error: Oops - BUG: 0 [#25] SMP ARM <4>[ 251.072800] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 251.109274] CPU: 0 UID: 0 PID: 4704 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 251.118865] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 251.124110] Hardware name: STM32 (Device Tree Support) <4>[ 251.129557] PC is at usercopy_abort+0x98/0x9c <4>[ 251.134131] LR is at usercopy_abort+0x98/0x9c <4>[ 251.138789] pc : [] lr : [] psr: 60080013 <4>[ 251.145347] sp : f2955e60 ip : 00000000 fp : 0042fe38 <4>[ 251.150796] r10: c8e7ea40 r9 : f2955f80 r8 : c059e5c8 <4>[ 251.156346] r7 : 00000001 r6 : 00001000 r5 : 00001000 r4 : 0029d5c8 <4>[ 251.163204] r3 : c8c66e40 r2 : 00000000 r1 : 00000000 r0 : 0000005f <4>[ 251.169962] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 251.177426] Control: 10c5387d Table: c5a0c06a DAC: 00000051 <1>[ 251.183476] Register r0 information: non-paged memory <1>[ 251.188835] Register r1 information: NULL pointer <1>[ 251.193788] Register r2 information: NULL pointer <1>[ 251.198739] Register r3 information: slab task_struct start c8c66e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 251.212512] copy_process+0x1f4/0x1f64 <6>[ 251.216769] kernel_clone+0xac/0x388 <6>[ 251.220923] sys_clone+0x78/0x9c <6>[ 251.224676] ret_fast_syscall+0x0/0x1c <4>[ 251.228926] Free path: <6>[ 251.231656] rcu_core+0x2dc/0xb14 <6>[ 251.235509] handle_softirqs+0x15c/0x430 <6>[ 251.239967] irq_exit+0xac/0xd4 <6>[ 251.243618] call_with_stack+0x18/0x20 <6>[ 251.247880] __irq_svc+0x9c/0xb8 <6>[ 251.251629] search_index+0x5c/0xd8 <6>[ 251.255687] unwind_frame+0x94/0x92c <6>[ 251.259745] arch_stack_walk+0x84/0x100 <6>[ 251.264198] stack_trace_save+0x50/0x78 <6>[ 251.268557] set_track_prepare+0x40/0x74 <6>[ 251.273016] ___slab_alloc+0xd28/0xd7c <6>[ 251.277273] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 251.282436] security_file_alloc+0x30/0xf0 <6>[ 251.287095] init_file+0x48/0xd0 <6>[ 251.290841] alloc_empty_file+0x78/0x13c <6>[ 251.295292] path_openat+0x3c/0x1198 <1>[ 251.299345] Register r4 information: non-paged memory <1>[ 251.304702] Register r5 information: non-paged memory <1>[ 251.310056] Register r6 information: non-paged memory <1>[ 251.315408] Register r7 information: non-paged memory <1>[ 251.320761] Register r8 information: non-slab/vmalloc memory <1>[ 251.326720] Register r9 information: 2-page vmalloc region starting at 0xf2954000 allocated at kernel_clone+0xac/0x388 <1>[ 251.337733] Register r10 information: slab kmalloc-192 start c8e7ea00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 251.351593] full_proxy_open+0x124/0x24c <6>[ 251.356043] do_dentry_open+0x144/0x4dc <6>[ 251.360398] vfs_open+0x2c/0xec <6>[ 251.364050] path_openat+0x748/0x1198 <6>[ 251.368301] do_filp_open+0x98/0x134 <6>[ 251.372359] do_sys_openat2+0xbc/0xe4 <6>[ 251.376624] sys_openat+0x98/0xd4 <6>[ 251.380487] ret_fast_syscall+0x0/0x1c <4>[ 251.384744] Free path: <6>[ 251.387476] nfs_pgio_header_free+0x34/0x48 <6>[ 251.392139] nfs_write_completion+0x60/0x240 <6>[ 251.396992] rpc_free_task+0x34/0x54 <6>[ 251.401050] rpc_async_release+0x24/0x40 <6>[ 251.405507] process_one_work+0x1b8/0x450 <6>[ 251.410064] worker_thread+0x1d4/0x3c4 <6>[ 251.414316] kthread+0xe8/0x104 <6>[ 251.418064] ret_from_fork+0x14/0x28 <1>[ 251.422111] Register r11 information: non-paged memory <1>[ 251.427569] Register r12 information: NULL pointer <0>[ 251.432621] Process cat (pid: 4704, stack limit = 0xf2954000) <0>[ 251.438678] Stack: (0xf2955e60 to 0xf2956000) <0>[ 251.443336] 5e60: c1f96a74 c1f96a74 c1f96a74 0029d5c8 00001000 c0317008 c059d5c8 c062150c <0>[ 251.451811] 5e80: 00001000 c17275ec f2955e9c b6fa8000 00001000 00000011 f2955f80 c278c1c0 <0>[ 251.460286] 5ea0: f2955f80 c0e027b4 00000022 00000000 00000010 c5a91000 00000000 c0e007ac <0>[ 251.468760] 5ec0: 00000010 c0e00b90 c0e00a74 c5877d40 b6e48000 00000010 c3a4f4b8 c0890ff0 <0>[ 251.477235] 5ee0: c5877d40 c0890f94 f2955f80 b6e48000 c8c66e40 00000010 c8e7ea40 c0628618 <0>[ 251.485709] 5f00: c5a0edb8 00000000 00000000 00000000 00000000 00000010 b6e48000 0001fff0 <0>[ 251.494180] 5f20: 00000001 00000000 c5877540 00000000 00000000 00000000 00000000 00000000 <0>[ 251.502653] 5f40: 00000000 00000000 00000000 00000000 00000022 a402acae 00000000 c5877d40 <0>[ 251.511127] 5f60: c5877d40 00000000 00000000 c03002f0 c8c66e40 00000004 0042fe38 c0628b74 <0>[ 251.519599] 5f80: 00000000 00000000 00000000 a402acae 000000c0 00000010 00000010 7ff00000 <0>[ 251.528072] 5fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e48000 00000010 00000001 <0>[ 251.536646] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 0042fe38 <0>[ 251.545119] 5fe0: 00000004 be9f7788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 251.553583] Call trace: <0>[ 251.553600] usercopy_abort from __check_object_size+0x2f4/0x310 <0>[ 251.562618] __check_object_size from lkdtm_USERCOPY_KERNEL+0x15c/0x1f8 <0>[ 251.569601] lkdtm_USERCOPY_KERNEL from lkdtm_do_action+0x24/0x4c <0>[ 251.575984] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 251.581669] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 251.587345] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 251.592924] vfs_write from ksys_write+0x78/0xf8 <0>[ 251.597801] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 251.603173] Exception stack(0xf2955fa8 to 0xf2955ff0) <0>[ 251.608531] 5fa0: 00000010 00000010 00000001 b6e48000 00000010 00000001 <0>[ 251.617006] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 0042fe38 <0>[ 251.625475] 5fe0: 00000004 be9f7788 b6f0e33b b6e87616 <0>[ 251.630833] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) <4>[ 251.637190] ---[ end trace 0000000000000000 ]--- <6>[ 251.642137] note: cat[4704] exited with irqs disabled # Segmentation fault # [ 251.028939] lkdtm: Performing direct entry USERCOPY_KERNEL # [ 251.033601] lkdtm: attempting good copy_to_user from kernel rodata: c1a71d24 # [ 251.040928] lkdtm: attempting bad copy_to_user from kernel text: c059d5c8 # [ 251.047934] usercopy: Kernel memory exposure attempt detected from kernel text (offset 2741704, size 4096)! # [ 251.057929] ------------[ cut here ]------------ # [ 251.062689] kernel BUG at mm/usercopy.c:102! # [ 251.067241] Internal error: Oops - BUG: 0 [#25] SMP ARM # [ 251.072800] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 251.109274] CPU: 0 UID: 0 PID: 4704 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 251.118865] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 251.124110] Hardware name: STM32 (Device Tree Support) # [ 251.129557] PC is at usercopy_abort+0x98/0x9c # [ 251.134131] LR is at usercopy_abort+0x98/0x9c # [ 251.138789] pc : [] lr : [] psr: 60080013 # [ 251.145347] sp : f2955e60 ip : 00000000 fp : 0042fe38 # [ 251.150796] r10: c8e7ea40 r9 : f2955f80 r8 : c059e5c8 # [ 251.156346] r7 : 00000001 r6 : 00001000 r5 : 00001000 r4 : 0029d5c8 # [ 251.163204] r3 : c8c66e40 r2 : 00000000 r1 : 00000000 r0 : 0000005f # [ 251.169962] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 251.177426] Control: 10c5387d Table: c5a0c06a DAC: 00000051 # [ 251.183476] Register r0 information: non-paged memory # [ 251.188835] Register r1 information: NULL pointer # [ 251.193788] Register r2 information: NULL pointer # [ 251.198739] Register r3 information: slab task_struct start c8c66e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 251.212512] copy_process+0x1f4/0x1f64 # [ 251.216769] kernel_clone+0xac/0x388 # [ 251.220923] sys_clone+0x78/0x9c # [ 251.224676] ret_fast_syscall+0x0/0x1c # [ 251.228926] Free path: # [ 251.231656] rcu_core+0x2dc/0xb14 # [ 251.235509] handle_softirqs+0x15c/0x430 # [ 251.239967] irq_exit+0xac/0xd4 # [ 251.243618] call_with_stack+0x18/0x20 # [ 251.247880] __irq_svc+0x9c/0xb8 # [ 251.251629] search_index+0x5c/0xd8 # [ 251.255687] unwind_frame+0x94/0x92c # [ 251.259745] arch_stack_walk+0x84/0x100 # [ 251.264198] stack_trace_save+0x50/0x78 # [ 251.268557] set_track_prepare+0x40/0x74 # [ 251.273016] ___slab_alloc+0xd28/0xd7c # [ 251.277273] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 251.282436] security_file_alloc+0x30/0xf0 # [ 251.287095] init_file+0x48/0xd0 # [ 251.290841] alloc_empty_file+0x78/0x13c # [ 251.295292] path_openat+0x3c/0x1198 # [ 251.299345] Register r4 information: non-paged memory # [ 251.304702] Register r5 information: non-paged memory # [ 251.310056] Register r6 information: non-paged memory # [ 251.315408] Register r7 information: non-paged memory # [ 251.320761] Register r8 information: non-slab/vmalloc memory # [ 251.326720] Register r9 information: 2-page vmalloc region starting at 0xf2954000 allocated at kernel_clone+0xac/0x388 # [ 251.337733] Register r10 information: slab kmalloc-192 start c8e7ea00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 251.351593] full_proxy_open+0x124/0x24c # [ 251.356043] do_dentry_open+0x144/0x4dc # [ 251.360398] vfs_open+0x2c/0xec # [ 251.364050] path_openat+0x748/0x1198 # [ 251.368301] do_filp_open+0x98/0x134 # [ 251.372359] do_sys_openat2+0xbc/0xe4 # [ 251.376624] sys_openat+0x98/0xd4 # [ 251.380487] ret_fast_syscall+0x0/0x1c # [ 251.384744] Free path: # [ 251.387476] nfs_pgio_header_free+0x34/0x48 # [ 251.392139] nfs_write_completion+0x60/0x240 # [ 251.396992] rpc_free_task+0x34/0x54 # [ 251.401050] rpc_async_release+0x24/0x40 # [ 251.405507] process_one_work+0x1b8/0x450 # [ 251.410064] worker_thread+0x1d4/0x3c4 # [ 251.414316] kthread+0xe8/0x104 # [ 251.418064] ret_from_fork+0x14/0x28 # [ 251.422111] Register r11 information: non-paged memory # [ 251.427569] Register r12 information: NULL pointer # [ 251.432621] Process cat (pid: 4704, stack limit = 0xf2954000) # [ 251.438678] Stack: (0xf2955e60 to 0xf2956000) # [ 251.443336] 5e60: c1f96a74 c1f96a74 c1f96a74 0029d5c8 00001000 c0317008 c059d5c8 c062150c # [ 251.451811] 5e80: 00001000 c17275ec f2955e9c b6fa8000 00001000 00000011 f2955f80 c278c1c0 # [ 251.460286] 5ea0: f2955f80 c0e027b4 00000022 00000000 00000010 c5a91000 00000000 c0e007ac # [ 251.468760] 5ec0: 00000010 c0e00b90 c0e00a74 c5877d40 b6e48000 00000010 c3a4f4b8 c0890ff0 # [ 251.477235] 5ee0: c5877d40 c0890f94 f2955f80 b6e48000 c8c66e40 00000010 c8e7ea40 c0628618 # [ 251.485709] 5f00: c5a0edb8 00000000 00000000 00000000 00000000 00000010 b6e48000 0001fff0 # [ 251.494180] 5f20: 00000001 00000000 c5877540 00000000 00000000 00000000 00000000 00000000 # [ 251.502653] 5f40: 00000000 00000000 00000000 00000000 00000022 a402acae 00000000 c5877d40 # [ 251.511127] 5f60: c5877d40 00000000 00000000 c03002f0 c8c66e40 00000004 0042fe38 c0628b74 # [ 251.519599] 5f80: 00000000 00000000 00000000 a402acae 000000c0 00000010 00000010 7ff00000 # [ 251.528072] 5fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e48000 00000010 00000001 # [ 251.536646] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 0042fe38 # [ 251.545119] 5fe0: 00000004 be9f7788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 251.553583] Call trace: # [ 251.553600] usercopy_abort from __check_object_size+0x2f4/0x310 # [ 251.562618] __check_object_size from lkdtm_USERCOPY_KERNEL+0x15c/0x1f8 # [ 251.569601] lkdtm_USERCOPY_KERNEL from lkdtm_do_action+0x24/0x4c # [ 251.575984] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 251.581669] direct_entry from full_proxy_write+0x5c/0x8c # [ 251.587345] full_proxy_write from vfs_write+0xbc/0x3cc # [ 251.592924] vfs_write from ksys_write+0x78/0xf8 # [ 251.597801] ksys_write from ret_fast_syscall+0x0/0x1c # [ 251.603173] Exception stack(0xf2955fa8 to 0xf2955ff0) # [ 251.608531] 5fa0: 00000010 00000010 00000001 b6e48000 00000010 00000001 # [ 251.617006] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 0042fe38 # [ 251.625475] 5fe0: 00000004 be9f7788 b6f0e33b b6e87616 # [ 251.630833] Code: e98d4001 e3040a9c e34c01fb ebfff35d (e7f001f2) # [ 251.637190] ---[ end trace 0000000000000000 ]--- # [ 251.642137] note: cat[4704] exited with irqs disabled # USERCOPY_KERNEL: saw 'call trace:': ok ok 76 selftests: lkdtm: USERCOPY_KERNEL.sh # timeout set to 45 # selftests: lkdtm: STACKLEAK_ERASING.sh <6>[ 253.688176] lkdtm: Performing direct entry STACKLEAK_ERASING <3>[ 253.693331] lkdtm: XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n) # [ 253.688176] lkdtm: Performing direct entry STACKLEAK_ERASING # [ 253.693331] lkdtm: XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n) # STACKLEAK_ERASING: saw 'XFAIL': [SKIP] ok 77 selftests: lkdtm: STACKLEAK_ERASING.sh # SKIP # timeout set to 45 # selftests: lkdtm: CFI_FORWARD_PROTO.sh <6>[ 255.089789] lkdtm: Performing direct entry CFI_FORWARD_PROTO <6>[ 255.094482] lkdtm: Calling matched prototype ... <6>[ 255.099303] lkdtm: Calling mismatched prototype ... <3>[ 255.104575] lkdtm: FAIL: survived mismatched prototype function call! <4>[ 255.111248] lkdtm: This is probably expected, since this kernel (6.12.0-rc1-next-20241002 armv7l) was built *without* CONFIG_CFI_CLANG=y # [ 255.089789] lkdtm: Performing direct entry CFI_FORWARD_PROTO # [ 255.094482] lkdtm: Calling matched prototype ... # [ 255.099303] lkdtm: Calling mismatched prototype ... # [ 255.104575] lkdtm: FAIL: survived mismatched prototype function call! # [ 255.111248] lkdtm: This is probably expected, since this kernel (6.12.0-rc1-next-20241002 armv7l) was built *without* CONFIG_CFI_CLANG=y # CFI_FORWARD_PROTO: missing 'call trace:': [FAIL] not ok 78 selftests: lkdtm: CFI_FORWARD_PROTO.sh # exit=1 # timeout set to 45 # selftests: lkdtm: CFI_BACKWARD.sh <6>[ 256.628373] lkdtm: Performing direct entry CFI_BACKWARD <6>[ 256.632596] lkdtm: Attempting unchecked stack return address redirection ... <4>[ 256.639945] lkdtm: Eek: return address mismatch! 0000000d != c17377f8 <3>[ 256.647194] lkdtm: FAIL: stack return address manipulation failed! # [ 256.628373] lkdtm: Performing direct entry CFI_BACKWARD # [ 256.632596] lkdtm: Attempting unchecked stack return address redirection ... # [ 256.639945] lkdtm: Eek: return address mismatch! 0000000d != c17377f8 # [ 256.647194] lkdtm: FAIL: stack return address manipulation failed! # CFI_BACKWARD: missing 'call trace:|ok: control flow unchanged': [FAIL] not ok 79 selftests: lkdtm: CFI_BACKWARD.sh # exit=1 # timeout set to 45 # selftests: lkdtm: FORTIFY_STRSCPY.sh <6>[ 258.148155] lkdtm: Performing direct entry FORTIFY_STRSCPY <4>[ 258.152762] ------------[ cut here ]------------ <4>[ 258.157529] WARNING: CPU: 1 PID: 4926 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 258.166540] strnlen: detected buffer overflow: 6 byte read of buffer size 5 <4>[ 258.173601] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 258.210178] CPU: 1 UID: 0 PID: 4926 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 258.219591] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 258.224841] Hardware name: STM32 (Device Tree Support) <4>[ 258.230291] Call trace: <4>[ 258.230306] unwind_backtrace from show_stack+0x18/0x1c <4>[ 258.238618] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 258.243894] dump_stack_lvl from __warn+0x84/0x134 <4>[ 258.248976] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 258.254458] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 258.260542] __fortify_report from __fortify_panic+0x8/0xc <4>[ 258.266314] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <4>[ 258.272891] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c <4>[ 258.279273] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 258.285054] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 258.290729] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 258.296204] vfs_write from ksys_write+0x78/0xf8 <4>[ 258.301081] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 258.306553] Exception stack(0xf2aa1fa8 to 0xf2aa1ff0) <4>[ 258.311913] 1fa0: 00000010 00000010 00000001 b6de8000 00000010 00000001 <4>[ 258.320388] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6de8000 00020000 0049fe38 <4>[ 258.328856] 1fe0: 00000004 be983788 b6eae33b b6e27616 <4>[ 258.334322] ---[ end trace 0000000000000000 ]--- <4>[ 258.339201] ------------[ cut here ]------------ <2>[ 258.343966] kernel BUG at lib/string_helpers.c:1040! <0>[ 258.349224] Internal error: Oops - BUG: 0 [#26] SMP ARM <4>[ 258.354690] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 258.391170] CPU: 1 UID: 0 PID: 4926 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 258.400772] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 258.406026] Hardware name: STM32 (Device Tree Support) <4>[ 258.411480] PC is at __fortify_panic+0x8/0xc <4>[ 258.416057] LR is at __fortify_report+0x8c/0xd4 <4>[ 258.420829] pc : [] lr : [] psr: 60080013 <4>[ 258.427395] sp : f2aa1e88 ip : 00000000 fp : 0049fe38 <4>[ 258.432951] r10: c89b8cc0 r9 : f2aa1f80 r8 : c278c234 <4>[ 258.438404] r7 : f2aa1f80 r6 : 00000000 r5 : 00000000 r4 : c7b68400 <4>[ 258.445264] r3 : c8c61440 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 <4>[ 258.452029] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 258.459499] Control: 10c5387d Table: c597806a DAC: 00000051 <1>[ 258.465549] Register r0 information: non-slab/vmalloc memory <1>[ 258.471416] Register r1 information: NULL pointer <1>[ 258.476471] Register r2 information: NULL pointer <1>[ 258.481422] Register r3 information: slab task_struct start c8c61400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 258.495200] copy_process+0x1f4/0x1f64 <6>[ 258.499459] kernel_clone+0xac/0x388 <6>[ 258.503515] sys_clone+0x78/0x9c <6>[ 258.507268] ret_fast_syscall+0x0/0x1c <4>[ 258.511619] Free path: <6>[ 258.514350] rcu_core+0x2dc/0xb14 <6>[ 258.518203] handle_softirqs+0x15c/0x430 <6>[ 258.522661] irq_exit+0xac/0xd4 <6>[ 258.526311] call_with_stack+0x18/0x20 <6>[ 258.530572] __irq_svc+0x9c/0xb8 <6>[ 258.534320] default_idle_call+0x20/0xc0 <6>[ 258.538780] do_idle+0x25c/0x2f4 <6>[ 258.542531] cpu_startup_entry+0x30/0x34 <6>[ 258.546984] secondary_start_kernel+0x138/0x158 <6>[ 258.552044] __enable_mmu+0x0/0x20 <1>[ 258.555993] Register r4 information: slab kmalloc-64 start c7b683c0 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STRSCPY+0x60/0x2fc <6>[ 258.570056] kstrdup+0x38/0x5c <6>[ 258.573706] lkdtm_FORTIFY_STRSCPY+0x60/0x2fc <6>[ 258.578559] lkdtm_do_action+0x24/0x4c <6>[ 258.582817] direct_entry+0x11c/0x140 <6>[ 258.587073] full_proxy_write+0x5c/0x8c <6>[ 258.591424] vfs_write+0xbc/0x3cc <6>[ 258.595283] ksys_write+0x78/0xf8 <6>[ 258.599137] ret_fast_syscall+0x0/0x1c <4>[ 258.603387] Free path: <6>[ 258.606118] load_elf_binary+0xf14/0x1374 <6>[ 258.610676] bprm_execve+0x20c/0x5a4 <6>[ 258.614831] do_execveat_common+0x15c/0x1b4 <6>[ 258.619492] sys_execve+0x38/0x40 <6>[ 258.623351] ret_fast_syscall+0x0/0x1c <1>[ 258.627603] Register r5 information: NULL pointer <1>[ 258.632659] Register r6 information: NULL pointer <1>[ 258.637612] Register r7 information: 2-page vmalloc region starting at 0xf2aa0000 allocated at kernel_clone+0xac/0x388 <1>[ 258.648636] Register r8 information: non-slab/vmalloc memory <1>[ 258.654598] Register r9 information: 2-page vmalloc region starting at 0xf2aa0000 allocated at kernel_clone+0xac/0x388 <1>[ 258.665606] Register r10 information: slab kmalloc-192 start c89b8c80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 258.679468] full_proxy_open+0x124/0x24c <6>[ 258.683918] do_dentry_open+0x144/0x4dc <6>[ 258.688275] vfs_open+0x2c/0xec <6>[ 258.692026] path_openat+0x748/0x1198 <6>[ 258.696177] do_filp_open+0x98/0x134 <6>[ 258.700327] do_sys_openat2+0xbc/0xe4 <6>[ 258.704482] sys_openat+0x98/0xd4 <6>[ 258.708334] ret_fast_syscall+0x0/0x1c <4>[ 258.712583] Free path: <6>[ 258.715313] nfs_pgio_header_free+0x34/0x48 <6>[ 258.720073] nfs_write_completion+0x60/0x240 <6>[ 258.724826] rpc_free_task+0x34/0x54 <6>[ 258.728985] rpc_async_release+0x24/0x40 <6>[ 258.733440] process_one_work+0x1b8/0x450 <6>[ 258.737995] worker_thread+0x1d4/0x3c4 <6>[ 258.742247] kthread+0xe8/0x104 <6>[ 258.745895] ret_from_fork+0x14/0x28 <1>[ 258.750044] Register r11 information: non-paged memory <1>[ 258.755499] Register r12 information: NULL pointer <0>[ 258.760552] Process cat (pid: 4926, stack limit = 0xf2aa0000) <0>[ 258.766608] Stack: (0xf2aa1e88 to 0xf2aa2000) <0>[ 258.771263] 1e80: c7b68400 c0e038b8 0049fe38 683ca1b0 6f6c6c65 00000021 <0>[ 258.779737] 1ea0: 6f6f6600 00000000 00000000 4fbc90b9 f2aa1f80 00000010 c8f0d000 c0e007ac <0>[ 258.788211] 1ec0: 00000010 c0e00b90 c0e00a74 c5877340 b6de8000 00000010 c3a4f4b8 c0890ff0 <0>[ 258.796686] 1ee0: c5877340 c0890f94 f2aa1f80 b6de8000 c8c61440 00000010 c89b8cc0 c0628618 <0>[ 258.805160] 1f00: c597adb0 00000000 00000000 00000000 00000000 00000010 b6de8000 0001fff0 <0>[ 258.813633] 1f20: 00000001 00000000 c5877f40 00000000 00000000 00000000 00000000 00000000 <0>[ 258.822105] 1f40: 00000000 00000000 00000000 00000000 00000022 4fbc90b9 00000000 c5877340 <0>[ 258.830579] 1f60: c5877340 00000000 00000000 c03002f0 c8c61440 00000004 0049fe38 c0628b74 <0>[ 258.839053] 1f80: 00000000 00000000 00000000 4fbc90b9 000000c0 00000010 00000010 7ff00000 <0>[ 258.847526] 1fa0: 00000004 c03000c0 00000010 00000010 00000001 b6de8000 00000010 00000001 <0>[ 258.856001] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6de8000 00020000 0049fe38 <0>[ 258.864475] 1fe0: 00000004 be983788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 <0>[ 258.873040] Call trace: <0>[ 258.873057] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <0>[ 258.882365] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c <0>[ 258.888748] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 258.894531] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 258.900208] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 258.905690] vfs_write from ksys_write+0x78/0xf8 <0>[ 258.910572] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 258.916046] Exception stack(0xf2aa1fa8 to 0xf2aa1ff0) <0>[ 258.921305] 1fa0: 00000010 00000010 00000001 b6de8000 00000010 00000001 <0>[ 258.929882] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6de8000 00020000 0049fe38 <0>[ 258.938352] 1fe0: 00000004 be983788 b6eae33b b6e27616 <0>[ 258.943611] Code: e8bd47f0 eac82433 e92d4010 ebc8bf1d (e7f001f2) <4>[ 258.950067] ---[ end trace 0000000000000000 ]--- <6>[ 258.954914] note: cat[4926] exited with irqs disabled # Segmentation fault # [ 258.148155] lkdtm: Performing direct entry FORTIFY_STRSCPY # [ 258.152762] ------------[ cut here ]------------ # [ 258.157529] WARNING: CPU: 1 PID: 4926 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 258.166540] strnlen: detected buffer overflow: 6 byte read of buffer size 5 # [ 258.173601] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 258.210178] CPU: 1 UID: 0 PID: 4926 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 258.219591] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 258.224841] Hardware name: STM32 (Device Tree Support) # [ 258.230291] Call trace: # [ 258.230306] unwind_backtrace from show_stack+0x18/0x1c # [ 258.238618] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 258.243894] dump_stack_lvl from __warn+0x84/0x134 # [ 258.248976] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 258.254458] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 258.260542] __fortify_report from __fortify_panic+0x8/0xc # [ 258.266314] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 258.272891] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c # [ 258.279273] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 258.285054] direct_entry from full_proxy_write+0x5c/0x8c # [ 258.290729] full_proxy_write from vfs_write+0xbc/0x3cc # [ 258.296204] vfs_write from ksys_write+0x78/0xf8 # [ 258.301081] ksys_write from ret_fast_syscall+0x0/0x1c # [ 258.306553] Exception stack(0xf2aa1fa8 to 0xf2aa1ff0) # [ 258.311913] 1fa0: 00000010 00000010 00000001 b6de8000 00000010 00000001 # [ 258.320388] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6de8000 00020000 0049fe38 # [ 258.328856] 1fe0: 00000004 be983788 b6eae33b b6e27616 # [ 258.334322] ---[ end trace 0000000000000000 ]--- # [ 258.339201] ------------[ cut here ]------------ # [ 258.343966] kernel BUG at lib/string_helpers.c:1040! # [ 258.349224] Internal error: Oops - BUG: 0 [#26] SMP ARM # [ 258.354690] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 258.391170] CPU: 1 UID: 0 PID: 4926 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 258.400772] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 258.406026] Hardware name: STM32 (Device Tree Support) # [ 258.411480] PC is at __fortify_panic+0x8/0xc # [ 258.416057] LR is at __fortify_report+0x8c/0xd4 # [ 258.420829] pc : [] lr : [] psr: 60080013 # [ 258.427395] sp : f2aa1e88 ip : 00000000 fp : 0049fe38 # [ 258.432951] r10: c89b8cc0 r9 : f2aa1f80 r8 : c278c234 # [ 258.438404] r7 : f2aa1f80 r6 : 00000000 r5 : 00000000 r4 : c7b68400 # [ 258.445264] r3 : c8c61440 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 # [ 258.452029] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 258.459499] Control: 10c5387d Table: c597806a DAC: 00000051 # [ 258.465549] Register r0 information: non-slab/vmalloc memory # [ 258.471416] Register r1 information: NULL pointer # [ 258.476471] Register r2 information: NULL pointer # [ 258.481422] Register r3 information: slab task_struct start c8c61400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 258.495200] copy_process+0x1f4/0x1f64 # [ 258.499459] kernel_clone+0xac/0x388 # [ 258.503515] sys_clone+0x78/0x9c # [ 258.507268] ret_fast_syscall+0x0/0x1c # [ 258.511619] Free path: # [ 258.514350] rcu_core+0x2dc/0xb14 # [ 258.518203] handle_softirqs+0x15c/0x430 # [ 258.522661] irq_exit+0xac/0xd4 # [ 258.526311] call_with_stack+0x18/0x20 # [ 258.530572] __irq_svc+0x9c/0xb8 # [ 258.534320] default_idle_call+0x20/0xc0 # [ 258.538780] do_idle+0x25c/0x2f4 # [ 258.542531] cpu_startup_entry+0x30/0x34 # [ 258.546984] secondary_start_kernel+0x138/0x158 # [ 258.552044] __enable_mmu+0x0/0x20 # [ 258.555993] Register r4 information: slab kmalloc-64 start c7b683c0 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STRSCPY+0x60/0x2fc # [ 258.570056] kstrdup+0x38/0x5c # [ 258.573706] lkdtm_FORTIFY_STRSCPY+0x60/0x2fc # [ 258.578559] lkdtm_do_action+0x24/0x4c # [ 258.582817] direct_entry+0x11c/0x140 # [ 258.587073] full_proxy_write+0x5c/0x8c # [ 258.591424] vfs_write+0xbc/0x3cc # [ 258.595283] ksys_write+0x78/0xf8 # [ 258.599137] ret_fast_syscall+0x0/0x1c # [ 258.603387] Free path: # [ 258.606118] load_elf_binary+0xf14/0x1374 # [ 258.610676] bprm_execve+0x20c/0x5a4 # [ 258.614831] do_execveat_common+0x15c/0x1b4 # [ 258.619492] sys_execve+0x38/0x40 # [ 258.623351] ret_fast_syscall+0x0/0x1c # [ 258.627603] Register r5 information: NULL pointer # [ 258.632659] Register r6 information: NULL pointer # [ 258.637612] Register r7 information: 2-page vmalloc region starting at 0xf2aa0000 allocated at kernel_clone+0xac/0x388 # [ 258.648636] Register r8 information: non-slab/vmalloc memory # [ 258.654598] Register r9 information: 2-page vmalloc region starting at 0xf2aa0000 allocated at kernel_clone+0xac/0x388 # [ 258.665606] Register r10 information: slab kmalloc-192 start c89b8c80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 258.679468] full_proxy_open+0x124/0x24c # [ 258.683918] do_dentry_open+0x144/0x4dc # [ 258.688275] vfs_open+0x2c/0xec # [ 258.692026] path_openat+0x748/0x1198 # [ 258.696177] do_filp_open+0x98/0x134 # [ 258.700327] do_sys_openat2+0xbc/0xe4 # [ 258.704482] sys_openat+0x98/0xd4 # [ 258.708334] ret_fast_syscall+0x0/0x1c # [ 258.712583] Free path: # [ 258.715313] nfs_pgio_header_free+0x34/0x48 # [ 258.720073] nfs_write_completion+0x60/0x240 # [ 258.724826] rpc_free_task+0x34/0x54 # [ 258.728985] rpc_async_release+0x24/0x40 # [ 258.733440] process_one_work+0x1b8/0x450 # [ 258.737995] worker_thread+0x1d4/0x3c4 # [ 258.742247] kthread+0xe8/0x104 # [ 258.745895] ret_from_fork+0x14/0x28 # [ 258.750044] Register r11 information: non-paged memory # [ 258.755499] Register r12 information: NULL pointer # [ 258.760552] Process cat (pid: 4926, stack limit = 0xf2aa0000) # [ 258.766608] Stack: (0xf2aa1e88 to 0xf2aa2000) # [ 258.771263] 1e80: c7b68400 c0e038b8 0049fe38 683ca1b0 6f6c6c65 00000021 # [ 258.779737] 1ea0: 6f6f6600 00000000 00000000 4fbc90b9 f2aa1f80 00000010 c8f0d000 c0e007ac # [ 258.788211] 1ec0: 00000010 c0e00b90 c0e00a74 c5877340 b6de8000 00000010 c3a4f4b8 c0890ff0 # [ 258.796686] 1ee0: c5877340 c0890f94 f2aa1f80 b6de8000 c8c61440 00000010 c89b8cc0 c0628618 # [ 258.805160] 1f00: c597adb0 00000000 00000000 00000000 00000000 00000010 b6de8000 0001fff0 # [ 258.813633] 1f20: 00000001 00000000 c5877f40 00000000 00000000 00000000 00000000 00000000 # [ 258.822105] 1f40: 00000000 00000000 00000000 00000000 00000022 4fbc90b9 00000000 c5877340 # [ 258.830579] 1f60: c5877340 00000000 00000000 c03002f0 c8c61440 00000004 0049fe38 c0628b74 # [ 258.839053] 1f80: 00000000 00000000 00000000 4fbc90b9 000000c0 00000010 00000010 7ff00000 # [ 258.847526] 1fa0: 00000004 c03000c0 00000010 00000010 00000001 b6de8000 00000010 00000001 # [ 258.856001] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6de8000 00020000 0049fe38 # [ 258.864475] 1fe0: 00000004 be983788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 # [ 258.873040] Call trace: # [ 258.873057] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 258.882365] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c # [ 258.888748] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 258.894531] direct_entry from full_proxy_write+0x5c/0x8c # [ 258.900208] full_proxy_write from vfs_write+0xbc/0x3cc # [ 258.905690] vfs_write from ksys_write+0x78/0xf8 # [ 258.910572] ksys_write from ret_fast_syscall+0x0/0x1c # [ 258.916046] Exception stack(0xf2aa1fa8 to 0xf2aa1ff0) # [ 258.921305] 1fa0: 00000010 00000010 00000001 b6de8000 00000010 00000001 # [ 258.929882] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6de8000 00020000 0049fe38 # [ 258.938352] 1fe0: 00000004 be983788 b6eae33b b6e27616 # [ 258.943611] Code: e8bd47f0 eac82433 e92d4010 ebc8bf1d (e7f001f2) # [ 258.950067] ---[ end trace 0000000000000000 ]--- # [ 258.954914] note: cat[4926] exited with irqs disabled # FORTIFY_STRSCPY: saw 'detected buffer overflow': ok ok 80 selftests: lkdtm: FORTIFY_STRSCPY.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_STR_OBJECT.sh <6>[ 261.065819] lkdtm: Performing direct entry FORTIFY_STR_OBJECT <6>[ 261.070609] lkdtm: trying to strcmp() past the end of a struct <4>[ 261.076798] ------------[ cut here ]------------ <4>[ 261.081592] WARNING: CPU: 0 PID: 5012 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 261.090497] strncpy: detected buffer overflow: 20 byte write of buffer size 10 <4>[ 261.097952] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 261.134716] CPU: 0 UID: 0 PID: 5012 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 261.143931] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 261.149179] Hardware name: STM32 (Device Tree Support) <4>[ 261.154628] Call trace: <4>[ 261.154643] unwind_backtrace from show_stack+0x18/0x1c <4>[ 261.162953] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 261.168232] dump_stack_lvl from __warn+0x84/0x134 <4>[ 261.173314] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 261.178795] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 261.184881] __fortify_report from __fortify_panic+0x8/0xc <4>[ 261.190652] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 <4>[ 261.197325] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c <4>[ 261.203907] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 261.209687] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 261.215363] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 261.220939] vfs_write from ksys_write+0x78/0xf8 <4>[ 261.225816] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 261.231188] Exception stack(0xf2b21fa8 to 0xf2b21ff0) <4>[ 261.236547] 1fa0: 00000013 00000013 00000001 b6dd8000 00000013 00000001 <4>[ 261.245021] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 <4>[ 261.253590] 1fe0: 00000004 bed27788 b6e9e33b b6e17616 <4>[ 261.259153] ---[ end trace 0000000000000000 ]--- <4>[ 261.263940] ------------[ cut here ]------------ <2>[ 261.268708] kernel BUG at lib/string_helpers.c:1040! <0>[ 261.273966] Internal error: Oops - BUG: 0 [#27] SMP ARM <4>[ 261.279432] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 261.315914] CPU: 0 UID: 0 PID: 5012 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 261.325517] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 261.330764] Hardware name: STM32 (Device Tree Support) <4>[ 261.336212] PC is at __fortify_panic+0x8/0xc <4>[ 261.340777] LR is at __fortify_report+0x8c/0xd4 <4>[ 261.345540] pc : [] lr : [] psr: 60080013 <4>[ 261.352097] sp : f2b21e78 ip : 00000000 fp : 004bfe38 <4>[ 261.357646] r10: c89b8cc0 r9 : f2b21f80 r8 : c278c214 <4>[ 261.363095] r7 : f2b21f80 r6 : 00000000 r5 : c8db7000 r4 : 00000013 <4>[ 261.369954] r3 : c8c63240 r2 : 00000000 r1 : 00000000 r0 : ef6a3484 <4>[ 261.376816] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 261.384182] Control: 10c5387d Table: c58bc06a DAC: 00000051 <1>[ 261.390231] Register r0 information: non-slab/vmalloc memory <1>[ 261.396198] Register r1 information: NULL pointer <1>[ 261.401152] Register r2 information: NULL pointer <1>[ 261.406203] Register r3 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 261.419879] copy_process+0x1f4/0x1f64 <6>[ 261.424135] kernel_clone+0xac/0x388 <6>[ 261.428290] sys_clone+0x78/0x9c <6>[ 261.432043] ret_fast_syscall+0x0/0x1c <4>[ 261.436293] Free path: <6>[ 261.439023] rcu_core+0x2dc/0xb14 <6>[ 261.442876] handle_softirqs+0x15c/0x430 <6>[ 261.447333] irq_exit+0xac/0xd4 <6>[ 261.450983] call_with_stack+0x18/0x20 <6>[ 261.455345] __irq_svc+0x9c/0xb8 <6>[ 261.459092] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 261.464354] ___slab_alloc+0x778/0xd7c <6>[ 261.468716] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 261.473879] copy_process+0x8bc/0x1f64 <6>[ 261.478135] kernel_clone+0xac/0x388 <6>[ 261.482190] sys_clone+0x78/0x9c <6>[ 261.486042] ret_fast_syscall+0x0/0x1c <1>[ 261.490291] Register r4 information: non-paged memory <1>[ 261.495644] Register r5 information: non-slab/vmalloc memory <1>[ 261.501602] Register r6 information: NULL pointer <1>[ 261.506553] Register r7 information: 2-page vmalloc region starting at 0xf2b20000 allocated at kernel_clone+0xac/0x388 <1>[ 261.517563] Register r8 information: non-slab/vmalloc memory <1>[ 261.523521] Register r9 information: 2-page vmalloc region starting at 0xf2b20000 allocated at kernel_clone+0xac/0x388 <1>[ 261.534527] Register r10 information: slab kmalloc-192 start c89b8c80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 261.548383] full_proxy_open+0x124/0x24c <6>[ 261.552933] do_dentry_open+0x144/0x4dc <6>[ 261.557290] vfs_open+0x2c/0xec <6>[ 261.560942] path_openat+0x748/0x1198 <6>[ 261.565092] do_filp_open+0x98/0x134 <6>[ 261.569242] do_sys_openat2+0xbc/0xe4 <6>[ 261.573396] sys_openat+0x98/0xd4 <6>[ 261.577247] ret_fast_syscall+0x0/0x1c <4>[ 261.581596] Free path: <6>[ 261.584226] nfs_pgio_header_free+0x34/0x48 <6>[ 261.588986] nfs_write_completion+0x60/0x240 <6>[ 261.593840] rpc_free_task+0x34/0x54 <6>[ 261.597898] rpc_async_release+0x24/0x40 <6>[ 261.602353] process_one_work+0x1b8/0x450 <6>[ 261.606909] worker_thread+0x1d4/0x3c4 <6>[ 261.611160] kthread+0xe8/0x104 <6>[ 261.614908] ret_from_fork+0x14/0x28 <1>[ 261.618956] Register r11 information: non-paged memory <1>[ 261.624411] Register r12 information: NULL pointer <0>[ 261.629463] Process cat (pid: 5012, stack limit = 0xf2b20000) <0>[ 261.635519] Stack: (0xf2b21e78 to 0xf2b22000) <0>[ 261.640170] 1e60: 00000013 c1737a10 <0>[ 261.648643] 1e80: 00000014 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 261.657115] 1ea0: 00000000 00000000 00000000 00000000 00000000 4c715f19 c20a9748 c0e007ac <0>[ 261.665589] 1ec0: 00000013 c0e00b90 c0e00a74 c5877c40 b6dd8000 00000013 c3a4f4b8 c0890ff0 <0>[ 261.674063] 1ee0: c5877c40 c0890f94 f2b21f80 b6dd8000 c8c63240 00000013 c89b8cc0 c0628618 <0>[ 261.682537] 1f00: c58bedb0 00000000 00000000 00000000 00000000 00000013 b6dd8000 0001ffed <0>[ 261.691009] 1f20: 00000001 00000000 c5877e40 00000000 00000000 00000000 00000000 00000000 <0>[ 261.699481] 1f40: 00000000 00000000 00000000 00000000 00000022 4c715f19 00000000 c5877c40 <0>[ 261.708057] 1f60: c5877c40 00000000 00000000 c03002f0 c8c63240 00000004 004bfe38 c0628b74 <0>[ 261.716533] 1f80: 00000000 00000000 00000000 4c715f19 000000c0 00000013 00000013 7ff00000 <0>[ 261.725007] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6dd8000 00000013 00000001 <0>[ 261.733481] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 <0>[ 261.741954] 1fe0: 00000004 bed27788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 261.750419] Call trace: <0>[ 261.750436] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 <0>[ 261.759846] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c <0>[ 261.766532] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 261.772313] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 261.777989] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 261.783466] vfs_write from ksys_write+0x78/0xf8 <0>[ 261.788344] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 261.793818] Exception stack(0xf2b21fa8 to 0xf2b21ff0) <0>[ 261.799076] 1fa0: 00000013 00000013 00000001 b6dd8000 00000013 00000001 <0>[ 261.807650] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 <0>[ 261.816120] 1fe0: 00000004 bed27788 b6e9e33b b6e17616 <0>[ 261.821378] Code: e8bd47f0 eac82433 e92d4010 ebc8bf1d (e7f001f2) <4>[ 261.827834] ---[ end trace 0000000000000000 ]--- <6>[ 261.832681] note: cat[5012] exited with irqs disabled # Segmentation fault # [ 261.065819] lkdtm: Performing direct entry FORTIFY_STR_OBJECT # [ 261.070609] lkdtm: trying to strcmp() past the end of a struct # [ 261.076798] ------------[ cut here ]------------ # [ 261.081592] WARNING: CPU: 0 PID: 5012 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 261.090497] strncpy: detected buffer overflow: 20 byte write of buffer size 10 # [ 261.097952] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 261.134716] CPU: 0 UID: 0 PID: 5012 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 261.143931] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 261.149179] Hardware name: STM32 (Device Tree Support) # [ 261.154628] Call trace: # [ 261.154643] unwind_backtrace from show_stack+0x18/0x1c # [ 261.162953] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 261.168232] dump_stack_lvl from __warn+0x84/0x134 # [ 261.173314] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 261.178795] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 261.184881] __fortify_report from __fortify_panic+0x8/0xc # [ 261.190652] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 # [ 261.197325] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c # [ 261.203907] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 261.209687] direct_entry from full_proxy_write+0x5c/0x8c # [ 261.215363] full_proxy_write from vfs_write+0xbc/0x3cc # [ 261.220939] vfs_write from ksys_write+0x78/0xf8 # [ 261.225816] ksys_write from ret_fast_syscall+0x0/0x1c # [ 261.231188] Exception stack(0xf2b21fa8 to 0xf2b21ff0) # [ 261.236547] 1fa0: 00000013 00000013 00000001 b6dd8000 00000013 00000001 # [ 261.245021] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 # [ 261.253590] 1fe0: 00000004 bed27788 b6e9e33b b6e17616 # [ 261.259153] ---[ end trace 0000000000000000 ]--- # [ 261.263940] ------------[ cut here ]------------ # [ 261.268708] kernel BUG at lib/string_helpers.c:1040! # [ 261.273966] Internal error: Oops - BUG: 0 [#27] SMP ARM # [ 261.279432] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 261.315914] CPU: 0 UID: 0 PID: 5012 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 261.325517] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 261.330764] Hardware name: STM32 (Device Tree Support) # [ 261.336212] PC is at __fortify_panic+0x8/0xc # [ 261.340777] LR is at __fortify_report+0x8c/0xd4 # [ 261.345540] pc : [] lr : [] psr: 60080013 # [ 261.352097] sp : f2b21e78 ip : 00000000 fp : 004bfe38 # [ 261.357646] r10: c89b8cc0 r9 : f2b21f80 r8 : c278c214 # [ 261.363095] r7 : f2b21f80 r6 : 00000000 r5 : c8db7000 r4 : 00000013 # [ 261.369954] r3 : c8c63240 r2 : 00000000 r1 : 00000000 r0 : ef6a3484 # [ 261.376816] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 261.384182] Control: 10c5387d Table: c58bc06a DAC: 00000051 # [ 261.390231] Register r0 information: non-slab/vmalloc memory # [ 261.396198] Register r1 information: NULL pointer # [ 261.401152] Register r2 information: NULL pointer # [ 261.406203] Register r3 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 261.419879] copy_process+0x1f4/0x1f64 # [ 261.424135] kernel_clone+0xac/0x388 # [ 261.428290] sys_clone+0x78/0x9c # [ 261.432043] ret_fast_syscall+0x0/0x1c # [ 261.436293] Free path: # [ 261.439023] rcu_core+0x2dc/0xb14 # [ 261.442876] handle_softirqs+0x15c/0x430 # [ 261.447333] irq_exit+0xac/0xd4 # [ 261.450983] call_with_stack+0x18/0x20 # [ 261.455345] __irq_svc+0x9c/0xb8 # [ 261.459092] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 261.464354] ___slab_alloc+0x778/0xd7c # [ 261.468716] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 261.473879] copy_process+0x8bc/0x1f64 # [ 261.478135] kernel_clone+0xac/0x388 # [ 261.482190] sys_clone+0x78/0x9c # [ 261.486042] ret_fast_syscall+0x0/0x1c # [ 261.490291] Register r4 information: non-paged memory # [ 261.495644] Register r5 information: non-slab/vmalloc memory # [ 261.501602] Register r6 information: NULL pointer # [ 261.506553] Register r7 information: 2-page vmalloc region starting at 0xf2b20000 allocated at kernel_clone+0xac/0x388 # [ 261.517563] Register r8 information: non-slab/vmalloc memory # [ 261.523521] Register r9 information: 2-page vmalloc region starting at 0xf2b20000 allocated at kernel_clone+0xac/0x388 # [ 261.534527] Register r10 information: slab kmalloc-192 start c89b8c80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 261.548383] full_proxy_open+0x124/0x24c # [ 261.552933] do_dentry_open+0x144/0x4dc # [ 261.557290] vfs_open+0x2c/0xec # [ 261.560942] path_openat+0x748/0x1198 # [ 261.565092] do_filp_open+0x98/0x134 # [ 261.569242] do_sys_openat2+0xbc/0xe4 # [ 261.573396] sys_openat+0x98/0xd4 # [ 261.577247] ret_fast_syscall+0x0/0x1c # [ 261.581596] Free path: # [ 261.584226] nfs_pgio_header_free+0x34/0x48 # [ 261.588986] nfs_write_completion+0x60/0x240 # [ 261.593840] rpc_free_task+0x34/0x54 # [ 261.597898] rpc_async_release+0x24/0x40 # [ 261.602353] process_one_work+0x1b8/0x450 # [ 261.606909] worker_thread+0x1d4/0x3c4 # [ 261.611160] kthread+0xe8/0x104 # [ 261.614908] ret_from_fork+0x14/0x28 # [ 261.618956] Register r11 information: non-paged memory # [ 261.624411] Register r12 information: NULL pointer # [ 261.629463] Process cat (pid: 5012, stack limit = 0xf2b20000) # [ 261.635519] Stack: (0xf2b21e78 to 0xf2b22000) # [ 261.640170] 1e60: 00000013 c1737a10 # [ 261.648643] 1e80: 00000014 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 261.657115] 1ea0: 00000000 00000000 00000000 00000000 00000000 4c715f19 c20a9748 c0e007ac # [ 261.665589] 1ec0: 00000013 c0e00b90 c0e00a74 c5877c40 b6dd8000 00000013 c3a4f4b8 c0890ff0 # [ 261.674063] 1ee0: c5877c40 c0890f94 f2b21f80 b6dd8000 c8c63240 00000013 c89b8cc0 c0628618 # [ 261.682537] 1f00: c58bedb0 00000000 00000000 00000000 00000000 00000013 b6dd8000 0001ffed # [ 261.691009] 1f20: 00000001 00000000 c5877e40 00000000 00000000 00000000 00000000 00000000 # [ 261.699481] 1f40: 00000000 00000000 00000000 00000000 00000022 4c715f19 00000000 c5877c40 # [ 261.708057] 1f60: c5877c40 00000000 00000000 c03002f0 c8c63240 00000004 004bfe38 c0628b74 # [ 261.716533] 1f80: 00000000 00000000 00000000 4c715f19 000000c0 00000013 00000013 7ff00000 # [ 261.725007] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6dd8000 00000013 00000001 # [ 261.733481] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 # [ 261.741954] 1fe0: 00000004 bed27788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 261.750419] Call trace: # [ 261.750436] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 # [ 261.759846] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c # [ 261.766532] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 261.772313] direct_entry from full_proxy_write+0x5c/0x8c # [ 261.777989] full_proxy_write from vfs_write+0xbc/0x3cc # [ 261.783466] vfs_write from ksys_write+0x78/0xf8 # [ 261.788344] ksys_write from ret_fast_syscall+0x0/0x1c # [ 261.793818] Exception stack(0xf2b21fa8 to 0xf2b21ff0) # [ 261.799076] 1fa0: 00000013 00000013 00000001 b6dd8000 00000013 00000001 # [ 261.807650] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 # [ 261.816120] 1fe0: 00000004 bed27788 b6e9e33b b6e17616 # [ 261.821378] Code: e8bd47f0 eac82433 e92d4010 ebc8bf1d (e7f001f2) # [ 261.827834] ---[ end trace 0000000000000000 ]--- # [ 261.832681] note: cat[5012] exited with irqs disabled # FORTIFY_STR_OBJECT: saw 'detected buffer overflow': ok ok 81 selftests: lkdtm: FORTIFY_STR_OBJECT.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_STR_MEMBER.sh <6>[ 263.917329] lkdtm: Performing direct entry FORTIFY_STR_MEMBER <6>[ 263.922206] lkdtm: trying to strncpy() past the end of a struct member... <4>[ 263.929188] ------------[ cut here ]------------ <4>[ 263.934060] WARNING: CPU: 1 PID: 5099 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 263.942854] strncpy: detected buffer overflow: 15 byte write of buffer size 10 <4>[ 263.950399] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 263.987019] CPU: 1 UID: 0 PID: 5099 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 263.996430] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 264.001684] Hardware name: STM32 (Device Tree Support) <4>[ 264.007035] Call trace: <4>[ 264.007050] unwind_backtrace from show_stack+0x18/0x1c <4>[ 264.015364] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 264.020744] dump_stack_lvl from __warn+0x84/0x134 <4>[ 264.025727] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 264.031210] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 264.037297] __fortify_report from __fortify_panic+0x8/0xc <4>[ 264.043071] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 <4>[ 264.049950] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c <4>[ 264.056533] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 264.062316] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 264.067993] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 264.073472] vfs_write from ksys_write+0x78/0xf8 <4>[ 264.078451] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 264.083826] Exception stack(0xf2badfa8 to 0xf2badff0) <4>[ 264.089185] dfa0: 00000013 00000013 00000001 b6e04000 00000013 00000001 <4>[ 264.097661] dfc0: 00000013 00000013 7ff00000 00000004 00000001 b6e04000 00020000 0041fe38 <4>[ 264.106131] dfe0: 00000004 bebd0788 b6eca33b b6e43616 <4>[ 264.111587] ---[ end trace 0000000000000000 ]--- <4>[ 264.116479] ------------[ cut here ]------------ <2>[ 264.121246] kernel BUG at lib/string_helpers.c:1040! <0>[ 264.126504] Internal error: Oops - BUG: 0 [#28] SMP ARM <4>[ 264.131969] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 264.168452] CPU: 1 UID: 0 PID: 5099 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 264.178057] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 264.183312] Hardware name: STM32 (Device Tree Support) <4>[ 264.188769] PC is at __fortify_panic+0x8/0xc <4>[ 264.193246] LR is at __fortify_report+0x8c/0xd4 <4>[ 264.198120] pc : [] lr : [] psr: 60080013 <4>[ 264.204586] sp : f2bade88 ip : 00000000 fp : 0041fe38 <4>[ 264.210145] r10: c89b8900 r9 : f2badf80 r8 : c278c21c <4>[ 264.215601] r7 : f2badf80 r6 : c79d2280 r5 : 00000014 r4 : 0000000f <4>[ 264.222464] r3 : c8c63240 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 <4>[ 264.229229] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 264.236701] Control: 10c5387d Table: c596806a DAC: 00000051 <1>[ 264.242757] Register r0 information: non-slab/vmalloc memory <1>[ 264.248730] Register r1 information: NULL pointer <1>[ 264.253695] Register r2 information: NULL pointer <1>[ 264.258658] Register r3 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 264.272349] copy_process+0x1f4/0x1f64 <6>[ 264.276621] kernel_clone+0xac/0x388 <6>[ 264.280789] sys_clone+0x78/0x9c <6>[ 264.284555] ret_fast_syscall+0x0/0x1c <4>[ 264.288820] Free path: <6>[ 264.291557] rcu_core+0x2dc/0xb14 <6>[ 264.295321] handle_softirqs+0x15c/0x430 <6>[ 264.299784] irq_exit+0xac/0xd4 <6>[ 264.303538] call_with_stack+0x18/0x20 <6>[ 264.307802] __irq_svc+0x9c/0xb8 <6>[ 264.311551] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 264.316815] ___slab_alloc+0x778/0xd7c <6>[ 264.321179] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 264.326346] getname_flags.part.0+0x28/0x18c <6>[ 264.331102] sys_statx+0x5c/0xf4 <6>[ 264.334858] ret_fast_syscall+0x0/0x1c <1>[ 264.339111] Register r4 information: non-paged memory <1>[ 264.344471] Register r5 information: non-paged memory <1>[ 264.349825] Register r6 information: slab kmalloc-64 start c79d2240 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 <6>[ 264.364195] lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 <6>[ 264.369359] lkdtm_do_action+0x24/0x4c <6>[ 264.373621] direct_entry+0x11c/0x140 <6>[ 264.377780] full_proxy_write+0x5c/0x8c <6>[ 264.382132] vfs_write+0xbc/0x3cc <6>[ 264.385991] ksys_write+0x78/0xf8 <6>[ 264.389847] ret_fast_syscall+0x0/0x1c <4>[ 264.394100] Free path: <6>[ 264.396832] xdr_free_bvec+0x18/0x24 <6>[ 264.400992] xprt_transmit+0x29c/0x4a0 <6>[ 264.405245] call_transmit+0x80/0x8c <6>[ 264.409404] __rpc_execute+0xc8/0x5d0 <6>[ 264.413564] rpc_async_schedule+0x24/0x40 <6>[ 264.418122] process_one_work+0x1b8/0x450 <6>[ 264.422679] worker_thread+0x1d4/0x3c4 <6>[ 264.426932] kthread+0xe8/0x104 <6>[ 264.430582] ret_from_fork+0x14/0x28 <1>[ 264.434731] Register r7 information: 2-page vmalloc region starting at 0xf2bac000 allocated at kernel_clone+0xac/0x388 <1>[ 264.445743] Register r8 information: non-slab/vmalloc memory <1>[ 264.451705] Register r9 information: 2-page vmalloc region starting at 0xf2bac000 allocated at kernel_clone+0xac/0x388 <1>[ 264.462712] Register r10 information: slab kmalloc-192 start c89b88c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 264.476570] full_proxy_open+0x124/0x24c <6>[ 264.481021] do_dentry_open+0x144/0x4dc <6>[ 264.485379] vfs_open+0x2c/0xec <6>[ 264.489132] path_openat+0x748/0x1198 <6>[ 264.493285] do_filp_open+0x98/0x134 <6>[ 264.497437] do_sys_openat2+0xbc/0xe4 <6>[ 264.501593] sys_openat+0x98/0xd4 <6>[ 264.505446] ret_fast_syscall+0x0/0x1c <4>[ 264.509696] Free path: <6>[ 264.512427] nfs_pgio_header_free+0x34/0x48 <6>[ 264.517189] nfs_write_completion+0x60/0x240 <6>[ 264.521943] rpc_free_task+0x34/0x54 <6>[ 264.526102] rpc_async_release+0x24/0x40 <6>[ 264.530557] process_one_work+0x1b8/0x450 <6>[ 264.535113] worker_thread+0x1d4/0x3c4 <6>[ 264.539366] kthread+0xe8/0x104 <6>[ 264.543014] ret_from_fork+0x14/0x28 <1>[ 264.547163] Register r11 information: non-paged memory <1>[ 264.552519] Register r12 information: NULL pointer <0>[ 264.557673] Process cat (pid: 5099, stack limit = 0xf2bac000) <0>[ 264.563631] Stack: (0xf2bade88 to 0xf2bae000) <0>[ 264.568286] de80: 0000000f c0e03a28 0041fe38 0000000f 00000000 00000000 <0>[ 264.576762] dea0: 00000000 00000000 00000000 a5b16cd9 00000013 c8d90000 00000000 c0e007ac <0>[ 264.585237] dec0: 00000013 c0e00b90 c0e00a74 c5877d40 b6e04000 00000013 c3a4f4b8 c0890ff0 <0>[ 264.593712] dee0: c5877d40 c0890f94 f2badf80 b6e04000 c8c63240 00000013 c89b8900 c0628618 <0>[ 264.602186] df00: c596adb8 00000000 00000000 00000000 00000000 00000013 b6e04000 0001ffed <0>[ 264.610657] df20: 00000001 00000000 c5877a40 00000000 00000000 00000000 00000000 00000000 <0>[ 264.619130] df40: 00000000 00000000 00000000 00000000 00000022 a5b16cd9 00000000 c5877d40 <0>[ 264.627704] df60: c5877d40 00000000 00000000 c03002f0 c8c63240 00000004 0041fe38 c0628b74 <0>[ 264.636177] df80: 00000000 00000000 00000000 a5b16cd9 000000c0 00000013 00000013 7ff00000 <0>[ 264.644651] dfa0: 00000004 c03000c0 00000013 00000013 00000001 b6e04000 00000013 00000001 <0>[ 264.653126] dfc0: 00000013 00000013 7ff00000 00000004 00000001 b6e04000 00020000 0041fe38 <0>[ 264.661599] dfe0: 00000004 bebd0788 b6eca33b b6e43616 60080030 00000001 00000000 00000000 <0>[ 264.670064] Call trace: <0>[ 264.670079] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 <0>[ 264.679687] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c <0>[ 264.686271] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 264.692054] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 264.697729] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 264.703306] vfs_write from ksys_write+0x78/0xf8 <0>[ 264.708186] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 264.713561] Exception stack(0xf2badfa8 to 0xf2badff0) <0>[ 264.718919] dfa0: 00000013 00000013 00000001 b6e04000 00000013 00000001 <0>[ 264.727394] dfc0: 00000013 00000013 7ff00000 00000004 00000001 b6e04000 00020000 0041fe38 <0>[ 264.735864] dfe0: 00000004 bebd0788 b6eca33b b6e43616 <0>[ 264.741222] Code: e8bd47f0 eac82433 e92d4010 ebc8bf1d (e7f001f2) <4>[ 264.747580] ---[ end trace 0000000000000000 ]--- <6>[ 264.752528] note: cat[5099] exited with irqs disabled # Segmentation fault # [ 263.917329] lkdtm: Performing direct entry FORTIFY_STR_MEMBER # [ 263.922206] lkdtm: trying to strncpy() past the end of a struct member... # [ 263.929188] ------------[ cut here ]------------ # [ 263.934060] WARNING: CPU: 1 PID: 5099 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 263.942854] strncpy: detected buffer overflow: 15 byte write of buffer size 10 # [ 263.950399] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 263.987019] CPU: 1 UID: 0 PID: 5099 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 263.996430] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 264.001684] Hardware name: STM32 (Device Tree Support) # [ 264.007035] Call trace: # [ 264.007050] unwind_backtrace from show_stack+0x18/0x1c # [ 264.015364] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 264.020744] dump_stack_lvl from __warn+0x84/0x134 # [ 264.025727] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 264.031210] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 264.037297] __fortify_report from __fortify_panic+0x8/0xc # [ 264.043071] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 # [ 264.049950] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c # [ 264.056533] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 264.062316] direct_entry from full_proxy_write+0x5c/0x8c # [ 264.067993] full_proxy_write from vfs_write+0xbc/0x3cc # [ 264.073472] vfs_write from ksys_write+0x78/0xf8 # [ 264.078451] ksys_write from ret_fast_syscall+0x0/0x1c # [ 264.083826] Exception stack(0xf2badfa8 to 0xf2badff0) # [ 264.089185] dfa0: 00000013 00000013 00000001 b6e04000 00000013 00000001 # [ 264.097661] dfc0: 00000013 00000013 7ff00000 00000004 00000001 b6e04000 00020000 0041fe38 # [ 264.106131] dfe0: 00000004 bebd0788 b6eca33b b6e43616 # [ 264.111587] ---[ end trace 0000000000000000 ]--- # [ 264.116479] ------------[ cut here ]------------ # [ 264.121246] kernel BUG at lib/string_helpers.c:1040! # [ 264.126504] Internal error: Oops - BUG: 0 [#28] SMP ARM # [ 264.131969] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 264.168452] CPU: 1 UID: 0 PID: 5099 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 264.178057] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 264.183312] Hardware name: STM32 (Device Tree Support) # [ 264.188769] PC is at __fortify_panic+0x8/0xc # [ 264.193246] LR is at __fortify_report+0x8c/0xd4 # [ 264.198120] pc : [] lr : [] psr: 60080013 # [ 264.204586] sp : f2bade88 ip : 00000000 fp : 0041fe38 # [ 264.210145] r10: c89b8900 r9 : f2badf80 r8 : c278c21c # [ 264.215601] r7 : f2badf80 r6 : c79d2280 r5 : 00000014 r4 : 0000000f # [ 264.222464] r3 : c8c63240 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 # [ 264.229229] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 264.236701] Control: 10c5387d Table: c596806a DAC: 00000051 # [ 264.242757] Register r0 information: non-slab/vmalloc memory # [ 264.248730] Register r1 information: NULL pointer # [ 264.253695] Register r2 information: NULL pointer # [ 264.258658] Register r3 information: slab task_struct start c8c63200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 264.272349] copy_process+0x1f4/0x1f64 # [ 264.276621] kernel_clone+0xac/0x388 # [ 264.280789] sys_clone+0x78/0x9c # [ 264.284555] ret_fast_syscall+0x0/0x1c # [ 264.288820] Free path: # [ 264.291557] rcu_core+0x2dc/0xb14 # [ 264.295321] handle_softirqs+0x15c/0x430 # [ 264.299784] irq_exit+0xac/0xd4 # [ 264.303538] call_with_stack+0x18/0x20 # [ 264.307802] __irq_svc+0x9c/0xb8 # [ 264.311551] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 264.316815] ___slab_alloc+0x778/0xd7c # [ 264.321179] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 264.326346] getname_flags.part.0+0x28/0x18c # [ 264.331102] sys_statx+0x5c/0xf4 # [ 264.334858] ret_fast_syscall+0x0/0x1c # [ 264.339111] Register r4 information: non-paged memory # [ 264.344471] Register r5 information: non-paged memory # [ 264.349825] Register r6 information: slab kmalloc-64 start c79d2240 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 # [ 264.364195] lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 # [ 264.369359] lkdtm_do_action+0x24/0x4c # [ 264.373621] direct_entry+0x11c/0x140 # [ 264.377780] full_proxy_write+0x5c/0x8c # [ 264.382132] vfs_write+0xbc/0x3cc # [ 264.385991] ksys_write+0x78/0xf8 # [ 264.389847] ret_fast_syscall+0x0/0x1c # [ 264.394100] Free path: # [ 264.396832] xdr_free_bvec+0x18/0x24 # [ 264.400992] xprt_transmit+0x29c/0x4a0 # [ 264.405245] call_transmit+0x80/0x8c # [ 264.409404] __rpc_execute+0xc8/0x5d0 # [ 264.413564] rpc_async_schedule+0x24/0x40 # [ 264.418122] process_one_work+0x1b8/0x450 # [ 264.422679] worker_thread+0x1d4/0x3c4 # [ 264.426932] kthread+0xe8/0x104 # [ 264.430582] ret_from_fork+0x14/0x28 # [ 264.434731] Register r7 information: 2-page vmalloc region starting at 0xf2bac000 allocated at kernel_clone+0xac/0x388 # [ 264.445743] Register r8 information: non-slab/vmalloc memory # [ 264.451705] Register r9 information: 2-page vmalloc region starting at 0xf2bac000 allocated at kernel_clone+0xac/0x388 # [ 264.462712] Register r10 information: slab kmalloc-192 start c89b88c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 264.476570] full_proxy_open+0x124/0x24c # [ 264.481021] do_dentry_open+0x144/0x4dc # [ 264.485379] vfs_open+0x2c/0xec # [ 264.489132] path_openat+0x748/0x1198 # [ 264.493285] do_filp_open+0x98/0x134 # [ 264.497437] do_sys_openat2+0xbc/0xe4 # [ 264.501593] sys_openat+0x98/0xd4 # [ 264.505446] ret_fast_syscall+0x0/0x1c # [ 264.509696] Free path: # [ 264.512427] nfs_pgio_header_free+0x34/0x48 # [ 264.517189] nfs_write_completion+0x60/0x240 # [ 264.521943] rpc_free_task+0x34/0x54 # [ 264.526102] rpc_async_release+0x24/0x40 # [ 264.530557] process_one_work+0x1b8/0x450 # [ 264.535113] worker_thread+0x1d4/0x3c4 # [ 264.539366] kthread+0xe8/0x104 # [ 264.543014] ret_from_fork+0x14/0x28 # [ 264.547163] Register r11 information: non-paged memory # [ 264.552519] Register r12 information: NULL pointer # [ 264.557673] Process cat (pid: 5099, stack limit = 0xf2bac000) # [ 264.563631] Stack: (0xf2bade88 to 0xf2bae000) # [ 264.568286] de80: 0000000f c0e03a28 0041fe38 0000000f 00000000 00000000 # [ 264.576762] dea0: 00000000 00000000 00000000 a5b16cd9 00000013 c8d90000 00000000 c0e007ac # [ 264.585237] dec0: 00000013 c0e00b90 c0e00a74 c5877d40 b6e04000 00000013 c3a4f4b8 c0890ff0 # [ 264.593712] dee0: c5877d40 c0890f94 f2badf80 b6e04000 c8c63240 00000013 c89b8900 c0628618 # [ 264.602186] df00: c596adb8 00000000 00000000 00000000 00000000 00000013 b6e04000 0001ffed # [ 264.610657] df20: 00000001 00000000 c5877a40 00000000 00000000 00000000 00000000 00000000 # [ 264.619130] df40: 00000000 00000000 00000000 00000000 00000022 a5b16cd9 00000000 c5877d40 # [ 264.627704] df60: c5877d40 00000000 00000000 c03002f0 c8c63240 00000004 0041fe38 c0628b74 # [ 264.636177] df80: 00000000 00000000 00000000 a5b16cd9 000000c0 00000013 00000013 7ff00000 # [ 264.644651] dfa0: 00000004 c03000c0 00000013 00000013 00000001 b6e04000 00000013 00000001 # [ 264.653126] dfc0: 00000013 00000013 7ff00000 00000004 00000001 b6e04000 00020000 0041fe38 # [ 264.661599] dfe0: 00000004 bebd0788 b6eca33b b6e43616 60080030 00000001 00000000 00000000 # [ 264.670064] Call trace: # [ 264.670079] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 # [ 264.679687] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c # [ 264.686271] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 264.692054] direct_entry from full_proxy_write+0x5c/0x8c # [ 264.697729] full_proxy_write from vfs_write+0xbc/0x3cc # [ 264.703306] vfs_write from ksys_write+0x78/0xf8 # [ 264.708186] ksys_write from ret_fast_syscall+0x0/0x1c # [ 264.713561] Exception stack(0xf2badfa8 to 0xf2badff0) # [ 264.718919] dfa0: 00000013 00000013 00000001 b6e04000 00000013 00000001 # [ 264.727394] dfc0: 00000013 00000013 7ff00000 00000004 00000001 b6e04000 00020000 0041fe38 # [ 264.735864] dfe0: 00000004 bebd0788 b6eca33b b6e43616 # [ 264.741222] Code: e8bd47f0 eac82433 e92d4010 ebc8bf1d (e7f001f2) # [ 264.747580] ---[ end trace 0000000000000000 ]--- # [ 264.752528] note: cat[5099] exited with irqs disabled # FORTIFY_STR_MEMBER: saw 'detected buffer overflow': ok ok 82 selftests: lkdtm: FORTIFY_STR_MEMBER.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_MEM_OBJECT.sh <6>[ 266.751622] lkdtm: Performing direct entry FORTIFY_MEM_OBJECT <6>[ 266.756477] lkdtm: trying to memcpy() past the end of a struct <6>[ 266.762764] lkdtm: 0: 16 <6>[ 266.765401] lkdtm: 1: 16 <6>[ 266.768158] lkdtm: s: 20 <4>[ 266.770987] ------------[ cut here ]------------ <4>[ 266.775844] WARNING: CPU: 1 PID: 5185 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 266.784636] memcpy: detected buffer overflow: 20 byte write of buffer size 16 <4>[ 266.792105] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 266.828796] CPU: 1 UID: 0 PID: 5185 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 266.838106] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 266.843359] Hardware name: STM32 (Device Tree Support) <4>[ 266.848809] Call trace: <4>[ 266.848825] unwind_backtrace from show_stack+0x18/0x1c <4>[ 266.857138] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 266.862419] dump_stack_lvl from __warn+0x84/0x134 <4>[ 266.867502] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 266.872985] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 266.879074] __fortify_report from __fortify_panic+0x8/0xc <4>[ 266.884849] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c <4>[ 266.891624] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c <4>[ 266.898209] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 266.903990] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 266.909667] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 266.915146] vfs_write from ksys_write+0x78/0xf8 <4>[ 266.920125] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 266.925498] Exception stack(0xf2c29fa8 to 0xf2c29ff0) <4>[ 266.930858] 9fa0: 00000013 00000013 00000001 b6e38000 00000013 00000001 <4>[ 266.939333] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 <4>[ 266.947803] 9fe0: 00000004 bed6f788 b6efe33b b6e77616 <4>[ 266.953308] ---[ end trace 0000000000000000 ]--- <4>[ 266.958193] ------------[ cut here ]------------ <2>[ 266.962960] kernel BUG at lib/string_helpers.c:1040! <0>[ 266.968220] Internal error: Oops - BUG: 0 [#29] SMP ARM <4>[ 266.973686] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 267.010170] CPU: 1 UID: 0 PID: 5185 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 267.019771] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 267.025025] Hardware name: STM32 (Device Tree Support) <4>[ 267.030482] PC is at __fortify_panic+0x8/0xc <4>[ 267.034960] LR is at __fortify_report+0x8c/0xd4 <4>[ 267.039736] pc : [] lr : [] psr: 60080013 <4>[ 267.046303] sp : f2c29e48 ip : 00000000 fp : 0047fe38 <4>[ 267.051862] r10: c89b8cc0 r9 : f2c29f80 r8 : c278c224 <4>[ 267.057318] r7 : f2c29f80 r6 : 00000000 r5 : c8db4000 r4 : c290fa88 <4>[ 267.064184] r3 : c8c60a40 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 <4>[ 267.070949] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 267.078418] Control: 10c5387d Table: c90bc06a DAC: 00000051 <1>[ 267.084474] Register r0 information: non-slab/vmalloc memory <1>[ 267.090445] Register r1 information: NULL pointer <1>[ 267.095402] Register r2 information: NULL pointer <1>[ 267.100361] Register r3 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 267.114144] copy_process+0x1f4/0x1f64 <6>[ 267.118406] kernel_clone+0xac/0x388 <6>[ 267.122470] sys_clone+0x78/0x9c <6>[ 267.126231] ret_fast_syscall+0x0/0x1c <4>[ 267.130486] Free path: <6>[ 267.133219] rcu_core+0x2dc/0xb14 <6>[ 267.137074] handle_softirqs+0x15c/0x430 <6>[ 267.141534] irq_exit+0xac/0xd4 <6>[ 267.145187] call_with_stack+0x18/0x20 <6>[ 267.149550] __irq_svc+0x9c/0xb8 <6>[ 267.153298] unwind_frame+0x19c/0x92c <6>[ 267.157457] arch_stack_walk+0x84/0x100 <6>[ 267.161809] stack_trace_save+0x50/0x78 <6>[ 267.166171] set_track_prepare+0x40/0x74 <6>[ 267.170631] ___slab_alloc+0xd28/0xd7c <6>[ 267.174991] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 267.180156] anon_vma_clone+0x84/0x214 <6>[ 267.184414] anon_vma_fork+0x2c/0x174 <6>[ 267.188567] copy_process+0x1d54/0x1f64 <6>[ 267.192925] kernel_clone+0xac/0x388 <6>[ 267.197081] sys_clone+0x78/0x9c <1>[ 267.200836] Register r4 information: non-slab/vmalloc memory <1>[ 267.206798] Register r5 information: non-slab/vmalloc memory <1>[ 267.212757] Register r6 information: NULL pointer <1>[ 267.217712] Register r7 information: 2-page vmalloc region starting at 0xf2c28000 allocated at kernel_clone+0xac/0x388 <1>[ 267.228725] Register r8 information: non-slab/vmalloc memory <1>[ 267.234685] Register r9 information: 2-page vmalloc region starting at 0xf2c28000 allocated at kernel_clone+0xac/0x388 <1>[ 267.245692] Register r10 information: slab kmalloc-192 start c89b8c80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 267.259552] full_proxy_open+0x124/0x24c <6>[ 267.264004] do_dentry_open+0x144/0x4dc <6>[ 267.268463] vfs_open+0x2c/0xec <6>[ 267.272115] path_openat+0x748/0x1198 <6>[ 267.276268] do_filp_open+0x98/0x134 <6>[ 267.280420] do_sys_openat2+0xbc/0xe4 <6>[ 267.284575] sys_openat+0x98/0xd4 <6>[ 267.288428] ret_fast_syscall+0x0/0x1c <4>[ 267.292679] Free path: <6>[ 267.295410] nfs_pgio_header_free+0x34/0x48 <6>[ 267.300171] nfs_write_completion+0x60/0x240 <6>[ 267.304925] rpc_free_task+0x34/0x54 <6>[ 267.309085] rpc_async_release+0x24/0x40 <6>[ 267.313542] process_one_work+0x1b8/0x450 <6>[ 267.318099] worker_thread+0x1d4/0x3c4 <6>[ 267.322354] kthread+0xe8/0x104 <6>[ 267.326004] ret_from_fork+0x14/0x28 <1>[ 267.330153] Register r11 information: non-paged memory <1>[ 267.335610] Register r12 information: NULL pointer <0>[ 267.340663] Process cat (pid: 5185, stack limit = 0xf2c28000) <0>[ 267.346620] Stack: (0xf2c29e48 to 0xf2c2a000) <0>[ 267.351276] 9e40: c290fa88 c1737958 00000014 00000000 00000000 00000000 <0>[ 267.359749] 9e60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 267.368222] 9e80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 267.376796] 9ea0: 00000000 00000000 00000000 00000000 00000000 ac6a6a79 00000013 c0e007ac <0>[ 267.385270] 9ec0: 00000013 c0e00b90 c0e00a74 c5877540 b6e38000 00000013 c3a4f4b8 c0890ff0 <0>[ 267.393745] 9ee0: c5877540 c0890f94 f2c29f80 b6e38000 c8c60a40 00000013 c89b8cc0 c0628618 <0>[ 267.402218] 9f00: c90bedb8 00000000 00000000 00000000 00000000 00000013 b6e38000 0001ffed <0>[ 267.410690] 9f20: 00000001 00000000 c5877a40 00000000 00000000 00000000 00000000 00000000 <0>[ 267.419163] 9f40: 00000000 00000000 00000000 00000000 00000022 ac6a6a79 00000000 c5877540 <0>[ 267.427637] 9f60: c5877540 00000000 00000000 c03002f0 c8c60a40 00000004 0047fe38 c0628b74 <0>[ 267.436111] 9f80: 00000000 00000000 00000000 ac6a6a79 000000c0 00000013 00000013 7ff00000 <0>[ 267.444585] 9fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e38000 00000013 00000001 <0>[ 267.453059] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 <0>[ 267.461533] 9fe0: 00000004 bed6f788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 267.469998] Call trace: <0>[ 267.470015] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c <0>[ 267.479520] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c <0>[ 267.486208] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 267.491991] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 267.497667] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 267.503144] vfs_write from ksys_write+0x78/0xf8 <0>[ 267.508022] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 267.513495] Exception stack(0xf2c29fa8 to 0xf2c29ff0) <0>[ 267.518853] 9fa0: 00000013 00000013 00000001 b6e38000 00000013 00000001 <0>[ 267.527327] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 <0>[ 267.535797] 9fe0: 00000004 bed6f788 b6efe33b b6e77616 <0>[ 267.541156] Code: e8bd47f0 eac82433 e92d4010 ebc8bf1d (e7f001f2) <4>[ 267.547513] ---[ end trace 0000000000000000 ]--- <6>[ 267.552360] note: cat[5185] exited with irqs disabled # Segmentation fault # [ 266.751622] lkdtm: Performing direct entry FORTIFY_MEM_OBJECT # [ 266.756477] lkdtm: trying to memcpy() past the end of a struct # [ 266.762764] lkdtm: 0: 16 # [ 266.765401] lkdtm: 1: 16 # [ 266.768158] lkdtm: s: 20 # [ 266.770987] ------------[ cut here ]------------ # [ 266.775844] WARNING: CPU: 1 PID: 5185 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 266.784636] memcpy: detected buffer overflow: 20 byte write of buffer size 16 # [ 266.792105] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 266.828796] CPU: 1 UID: 0 PID: 5185 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 266.838106] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 266.843359] Hardware name: STM32 (Device Tree Support) # [ 266.848809] Call trace: # [ 266.848825] unwind_backtrace from show_stack+0x18/0x1c # [ 266.857138] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 266.862419] dump_stack_lvl from __warn+0x84/0x134 # [ 266.867502] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 266.872985] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 266.879074] __fortify_report from __fortify_panic+0x8/0xc # [ 266.884849] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c # [ 266.891624] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c # [ 266.898209] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 266.903990] direct_entry from full_proxy_write+0x5c/0x8c # [ 266.909667] full_proxy_write from vfs_write+0xbc/0x3cc # [ 266.915146] vfs_write from ksys_write+0x78/0xf8 # [ 266.920125] ksys_write from ret_fast_syscall+0x0/0x1c # [ 266.925498] Exception stack(0xf2c29fa8 to 0xf2c29ff0) # [ 266.930858] 9fa0: 00000013 00000013 00000001 b6e38000 00000013 00000001 # [ 266.939333] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 # [ 266.947803] 9fe0: 00000004 bed6f788 b6efe33b b6e77616 # [ 266.953308] ---[ end trace 0000000000000000 ]--- # [ 266.958193] ------------[ cut here ]------------ # [ 266.962960] kernel BUG at lib/string_helpers.c:1040! # [ 266.968220] Internal error: Oops - BUG: 0 [#29] SMP ARM # [ 266.973686] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 267.010170] CPU: 1 UID: 0 PID: 5185 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 267.019771] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 267.025025] Hardware name: STM32 (Device Tree Support) # [ 267.030482] PC is at __fortify_panic+0x8/0xc # [ 267.034960] LR is at __fortify_report+0x8c/0xd4 # [ 267.039736] pc : [] lr : [] psr: 60080013 # [ 267.046303] sp : f2c29e48 ip : 00000000 fp : 0047fe38 # [ 267.051862] r10: c89b8cc0 r9 : f2c29f80 r8 : c278c224 # [ 267.057318] r7 : f2c29f80 r6 : 00000000 r5 : c8db4000 r4 : c290fa88 # [ 267.064184] r3 : c8c60a40 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 # [ 267.070949] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 267.078418] Control: 10c5387d Table: c90bc06a DAC: 00000051 # [ 267.084474] Register r0 information: non-slab/vmalloc memory # [ 267.090445] Register r1 information: NULL pointer # [ 267.095402] Register r2 information: NULL pointer # [ 267.100361] Register r3 information: slab task_struct start c8c60a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 267.114144] copy_process+0x1f4/0x1f64 # [ 267.118406] kernel_clone+0xac/0x388 # [ 267.122470] sys_clone+0x78/0x9c # [ 267.126231] ret_fast_syscall+0x0/0x1c # [ 267.130486] Free path: # [ 267.133219] rcu_core+0x2dc/0xb14 # [ 267.137074] handle_softirqs+0x15c/0x430 # [ 267.141534] irq_exit+0xac/0xd4 # [ 267.145187] call_with_stack+0x18/0x20 # [ 267.149550] __irq_svc+0x9c/0xb8 # [ 267.153298] unwind_frame+0x19c/0x92c # [ 267.157457] arch_stack_walk+0x84/0x100 # [ 267.161809] stack_trace_save+0x50/0x78 # [ 267.166171] set_track_prepare+0x40/0x74 # [ 267.170631] ___slab_alloc+0xd28/0xd7c # [ 267.174991] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 267.180156] anon_vma_clone+0x84/0x214 # [ 267.184414] anon_vma_fork+0x2c/0x174 # [ 267.188567] copy_process+0x1d54/0x1f64 # [ 267.192925] kernel_clone+0xac/0x388 # [ 267.197081] sys_clone+0x78/0x9c # [ 267.200836] Register r4 information: non-slab/vmalloc memory # [ 267.206798] Register r5 information: non-slab/vmalloc memory # [ 267.212757] Register r6 information: NULL pointer # [ 267.217712] Register r7 information: 2-page vmalloc region starting at 0xf2c28000 allocated at kernel_clone+0xac/0x388 # [ 267.228725] Register r8 information: non-slab/vmalloc memory # [ 267.234685] Register r9 information: 2-page vmalloc region starting at 0xf2c28000 allocated at kernel_clone+0xac/0x388 # [ 267.245692] Register r10 information: slab kmalloc-192 start c89b8c80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 267.259552] full_proxy_open+0x124/0x24c # [ 267.264004] do_dentry_open+0x144/0x4dc # [ 267.268463] vfs_open+0x2c/0xec # [ 267.272115] path_openat+0x748/0x1198 # [ 267.276268] do_filp_open+0x98/0x134 # [ 267.280420] do_sys_openat2+0xbc/0xe4 # [ 267.284575] sys_openat+0x98/0xd4 # [ 267.288428] ret_fast_syscall+0x0/0x1c # [ 267.292679] Free path: # [ 267.295410] nfs_pgio_header_free+0x34/0x48 # [ 267.300171] nfs_write_completion+0x60/0x240 # [ 267.304925] rpc_free_task+0x34/0x54 # [ 267.309085] rpc_async_release+0x24/0x40 # [ 267.313542] process_one_work+0x1b8/0x450 # [ 267.318099] worker_thread+0x1d4/0x3c4 # [ 267.322354] kthread+0xe8/0x104 # [ 267.326004] ret_from_fork+0x14/0x28 # [ 267.330153] Register r11 information: non-paged memory # [ 267.335610] Register r12 information: NULL pointer # [ 267.340663] Process cat (pid: 5185, stack limit = 0xf2c28000) # [ 267.346620] Stack: (0xf2c29e48 to 0xf2c2a000) # [ 267.351276] 9e40: c290fa88 c1737958 00000014 00000000 00000000 00000000 # [ 267.359749] 9e60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 267.368222] 9e80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 267.376796] 9ea0: 00000000 00000000 00000000 00000000 00000000 ac6a6a79 00000013 c0e007ac # [ 267.385270] 9ec0: 00000013 c0e00b90 c0e00a74 c5877540 b6e38000 00000013 c3a4f4b8 c0890ff0 # [ 267.393745] 9ee0: c5877540 c0890f94 f2c29f80 b6e38000 c8c60a40 00000013 c89b8cc0 c0628618 # [ 267.402218] 9f00: c90bedb8 00000000 00000000 00000000 00000000 00000013 b6e38000 0001ffed # [ 267.410690] 9f20: 00000001 00000000 c5877a40 00000000 00000000 00000000 00000000 00000000 # [ 267.419163] 9f40: 00000000 00000000 00000000 00000000 00000022 ac6a6a79 00000000 c5877540 # [ 267.427637] 9f60: c5877540 00000000 00000000 c03002f0 c8c60a40 00000004 0047fe38 c0628b74 # [ 267.436111] 9f80: 00000000 00000000 00000000 ac6a6a79 000000c0 00000013 00000013 7ff00000 # [ 267.444585] 9fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e38000 00000013 00000001 # [ 267.453059] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 # [ 267.461533] 9fe0: 00000004 bed6f788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 267.469998] Call trace: # [ 267.470015] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c # [ 267.479520] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c # [ 267.486208] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 267.491991] direct_entry from full_proxy_write+0x5c/0x8c # [ 267.497667] full_proxy_write from vfs_write+0xbc/0x3cc # [ 267.503144] vfs_write from ksys_write+0x78/0xf8 # [ 267.508022] ksys_write from ret_fast_syscall+0x0/0x1c # [ 267.513495] Exception stack(0xf2c29fa8 to 0xf2c29ff0) # [ 267.518853] 9fa0: 00000013 00000013 00000001 b6e38000 00000013 00000001 # [ 267.527327] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 # [ 267.535797] 9fe0: 00000004 bed6f788 b6efe33b b6e77616 # [ 267.541156] Code: e8bd47f0 eac82433 e92d4010 ebc8bf1d (e7f001f2) # [ 267.547513] ---[ end trace 0000000000000000 ]--- # [ 267.552360] note: cat[5185] exited with irqs disabled # FORTIFY_MEM_OBJECT: saw 'detected buffer overflow': ok ok 83 selftests: lkdtm: FORTIFY_MEM_OBJECT.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_MEM_MEMBER.sh <6>[ 269.429114] lkdtm: Performing direct entry FORTIFY_MEM_MEMBER <6>[ 269.433977] lkdtm: trying to memcpy() past the end of a struct member... <4>[ 269.441347] ------------[ cut here ]------------ <4>[ 269.445929] WARNING: CPU: 0 PID: 5273 at drivers/misc/lkdtm/fortify.c:122 lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 <4>[ 269.456036] memcpy: detected field-spanning write (size 15) of single field "target.a" at drivers/misc/lkdtm/fortify.c:122 (size 10) <4>[ 269.468525] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 269.504954] CPU: 0 UID: 0 PID: 5273 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 <4>[ 269.514362] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 269.519514] Hardware name: STM32 (Device Tree Support) <4>[ 269.524966] Call trace: <4>[ 269.524981] unwind_backtrace from show_stack+0x18/0x1c <4>[ 269.533294] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 269.538671] dump_stack_lvl from __warn+0x84/0x134 <4>[ 269.543654] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 269.549136] warn_slowpath_fmt from lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 <4>[ 269.556125] lkdtm_FORTIFY_MEM_MEMBER from lkdtm_do_action+0x24/0x4c <4>[ 269.562808] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 269.568489] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 269.574166] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 269.579743] vfs_write from ksys_write+0x78/0xf8 <4>[ 269.584620] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 269.589993] Exception stack(0xf2c95fa8 to 0xf2c95ff0) <4>[ 269.595352] 5fa0: 00000013 00000013 00000001 b6da8000 00000013 00000001 <4>[ 269.603827] 5fc0: 00000013 00000013 7ff00000 00000004 00000001 b6da8000 00020000 004dfe38 <4>[ 269.612296] 5fe0: 00000004 beea5788 b6e6e33b b6de7616 <4>[ 269.617832] ---[ end trace 0000000000000000 ]--- <3>[ 269.622704] lkdtm: FAIL: fortify did not block a memcpy() struct member write overflow! <3>[ 269.630978] lkdtm: Unexpected! This kernel (6.12.0-rc1-next-20241002 armv7l) was built with CONFIG_FORTIFY_SOURCE=y # [ 269.429114] lkdtm: Performing direct entry FORTIFY_MEM_MEMBER # [ 269.433977] lkdtm: trying to memcpy() past the end of a struct member... # [ 269.441347] ------------[ cut here ]------------ # [ 269.445929] WARNING: CPU: 0 PID: 5273 at drivers/misc/lkdtm/fortify.c:122 lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 # [ 269.456036] memcpy: detected field-spanning write (size 15) of single field "target.a" at drivers/misc/lkdtm/fortify.c:122 (size 10) # [ 269.468525] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus brcmfmac snd_pcm_dmaengine snd_pcm snd_timer brcmutil snd soundcore hci_uart btbcm adv7511 cfg80211 bluetooth stm32_adc_core ecdh_generic snd_soc_stm32_sai ecc stm_drm etnaviv drm_dma_helper gpu_sched stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 269.504954] CPU: 0 UID: 0 PID: 5273 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241002 #1 # [ 269.514362] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 269.519514] Hardware name: STM32 (Device Tree Support) # [ 269.524966] Call trace: # [ 269.524981] unwind_backtrace from show_stack+0x18/0x1c # [ 269.533294] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 269.538671] dump_stack_lvl from __warn+0x84/0x134 # [ 269.543654] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 269.549136] warn_slowpath_fmt from lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 # [ 269.556125] lkdtm_FORTIFY_MEM_MEMBER from lkdtm_do_action+0x24/0x4c # [ 269.562808] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 269.568489] direct_entry from full_proxy_write+0x5c/0x8c # [ 269.574166] full_proxy_write from vfs_write+0xbc/0x3cc # [ 269.579743] vfs_write from ksys_write+0x78/0xf8 # [ 269.584620] ksys_write from ret_fast_syscall+0x0/0x1c # [ 269.589993] Exception stack(0xf2c95fa8 to 0xf2c95ff0) # [ 269.595352] 5fa0: 00000013 00000013 00000001 b6da8000 00000013 00000001 # [ 269.603827] 5fc0: 00000013 00000013 7ff00000 00000004 00000001 b6da8000 00020000 004dfe38 # [ 269.612296] 5fe0: 00000004 beea5788 b6e6e33b b6de7616 # [ 269.617832] ---[ end trace 0000000000000000 ]--- # [ 269.622704] lkdtm: FAIL: fortify did not block a memcpy() struct member write overflow! # [ 269.630978] lkdtm: Unexpected! This kernel (6.12.0-rc1-next-20241002 armv7l) was built with CONFIG_FORTIFY_SOURCE=y # FORTIFY_MEM_MEMBER: saw 'detected field-spanning write': ok ok 84 selftests: lkdtm: FORTIFY_MEM_MEMBER.sh # timeout set to 45 # selftests: lkdtm: PPC_SLB_MULTIHIT.sh # Skipped: test 'PPC_SLB_MULTIHIT' missing in /sys/kernel/debug/provoke-crash/DIRECT! ok 85 selftests: lkdtm: PPC_SLB_MULTIHIT.sh # SKIP # timeout set to 45 # selftests: lkdtm: stack-entropy.sh <6>[ 271.016483] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.020736] lkdtm: Starting stack offset tracking for pid 5318 <6>[ 271.026802] lkdtm: Stack offset: 0 <6>[ 271.045416] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.049700] lkdtm: Stack offset: 0 <6>[ 271.062484] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.066760] lkdtm: Stack offset: 0 <6>[ 271.080465] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.084686] lkdtm: Stack offset: 0 <6>[ 271.093281] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.097435] lkdtm: Stack offset: 0 <6>[ 271.103256] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.107538] lkdtm: Stack offset: 0 <6>[ 271.113050] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.117184] lkdtm: Stack offset: 0 <6>[ 271.122819] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.126944] lkdtm: Stack offset: 0 <6>[ 271.132476] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.136614] lkdtm: Stack offset: 0 <6>[ 271.142137] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.146273] lkdtm: Stack offset: 0 <6>[ 271.151937] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.156087] lkdtm: Stack offset: 0 <6>[ 271.161594] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.165730] lkdtm: Stack offset: 0 <6>[ 271.171164] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.175302] lkdtm: Stack offset: 0 <6>[ 271.180876] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.185043] lkdtm: Stack offset: 0 <6>[ 271.190545] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.194705] lkdtm: Stack offset: 0 <6>[ 271.200248] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.204418] lkdtm: Stack offset: 0 <6>[ 271.209982] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.214114] lkdtm: Stack offset: 0 <6>[ 271.219595] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.223727] lkdtm: Stack offset: 0 <6>[ 271.229240] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.233376] lkdtm: Stack offset: 0 <6>[ 271.239035] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.243165] lkdtm: Stack offset: 0 <6>[ 271.248855] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.252979] lkdtm: Stack offset: 0 <6>[ 271.258487] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.262698] lkdtm: Stack offset: 0 <6>[ 271.268237] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.272410] lkdtm: Stack offset: 0 <6>[ 271.277934] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.282082] lkdtm: Stack offset: 0 <6>[ 271.304908] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.309939] lkdtm: Stack offset: 0 <6>[ 271.320245] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.330006] lkdtm: Stack offset: 0 <6>[ 271.333995] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.338180] lkdtm: Stack offset: 0 <6>[ 271.342603] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.347378] lkdtm: Stack offset: 0 <6>[ 271.351605] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.356967] lkdtm: Stack offset: 0 <6>[ 271.363049] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.367614] lkdtm: Stack offset: 0 <6>[ 271.371767] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.376441] lkdtm: Stack offset: 0 <6>[ 271.380756] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.385602] lkdtm: Stack offset: 0 <6>[ 271.389935] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.395131] lkdtm: Stack offset: 0 <6>[ 271.399120] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.404043] lkdtm: Stack offset: 0 <6>[ 271.408443] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.413387] lkdtm: Stack offset: 0 <6>[ 271.417427] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.423089] lkdtm: Stack offset: 0 <6>[ 271.426624] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.431594] lkdtm: Stack offset: 0 <6>[ 271.435868] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.440774] lkdtm: Stack offset: 0 <6>[ 271.445075] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.450057] lkdtm: Stack offset: 0 <6>[ 271.454182] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.459054] lkdtm: Stack offset: 0 <6>[ 271.463312] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.468314] lkdtm: Stack offset: 0 <6>[ 271.472480] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.477478] lkdtm: Stack offset: 0 <6>[ 271.481748] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.486599] lkdtm: Stack offset: 0 <6>[ 271.490800] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.495761] lkdtm: Stack offset: 0 <6>[ 271.500077] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.504945] lkdtm: Stack offset: 0 <6>[ 271.509260] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.514156] lkdtm: Stack offset: 0 <6>[ 271.518365] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.523361] lkdtm: Stack offset: 0 <6>[ 271.527547] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.532528] lkdtm: Stack offset: 0 <6>[ 271.536783] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.541705] lkdtm: Stack offset: 0 <6>[ 271.545914] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.550885] lkdtm: Stack offset: 0 <6>[ 271.555095] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.560065] lkdtm: Stack offset: 0 <6>[ 271.564234] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.569222] lkdtm: Stack offset: 0 <6>[ 271.573467] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.578463] lkdtm: Stack offset: 0 <6>[ 271.582638] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.587572] lkdtm: Stack offset: 0 <6>[ 271.591783] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.596746] lkdtm: Stack offset: 0 <6>[ 271.601057] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.605932] lkdtm: Stack offset: 0 <6>[ 271.610219] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.615111] lkdtm: Stack offset: 0 <6>[ 271.619292] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.624391] lkdtm: Stack offset: 0 <6>[ 271.629970] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.638036] lkdtm: Stack offset: 0 <6>[ 271.658539] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.667053] lkdtm: Stack offset: 0 <6>[ 271.675369] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.679691] lkdtm: Stack offset: 0 <6>[ 271.684039] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.688789] lkdtm: Stack offset: 0 <6>[ 271.695310] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.699533] lkdtm: Stack offset: 0 <6>[ 271.704251] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.708755] lkdtm: Stack offset: 0 <6>[ 271.713060] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.717894] lkdtm: Stack offset: 0 <6>[ 271.722093] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.727071] lkdtm: Stack offset: 0 <6>[ 271.731269] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.736283] lkdtm: Stack offset: 0 <6>[ 271.740443] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.745702] lkdtm: Stack offset: 0 <6>[ 271.749594] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.754760] lkdtm: Stack offset: 0 <6>[ 271.758897] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.763766] lkdtm: Stack offset: 0 <6>[ 271.767981] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.774976] lkdtm: Stack offset: 0 <6>[ 271.782487] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.791135] lkdtm: Stack offset: 0 <6>[ 271.795653] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.800381] lkdtm: Stack offset: 0 <6>[ 271.804347] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.809438] lkdtm: Stack offset: 0 <6>[ 271.814001] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.818457] lkdtm: Stack offset: 0 <6>[ 271.823160] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.827621] lkdtm: Stack offset: 0 <6>[ 271.832003] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.836863] lkdtm: Stack offset: 0 <6>[ 271.841267] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.846210] lkdtm: Stack offset: 0 <6>[ 271.850238] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.855257] lkdtm: Stack offset: 0 <6>[ 271.859429] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.864425] lkdtm: Stack offset: 0 <6>[ 271.868617] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.873551] lkdtm: Stack offset: 0 <6>[ 271.877918] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.882709] lkdtm: Stack offset: 0 <6>[ 271.887013] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.891875] lkdtm: Stack offset: 0 <6>[ 271.896168] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.901140] lkdtm: Stack offset: 0 <6>[ 271.905326] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.910313] lkdtm: Stack offset: 0 <6>[ 271.914517] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.919504] lkdtm: Stack offset: 0 <6>[ 271.923756] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.928602] lkdtm: Stack offset: 0 <6>[ 271.932903] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.937770] lkdtm: Stack offset: 0 <6>[ 271.942093] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.946967] lkdtm: Stack offset: 0 <6>[ 271.951268] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.956182] lkdtm: Stack offset: 0 <6>[ 271.960345] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.965591] lkdtm: Stack offset: 0 <6>[ 271.974786] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.979504] lkdtm: Stack offset: 0 <6>[ 271.996065] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.000246] lkdtm: Stack offset: 0 <6>[ 272.005096] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.009997] lkdtm: Stack offset: 0 <6>[ 272.015261] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.019435] lkdtm: Stack offset: 0 <6>[ 272.024271] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.028721] lkdtm: Stack offset: 0 <6>[ 272.033498] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.037874] lkdtm: Stack offset: 0 <6>[ 272.042485] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.047060] lkdtm: Stack offset: 0 <6>[ 272.051593] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.056404] lkdtm: Stack offset: 0 <6>[ 272.060949] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.065536] lkdtm: Stack offset: 0 <6>[ 272.070161] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.074524] lkdtm: Stack offset: 0 <6>[ 272.079284] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.083764] lkdtm: Stack offset: 0 <6>[ 272.088318] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.092887] lkdtm: Stack offset: 0 <6>[ 272.097785] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.102127] lkdtm: Stack offset: 0 <6>[ 272.106621] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.111276] lkdtm: Stack offset: 0 <6>[ 272.115444] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.120539] lkdtm: Stack offset: 0 <6>[ 272.124807] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.129645] lkdtm: Stack offset: 0 <6>[ 272.133969] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.138816] lkdtm: Stack offset: 0 <6>[ 272.143052] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.148018] lkdtm: Stack offset: 0 <6>[ 272.152214] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.157183] lkdtm: Stack offset: 0 <6>[ 272.161334] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.166446] lkdtm: Stack offset: 0 <6>[ 272.170603] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.175588] lkdtm: Stack offset: 0 <6>[ 272.179868] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.184721] lkdtm: Stack offset: 0 <6>[ 272.188964] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.193936] lkdtm: Stack offset: 0 <6>[ 272.198272] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.203132] lkdtm: Stack offset: 0 <6>[ 272.207271] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.212257] lkdtm: Stack offset: 0 <6>[ 272.216444] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.221436] lkdtm: Stack offset: 0 <6>[ 272.225796] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.230640] lkdtm: Stack offset: 0 <6>[ 272.234951] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.239799] lkdtm: Stack offset: 0 <6>[ 272.244033] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.249001] lkdtm: Stack offset: 0 <6>[ 272.253201] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.258176] lkdtm: Stack offset: 0 <6>[ 272.262361] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.267356] lkdtm: Stack offset: 0 <6>[ 272.273415] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.277609] lkdtm: Stack offset: 0 <6>[ 272.290343] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.300857] lkdtm: Stack offset: 0 <6>[ 272.309183] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.313391] lkdtm: Stack offset: 0 <6>[ 272.317615] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.322524] lkdtm: Stack offset: 0 <6>[ 272.326845] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.331774] lkdtm: Stack offset: 0 <6>[ 272.335934] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.340954] lkdtm: Stack offset: 0 <6>[ 272.345101] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.350572] lkdtm: Stack offset: 0 <6>[ 272.354441] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.359708] lkdtm: Stack offset: 0 <6>[ 272.363551] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.368789] lkdtm: Stack offset: 0 <6>[ 272.372807] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.377643] lkdtm: Stack offset: 0 <6>[ 272.381918] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.386868] lkdtm: Stack offset: 0 <6>[ 272.391067] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.396048] lkdtm: Stack offset: 0 <6>[ 272.400461] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.405386] lkdtm: Stack offset: 0 <6>[ 272.409494] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.414382] lkdtm: Stack offset: 0 <6>[ 272.418739] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.423590] lkdtm: Stack offset: 0 <6>[ 272.427810] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.432764] lkdtm: Stack offset: 0 <6>[ 272.436963] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.441945] lkdtm: Stack offset: 0 <6>[ 272.446144] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.451114] lkdtm: Stack offset: 0 <6>[ 272.455300] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.460321] lkdtm: Stack offset: 0 <6>[ 272.464495] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.469492] lkdtm: Stack offset: 0 <6>[ 272.473761] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.478626] lkdtm: Stack offset: 0 <6>[ 272.482927] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.487874] lkdtm: Stack offset: 0 <6>[ 272.492015] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.497091] lkdtm: Stack offset: 0 <6>[ 272.501273] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.506266] lkdtm: Stack offset: 0 <6>[ 272.510449] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.515431] lkdtm: Stack offset: 0 <6>[ 272.519625] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.524552] lkdtm: Stack offset: 0 <6>[ 272.528876] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.533768] lkdtm: Stack offset: 0 <6>[ 272.537983] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.542949] lkdtm: Stack offset: 0 <6>[ 272.547148] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.552128] lkdtm: Stack offset: 0 <6>[ 272.556286] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.561375] lkdtm: Stack offset: 0 <6>[ 272.565583] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.570463] lkdtm: Stack offset: 0 <6>[ 272.574831] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.579713] lkdtm: Stack offset: 0 <6>[ 272.583904] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.588872] lkdtm: Stack offset: 0 <6>[ 272.593089] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.598058] lkdtm: Stack offset: 0 <6>[ 272.602231] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.607230] lkdtm: Stack offset: 0 <6>[ 272.611386] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.617557] lkdtm: Stack offset: 0 <6>[ 272.623898] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.628794] lkdtm: Stack offset: 0 <6>[ 272.640921] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.650490] lkdtm: Stack offset: 0 <6>[ 272.660252] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.664438] lkdtm: Stack offset: 0 <6>[ 272.672447] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.677032] lkdtm: Stack offset: 0 <6>[ 272.681264] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.685937] lkdtm: Stack offset: 0 <6>[ 272.690191] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.695069] lkdtm: Stack offset: 0 <6>[ 272.699210] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.704197] lkdtm: Stack offset: 0 <6>[ 272.708431] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.713412] lkdtm: Stack offset: 0 <6>[ 272.717586] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.722815] lkdtm: Stack offset: 0 <6>[ 272.726925] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.731903] lkdtm: Stack offset: 0 <6>[ 272.735980] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.740950] lkdtm: Stack offset: 0 <6>[ 272.745153] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.750128] lkdtm: Stack offset: 0 <6>[ 272.754565] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.759385] lkdtm: Stack offset: 0 <6>[ 272.763527] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.768540] lkdtm: Stack offset: 0 <6>[ 272.772858] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.777631] lkdtm: Stack offset: 0 <6>[ 272.781949] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.786849] lkdtm: Stack offset: 0 <6>[ 272.791235] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.796055] lkdtm: Stack offset: 0 <6>[ 272.800267] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.805286] lkdtm: Stack offset: 0 <6>[ 272.809384] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.814396] lkdtm: Stack offset: 0 <6>[ 272.818574] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.823583] lkdtm: Stack offset: 0 <6>[ 272.827900] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.832777] lkdtm: Stack offset: 0 <6>[ 272.836974] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.841976] lkdtm: Stack offset: 0 <6>[ 272.846210] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.851144] lkdtm: Stack offset: 0 <6>[ 272.855329] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.860378] lkdtm: Stack offset: 0 <6>[ 272.864494] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.869532] lkdtm: Stack offset: 0 <6>[ 272.873896] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.878693] lkdtm: Stack offset: 0 <6>[ 272.882951] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.887798] lkdtm: Stack offset: 0 <6>[ 272.892071] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.897039] lkdtm: Stack offset: 0 <6>[ 272.901226] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.906224] lkdtm: Stack offset: 0 <6>[ 272.910410] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.915424] lkdtm: Stack offset: 0 <6>[ 272.919594] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.924586] lkdtm: Stack offset: 0 <6>[ 272.928864] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.933722] lkdtm: Stack offset: 0 <6>[ 272.937961] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.943209] lkdtm: Stack offset: 0 <6>[ 272.948057] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.957809] lkdtm: Stack offset: 0 <6>[ 272.969418] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.977558] lkdtm: Stack offset: 0 <6>[ 272.986647] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.990868] lkdtm: Stack offset: 0 <6>[ 272.995566] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.000543] lkdtm: Stack offset: 0 <6>[ 273.005003] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.009278] lkdtm: Stack offset: 0 <6>[ 273.013724] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.018461] lkdtm: Stack offset: 0 <6>[ 273.023286] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.027686] lkdtm: Stack offset: 0 <6>[ 273.032321] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.036794] lkdtm: Stack offset: 0 <6>[ 273.041748] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.046175] lkdtm: Stack offset: 0 <6>[ 273.050780] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.055283] lkdtm: Stack offset: 0 <6>[ 273.060061] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.064413] lkdtm: Stack offset: 0 <6>[ 273.069098] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.073565] lkdtm: Stack offset: 0 <6>[ 273.078253] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.082745] lkdtm: Stack offset: 0 <6>[ 273.087308] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.091878] lkdtm: Stack offset: 0 <6>[ 273.096542] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.101116] lkdtm: Stack offset: 0 <6>[ 273.105626] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.110317] lkdtm: Stack offset: 0 <6>[ 273.115021] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.119469] lkdtm: Stack offset: 0 <6>[ 273.124141] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.128612] lkdtm: Stack offset: 0 <6>[ 273.133331] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.137800] lkdtm: Stack offset: 0 <6>[ 273.142481] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.147052] lkdtm: Stack offset: 0 <6>[ 273.151605] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.156216] lkdtm: Stack offset: 0 <6>[ 273.160410] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.165392] lkdtm: Stack offset: 0 <6>[ 273.169576] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.174584] lkdtm: Stack offset: 0 <6>[ 273.178866] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.183728] lkdtm: Stack offset: 0 <6>[ 273.187887] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.192945] lkdtm: Stack offset: 0 <6>[ 273.197149] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.202123] lkdtm: Stack offset: 0 <6>[ 273.206303] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.211296] lkdtm: Stack offset: 0 <6>[ 273.215522] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.220504] lkdtm: Stack offset: 0 <6>[ 273.224759] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.229607] lkdtm: Stack offset: 0 <6>[ 273.233884] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.238875] lkdtm: Stack offset: 0 <6>[ 273.243091] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.247969] lkdtm: Stack offset: 0 <6>[ 273.252174] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.258235] lkdtm: Stack offset: 0 <6>[ 273.261977] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.272262] lkdtm: Stack offset: 0 <6>[ 273.284143] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.294895] lkdtm: Stack offset: 0 <6>[ 273.298751] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.303027] lkdtm: Stack offset: 0 <6>[ 273.307278] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.312500] lkdtm: Stack offset: 0 <6>[ 273.319059] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.323619] lkdtm: Stack offset: 0 <6>[ 273.327508] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.332523] lkdtm: Stack offset: 0 <6>[ 273.336982] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.341694] lkdtm: Stack offset: 0 <6>[ 273.346326] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.350799] lkdtm: Stack offset: 0 <6>[ 273.355480] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.360056] lkdtm: Stack offset: 0 <6>[ 273.364985] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.369314] lkdtm: Stack offset: 0 <6>[ 273.373951] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.378411] lkdtm: Stack offset: 0 <6>[ 273.383095] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.387552] lkdtm: Stack offset: 0 <6>[ 273.391846] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.396725] lkdtm: Stack offset: 0 <6>[ 273.400951] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.405923] lkdtm: Stack offset: 0 <6>[ 273.410127] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.415100] lkdtm: Stack offset: 0 <6>[ 273.419258] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.424370] lkdtm: Stack offset: 0 <6>[ 273.428433] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.433558] lkdtm: Stack offset: 0 <6>[ 273.437623] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.442637] lkdtm: Stack offset: 0 <6>[ 273.446955] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.451799] lkdtm: Stack offset: 0 <6>[ 273.456037] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.461001] lkdtm: Stack offset: 0 <6>[ 273.465189] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.470162] lkdtm: Stack offset: 0 <6>[ 273.474410] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.479404] lkdtm: Stack offset: 0 <6>[ 273.483598] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.488589] lkdtm: Stack offset: 0 <6>[ 273.492849] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.497733] lkdtm: Stack offset: 0 <6>[ 273.502060] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.506931] lkdtm: Stack offset: 0 <6>[ 273.511146] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.516122] lkdtm: Stack offset: 0 <6>[ 273.520280] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.525274] lkdtm: Stack offset: 0 <6>[ 273.529463] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.534461] lkdtm: Stack offset: 0 <6>[ 273.538638] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.543582] lkdtm: Stack offset: 0 <6>[ 273.547896] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.552759] lkdtm: Stack offset: 0 <6>[ 273.557066] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.562061] lkdtm: Stack offset: 0 <6>[ 273.566236] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.571226] lkdtm: Stack offset: 0 <6>[ 273.575413] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.580392] lkdtm: Stack offset: 0 <6>[ 273.586282] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.592513] lkdtm: Stack offset: 0 <6>[ 273.596040] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.603031] lkdtm: Stack offset: 0 <6>[ 273.609200] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.619792] lkdtm: Stack offset: 0 <6>[ 273.630202] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.634416] lkdtm: Stack offset: 0 <6>[ 273.642425] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.647072] lkdtm: Stack offset: 0 <6>[ 273.651507] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.655845] lkdtm: Stack offset: 0 <6>[ 273.660496] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.664963] lkdtm: Stack offset: 0 <6>[ 273.669590] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.674202] lkdtm: Stack offset: 0 <6>[ 273.678867] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.683309] lkdtm: Stack offset: 0 <6>[ 273.688275] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.692622] lkdtm: Stack offset: 0 <6>[ 273.697490] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.701790] lkdtm: Stack offset: 0 <6>[ 273.707296] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.711462] lkdtm: Stack offset: 0 <6>[ 273.716425] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.720730] lkdtm: Stack offset: 0 <6>[ 273.725335] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.729904] lkdtm: Stack offset: 0 <6>[ 273.734461] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.739037] lkdtm: Stack offset: 0 <6>[ 273.743876] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.748216] lkdtm: Stack offset: 0 <6>[ 273.753106] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.757367] lkdtm: Stack offset: 0 <6>[ 273.762152] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.766619] lkdtm: Stack offset: 0 <6>[ 273.771253] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.776065] lkdtm: Stack offset: 0 <6>[ 273.780461] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.785015] lkdtm: Stack offset: 0 <6>[ 273.789791] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.794157] lkdtm: Stack offset: 0 <6>[ 273.798332] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.803329] lkdtm: Stack offset: 0 <6>[ 273.807522] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.812502] lkdtm: Stack offset: 0 <6>[ 273.816757] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.821719] lkdtm: Stack offset: 0 <6>[ 273.825902] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.830899] lkdtm: Stack offset: 0 <6>[ 273.835126] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.840088] lkdtm: Stack offset: 0 <6>[ 273.844291] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.849321] lkdtm: Stack offset: 0 <6>[ 273.853416] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.858411] lkdtm: Stack offset: 0 <6>[ 273.862600] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.867579] lkdtm: Stack offset: 0 <6>[ 273.871856] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.876719] lkdtm: Stack offset: 0 <6>[ 273.880982] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.885951] lkdtm: Stack offset: 0 <6>[ 273.890158] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.895135] lkdtm: Stack offset: 0 <6>[ 273.899530] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.904323] lkdtm: Stack offset: 0 <6>[ 273.910450] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.916966] lkdtm: Stack offset: 0 <6>[ 273.922546] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.931460] lkdtm: Stack offset: 0 <6>[ 273.951332] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.955795] lkdtm: Stack offset: 0 <6>[ 273.962968] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.967605] lkdtm: Stack offset: 0 <6>[ 273.972142] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.976420] lkdtm: Stack offset: 0 <6>[ 273.981153] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.985513] lkdtm: Stack offset: 0 <6>[ 273.990274] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.994742] lkdtm: Stack offset: 0 <6>[ 273.999323] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.003895] lkdtm: Stack offset: 0 <6>[ 274.008843] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.013266] lkdtm: Stack offset: 0 <6>[ 274.017785] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.022241] lkdtm: Stack offset: 0 <6>[ 274.027043] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.031389] lkdtm: Stack offset: 0 <6>[ 274.036159] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.040617] lkdtm: Stack offset: 0 <6>[ 274.045310] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.049782] lkdtm: Stack offset: 0 <6>[ 274.054461] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.059036] lkdtm: Stack offset: 0 <6>[ 274.063586] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.068198] lkdtm: Stack offset: 0 <6>[ 274.072800] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.077376] lkdtm: Stack offset: 0 <6>[ 274.082200] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.086590] lkdtm: Stack offset: 0 <6>[ 274.091324] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.095715] lkdtm: Stack offset: 0 <6>[ 274.100336] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.104901] lkdtm: Stack offset: 0 <6>[ 274.109488] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.114076] lkdtm: Stack offset: 0 <6>[ 274.118609] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.123252] lkdtm: Stack offset: 0 <6>[ 274.127424] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.132419] lkdtm: Stack offset: 0 <6>[ 274.136609] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.141641] lkdtm: Stack offset: 0 <6>[ 274.145946] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.150794] lkdtm: Stack offset: 0 <6>[ 274.154942] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.160015] lkdtm: Stack offset: 0 <6>[ 274.164214] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.169198] lkdtm: Stack offset: 0 <6>[ 274.173400] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.178397] lkdtm: Stack offset: 0 <6>[ 274.182594] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.187573] lkdtm: Stack offset: 0 <6>[ 274.191845] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.196709] lkdtm: Stack offset: 0 <6>[ 274.200866] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.205935] lkdtm: Stack offset: 0 <6>[ 274.210142] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.215110] lkdtm: Stack offset: 0 <6>[ 274.219255] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.224256] lkdtm: Stack offset: 0 <6>[ 274.228417] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.234603] lkdtm: Stack offset: 0 <6>[ 274.243469] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.248365] lkdtm: Stack offset: 0 <6>[ 274.253493] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.264123] lkdtm: Stack offset: 0 <6>[ 274.273329] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.277840] lkdtm: Stack offset: 0 <6>[ 274.282236] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.286974] lkdtm: Stack offset: 0 <6>[ 274.291077] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.295853] lkdtm: Stack offset: 0 <6>[ 274.300263] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.305169] lkdtm: Stack offset: 0 <6>[ 274.309355] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.314337] lkdtm: Stack offset: 0 <6>[ 274.318506] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.323496] lkdtm: Stack offset: 0 <6>[ 274.328007] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.332870] lkdtm: Stack offset: 0 <6>[ 274.336903] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.341985] lkdtm: Stack offset: 0 <6>[ 274.346165] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.351088] lkdtm: Stack offset: 0 <6>[ 274.355195] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.360173] lkdtm: Stack offset: 0 <6>[ 274.364328] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.369450] lkdtm: Stack offset: 0 <6>[ 274.373520] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.378623] lkdtm: Stack offset: 0 <6>[ 274.382849] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.388016] lkdtm: Stack offset: 0 <6>[ 274.393439] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.397625] lkdtm: Stack offset: 0 <6>[ 274.401964] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.406814] lkdtm: Stack offset: 0 <6>[ 274.411049] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.416019] lkdtm: Stack offset: 0 <6>[ 274.420204] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.425181] lkdtm: Stack offset: 0 <6>[ 274.429445] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.434470] lkdtm: Stack offset: 0 <6>[ 274.438636] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.443568] lkdtm: Stack offset: 0 <6>[ 274.447780] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.453066] lkdtm: Stack offset: 0 <6>[ 274.457055] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.461973] lkdtm: Stack offset: 0 <6>[ 274.466230] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.471144] lkdtm: Stack offset: 0 <6>[ 274.475328] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.480320] lkdtm: Stack offset: 0 <6>[ 274.484508] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.489534] lkdtm: Stack offset: 0 <6>[ 274.493867] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.498706] lkdtm: Stack offset: 0 <6>[ 274.502921] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.507915] lkdtm: Stack offset: 0 <6>[ 274.512134] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.517043] lkdtm: Stack offset: 0 <6>[ 274.521241] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.526258] lkdtm: Stack offset: 0 <6>[ 274.530456] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.535475] lkdtm: Stack offset: 0 <6>[ 274.539567] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.544583] lkdtm: Stack offset: 0 <6>[ 274.548855] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.555778] lkdtm: Stack offset: 0 <6>[ 274.568381] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.575133] lkdtm: Stack offset: 0 <6>[ 274.589380] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.596276] lkdtm: Stack offset: 0 <6>[ 274.599383] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.604201] lkdtm: Stack offset: 0 <6>[ 274.609143] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.613330] lkdtm: Stack offset: 0 <6>[ 274.617823] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.622499] lkdtm: Stack offset: 0 <6>[ 274.627226] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.631713] lkdtm: Stack offset: 0 <6>[ 274.636353] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.640929] lkdtm: Stack offset: 0 <6>[ 274.645502] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.650089] lkdtm: Stack offset: 0 <6>[ 274.655018] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.659452] lkdtm: Stack offset: 0 <6>[ 274.664084] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.668445] lkdtm: Stack offset: 0 <6>[ 274.673137] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.677597] lkdtm: Stack offset: 0 <6>[ 274.682327] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.686803] lkdtm: Stack offset: 0 <6>[ 274.691471] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.696061] lkdtm: Stack offset: 0 <6>[ 274.700590] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.705204] lkdtm: Stack offset: 0 <6>[ 274.709908] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.714351] lkdtm: Stack offset: 0 <6>[ 274.719398] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.723604] lkdtm: Stack offset: 0 <6>[ 274.728262] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.732831] lkdtm: Stack offset: 0 <6>[ 274.737421] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.741998] lkdtm: Stack offset: 0 <6>[ 274.746540] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.751208] lkdtm: Stack offset: 0 <6>[ 274.755913] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.760356] lkdtm: Stack offset: 0 <6>[ 274.765026] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.769485] lkdtm: Stack offset: 0 <6>[ 274.774233] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.778716] lkdtm: Stack offset: 0 <6>[ 274.783296] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.787896] lkdtm: Stack offset: 0 <6>[ 274.792926] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.797297] lkdtm: Stack offset: 0 <6>[ 274.801907] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.806329] lkdtm: Stack offset: 0 <6>[ 274.810533] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.815597] lkdtm: Stack offset: 0 <6>[ 274.819809] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.824765] lkdtm: Stack offset: 0 <6>[ 274.828914] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.833881] lkdtm: Stack offset: 0 <6>[ 274.838094] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.843079] lkdtm: Stack offset: 0 <6>[ 274.847252] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.852299] lkdtm: Stack offset: 0 <6>[ 274.856373] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.861467] lkdtm: Stack offset: 0 <6>[ 274.865746] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.873161] lkdtm: Stack offset: 0 <6>[ 274.878530] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.886205] lkdtm: Stack offset: 0 <6>[ 274.903410] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.910144] lkdtm: Stack offset: 0 <6>[ 274.913855] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.918495] lkdtm: Stack offset: 0 <6>[ 274.922384] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.927608] lkdtm: Stack offset: 0 <6>[ 274.931647] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.936725] lkdtm: Stack offset: 0 <6>[ 274.940644] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.945650] lkdtm: Stack offset: 0 <6>[ 274.949949] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.954787] lkdtm: Stack offset: 0 <6>[ 274.959065] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.964016] lkdtm: Stack offset: 0 <6>[ 274.968396] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.973285] lkdtm: Stack offset: 0 <6>[ 274.977337] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.982342] lkdtm: Stack offset: 0 <6>[ 274.986521] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.991509] lkdtm: Stack offset: 0 <6>[ 274.995904] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.000645] lkdtm: Stack offset: 0 <6>[ 275.005020] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.009860] lkdtm: Stack offset: 0 <6>[ 275.014121] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.019076] lkdtm: Stack offset: 0 <6>[ 275.023259] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.028223] lkdtm: Stack offset: 0 <6>[ 275.032475] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.037493] lkdtm: Stack offset: 0 <6>[ 275.041962] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.046744] lkdtm: Stack offset: 0 <6>[ 275.050913] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.055809] lkdtm: Stack offset: 0 <6>[ 275.060059] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.065107] lkdtm: Stack offset: 0 <6>[ 275.069202] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.074177] lkdtm: Stack offset: 0 <6>[ 275.078333] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.083328] lkdtm: Stack offset: 0 <6>[ 275.087515] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.092870] lkdtm: Stack offset: 0 <6>[ 275.096925] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.101722] lkdtm: Stack offset: 0 <6>[ 275.105930] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.110947] lkdtm: Stack offset: 0 <6>[ 275.115176] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.120035] lkdtm: Stack offset: 0 <6>[ 275.124341] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.129264] lkdtm: Stack offset: 0 <6>[ 275.133462] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.138487] lkdtm: Stack offset: 0 <6>[ 275.142832] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.147712] lkdtm: Stack offset: 0 <6>[ 275.151842] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.156798] lkdtm: Stack offset: 0 <6>[ 275.161015] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.165982] lkdtm: Stack offset: 0 <6>[ 275.170170] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.175167] lkdtm: Stack offset: 0 <6>[ 275.179333] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.184326] lkdtm: Stack offset: 0 <6>[ 275.190070] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.194251] lkdtm: Stack offset: 0 <6>[ 275.209519] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.217968] lkdtm: Stack offset: 0 <6>[ 275.228327] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.232558] lkdtm: Stack offset: 0 <6>[ 275.236989] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.242272] lkdtm: Stack offset: 0 <6>[ 275.246099] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.251241] lkdtm: Stack offset: 0 <6>[ 275.255264] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.260136] lkdtm: Stack offset: 0 <6>[ 275.264316] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.269296] lkdtm: Stack offset: 0 <6>[ 275.273452] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.278438] lkdtm: Stack offset: 0 <6>[ 275.282781] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.287630] lkdtm: Stack offset: 0 <6>[ 275.292139] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.296794] lkdtm: Stack offset: 0 <6>[ 275.301234] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.306057] lkdtm: Stack offset: 0 <6>[ 275.310493] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.315157] lkdtm: Stack offset: 0 <6>[ 275.319438] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.324404] lkdtm: Stack offset: 0 <6>[ 275.328568] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.333544] lkdtm: Stack offset: 0 <6>[ 275.337800] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.342737] lkdtm: Stack offset: 0 <6>[ 275.346920] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.351868] lkdtm: Stack offset: 0 <6>[ 275.356204] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.361066] lkdtm: Stack offset: 0 <6>[ 275.365334] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.370344] lkdtm: Stack offset: 0 <6>[ 275.374530] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.379529] lkdtm: Stack offset: 0 <6>[ 275.383808] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.388649] lkdtm: Stack offset: 0 <6>[ 275.392952] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.397825] lkdtm: Stack offset: 0 <6>[ 275.401984] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.407049] lkdtm: Stack offset: 0 <6>[ 275.411243] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.416244] lkdtm: Stack offset: 0 <6>[ 275.420413] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.425408] lkdtm: Stack offset: 0 <6>[ 275.429587] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.434601] lkdtm: Stack offset: 0 <6>[ 275.438892] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.443740] lkdtm: Stack offset: 0 <6>[ 275.447912] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.452911] lkdtm: Stack offset: 0 <6>[ 275.457143] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.462119] lkdtm: Stack offset: 0 <6>[ 275.466275] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.471272] lkdtm: Stack offset: 0 <6>[ 275.475463] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.480472] lkdtm: Stack offset: 0 <6>[ 275.484651] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.489700] lkdtm: Stack offset: 0 <6>[ 275.493917] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.498805] lkdtm: Stack offset: 0 <6>[ 275.503113] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.509180] lkdtm: Stack offset: 0 <6>[ 275.512406] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.518917] lkdtm: Stack offset: 0 <6>[ 275.539892] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.548424] lkdtm: Stack offset: 0 <6>[ 275.554082] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.558410] lkdtm: Stack offset: 0 <6>[ 275.562592] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.567959] lkdtm: Stack offset: 0 <6>[ 275.571910] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.577080] lkdtm: Stack offset: 0 <6>[ 275.581169] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.585857] lkdtm: Stack offset: 0 <6>[ 275.590167] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.595036] lkdtm: Stack offset: 0 <6>[ 275.599185] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.604254] lkdtm: Stack offset: 0 <6>[ 275.608411] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.613418] lkdtm: Stack offset: 0 <6>[ 275.617590] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.622819] lkdtm: Stack offset: 0 <6>[ 275.626902] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.631913] lkdtm: Stack offset: 0 <6>[ 275.636055] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.640925] lkdtm: Stack offset: 0 <6>[ 275.645145] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.650121] lkdtm: Stack offset: 0 <6>[ 275.654277] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.659366] lkdtm: Stack offset: 0 <6>[ 275.663552] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.668530] lkdtm: Stack offset: 0 <6>[ 275.672793] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.677632] lkdtm: Stack offset: 0 <6>[ 275.681930] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.686877] lkdtm: Stack offset: 0 <6>[ 275.691050] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.696018] lkdtm: Stack offset: 0 <6>[ 275.700198] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.705168] lkdtm: Stack offset: 0 <6>[ 275.709424] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.714416] lkdtm: Stack offset: 0 <6>[ 275.718612] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.723548] lkdtm: Stack offset: 0 <6>[ 275.727873] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.732736] lkdtm: Stack offset: 0 <6>[ 275.737056] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.741971] lkdtm: Stack offset: 0 <6>[ 275.746579] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.751166] lkdtm: Stack offset: 0 <6>[ 275.755331] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.760317] lkdtm: Stack offset: 0 <6>[ 275.764616] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.769454] lkdtm: Stack offset: 0 <6>[ 275.773798] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.778684] lkdtm: Stack offset: 0 <6>[ 275.782911] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.787873] lkdtm: Stack offset: 0 <6>[ 275.792093] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.797067] lkdtm: Stack offset: 0 <6>[ 275.801246] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.806235] lkdtm: Stack offset: 0 <6>[ 275.810411] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.815392] lkdtm: Stack offset: 0 <6>[ 275.819606] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.824552] lkdtm: Stack offset: 0 <6>[ 275.828770] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.833726] lkdtm: Stack offset: 0 <6>[ 275.838042] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.844348] lkdtm: Stack offset: 0 <6>[ 275.847343] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.853797] lkdtm: Stack offset: 0 <6>[ 275.856831] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.861722] lkdtm: Stack offset: 0 <6>[ 275.872954] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.879228] lkdtm: Stack offset: 0 <6>[ 275.888760] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.892926] lkdtm: Stack offset: 0 <6>[ 275.897308] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.902576] lkdtm: Stack offset: 0 <6>[ 275.909188] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.913826] lkdtm: Stack offset: 0 <6>[ 275.918123] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.922612] lkdtm: Stack offset: 0 <6>[ 275.926979] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.931772] lkdtm: Stack offset: 0 <6>[ 275.935954] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.940961] lkdtm: Stack offset: 0 <6>[ 275.945186] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.950196] lkdtm: Stack offset: 0 <6>[ 275.954634] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.959451] lkdtm: Stack offset: 0 <6>[ 275.963548] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.968563] lkdtm: Stack offset: 0 <6>[ 275.972893] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.977696] lkdtm: Stack offset: 0 <6>[ 275.981909] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.986920] lkdtm: Stack offset: 0 <6>[ 275.991187] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.996096] lkdtm: Stack offset: 0 <6>[ 276.000280] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.005298] lkdtm: Stack offset: 0 <6>[ 276.009448] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.014454] lkdtm: Stack offset: 0 <6>[ 276.018736] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.023618] lkdtm: Stack offset: 0 <6>[ 276.027890] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.032816] lkdtm: Stack offset: 0 <6>[ 276.036995] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.041974] lkdtm: Stack offset: 0 <6>[ 276.046182] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.051175] lkdtm: Stack offset: 0 <6>[ 276.055329] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.060375] lkdtm: Stack offset: 0 <6>[ 276.064816] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.069484] lkdtm: Stack offset: 0 <6>[ 276.073717] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.078691] lkdtm: Stack offset: 0 <6>[ 276.082915] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.087891] lkdtm: Stack offset: 0 <6>[ 276.092128] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.097002] lkdtm: Stack offset: 0 <6>[ 276.101329] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.106228] lkdtm: Stack offset: 0 <6>[ 276.110400] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.115423] lkdtm: Stack offset: 0 <6>[ 276.119598] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.124597] lkdtm: Stack offset: 0 <6>[ 276.128898] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.133743] lkdtm: Stack offset: 0 <6>[ 276.137904] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.142981] lkdtm: Stack offset: 0 <6>[ 276.147179] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.152150] lkdtm: Stack offset: 0 <6>[ 276.156309] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.161297] lkdtm: Stack offset: 0 <6>[ 276.165518] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.170501] lkdtm: Stack offset: 0 <6>[ 276.176565] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.183325] lkdtm: Stack offset: 0 <6>[ 276.186904] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.193212] lkdtm: Stack offset: 0 <6>[ 276.197309] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.206600] lkdtm: Stack offset: 0 <6>[ 276.220528] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.224844] lkdtm: Stack offset: 0 <6>[ 276.229803] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.234350] lkdtm: Stack offset: 0 <6>[ 276.238344] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.243260] lkdtm: Stack offset: 0 <6>[ 276.247596] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.252404] lkdtm: Stack offset: 0 <6>[ 276.256796] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.261571] lkdtm: Stack offset: 0 <6>[ 276.265792] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.270768] lkdtm: Stack offset: 0 <6>[ 276.275229] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.280078] lkdtm: Stack offset: 0 <6>[ 276.284180] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.289157] lkdtm: Stack offset: 0 <6>[ 276.293322] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.298307] lkdtm: Stack offset: 0 <6>[ 276.302489] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.307468] lkdtm: Stack offset: 0 <6>[ 276.311639] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.316694] lkdtm: Stack offset: 0 <6>[ 276.320917] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.325786] lkdtm: Stack offset: 0 <6>[ 276.330103] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.335198] lkdtm: Stack offset: 0 <6>[ 276.339216] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.344214] lkdtm: Stack offset: 0 <6>[ 276.348387] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.353390] lkdtm: Stack offset: 0 <6>[ 276.357556] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.362553] lkdtm: Stack offset: 0 <6>[ 276.366876] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.371735] lkdtm: Stack offset: 0 <6>[ 276.375904] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.380874] lkdtm: Stack offset: 0 <6>[ 276.385180] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.390053] lkdtm: Stack offset: 0 <6>[ 276.394301] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.399289] lkdtm: Stack offset: 0 <6>[ 276.403474] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.408494] lkdtm: Stack offset: 0 <6>[ 276.412763] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.417599] lkdtm: Stack offset: 0 <6>[ 276.421893] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.426864] lkdtm: Stack offset: 0 <6>[ 276.431078] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.436074] lkdtm: Stack offset: 0 <6>[ 276.440253] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.445242] lkdtm: Stack offset: 0 <6>[ 276.449430] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.454410] lkdtm: Stack offset: 0 <6>[ 276.458585] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.463576] lkdtm: Stack offset: 0 <6>[ 276.467849] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.472731] lkdtm: Stack offset: 0 <6>[ 276.476923] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.481896] lkdtm: Stack offset: 0 <6>[ 276.486121] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.493020] lkdtm: Stack offset: 0 <6>[ 276.497859] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.502566] lkdtm: Stack offset: 0 <6>[ 276.514155] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.524793] lkdtm: Stack offset: 0 <6>[ 276.534743] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.539759] lkdtm: Stack offset: 0 <6>[ 276.543571] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.548570] lkdtm: Stack offset: 0 <6>[ 276.552421] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.557339] lkdtm: Stack offset: 0 <6>[ 276.561617] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.566461] lkdtm: Stack offset: 0 <6>[ 276.570797] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.575699] lkdtm: Stack offset: 0 <6>[ 276.579973] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.584827] lkdtm: Stack offset: 0 <6>[ 276.589269] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.594180] lkdtm: Stack offset: 0 <6>[ 276.598278] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.603298] lkdtm: Stack offset: 0 <6>[ 276.607501] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.612399] lkdtm: Stack offset: 0 <6>[ 276.616590] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.621579] lkdtm: Stack offset: 0 <6>[ 276.625837] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.630780] lkdtm: Stack offset: 0 <6>[ 276.634950] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.639919] lkdtm: Stack offset: 0 <6>[ 276.644205] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.649182] lkdtm: Stack offset: 0 <6>[ 276.653339] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.658335] lkdtm: Stack offset: 0 <6>[ 276.662517] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.667528] lkdtm: Stack offset: 0 <6>[ 276.671800] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.676641] lkdtm: Stack offset: 0 <6>[ 276.680942] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.685817] lkdtm: Stack offset: 0 <6>[ 276.690063] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.695031] lkdtm: Stack offset: 0 <6>[ 276.699212] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.704207] lkdtm: Stack offset: 0 <6>[ 276.708393] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.713374] lkdtm: Stack offset: 0 <6>[ 276.717646] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.722592] lkdtm: Stack offset: 0 <6>[ 276.726815] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.731791] lkdtm: Stack offset: 0 <6>[ 276.735990] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.741038] lkdtm: Stack offset: 0 <6>[ 276.745226] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.750089] lkdtm: Stack offset: 0 <6>[ 276.754337] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.759348] lkdtm: Stack offset: 0 <6>[ 276.763520] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.768552] lkdtm: Stack offset: 0 <6>[ 276.773100] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.777685] lkdtm: Stack offset: 0 <6>[ 276.781868] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.786831] lkdtm: Stack offset: 0 <6>[ 276.791287] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.796091] lkdtm: Stack offset: 0 <6>[ 276.800426] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.808372] lkdtm: Stack offset: 0 <6>[ 276.822618] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.831078] lkdtm: Stack offset: 0 <6>[ 276.839953] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.844525] lkdtm: Stack offset: 0 <6>[ 276.851527] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.855880] lkdtm: Stack offset: 0 <6>[ 276.861441] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.866089] lkdtm: Stack offset: 0 <6>[ 276.876122] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.880840] lkdtm: Stack offset: 0 <6>[ 276.885510] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.889708] lkdtm: Stack offset: 0 <6>[ 276.894387] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.898948] lkdtm: Stack offset: 0 <6>[ 276.903890] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.908048] lkdtm: Stack offset: 0 <6>[ 276.912797] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.917255] lkdtm: Stack offset: 0 <6>[ 276.922053] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.926595] lkdtm: Stack offset: 0 <6>[ 276.931201] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.935819] lkdtm: Stack offset: 0 <6>[ 276.940602] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.944887] lkdtm: Stack offset: 0 <6>[ 276.949579] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.954233] lkdtm: Stack offset: 0 <6>[ 276.958895] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.963240] lkdtm: Stack offset: 0 <6>[ 276.968012] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.972471] lkdtm: Stack offset: 0 <6>[ 276.977171] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.981640] lkdtm: Stack offset: 0 <6>[ 276.985968] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.990816] lkdtm: Stack offset: 0 <6>[ 276.995050] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.000037] lkdtm: Stack offset: 0 <6>[ 277.004217] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.009206] lkdtm: Stack offset: 0 <6>[ 277.013391] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.018372] lkdtm: Stack offset: 0 <6>[ 277.022569] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.027563] lkdtm: Stack offset: 0 <6>[ 277.031838] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.036698] lkdtm: Stack offset: 0 <6>[ 277.040965] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.045997] lkdtm: Stack offset: 0 <6>[ 277.050184] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.055059] lkdtm: Stack offset: 0 <6>[ 277.059312] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.064305] lkdtm: Stack offset: 0 <6>[ 277.068504] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.073481] lkdtm: Stack offset: 0 <6>[ 277.077646] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.082591] lkdtm: Stack offset: 0 <6>[ 277.087179] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.091878] lkdtm: Stack offset: 0 <6>[ 277.096087] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.100966] lkdtm: Stack offset: 0 <6>[ 277.105247] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.110256] lkdtm: Stack offset: 0 <6>[ 277.114330] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.119428] lkdtm: Stack offset: 0 <6>[ 277.123621] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.128561] lkdtm: Stack offset: 0 <6>[ 277.132780] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.137738] lkdtm: Stack offset: 0 <6>[ 277.141971] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.149074] lkdtm: Stack offset: 0 <6>[ 277.156212] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.161897] lkdtm: Stack offset: 0 <6>[ 277.167075] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.176795] lkdtm: Stack offset: 0 <6>[ 277.183310] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.187524] lkdtm: Stack offset: 0 <6>[ 277.194876] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.199113] lkdtm: Stack offset: 0 <6>[ 277.203947] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.208337] lkdtm: Stack offset: 0 <6>[ 277.212571] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.217445] lkdtm: Stack offset: 0 <6>[ 277.221876] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.226630] lkdtm: Stack offset: 0 <6>[ 277.231323] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.235792] lkdtm: Stack offset: 0 <6>[ 277.240438] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.245198] lkdtm: Stack offset: 0 <6>[ 277.249596] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.254392] lkdtm: Stack offset: 0 <6>[ 277.258896] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.263342] lkdtm: Stack offset: 0 <6>[ 277.268112] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.272572] lkdtm: Stack offset: 0 <6>[ 277.277235] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.281730] lkdtm: Stack offset: 0 <6>[ 277.286343] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.290913] lkdtm: Stack offset: 0 <6>[ 277.295490] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.300062] lkdtm: Stack offset: 0 <6>[ 277.304771] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.309254] lkdtm: Stack offset: 0 <6>[ 277.313532] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.318568] lkdtm: Stack offset: 0 <6>[ 277.322628] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.327692] lkdtm: Stack offset: 0 <6>[ 277.331927] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.336793] lkdtm: Stack offset: 0 <6>[ 277.341100] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.345970] lkdtm: Stack offset: 0 <6>[ 277.350250] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.355244] lkdtm: Stack offset: 0 <6>[ 277.359426] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.364405] lkdtm: Stack offset: 0 <6>[ 277.368576] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.373589] lkdtm: Stack offset: 0 <6>[ 277.377859] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.382773] lkdtm: Stack offset: 0 <6>[ 277.386930] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.391891] lkdtm: Stack offset: 0 <6>[ 277.396199] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.401073] lkdtm: Stack offset: 0 <6>[ 277.405255] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.410345] lkdtm: Stack offset: 0 <6>[ 277.414531] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.419514] lkdtm: Stack offset: 0 <6>[ 277.423798] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.428642] lkdtm: Stack offset: 0 <6>[ 277.432943] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.437788] lkdtm: Stack offset: 0 <6>[ 277.442026] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.447022] lkdtm: Stack offset: 0 <6>[ 277.451222] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.456197] lkdtm: Stack offset: 0 <6>[ 277.460351] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.465831] lkdtm: Stack offset: 0 <6>[ 277.471155] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.475575] lkdtm: Stack offset: 0 <6>[ 277.495325] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.506372] lkdtm: Stack offset: 0 <6>[ 277.513395] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.517955] lkdtm: Stack offset: 0 <6>[ 277.522958] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.527225] lkdtm: Stack offset: 0 <6>[ 277.531467] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.536346] lkdtm: Stack offset: 0 <6>[ 277.540866] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.545529] lkdtm: Stack offset: 0 <6>[ 277.549644] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.554680] lkdtm: Stack offset: 0 <6>[ 277.559040] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.564069] lkdtm: Stack offset: 0 <6>[ 277.568212] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.573188] lkdtm: Stack offset: 0 <6>[ 277.577275] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.582256] lkdtm: Stack offset: 0 <6>[ 277.586440] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.591415] lkdtm: Stack offset: 0 <6>[ 277.595761] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.600606] lkdtm: Stack offset: 0 <6>[ 277.604836] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.609801] lkdtm: Stack offset: 0 <6>[ 277.614014] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.618969] lkdtm: Stack offset: 0 <6>[ 277.623189] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.628161] lkdtm: Stack offset: 0 <6>[ 277.632337] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.637341] lkdtm: Stack offset: 0 <6>[ 277.641599] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.646488] lkdtm: Stack offset: 0 <6>[ 277.650949] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.655720] lkdtm: Stack offset: 0 <6>[ 277.659887] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.664857] lkdtm: Stack offset: 0 <6>[ 277.669070] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.674068] lkdtm: Stack offset: 0 <6>[ 277.678243] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.683236] lkdtm: Stack offset: 0 <6>[ 277.687423] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.692406] lkdtm: Stack offset: 0 <6>[ 277.696582] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.701575] lkdtm: Stack offset: 0 <6>[ 277.705941] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.710790] lkdtm: Stack offset: 0 <6>[ 277.714923] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.719983] lkdtm: Stack offset: 0 <6>[ 277.724195] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.729173] lkdtm: Stack offset: 0 <6>[ 277.733348] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.738366] lkdtm: Stack offset: 0 <6>[ 277.742528] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.747505] lkdtm: Stack offset: 0 <6>[ 277.751769] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.756613] lkdtm: Stack offset: 0 <6>[ 277.760915] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.765886] lkdtm: Stack offset: 0 <6>[ 277.770103] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.775079] lkdtm: Stack offset: 0 <6>[ 277.779257] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.784867] lkdtm: Stack offset: 0 <6>[ 277.789081] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.798799] lkdtm: Stack offset: 0 <6>[ 277.810549] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.820908] lkdtm: Stack offset: 0 <6>[ 277.825068] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.829254] lkdtm: Stack offset: 0 <6>[ 277.834052] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.839018] lkdtm: Stack offset: 0 <6>[ 277.842916] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.847704] lkdtm: Stack offset: 0 <6>[ 277.851955] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.856820] lkdtm: Stack offset: 0 <6>[ 277.861171] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.866030] lkdtm: Stack offset: 0 <6>[ 277.870303] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.875173] lkdtm: Stack offset: 0 <6>[ 277.880313] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.884472] lkdtm: Stack offset: 0 <6>[ 277.889364] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.893751] lkdtm: Stack offset: 0 <6>[ 277.898493] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.902892] lkdtm: Stack offset: 0 <6>[ 277.907467] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.912037] lkdtm: Stack offset: 0 <6>[ 277.916788] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.921241] lkdtm: Stack offset: 0 <6>[ 277.926034] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.930389] lkdtm: Stack offset: 0 <6>[ 277.935151] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.939613] lkdtm: Stack offset: 0 <6>[ 277.944316] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.948784] lkdtm: Stack offset: 0 <6>[ 277.953438] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.958019] lkdtm: Stack offset: 0 <6>[ 277.962568] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.967214] lkdtm: Stack offset: 0 <6>[ 277.971885] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.976330] lkdtm: Stack offset: 0 <6>[ 277.981078] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.985535] lkdtm: Stack offset: 0 <6>[ 277.990211] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.994782] lkdtm: Stack offset: 0 <6>[ 277.999340] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.003939] lkdtm: Stack offset: 0 <6>[ 278.008524] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.013106] lkdtm: Stack offset: 0 <6>[ 278.017602] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.022310] lkdtm: Stack offset: 0 <6>[ 278.026505] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.031576] lkdtm: Stack offset: 0 <6>[ 278.035768] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.040608] lkdtm: Stack offset: 0 <6>[ 278.045123] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.049898] lkdtm: Stack offset: 0 <6>[ 278.054130] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.059005] lkdtm: Stack offset: 0 <6>[ 278.063209] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.068192] lkdtm: Stack offset: 0 <6>[ 278.072344] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.077466] lkdtm: Stack offset: 0 <6>[ 278.081532] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.086923] lkdtm: Stack offset: 0 <6>[ 278.090912] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.096618] lkdtm: Stack offset: 0 <6>[ 278.104100] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.109030] lkdtm: Stack offset: 0 <6>[ 278.113049] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.117540] lkdtm: Stack offset: 0 <6>[ 278.140273] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.147219] lkdtm: Stack offset: 0 <6>[ 278.150981] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.156035] lkdtm: Stack offset: 0 <6>[ 278.159645] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.164389] lkdtm: Stack offset: 0 <6>[ 278.169185] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.173586] lkdtm: Stack offset: 0 <6>[ 278.177899] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.182758] lkdtm: Stack offset: 0 <6>[ 278.186924] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.191878] lkdtm: Stack offset: 0 <6>[ 278.196226] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.201082] lkdtm: Stack offset: 0 <6>[ 278.205340] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.210512] lkdtm: Stack offset: 0 <6>[ 278.214495] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.219614] lkdtm: Stack offset: 0 <6>[ 278.223633] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.228575] lkdtm: Stack offset: 0 <6>[ 278.232909] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.237855] lkdtm: Stack offset: 0 <6>[ 278.242101] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.246988] lkdtm: Stack offset: 0 <6>[ 278.251271] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.256301] lkdtm: Stack offset: 0 <6>[ 278.260383] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.265380] lkdtm: Stack offset: 0 <6>[ 278.269585] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.274577] lkdtm: Stack offset: 0 <6>[ 278.278857] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.283722] lkdtm: Stack offset: 0 <6>[ 278.287964] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.292938] lkdtm: Stack offset: 0 <6>[ 278.297144] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.302181] lkdtm: Stack offset: 0 <6>[ 278.306492] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.311276] lkdtm: Stack offset: 0 <6>[ 278.315460] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.320478] lkdtm: Stack offset: 0 <6>[ 278.324753] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.329599] lkdtm: Stack offset: 0 <6>[ 278.333928] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.338793] lkdtm: Stack offset: 0 <6>[ 278.343110] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.347984] lkdtm: Stack offset: 0 <6>[ 278.352255] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.357295] lkdtm: Stack offset: 0 <6>[ 278.361374] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.366391] lkdtm: Stack offset: 0 <6>[ 278.370561] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.375567] lkdtm: Stack offset: 0 <6>[ 278.379789] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.384769] lkdtm: Stack offset: 0 <6>[ 278.389010] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.393884] lkdtm: Stack offset: 0 <6>[ 278.398178] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.403054] lkdtm: Stack offset: 0 <6>[ 278.407308] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.412288] lkdtm: Stack offset: 0 <6>[ 278.416473] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.421455] lkdtm: Stack offset: 0 <6>[ 278.430980] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.435176] lkdtm: Stack offset: 0 <6>[ 278.451040] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.460145] lkdtm: Stack offset: 0 <6>[ 278.467049] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.471271] lkdtm: Stack offset: 0 <6>[ 278.475548] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.480917] lkdtm: Stack offset: 0 <6>[ 278.487381] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.491996] lkdtm: Stack offset: 0 <6>[ 278.496089] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.500767] lkdtm: Stack offset: 0 <6>[ 278.505068] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.509902] lkdtm: Stack offset: 0 <6>[ 278.514147] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.519104] lkdtm: Stack offset: 0 <6>[ 278.523381] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.528365] lkdtm: Stack offset: 0 <6>[ 278.532532] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.537733] lkdtm: Stack offset: 0 <6>[ 278.541814] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.546865] lkdtm: Stack offset: 0 <6>[ 278.550918] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.555882] lkdtm: Stack offset: 0 <6>[ 278.560086] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.565063] lkdtm: Stack offset: 0 <6>[ 278.569247] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.574261] lkdtm: Stack offset: 0 <6>[ 278.578434] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.583439] lkdtm: Stack offset: 0 <6>[ 278.587606] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.592621] lkdtm: Stack offset: 0 <6>[ 278.596813] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.601749] lkdtm: Stack offset: 0 <6>[ 278.606016] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.611009] lkdtm: Stack offset: 0 <6>[ 278.615203] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.620176] lkdtm: Stack offset: 0 <6>[ 278.624334] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.629327] lkdtm: Stack offset: 0 <6>[ 278.633518] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.638508] lkdtm: Stack offset: 0 <6>[ 278.642773] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.647614] lkdtm: Stack offset: 0 <6>[ 278.651898] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.656867] lkdtm: Stack offset: 0 <6>[ 278.661079] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.666049] lkdtm: Stack offset: 0 <6>[ 278.670231] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.675245] lkdtm: Stack offset: 0 <6>[ 278.679441] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.684439] lkdtm: Stack offset: 0 <6>[ 278.688635] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.693587] lkdtm: Stack offset: 0 <6>[ 278.697815] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.702813] lkdtm: Stack offset: 0 <6>[ 278.707038] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.711912] lkdtm: Stack offset: 0 <6>[ 278.716200] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.721166] lkdtm: Stack offset: 0 <6>[ 278.725314] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.730309] lkdtm: Stack offset: 0 <6>[ 278.734504] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.739530] lkdtm: Stack offset: 0 <6>[ 278.743796] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.748637] lkdtm: Stack offset: 0 <6>[ 278.756992] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.767337] lkdtm: Stack offset: 0 <6>[ 278.786961] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.795207] lkdtm: Stack offset: 0 <6>[ 278.799182] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.803963] lkdtm: Stack offset: 0 <6>[ 278.807887] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.812997] lkdtm: Stack offset: 0 <6>[ 278.817339] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.821811] lkdtm: Stack offset: 0 <6>[ 278.826059] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.830936] lkdtm: Stack offset: 0 <6>[ 278.835140] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.840114] lkdtm: Stack offset: 0 <6>[ 278.844292] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.849279] lkdtm: Stack offset: 0 <6>[ 278.853463] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.858769] lkdtm: Stack offset: 0 <6>[ 278.862760] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.867951] lkdtm: Stack offset: 0 <6>[ 278.871884] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.876854] lkdtm: Stack offset: 0 <6>[ 278.881068] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.886072] lkdtm: Stack offset: 0 <6>[ 278.890242] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.895254] lkdtm: Stack offset: 0 <6>[ 278.899762] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.904323] lkdtm: Stack offset: 0 <6>[ 278.908589] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.913580] lkdtm: Stack offset: 0 <6>[ 278.917859] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.922716] lkdtm: Stack offset: 0 <6>[ 278.926960] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.931954] lkdtm: Stack offset: 0 <6>[ 278.936165] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.941134] lkdtm: Stack offset: 0 <6>[ 278.945292] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.950294] lkdtm: Stack offset: 0 <6>[ 278.954474] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.959454] lkdtm: Stack offset: 0 <6>[ 278.963626] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.968595] lkdtm: Stack offset: 0 <6>[ 278.972930] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.977797] lkdtm: Stack offset: 0 <6>[ 278.982111] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.986983] lkdtm: Stack offset: 0 <6>[ 278.991203] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.996276] lkdtm: Stack offset: 0 <6>[ 279.000441] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.005441] lkdtm: Stack offset: 0 <6>[ 279.009634] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.014500] lkdtm: Stack offset: 0 <6>[ 279.018834] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.023712] lkdtm: Stack offset: 0 <6>[ 279.027938] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.032907] lkdtm: Stack offset: 0 <6>[ 279.037109] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.042085] lkdtm: Stack offset: 0 <6>[ 279.046264] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.051254] lkdtm: Stack offset: 0 <6>[ 279.055437] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.060457] lkdtm: Stack offset: 0 <6>[ 279.064640] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.072288] lkdtm: Stack offset: 0 <6>[ 279.077637] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.081879] lkdtm: Stack offset: 0 <6>[ 279.086268] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.098113] lkdtm: Stack offset: 0 <6>[ 279.105633] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.114958] lkdtm: Stack offset: 0 <6>[ 279.119000] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.123548] lkdtm: Stack offset: 0 <6>[ 279.127522] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.132790] lkdtm: Stack offset: 0 <6>[ 279.136793] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.141568] lkdtm: Stack offset: 0 <6>[ 279.145822] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.150771] lkdtm: Stack offset: 0 <6>[ 279.154995] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.159946] lkdtm: Stack offset: 0 <6>[ 279.164189] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.169149] lkdtm: Stack offset: 0 <6>[ 279.173506] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.178438] lkdtm: Stack offset: 0 <6>[ 279.182544] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.187539] lkdtm: Stack offset: 0 <6>[ 279.191784] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.196633] lkdtm: Stack offset: 0 <6>[ 279.200916] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.205866] lkdtm: Stack offset: 0 <6>[ 279.210064] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.215047] lkdtm: Stack offset: 0 <6>[ 279.219237] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.224231] lkdtm: Stack offset: 0 <6>[ 279.228422] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.233400] lkdtm: Stack offset: 0 <6>[ 279.237577] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.242558] lkdtm: Stack offset: 0 <6>[ 279.246828] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.251962] lkdtm: Stack offset: 0 <6>[ 279.256018] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.260921] lkdtm: Stack offset: 0 <6>[ 279.265175] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.270092] lkdtm: Stack offset: 0 <6>[ 279.274275] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.279295] lkdtm: Stack offset: 0 <6>[ 279.283513] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.288511] lkdtm: Stack offset: 0 <6>[ 279.292805] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.297698] lkdtm: Stack offset: 0 <6>[ 279.301889] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.306796] lkdtm: Stack offset: 0 <6>[ 279.311089] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.316058] lkdtm: Stack offset: 0 <6>[ 279.320252] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.325162] lkdtm: Stack offset: 0 <6>[ 279.329335] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.334553] lkdtm: Stack offset: 0 <6>[ 279.338546] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.343533] lkdtm: Stack offset: 0 <6>[ 279.347819] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.352685] lkdtm: Stack offset: 0 <6>[ 279.356941] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.361904] lkdtm: Stack offset: 0 <6>[ 279.366118] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.371092] lkdtm: Stack offset: 0 <6>[ 279.375269] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.380294] lkdtm: Stack offset: 0 <6>[ 279.384465] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.390224] lkdtm: Stack offset: 0 <6>[ 279.393752] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.406185] lkdtm: Stack offset: 0 <6>[ 279.411885] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.421462] lkdtm: Stack offset: 0 <6>[ 279.428522] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.432758] lkdtm: Stack offset: 0 <6>[ 279.437113] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.442236] lkdtm: Stack offset: 0 <6>[ 279.446909] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.451381] lkdtm: Stack offset: 0 <6>[ 279.455950] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.460314] lkdtm: Stack offset: 0 <6>[ 279.465056] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.469522] lkdtm: Stack offset: 0 <6>[ 279.474185] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.478704] lkdtm: Stack offset: 0 <6>[ 279.483298] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.487895] lkdtm: Stack offset: 0 <6>[ 279.492731] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.497120] lkdtm: Stack offset: 0 <6>[ 279.501597] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.506214] lkdtm: Stack offset: 0 <6>[ 279.510889] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.515334] lkdtm: Stack offset: 0 <6>[ 279.520107] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.524565] lkdtm: Stack offset: 0 <6>[ 279.529227] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.533793] lkdtm: Stack offset: 0 <6>[ 279.538369] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.542962] lkdtm: Stack offset: 0 <6>[ 279.547528] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.552102] lkdtm: Stack offset: 0 <6>[ 279.556912] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.561278] lkdtm: Stack offset: 0 <6>[ 279.565997] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.570445] lkdtm: Stack offset: 0 <6>[ 279.575195] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.579683] lkdtm: Stack offset: 0 <6>[ 279.584323] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.588815] lkdtm: Stack offset: 0 <6>[ 279.593472] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.598040] lkdtm: Stack offset: 0 <6>[ 279.602579] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.607219] lkdtm: Stack offset: 0 <6>[ 279.611424] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.616400] lkdtm: Stack offset: 0 <6>[ 279.620595] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.625576] lkdtm: Stack offset: 0 <6>[ 279.629842] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.634710] lkdtm: Stack offset: 0 <6>[ 279.638984] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.643946] lkdtm: Stack offset: 0 <6>[ 279.648150] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.653152] lkdtm: Stack offset: 0 <6>[ 279.657310] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.662326] lkdtm: Stack offset: 0 <6>[ 279.666492] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.671510] lkdtm: Stack offset: 0 <6>[ 279.675743] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.680596] lkdtm: Stack offset: 0 <6>[ 279.684941] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.689805] lkdtm: Stack offset: 0 <6>[ 279.694113] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.698984] lkdtm: Stack offset: 0 <6>[ 279.703262] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.708988] lkdtm: Stack offset: 0 <6>[ 279.714921] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.719090] lkdtm: Stack offset: 0 <6>[ 279.724175] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.729868] lkdtm: Stack offset: 0 <6>[ 279.742488] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.753881] lkdtm: Stack offset: 0 <6>[ 279.759927] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.764528] lkdtm: Stack offset: 0 <6>[ 279.768487] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.773744] lkdtm: Stack offset: 0 <6>[ 279.778217] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.782489] lkdtm: Stack offset: 0 <6>[ 279.787217] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.791700] lkdtm: Stack offset: 0 <6>[ 279.796341] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.800932] lkdtm: Stack offset: 0 <6>[ 279.805523] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.810099] lkdtm: Stack offset: 0 <6>[ 279.815022] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.819334] lkdtm: Stack offset: 0 <6>[ 279.823952] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.828431] lkdtm: Stack offset: 0 <6>[ 279.833126] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.837639] lkdtm: Stack offset: 0 <6>[ 279.842438] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.846839] lkdtm: Stack offset: 0 <6>[ 279.852288] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.856452] lkdtm: Stack offset: 0 <6>[ 279.861438] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.865753] lkdtm: Stack offset: 0 <6>[ 279.870327] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.874897] lkdtm: Stack offset: 0 <6>[ 279.879475] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.884053] lkdtm: Stack offset: 0 <6>[ 279.888583] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.893297] lkdtm: Stack offset: 0 <6>[ 279.897972] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.902422] lkdtm: Stack offset: 0 <6>[ 279.907091] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.911548] lkdtm: Stack offset: 0 <6>[ 279.916320] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.920795] lkdtm: Stack offset: 0 <6>[ 279.925366] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.929960] lkdtm: Stack offset: 0 <6>[ 279.934537] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.939126] lkdtm: Stack offset: 0 <6>[ 279.943636] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.948280] lkdtm: Stack offset: 0 <6>[ 279.952548] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.957535] lkdtm: Stack offset: 0 <6>[ 279.961818] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.966748] lkdtm: Stack offset: 0 <6>[ 279.970904] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.975876] lkdtm: Stack offset: 0 <6>[ 279.980107] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.984984] lkdtm: Stack offset: 0 <6>[ 279.989263] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.994289] lkdtm: Stack offset: 0 <6>[ 279.998353] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.003452] lkdtm: Stack offset: 0 <6>[ 280.007743] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.012493] lkdtm: Stack offset: 0 <6>[ 280.016819] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.021780] lkdtm: Stack offset: 0 <6>[ 280.025994] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.032183] lkdtm: Stack offset: 0 <6>[ 280.036835] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.041002] lkdtm: Stack offset: 0 <6>[ 280.054789] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.064625] lkdtm: Stack offset: 0 <6>[ 280.074388] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.078995] lkdtm: Stack offset: 0 <6>[ 280.086084] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.090297] lkdtm: Stack offset: 0 <6>[ 280.095125] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.099575] lkdtm: Stack offset: 0 <6>[ 280.103786] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.108684] lkdtm: Stack offset: 0 <6>[ 280.112918] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.117873] lkdtm: Stack offset: 0 <6>[ 280.122155] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.127059] lkdtm: Stack offset: 0 <6>[ 280.131249] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.136430] lkdtm: Stack offset: 0 <6>[ 280.140428] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.145563] lkdtm: Stack offset: 0 <6>[ 280.149576] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.154563] lkdtm: Stack offset: 0 <6>[ 280.158833] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.163695] lkdtm: Stack offset: 0 <6>[ 280.167938] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.172907] lkdtm: Stack offset: 0 <6>[ 280.177115] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.182110] lkdtm: Stack offset: 0 <6>[ 280.186269] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.191288] lkdtm: Stack offset: 0 <6>[ 280.195450] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.200454] lkdtm: Stack offset: 0 <6>[ 280.204619] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.209637] lkdtm: Stack offset: 0 <6>[ 280.213954] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.218804] lkdtm: Stack offset: 0 <6>[ 280.222964] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.228036] lkdtm: Stack offset: 0 <6>[ 280.232218] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.237210] lkdtm: Stack offset: 0 <6>[ 280.241395] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.246396] lkdtm: Stack offset: 0 <6>[ 280.250580] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.255601] lkdtm: Stack offset: 0 <6>[ 280.259876] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.264717] lkdtm: Stack offset: 0 <6>[ 280.268869] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.273935] lkdtm: Stack offset: 0 <6>[ 280.278250] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.283012] lkdtm: Stack offset: 0 <6>[ 280.287283] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.292296] lkdtm: Stack offset: 0 <6>[ 280.296468] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.301463] lkdtm: Stack offset: 0 <6>[ 280.305644] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.310590] lkdtm: Stack offset: 0 <6>[ 280.314808] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.319795] lkdtm: Stack offset: 0 <6>[ 280.324009] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.328982] lkdtm: Stack offset: 0 <6>[ 280.333184] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.338158] lkdtm: Stack offset: 0 <6>[ 280.342302] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.347379] lkdtm: Stack offset: 0 <6>[ 280.353035] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.359326] lkdtm: Stack offset: 0 <6>[ 280.362572] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.369880] lkdtm: Stack offset: 0 <6>[ 280.374584] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.383651] lkdtm: Stack offset: 0 <6>[ 280.392305] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.396512] lkdtm: Stack offset: 0 <6>[ 280.400872] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.405715] lkdtm: Stack offset: 0 <6>[ 280.410416] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.414891] lkdtm: Stack offset: 0 <6>[ 280.419188] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.424051] lkdtm: Stack offset: 0 <6>[ 280.428821] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.433299] lkdtm: Stack offset: 0 <6>[ 280.437510] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.442490] lkdtm: Stack offset: 0 <6>[ 280.446755] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.451628] lkdtm: Stack offset: 0 <6>[ 280.455939] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.460787] lkdtm: Stack offset: 0 <6>[ 280.465052] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.470189] lkdtm: Stack offset: 0 <6>[ 280.474226] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.479319] lkdtm: Stack offset: 0 <6>[ 280.483401] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.488384] lkdtm: Stack offset: 0 <6>[ 280.492550] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.497541] lkdtm: Stack offset: 0 <6>[ 280.501784] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.506733] lkdtm: Stack offset: 0 <6>[ 280.510962] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.515938] lkdtm: Stack offset: 0 <6>[ 280.520171] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.525030] lkdtm: Stack offset: 0 <6>[ 280.529289] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.534268] lkdtm: Stack offset: 0 <6>[ 280.538435] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.543439] lkdtm: Stack offset: 0 <6>[ 280.547625] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.552555] lkdtm: Stack offset: 0 <6>[ 280.556906] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.561773] lkdtm: Stack offset: 0 <6>[ 280.566074] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.570955] lkdtm: Stack offset: 0 <6>[ 280.575152] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.580146] lkdtm: Stack offset: 0 <6>[ 280.584294] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.589384] lkdtm: Stack offset: 0 <6>[ 280.593566] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.598549] lkdtm: Stack offset: 0 <6>[ 280.602806] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.607690] lkdtm: Stack offset: 0 <6>[ 280.611956] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.616809] lkdtm: Stack offset: 0 <6>[ 280.621086] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.626064] lkdtm: Stack offset: 0 <6>[ 280.630255] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.635250] lkdtm: Stack offset: 0 <6>[ 280.639440] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.644454] lkdtm: Stack offset: 0 <6>[ 280.648642] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.653580] lkdtm: Stack offset: 0 <6>[ 280.657810] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.662792] lkdtm: Stack offset: 0 <6>[ 280.667000] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.671968] lkdtm: Stack offset: 0 <6>[ 280.676157] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.681141] lkdtm: Stack offset: 0 <6>[ 280.685290] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.690927] lkdtm: Stack offset: 0 <6>[ 280.698791] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.702971] lkdtm: Stack offset: 0 <6>[ 280.719164] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.728845] lkdtm: Stack offset: 0 <6>[ 280.736203] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.740376] lkdtm: Stack offset: 0 <6>[ 280.747769] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.752305] lkdtm: Stack offset: 0 <6>[ 280.757028] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.761265] lkdtm: Stack offset: 0 <6>[ 280.766020] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.770376] lkdtm: Stack offset: 0 <6>[ 280.775159] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.779623] lkdtm: Stack offset: 0 <6>[ 280.784234] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.788798] lkdtm: Stack offset: 0 <6>[ 280.793953] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.798243] lkdtm: Stack offset: 0 <6>[ 280.802970] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.807347] lkdtm: Stack offset: 0 <6>[ 280.812089] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.816542] lkdtm: Stack offset: 0 <6>[ 280.821198] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.825687] lkdtm: Stack offset: 0 <6>[ 280.830369] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.834953] lkdtm: Stack offset: 0 <6>[ 280.839493] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.844067] lkdtm: Stack offset: 0 <6>[ 280.848604] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.853265] lkdtm: Stack offset: 0 <6>[ 280.857953] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.862440] lkdtm: Stack offset: 0 <6>[ 280.867355] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.871710] lkdtm: Stack offset: 0 <6>[ 280.876271] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.880842] lkdtm: Stack offset: 0 <6>[ 280.885455] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.890037] lkdtm: Stack offset: 0 # Bits of stack entropy: 1 # Stack entropy is low! Booted without 'randomize_kstack_offset=y'? not ok 86 selftests: lkdtm: stack-entropy.sh # exit=1 lkdtm_PANIC_sh skip lkdtm_PANIC_STOP_IRQOFF_sh skip lkdtm_BUG_sh pass lkdtm_WARNING_sh pass lkdtm_WARNING_MESSAGE_sh pass lkdtm_EXCEPTION_sh pass lkdtm_LOOP_sh skip lkdtm_EXHAUST_STACK_sh skip lkdtm_CORRUPT_STACK_sh skip lkdtm_CORRUPT_STACK_STRONG_sh skip lkdtm_ARRAY_BOUNDS_sh pass lkdtm_CORRUPT_LIST_ADD_sh pass lkdtm_CORRUPT_LIST_DEL_sh pass lkdtm_STACK_GUARD_PAGE_LEADING_sh pass lkdtm_STACK_GUARD_PAGE_TRAILING_sh pass lkdtm_REPORT_STACK_CANARY_sh pass lkdtm_UNSET_SMEP_sh skip lkdtm_DOUBLE_FAULT_sh skip lkdtm_CORRUPT_PAC_sh skip lkdtm_UNALIGNED_LOAD_STORE_WRITE_sh skip lkdtm_SLAB_LINEAR_OVERFLOW_sh pass lkdtm_VMALLOC_LINEAR_OVERFLOW_sh pass lkdtm_WRITE_AFTER_FREE_sh skip lkdtm_READ_AFTER_FREE_sh pass lkdtm_WRITE_BUDDY_AFTER_FREE_sh skip lkdtm_READ_BUDDY_AFTER_FREE_sh pass lkdtm_SLAB_INIT_ON_ALLOC_sh pass lkdtm_BUDDY_INIT_ON_ALLOC_sh pass lkdtm_SLAB_FREE_DOUBLE_sh pass lkdtm_SLAB_FREE_CROSS_sh pass lkdtm_SLAB_FREE_PAGE_sh pass lkdtm_SOFTLOCKUP_sh skip lkdtm_HARDLOCKUP_sh skip lkdtm_SMP_CALL_LOCKUP_sh skip lkdtm_SPINLOCKUP_sh skip lkdtm_HUNG_TASK_sh skip lkdtm_EXEC_DATA_sh pass lkdtm_EXEC_STACK_sh pass lkdtm_EXEC_KMALLOC_sh pass lkdtm_EXEC_VMALLOC_sh pass lkdtm_EXEC_RODATA_sh pass lkdtm_EXEC_USERSPACE_sh pass lkdtm_EXEC_NULL_sh pass lkdtm_ACCESS_USERSPACE_sh pass lkdtm_ACCESS_NULL_sh pass lkdtm_WRITE_RO_sh pass lkdtm_WRITE_RO_AFTER_INIT_sh pass lkdtm_WRITE_KERN_sh pass lkdtm_WRITE_OPD_sh skip lkdtm_REFCOUNT_INC_OVERFLOW_sh pass lkdtm_REFCOUNT_ADD_OVERFLOW_sh pass lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW_sh pass lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW_sh pass lkdtm_REFCOUNT_DEC_ZERO_sh pass lkdtm_REFCOUNT_DEC_NEGATIVE_sh pass lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE_sh pass lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE_sh pass lkdtm_REFCOUNT_INC_ZERO_sh pass lkdtm_REFCOUNT_ADD_ZERO_sh pass lkdtm_REFCOUNT_INC_SATURATED_sh pass lkdtm_REFCOUNT_DEC_SATURATED_sh pass lkdtm_REFCOUNT_ADD_SATURATED_sh pass lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED_sh pass lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED_sh pass lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED_sh pass lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED_sh pass lkdtm_REFCOUNT_TIMING_sh skip lkdtm_ATOMIC_TIMING_sh skip lkdtm_USERCOPY_SLAB_SIZE_TO_sh pass lkdtm_USERCOPY_SLAB_SIZE_FROM_sh pass lkdtm_USERCOPY_SLAB_WHITELIST_TO_sh pass lkdtm_USERCOPY_SLAB_WHITELIST_FROM_sh pass lkdtm_USERCOPY_STACK_FRAME_TO_sh pass lkdtm_USERCOPY_STACK_FRAME_FROM_sh pass lkdtm_USERCOPY_STACK_BEYOND_sh pass lkdtm_USERCOPY_KERNEL_sh pass lkdtm_STACKLEAK_ERASING_sh skip lkdtm_CFI_FORWARD_PROTO_sh fail lkdtm_CFI_BACKWARD_sh fail lkdtm_FORTIFY_STRSCPY_sh pass lkdtm_FORTIFY_STR_OBJECT_sh pass lkdtm_FORTIFY_STR_MEMBER_sh pass lkdtm_FORTIFY_MEM_OBJECT_sh pass lkdtm_FORTIFY_MEM_MEMBER_sh pass lkdtm_PPC_SLB_MULTIHIT_sh skip lkdtm_stack-entropy_sh fail + ../../utils/send-to-lava.sh ./output/result.txt + set +x / #