Trying 192.168.56.4... Connected to moya.mayfield.sirena.org.uk. Escape character is '^]'. ser2net port telnet,3000 device serialdev, /dev/serial/by-path/pci-0000:00:14.0-usb-0:3.4:1.0-port0, 115200n81, local=false [,115200N81] (Debian GNU/Linux) U-Boot SPL 2023.07.02-dh-stm32mp1-dhcor-avenger96-20230727.02 (Jul 11 2023 - 15:20:44 +0000) Model: Arrow Electronics STM32MP15xx Avenger96 board Code: SoM:rev=0,ddr3=3 Board:rev=1 RAM: DDR3L 32bits 2x4Gb 533MHz WDT: Started watchdog@5a002000 with servicing every 1000ms (32s timeout) Trying to boot from MMC1 image entry point: 0xc0100000 U-Boot 2023.07.02-dh-stm32mp1-dhcor-avenger96-20230727.02 (Jul 11 2023 - 15:20:44 +0000) CPU: STM32MP157AAC Rev.B Model: Arrow Electronics STM32MP15xx Avenger96 board Board: stm32mp1 in basic mode (arrow,stm32mp15xx-avenger96) DRAM: 1 GiB Clocks: - MPU : 650 MHz - MCU : 208.878 MHz - AXI : 266.500 MHz - PER : 24 MHz - DDR : 533 MHz Core: 285 devices, 34 uclasses, devicetree: separate WDT: Started watchdog@5a002000 with servicing every 1000ms (32s timeout) MMC: STM32 SD/MMC: 2, STM32 SD/MMC: 0, STM32 SD/MMC: 1 Loading Environment from SPIFlash... SF: Detected w25q16dw with page size 256 Bytes, erase size 4 KiB, total 2 MiB OK In: serial Out: serial Err: serial Net: eth0: ethernet@5800a000 Hit any key to stop autoboot: 3  0 STM32MP> setenv autoload no setenv autoload no STM32MP> setenv initrd_high 0xffffffff setenv initrd_high 0xffffffff STM32MP> setenv fdt_high 0xffffffff setenv fdt_high 0xffffffff STM32MP> dhcp dhcp ethernet@5800a000 Waiting for PHY auto negotiation to complete........... done BOOTP broadcast 1 BOOTP broadcast 2 BOOTP broadcast 3 BOOTP broadcast 4 BOOTP broadcast 5 *** Unhandled DHCP Option in OFFER/ACK: 42 *** Unhandled DHCP Option in OFFER/ACK: 42 DHCP client bound to address 192.168.56.202 (3817 ms) STM32MP> setenv serverip 192.168.56.193 setenv serverip 192.168.56.193 STM32MP> tftp 0xc2000000 801154/tftp-deploy-4wsvqprb/kernel/uImage tftp 0xc2000000 801154/tftp-deploy-4wsvqprb/kernel/uImage Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.202 Filename '801154/tftp-deploy-4wsvqprb/kernel/uImage'. Load address: 0xc2000000 Loading: *################################################## 15.4 MiB 11.8 MiB/s done Bytes transferred = 16097856 (f5a240 hex) STM32MP> tftp 0xc4400000 801154/tftp-deploy-4wsvqprb/ramdisk/ramdisk.cpio.gz.uboot tftp 0xc4400000 801154/tftp-deploy-4wsvqprb/ramdisk/ramdisk.cpio.gz.uboot Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.202 Filename '801154/tftp-deploy-4wsvqprb/ramdisk/ramdisk.cpio.gz.uboot'. Load address: 0xc4400000 Loading: *################################################## 20.8 MiB 13.4 MiB/s done Bytes transferred = 21807031 (14cbfb7 hex) STM32MP> setenv initrd_size ${filesize} setenv initrd_size ${filesize} STM32MP> tftp 0xc4000000 801154/tftp-deploy-4wsvqprb/dtb/stm32mp157a-dhcor-avenger96.dtb tftp 0xc4000000 801154/tftp-deploy-4wsvqprb/dtb/stm32mp157a-dhcor-avenger96.dtb Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.202 Filename '801154/tftp-deploy-4wsvqprb/dtb/stm32mp157a-dhcor-avenger96.dtb'. Load address: 0xc4000000 Loading: *################################################## 51.6 KiB 8.4 MiB/s done Bytes transferred = 52850 (ce72 hex) STM32MP> setenv bootargs 'console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/801154/extract-nfsrootfs-hbndu0yd,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp' setenv bootargs 'console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/801154/extract-nfsrootfs-hbndu0yd,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp' STM32MP> bootm 0xc2000000 0xc4400000 0xc4000000 bootm 0xc2000000 0xc4400000 0xc4000000 ## Booting kernel from Legacy Image at c2000000 ... Image Name: Created: 2024-10-04 7:48:05 UTC Image Type: ARM Linux Kernel Image (uncompressed) Data Size: 16097792 Bytes = 15.4 MiB Load Address: c2000000 Entry Point: c2000000 Verifying Checksum ... OK ## Loading init Ramdisk from Legacy Image at c4400000 ... Image Name: Created: 2024-10-04 7:48:08 UTC Image Type: ARM Linux RAMDisk Image (uncompressed) Data Size: 21806967 Bytes = 20.8 MiB Load Address: 00000000 Entry Point: 00000000 Verifying Checksum ... OK ## Flattened Device Tree blob at c4000000 Booting using the fdt blob at 0xc4000000 Working FDT set to c4000000 Loading Kernel Image Using Device Tree in place at c4000000, end c400fe71 Working FDT set to c4000000 Starting kernel ... [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 6.12.0-rc1-next-20241004 (KernelCI@build-j331993-arm-gcc-12-multi-v7-defconfig-kselftest-4bcgv) (arm-linux-gnueabihf-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP Fri Oct 4 06:46:52 UTC 2024 [ 0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c5387d [ 0.000000] CPU: div instructions available: patching division code [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache [ 0.000000] OF: fdt: Machine model: Arrow Electronics STM32MP157A Avenger96 board [ 0.000000] earlycon: stm32 at MMIO 0x40010000 (options '115200n8') [ 0.000000] printk: legacy bootconsole [stm32] enabled [ 0.000000] Memory policy: Data cache writealloc [ 0.000000] efi: UEFI not found. [ 0.000000] Reserved memory: created DMA memory pool at 0x10000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node mcuram2@10000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10000000..0x1003ffff (256 KiB) nomap non-reusable mcuram2@10000000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10040000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0vring0@10040000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10040000..0x10040fff (4 KiB) nomap non-reusable vdev0vring0@10040000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10041000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0vring1@10041000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10041000..0x10041fff (4 KiB) nomap non-reusable vdev0vring1@10041000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10042000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0buffer@10042000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10042000..0x10045fff (16 KiB) nomap non-reusable vdev0buffer@10042000 [ 0.000000] Reserved memory: created DMA memory pool at 0x30000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node mcuram@30000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x30000000..0x3003ffff (256 KiB) nomap non-reusable mcuram@30000000 [ 0.000000] Reserved memory: created DMA memory pool at 0x38000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node retram@38000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x38000000..0x3800ffff (64 KiB) nomap non-reusable retram@38000000 [ 0.000000] cma: Reserved 64 MiB at 0xfb800000 on node -1 [ 0.000000] Zone ranges: [ 0.000000] DMA [mem 0x00000000c0000000-0x00000000efffffff] [ 0.000000] Normal empty [ 0.000000] HighMem [mem 0x00000000f0000000-0x00000000ffffefff] [ 0.000000] Movable zone start for each node [ 0.000000] Early memory node ranges [ 0.000000] node 0: [mem 0x00000000c0000000-0x00000000ffffefff] [ 0.000000] Initmem setup node 0 [mem 0x00000000c0000000-0x00000000ffffefff] [ 0.000000] psci: probing for conduit method from DT. [ 0.000000] psci: PSCIv1.0 detected in firmware. [ 0.000000] psci: Using standard PSCI v0.2 function IDs [ 0.000000] psci: Trusted OS migration not required [ 0.000000] psci: SMC Calling Convention v1.0 [ 0.000000] percpu: Embedded 20 pages/cpu s49292 r8192 d24436 u81920 [ 0.000000] Kernel command line: console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/801154/extract-nfsrootfs-hbndu0yd,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp <6>[ 0.000000] Dentry cache hash table entries: 131072 (order: 7, 524288 bytes, linear) <6>[ 0.000000] Inode-cache hash table entries: 65536 (order: 6, 262144 bytes, linear) <6>[ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 262143 <6>[ 0.000000] allocated 1056764 bytes of page_ext <6>[ 0.000000] mem auto-init: stack:all(zero), heap alloc:on, heap free:on <6>[ 0.000000] mem auto-init: clearing system memory may take some time... <6>[ 0.000000] stackdepot: allocating hash table via alloc_large_system_hash <6>[ 0.000000] stackdepot hash table entries: 65536 (order: 7, 524288 bytes, linear) <4>[ 0.000000] ********************************************************** <4>[ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** This system shows unhashed kernel memory addresses ** <4>[ 0.000000] ** via the console, logs, and other interfaces. This ** <4>[ 0.000000] ** might reduce the security of your system. ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** If you see this message and you are not debugging ** <4>[ 0.000000] ** the kernel, report this immediately to your system ** <4>[ 0.000000] ** administrator! ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** <4>[ 0.000000] ********************************************************** <6>[ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1 <6>[ 0.000000] ftrace: allocating 70447 entries in 207 pages <6>[ 0.000000] ftrace: allocated 207 pages with 6 groups <6>[ 0.000000] trace event string verifier disabled <6>[ 0.000000] rcu: Hierarchical RCU implementation. <6>[ 0.000000] rcu: RCU event tracing is enabled. <6>[ 0.000000] rcu: RCU restricting CPUs from NR_CPUS=16 to nr_cpu_ids=2. <6>[ 0.000000] Rude variant of Tasks RCU enabled. <6>[ 0.000000] Tracing variant of Tasks RCU enabled. <6>[ 0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. <6>[ 0.000000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2 <6>[ 0.000000] RCU Tasks Rude: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. <6>[ 0.000000] RCU Tasks Trace: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. <6>[ 0.000000] NR_IRQS: 16, nr_irqs: 16, preallocated irqs: 16 <6>[ 0.000000] rcu: srcu_init: Setting srcu_struct sizes based on contention. <6>[ 0.000000] arch_timer: cp15 timer(s) running at 24.00MHz (virt). <6>[ 0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x588fe9dc0, max_idle_ns: 440795202592 ns <6>[ 0.000002] sched_clock: 56 bits at 24MHz, resolution 41ns, wraps every 4398046511097ns <6>[ 0.008286] Switching to timer-based delay loop, resolution 41ns <6>[ 0.025146] Console: colour dummy device 80x30 <6>[ 0.028594] Calibrating delay loop (skipped), value calculated using timer frequency.. 48.00 BogoMIPS (lpj=24000) <6>[ 0.039024] CPU: Testing write buffer coherency: ok <6>[ 0.044172] pid_max: default: 32768 minimum: 301 <6>[ 0.050245] LSM: initializing lsm=capability,landlock,bpf,ima <6>[ 0.055355] landlock: Up and running. <6>[ 0.059103] LSM support for eBPF active <6>[ 0.064144] Mount-cache hash table entries: 2048 (order: 1, 8192 bytes, linear) <6>[ 0.070689] Mountpoint-cache hash table entries: 2048 (order: 1, 8192 bytes, linear) <6>[ 0.086608] CPU0: update cpu_capacity 1024 <6>[ 0.089608] CPU0: thread -1, cpu 0, socket 0, mpidr 80000000 <6>[ 0.103657] Setting up static identity map for 0xc0300000 - 0xc03000ac <6>[ 0.112752] rcu: Hierarchical SRCU implementation. <6>[ 0.116415] rcu: Max phase no-delay instances is 400. <6>[ 0.123725] Timer migration: 1 hierarchy levels; 8 children per group; 1 crossnode level <6>[ 0.155780] EFI services will not be available. <6>[ 0.160608] smp: Bringing up secondary CPUs ... <6>[ 0.168309] CPU1: update cpu_capacity 1024 <6>[ 0.168346] CPU1: thread -1, cpu 1, socket 0, mpidr 80000001 <6>[ 0.168689] smp: Brought up 1 node, 2 CPUs <6>[ 0.181930] SMP: Total of 2 processors activated (96.00 BogoMIPS). <6>[ 0.188395] CPU: All CPU(s) started in SVC mode. <6>[ 0.196004] Memory: 906472K/1048572K available (20480K kernel code, 3735K rwdata, 10348K rodata, 2048K init, 508K bss, 71308K reserved, 65536K cma-reserved, 196604K highmem) <6>[ 0.213266] devtmpfs: initialized <6>[ 0.444603] VFP support v0.3: implementor 41 architecture 2 part 30 variant 7 rev 5 <6>[ 0.453275] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns <6>[ 0.461920] futex hash table entries: 512 (order: 3, 32768 bytes, linear) <6>[ 0.533082] pinctrl core: initialized pinctrl subsystem <6>[ 0.554680] DMI not present or invalid. <6>[ 0.565394] NET: Registered PF_NETLINK/PF_ROUTE protocol family <6>[ 0.582590] DMA: preallocated 256 KiB pool for atomic coherent allocations <6>[ 0.597747] audit: initializing netlink subsys (disabled) <5>[ 0.606268] audit: type=2000 audit(0.428:1): state=initialized audit_enabled=0 res=1 <6>[ 0.619196] thermal_sys: Registered thermal governor 'step_wise' <6>[ 0.619653] cpuidle: using governor menu <6>[ 0.631676] No ATAGs? <6>[ 0.632962] hw-breakpoint: found 5 (+1 reserved) breakpoint and 4 watchpoint registers. <6>[ 0.641086] hw-breakpoint: maximum watchpoint size is 8 bytes. <6>[ 0.668389] Serial: AMBA PL011 UART driver <6>[ 0.768649] platform 5a001000.display-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 0.895806] platform hdmi-out: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 0.916085] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. <6>[ 0.985844] stm32-mdma 58000000.dma-controller: STM32 MDMA driver registered <6>[ 1.006564] iommu: Default domain type: Translated <6>[ 1.010252] iommu: DMA domain TLB invalidation policy: strict mode <5>[ 1.032051] SCSI subsystem initialized <6>[ 1.040282] usbcore: registered new interface driver usbfs <6>[ 1.045120] usbcore: registered new interface driver hub <6>[ 1.050699] usbcore: registered new device driver usb <6>[ 1.063933] pps_core: LinuxPPS API ver. 1 registered <6>[ 1.067780] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <6>[ 1.077456] PTP clock support registered <6>[ 1.082403] EDAC MC: Ver: 3.0.0 <6>[ 1.088968] scmi_core: SCMI protocol bus registered <6>[ 1.109784] NET: Registered PF_ATMPVC protocol family <6>[ 1.113719] NET: Registered PF_ATMSVC protocol family <6>[ 1.121216] nfc: nfc_init: NFC Core ver 0.1 <6>[ 1.125086] NET: Registered PF_NFC protocol family <6>[ 1.130562] vgaarb: loaded <6>[ 1.139288] clocksource: Switched to clocksource arch_sys_counter <6>[ 1.250137] NET: Registered PF_INET protocol family <6>[ 1.254576] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear) <6>[ 1.268835] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear) <6>[ 1.276134] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) <6>[ 1.284379] TCP established hash table entries: 8192 (order: 3, 32768 bytes, linear) <6>[ 1.292295] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear) <6>[ 1.299959] TCP: Hash tables configured (established 8192 bind 8192) <6>[ 1.308146] MPTCP token hash table entries: 1024 (order: 2, 16384 bytes, linear) <6>[ 1.314829] UDP hash table entries: 512 (order: 2, 16384 bytes, linear) <6>[ 1.321477] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear) <6>[ 1.329923] NET: Registered PF_UNIX/PF_LOCAL protocol family <6>[ 1.340361] RPC: Registered named UNIX socket transport module. <6>[ 1.345181] RPC: Registered udp transport module. <6>[ 1.350145] RPC: Registered tcp transport module. <6>[ 1.355102] RPC: Registered tcp-with-tls transport module. <6>[ 1.360863] RPC: Registered tcp NFSv4.1 backchannel transport module. <6>[ 1.367620] NET: Registered PF_XDP protocol family <6>[ 1.372694] PCI: CLS 0 bytes, default 64 <5>[ 1.389811] Initialise system trusted keyrings <6>[ 1.394522] workingset: timestamp_bits=14 max_order=18 bucket_order=4 <6>[ 1.443429] squashfs: version 4.0 (2009/01/31) Phillip Lougher <6>[ 1.449445] Trying to unpack rootfs image as initramfs... <5>[ 1.457741] NFS: Registering the id_resolver key type <5>[ 1.461868] Key type id_resolver registered <5>[ 1.466123] Key type id_legacy registered <6>[ 1.470725] nfs4filelayout_init: NFSv4 File Layout Driver Registering... <6>[ 1.477387] nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering... <6>[ 1.487815] NET: Registered PF_ALG protocol family <5>[ 1.491573] Key type asymmetric registered <5>[ 1.495860] Asymmetric key parser 'x509' registered <6>[ 1.501958] bounce: pool size: 64 pages <6>[ 1.505904] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 243) <6>[ 1.512799] io scheduler mq-deadline registered <6>[ 1.517575] io scheduler kyber registered <6>[ 1.522139] io scheduler bfq registered <4>[ 1.528833] test_firmware: interface ready <6>[ 1.537079] /soc/interrupt-controller@5000d000: bank0 <6>[ 1.541052] /soc/interrupt-controller@5000d000: bank1 <6>[ 1.546349] /soc/interrupt-controller@5000d000: bank2 <6>[ 1.566918] Registering stm32-etzpc firewall controller <6>[ 1.695850] ledtrig-cpu: registered to indicate activity on CPUs <6>[ 3.436362] Serial: 8250/16550 driver, 5 ports, IRQ sharing enabled <6>[ 3.489189] msm_serial: driver initialized <6>[ 3.494312] SuperH (H)SCI(F) driver initialized <6>[ 3.498826] STMicroelectronics ASC driver initialized <6>[ 3.504153] STM32 USART driver initialized <5>[ 3.539472] random: crng init done <6>[ 3.558326] [drm] Initialized vgem 1.0.0 for vgem on minor 0 <6>[ 3.685024] brd: module loaded <6>[ 3.764315] loop: module loaded <6>[ 3.768983] lkdtm: No crash points registered, enable through debugfs <6>[ 3.916292] bgmac_bcma: Broadcom 47xx GBit MAC driver loaded <6>[ 3.926747] e1000e: Intel(R) PRO/1000 Network Driver <6>[ 3.930612] e1000e: Copyright(c) 1999 - 2015 Intel Corporation. <6>[ 3.937402] igb: Intel(R) Gigabit Ethernet Network Driver <6>[ 3.942465] igb: Copyright (c) 2007-2014 Intel Corporation. <6>[ 3.971756] pegasus: Pegasus/Pegasus II USB Ethernet driver <6>[ 3.976726] usbcore: registered new interface driver pegasus <6>[ 3.982684] usbcore: registered new interface driver asix <6>[ 3.988499] usbcore: registered new interface driver ax88179_178a <6>[ 3.994720] usbcore: registered new interface driver cdc_ether <6>[ 4.000783] usbcore: registered new interface driver smsc75xx <6>[ 4.006878] usbcore: registered new interface driver smsc95xx <6>[ 4.012851] usbcore: registered new interface driver net1080 <6>[ 4.018807] usbcore: registered new interface driver cdc_subset <6>[ 4.024960] usbcore: registered new interface driver zaurus <6>[ 4.030807] usbcore: registered new interface driver cdc_ncm <6>[ 4.060334] usbcore: registered new interface driver usb-storage <6>[ 4.103478] stm32_rtc 5c004000.rtc: registered as rtc0 <6>[ 4.107555] stm32_rtc 5c004000.rtc: setting system clock to 2000-01-01T00:00:23 UTC (946684823) <4>[ 4.119417] stm32_rtc 5c004000.rtc: Date/Time must be initialized <6>[ 4.124423] stm32_rtc 5c004000.rtc: registered rev:1.2 <6>[ 4.136580] i2c_dev: i2c /dev entries driver <6>[ 4.194387] stm_thermal 50028000.thermal: stm_thermal_probe: Driver initialized successfully <6>[ 4.249323] sdhci: Secure Digital Host Controller Interface driver <6>[ 4.254441] sdhci: Copyright(c) Pierre Ossman <6>[ 4.268021] Synopsys Designware Multimedia Card Interface Driver <6>[ 4.281780] sdhci-pltfm: SDHCI platform and OF driver helper <6>[ 4.308685] hid: raw HID events driver (C) Jiri Kosina <6>[ 4.317810] usbcore: registered new interface driver usbhid <6>[ 4.322278] usbhid: USB HID core driver <6>[ 4.360248] hw perfevents: enabled with armv7_cortex_a7 PMU driver, 5 (8000000f) counters available <6>[ 4.379116] GACT probability on <6>[ 4.382517] IPv4 over IPsec tunneling driver <6>[ 4.392179] NET: Registered PF_INET6 protocol family <6>[ 4.407440] Segment Routing with IPv6 <6>[ 4.410697] In-situ OAM (IOAM) with IPv6 <6>[ 4.421658] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver <6>[ 4.440128] NET: Registered PF_PACKET protocol family <6>[ 4.444482] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. <5>[ 4.460545] Key type dns_resolver registered <6>[ 4.466020] NET: Registered PF_VSOCK protocol family <6>[ 4.470072] mpls_gso: MPLS GSO support <6>[ 4.476171] ThumbEE CPU extension supported. <5>[ 4.479514] Registering SWP/SWPB emulation handler <4>[ 4.779613] unwind: Index not found bf003350 <4>[ 4.782862] unwind: Index not found bf003350 <4>[ 4.787388] unwind: Index not found bf003350 <4>[ 4.791925] unwind: Index not found bf003350 <4>[ 4.796448] unwind: Index not found bf003350 <4>[ 4.800948] unwind: Index not found bf003350 <4>[ 4.805524] unwind: Index not found bf003350 <4>[ 4.810028] unwind: Index not found bf003350 <4>[ 4.814593] unwind: Index not found bf003350 <4>[ 4.819111] unwind: Index not found bf003350 <4>[ 4.823689] unwind: Index not found bf003350 <4>[ 4.828222] unwind: Index not found bf003350 <4>[ 4.832722] unwind: Index not found bf003350 <4>[ 4.837370] unwind: Index not found bf003350 <4>[ 4.841834] unwind: Index not found bf003350 <4>[ 4.846378] unwind: Index not found bf003350 <4>[ 4.850881] unwind: Index not found bf003350 <4>[ 4.855463] unwind: Index not found bf003350 <4>[ 4.859988] unwind: Index not found bf003350 <4>[ 4.864522] unwind: Index not found bf003350 <4>[ 4.869048] unwind: Index not found bf003350 <4>[ 4.873616] unwind: Index not found bf003414 <4>[ 4.878185] unwind: Index not found bf003414 <4>[ 4.882668] unwind: Index not found bf003414 <4>[ 4.887230] unwind: Index not found bf003414 <4>[ 4.891759] unwind: Index not found bf0035cc <4>[ 4.896320] unwind: Index not found bf0035cc <4>[ 4.900811] unwind: Index not found bf0035cc <4>[ 4.905340] unwind: Index not found bf0035cc <5>[ 4.910016] Loading compiled-in X.509 certificates <6>[ 5.713756] Freeing initrd memory: 21296K <5>[ 5.802862] Loaded X.509 cert 'Build time autogenerated kernel key: 1601ca6e60f7fdb6ee21bf5a087d4443b335bd8c' <6>[ 5.995288] ima: No TPM chip found, activating TPM-bypass! <6>[ 5.999754] ima: Allocated hash algorithm: sha1 <6>[ 6.004711] ima: No architecture policies found <6>[ 6.281162] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOA bank added <6>[ 6.291478] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOB bank added <6>[ 6.301676] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOC bank added <6>[ 6.311830] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOD bank added <6>[ 6.321954] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOE bank added <6>[ 6.333367] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOF bank added <6>[ 6.345665] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOG bank added <6>[ 6.355929] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOH bank added <6>[ 6.368321] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOI bank added <6>[ 6.373787] stm32mp157-pinctrl soc:pinctrl@50002000: Pinctrl STM32 initialized <6>[ 6.411091] stm32mp157-pinctrl soc:pinctrl@54004000: GPIOZ bank added <6>[ 6.416479] stm32mp157-pinctrl soc:pinctrl@54004000: Pinctrl STM32 initialized <6>[ 6.442981] stm32-dma 48000000.dma-controller: STM32 DMA driver registered <6>[ 6.466366] stm32-dma 48001000.dma-controller: STM32 DMA driver registered <6>[ 6.523028] stm32-usart 4000e000.serial: interrupt mode for rx (no dma) <6>[ 6.528597] stm32-usart 4000e000.serial: interrupt mode for tx (no dma) <6>[ 6.538944] 4000e000.serial: ttySTM2 at MMIO 0x4000e000 (irq = 49, base_baud = 4000000) is a stm32-usart <6>[ 6.551047] serial serial0: tty port ttySTM2 registered <6>[ 6.564309] stm32-usart 40010000.serial: interrupt mode for rx (no dma) <6>[ 6.569833] stm32-usart 40010000.serial: interrupt mode for tx (no dma) <6>[ 6.579577] 40010000.serial: ttySTM0 at MMIO 0x40010000 (irq = 50, base_baud = 4000000) is a stm32-usart <6>[ 6.589457] printk: legacy console [ttySTM0] enabled <6>[ 6.589457] printk: legacy console [ttySTM0] enabled <6>[ 6.598511] printk: legacy bootconsole [stm32] disabled <6>[ 6.598511] printk: legacy bootconsole [stm32] disabled <6>[ 6.626765] stm32-usart 40018000.serial: interrupt mode for rx (no dma) <6>[ 6.632347] stm32-usart 40018000.serial: interrupt mode for tx (no dma) <6>[ 6.642189] 40018000.serial: ttySTM1 at MMIO 0x40018000 (irq = 51, base_baud = 4000000) is a stm32-usart <6>[ 6.713162] stm32-dwmac 5800a000.ethernet: IRQ eth_wake_irq not found <6>[ 6.718757] stm32-dwmac 5800a000.ethernet: IRQ eth_lpi not found <6>[ 6.724964] stm32-dwmac 5800a000.ethernet: IRQ sfty not found <6>[ 6.734942] stm32-dwmac 5800a000.ethernet: User ID: 0x40, Synopsys ID: 0x42 <6>[ 6.740967] stm32-dwmac 5800a000.ethernet: DWMAC4/5 <6>[ 6.746068] stm32-dwmac 5800a000.ethernet: DMA HW capability register supported <6>[ 6.753667] stm32-dwmac 5800a000.ethernet: RX Checksum Offload Engine supported <6>[ 6.761255] stm32-dwmac 5800a000.ethernet: TX Checksum insertion supported <6>[ 6.768450] stm32-dwmac 5800a000.ethernet: Wake-Up On Lan supported <6>[ 6.775597] stm32-dwmac 5800a000.ethernet: TSO supported <6>[ 6.780597] stm32-dwmac 5800a000.ethernet: Enable RX Mitigation via HW Watchdog Timer <6>[ 6.788736] stm32-dwmac 5800a000.ethernet: Enabled L3L4 Flow TC (entries=2) <6>[ 6.795970] stm32-dwmac 5800a000.ethernet: Enabled RFS Flow TC (entries=10) <6>[ 6.803160] stm32-dwmac 5800a000.ethernet: TSO feature enabled <6>[ 6.809246] stm32-dwmac 5800a000.ethernet: Using 32/32 bits DMA host/device width <6>[ 6.930824] stm32f7-i2c 40012000.i2c: STM32F7 I2C-0 bus adapter <6>[ 6.969694] stm32f7-i2c 40013000.i2c: STM32F7 I2C-1 bus adapter <6>[ 7.013944] stpmic1 2-0033: PMIC Chip Version: 0x10 <6>[ 7.026854] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/boost <6>[ 7.038891] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/buck2 <6>[ 7.052069] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/buck4 <6>[ 7.078864] platform hdmi-out: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 7.090352] platform 5a001000.display-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 7.102300] i2c 2-003d: Fixed dependency cycle(s) with /soc/bus@5c007000/sai@4400b000/audio-controller@4400b004 <6>[ 7.103936] vdda: Bringing 1800000uV into 2900000-2900000uV <6>[ 7.111597] i2c 2-003d: Fixed dependency cycle(s) with /hdmi-out <6>[ 7.124960] i2c 2-003d: Fixed dependency cycle(s) with /soc/display-controller@5a001000 <6>[ 7.129152] v2v8: Bringing 1800000uV into 2800000-2800000uV <4>[ 7.136627] at24 2-0053: supply vcc not found, using dummy regulator <6>[ 7.148676] at24 2-0053: 256 byte 24c02 EEPROM, writable, 16 bytes/write <6>[ 7.154800] stm32f7-i2c 5c002000.i2c: STM32F7 I2C-2 bus adapter <6>[ 7.176619] v1v8: Bringing 1000000uV into 1800000-1800000uV <6>[ 7.182898] mmci-pl18x 48004000.mmc: mmc1: PL180 manf 53 rev2 at 0x48004000 irq 65,0 (pio) <6>[ 7.203315] input: pmic_onkey as /devices/platform/soc/5c007000.bus/5c002000.i2c/i2c-2/2-0033/5c002000.i2c:stpmic@33:onkey/input/input0 <6>[ 7.257012] mmci-pl18x 58005000.mmc: Got CD GPIO <6>[ 7.267867] mmci-pl18x 58005000.mmc: mmc0: PL180 manf 53 rev2 at 0x58005000 irq 72,0 (pio) <6>[ 7.286460] mmci-pl18x 58007000.mmc: mmc2: PL180 manf 53 rev2 at 0x58007000 irq 73,0 (pio) <6>[ 7.289802] stm32-usbphyc 5a006000.usbphyc: registered rev:1.0 <6>[ 7.313007] ehci-platform 5800d000.usb: EHCI Host Controller <6>[ 7.317892] ehci-platform 5800d000.usb: new USB bus registered, assigned bus number 1 <6>[ 7.328125] ehci-platform 5800d000.usb: irq 74, io mem 0x5800d000 <4>[ 7.340471] dwc2 49000000.usb-otg: supply vusb_d not found, using dummy regulator <6>[ 7.347565] ehci-platform 5800d000.usb: USB 2.0 started, EHCI 1.00 <4>[ 7.348895] dwc2 49000000.usb-otg: supply vusb_a not found, using dummy regulator <6>[ 7.364405] hub 1-0:1.0: USB hub found <6>[ 7.367858] hub 1-0:1.0: 2 ports detected <6>[ 7.389825] mmc0: new high speed SDXC card at address e624 <6>[ 7.409519] mmcblk0: mmc0:e624 SD64G 59.5 GiB <4>[ 7.454676] GPT:Primary header thinks Alt. header is not at the end of the disk. <4>[ 7.461058] GPT:3204245 != 124735487 <4>[ 7.464839] GPT:Alternate GPT header not at the end of the disk. <4>[ 7.471117] GPT:3204245 != 124735487 <4>[ 7.474988] GPT: Use GNU Parted to correct GPT errors. <6>[ 7.480591] mmcblk0: p1 p2 p3 p4 <6>[ 7.490488] dwc2 49000000.usb-otg: EPs: 9, dedicated fifos, 952 entries in SPRAM <6>[ 7.502944] dwc2 49000000.usb-otg: DWC OTG Controller <6>[ 7.507180] dwc2 49000000.usb-otg: new USB bus registered, assigned bus number 2 <6>[ 7.508006] mmc1: new high speed SDIO card at address 0001 <6>[ 7.514803] dwc2 49000000.usb-otg: irq 76, io mem 0x49000000 <6>[ 7.533874] mmc2: new DDR MMC card at address 0001 <6>[ 7.534513] hub 2-0:1.0: USB hub found <6>[ 7.542174] hub 2-0:1.0: 1 port detected <6>[ 7.552063] mmcblk2: mmc2:0001 DG4008 7.28 GiB <4>[ 7.593176] GPT:Primary header thinks Alt. header is not at the end of the disk. <4>[ 7.599578] GPT:3145727 != 15273599 <4>[ 7.603358] GPT:Alternate GPT header not at the end of the disk. <4>[ 7.609640] GPT:3145727 != 15273599 <4>[ 7.613306] GPT: Use GNU Parted to correct GPT errors. <6>[ 7.618966] mmcblk2: p1 p2 p3 p4 <6>[ 7.627324] usb 1-1: new high-speed USB device number 2 using ehci-platform <6>[ 7.647979] mmcblk2boot0: mmc2:0001 DG4008 4.00 MiB <6>[ 7.693870] mmcblk2boot1: mmc2:0001 DG4008 4.00 MiB <6>[ 7.730063] mmcblk2rpmb: mmc2:0001 DG4008 4.00 MiB, chardev (510:0) <6>[ 7.741681] stm32-dwmac 5800a000.ethernet eth0: Register MEM_TYPE_PAGE_POOL RxQ-0 <6>[ 7.781837] stm32-dwmac 5800a000.ethernet eth0: PHY [stmmac-0:07] driver [Micrel KSZ9031 Gigabit PHY] (irq=POLL) <6>[ 7.791090] dwmac4: Master AXI performs any burst length <6>[ 7.794981] hub 1-1:1.0: USB hub found <6>[ 7.796634] stm32-dwmac 5800a000.ethernet eth0: No Safety Features support found <6>[ 7.801105] hub 1-1:1.0: 3 ports detected <6>[ 8.011479] stm32-dwmac 5800a000.ethernet eth0: IEEE 1588-2008 Advanced Timestamp supported <6>[ 8.021489] stm32-dwmac 5800a000.ethernet eth0: registered PTP clock <6>[ 8.033032] stm32-dwmac 5800a000.ethernet eth0: configuring for phy/rgmii link mode <6>[ 18.335259] stm32-dwmac 5800a000.ethernet eth0: Link is Up - 1Gbps/Full - flow control off <5>[ 18.346263] Sending DHCP requests ..., OK <6>[ 24.864488] IP-Config: Got DHCP answer from 192.168.56.254, my address is 192.168.56.202 <6>[ 24.872726] IP-Config: Complete: <6>[ 24.876126] device=eth0, hwaddr=80:1f:12:cc:2a:a4, ipaddr=192.168.56.202, mask=255.255.255.0, gw=192.168.56.254 <6>[ 24.886885] host=192.168.56.202, domain=mayfield.sirena.org.uk, nis-domain=(none) <6>[ 24.895339] bootserver=192.168.56.254, rootserver=192.168.56.193, rootpath= <6>[ 24.895364] nameserver0=192.168.56.254 <6>[ 24.907287] ntpserver0=50.205.244.22, ntpserver1=85.199.214.99 <6>[ 24.919730] clk: Disabling unused clocks <6>[ 24.923777] PM: genpd: Disabling unused power domains <6>[ 25.072531] Freeing unused kernel image (initmem) memory: 2048K <6>[ 25.078454] Run /init as init process Loading, please wait... Starting systemd-udevd version 252.22-1~deb12u1 <6>[ 36.124341] stm32-ipcc 4c001000.mailbox: ipcc rev:1.0 enabled, 6 chans, proc 0 <6>[ 36.422257] stm32-crc32 58009000.crc: Initialized <6>[ 36.662966] etnaviv etnaviv: bound 59000000.gpu (ops gpu_ops [etnaviv]) <6>[ 36.668724] etnaviv-gpu 59000000.gpu: model: GC400, revision: 4652 <6>[ 36.781066] [drm] Initialized etnaviv 1.4.0 for etnaviv on minor 1 <6>[ 36.952498] i2c 2-003d: Fixed dependency cycle(s) with /soc/bus@5c007000/sai@4400b000/audio-controller@4400b004 <6>[ 36.963416] platform 4400b004.audio-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 37.266148] Bluetooth: Core ver 2.22 <6>[ 37.269397] NET: Registered PF_BLUETOOTH protocol family <6>[ 37.274325] Bluetooth: HCI device and connection manager initialized <6>[ 37.281090] Bluetooth: HCI socket layer initialized <6>[ 37.286229] Bluetooth: L2CAP socket layer initialized <6>[ 37.291634] Bluetooth: SCO socket layer initialized <5>[ 37.645866] cfg80211: Loading compiled-in X.509 certificates for regulatory database <6>[ 37.662483] Bluetooth: HCI UART driver ver 2.3 <6>[ 37.665918] Bluetooth: HCI UART protocol H4 registered <4>[ 37.694253] hci_uart_bcm serial0-0: supply vbat not found, using dummy regulator <4>[ 37.703491] hci_uart_bcm serial0-0: supply vddio not found, using dummy regulator <6>[ 37.725353] Bluetooth: HCI UART protocol Broadcom registered <6>[ 37.843325] stm32-dwmac 5800a000.ethernet end0: renamed from eth0 (while UP) <5>[ 38.026083] Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' <5>[ 38.114360] Loaded X.509 cert 'wens: 61c038651aabdcf94bd0ac7ff06c7248db18c600' <4>[ 38.122731] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 <6>[ 38.130367] cfg80211: failed to load regulatory.db <6>[ 38.166619] Bluetooth: hci0: BCM: chip id 107 <6>[ 38.173129] Bluetooth: hci0: BCM: features 0x2f <6>[ 38.212007] Bluetooth: hci0: BCM4345C0 <6>[ 38.214828] Bluetooth: hci0: BCM4345C0 (003.001.025) build 0000 <3>[ 38.227508] Bluetooth: hci0: BCM: firmware Patch file not found, tried: <3>[ 38.233055] Bluetooth: hci0: BCM: 'brcm/BCM4345C0.arrow,stm32mp157a-avenger96.hcd' <3>[ 38.241001] Bluetooth: hci0: BCM: 'brcm/BCM4345C0.hcd' <3>[ 38.246311] Bluetooth: hci0: BCM: 'brcm/BCM.arrow,stm32mp157a-avenger96.hcd' <3>[ 38.253736] Bluetooth: hci0: BCM: 'brcm/BCM.hcd' <6>[ 38.437398] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6 <4>[ 38.448054] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.arrow,stm32mp157a-avenger96.bin failed with error -2 <4>[ 38.465302] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2 <6>[ 38.477452] [drm] Initialized stm 1.0.0 for 5a001000.display-controller on minor 2 <6>[ 38.487775] stm32-display 5a001000.display-controller: [drm] Cannot find any crtc or sizes <6>[ 38.505117] stm32-display 5a001000.display-controller: [drm] Cannot find any crtc or sizes <3>[ 39.485404] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50 <3>[ 40.884463] debugfs: File 'Capture' in directory 'dapm' already present! Begin: Loading essential drivers ... done. Begin: Running /scripts/init-premount ... done. Begin: Mounting root file system ... Begin: Running /scripts/nfs-top ... done. Begin: Running /scripts/nfs-premount ... Waiting up to 60 secs for any ethernet to become available Device /sys/class/net/bond0 found done. Begin: Waiting up to 180 secs for any network device to become available ... done. IP-Config: bond0 hardware address ba:a0:4a:ee:42:4a mtu 1500 DHCP IP-Config: end0 hardware address 80:1f:12:cc:2a:a4 mtu 1500 DHCP /sys/class/net/bonding_masters/flags: Not a directory IP-Config: end0 complete (dhcp from 192.168.56.254): address: 192.168.56.202 broadcast: 192.168.56.255 netmask: 255.255.255.0 gateway: 192.168.56.254 dns0 : 192.168.56.254 dns1 : 0.0.0.0 domain : mayfield.sirena.org.uk rootserver: 192.168.56.254 rootpath: filename : done. Begin: Running /scripts/nfs-bottom ... done. Begin: Running /scripts/init-bottom ... done. <30>[ 43.907614] systemd[1]: System time before build time, advancing clock. <30>[ 44.268417] systemd[1]: systemd 252.22-1~deb12u1 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) <30>[ 44.300629] systemd[1]: Detected architecture arm. Welcome to [1mDebian GNU/Linux 12 (bookworm)[0m! <30>[ 44.339736] systemd[1]: Hostname set to . <30>[ 48.385512] systemd[1]: Queued start job for default target graphical.target. <30>[ 48.436551] systemd[1]: Created slice system-getty.slice - Slice /system/getty. [[0;32m OK [0m] Created slice [0;1;39msystem-getty.slice[0m - Slice /system/getty. <30>[ 48.466448] systemd[1]: Created slice system-modprobe.slice - Slice /system/modprobe. [[0;32m OK [0m] Created slice [0;1;39msystem-modpr…lice[0m - Slice /system/modprobe. <30>[ 48.495363] systemd[1]: Created slice system-serial\x2dgetty.slice - Slice /system/serial-getty. [[0;32m OK [0m] Created slice [0;1;39msystem-seria…[0m - Slice /system/serial-getty. <30>[ 48.523922] systemd[1]: Created slice user.slice - User and Session Slice. [[0;32m OK [0m] Created slice [0;1;39muser.slice[0m - User and Session Slice. <30>[ 48.542385] systemd[1]: Started systemd-ask-password-console.path - Dispatch Password Requests to Console Directory Watch. [[0;32m OK [0m] Started [0;1;39msystemd-ask-passwo…quests to Console Directory Watch. <30>[ 48.565083] systemd[1]: Started systemd-ask-password-wall.path - Forward Password Requests to Wall Directory Watch. [[0;32m OK [0m] Started [0;1;39msystemd-ask-passwo… Requests to Wall Directory Watch. <30>[ 48.585865] systemd[1]: proc-sys-fs-binfmt_misc.automount - Arbitrary Executable File Formats File System Automount Point was skipped because of an unmet condition check (ConditionPathExists=/proc/sys/fs/binfmt_misc). <30>[ 48.604917] systemd[1]: Expecting device dev-ttySTM0.device - /dev/ttySTM0... Expecting device [0;1;39mdev-ttySTM0.device[0m - /dev/ttySTM0... <30>[ 48.621037] systemd[1]: Reached target cryptsetup.target - Local Encrypted Volumes. [[0;32m OK [0m] Reached target [0;1;39mcryptsetup.…get[0m - Local Encrypted Volumes. <30>[ 48.640297] systemd[1]: Reached target integritysetup.target - Local Integrity Protected Volumes. [[0;32m OK [0m] Reached target [0;1;39mintegrityse…Local Integrity Protected Volumes. <30>[ 48.659476] systemd[1]: Reached target paths.target - Path Units. [[0;32m OK [0m] Reached target [0;1;39mpaths.target[0m - Path Units. <30>[ 48.674185] systemd[1]: Reached target remote-fs.target - Remote File Systems. [[0;32m OK [0m] Reached target [0;1;39mremote-fs.target[0m - Remote File Systems. <30>[ 48.691058] systemd[1]: Reached target slices.target - Slice Units. [[0;32m OK [0m] Reached target [0;1;39mslices.target[0m - Slice Units. <30>[ 48.706336] systemd[1]: Reached target swap.target - Swaps. [[0;32m OK [0m] Reached target [0;1;39mswap.target[0m - Swaps. <30>[ 48.721133] systemd[1]: Reached target veritysetup.target - Local Verity Protected Volumes. [[0;32m OK [0m] Reached target [0;1;39mveritysetup… - Local Verity Protected Volumes. <30>[ 48.741321] systemd[1]: Listening on systemd-initctl.socket - initctl Compatibility Named Pipe. [[0;32m OK [0m] Listening on [0;1;39msystemd-initc… initctl Compatibility Named Pipe. <30>[ 48.768131] systemd[1]: Listening on systemd-journald-audit.socket - Journal Audit Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-journ…socket[0m - Journal Audit Socket. <30>[ 48.795074] systemd[1]: Listening on systemd-journald-dev-log.socket - Journal Socket (/dev/log). [[0;32m OK [0m] Listening on [0;1;39msystemd-journ…t[0m - Journal Socket (/dev/log). <30>[ 48.818699] systemd[1]: Listening on systemd-journald.socket - Journal Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-journald.socket[0m - Journal Socket. <30>[ 48.841968] systemd[1]: Listening on systemd-networkd.socket - Network Service Netlink Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-netwo… - Network Service Netlink Socket. <30>[ 48.873151] systemd[1]: Listening on systemd-udevd-control.socket - udev Control Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-udevd….socket[0m - udev Control Socket. <30>[ 48.894712] systemd[1]: Listening on systemd-udevd-kernel.socket - udev Kernel Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-udevd…l.socket[0m - udev Kernel Socket. <30>[ 48.916066] systemd[1]: dev-hugepages.mount - Huge Pages File System was skipped because of an unmet condition check (ConditionPathExists=/sys/kernel/mm/hugepages). <30>[ 48.932026] systemd[1]: dev-mqueue.mount - POSIX Message Queue File System was skipped because of an unmet condition check (ConditionPathExists=/proc/sys/fs/mqueue). <30>[ 48.980441] systemd[1]: Mounting sys-kernel-debug.mount - Kernel Debug File System... Mounting [0;1;39msys-kernel-debug.…[0m - Kernel Debug File System... <30>[ 49.042112] systemd[1]: Mounting sys-kernel-tracing.mount - Kernel Trace File System... Mounting [0;1;39msys-kernel-tracin…[0m - Kernel Trace File System... <30>[ 49.134648] systemd[1]: Starting kmod-static-nodes.service - Create List of Static Device Nodes... Starting [0;1;39mkmod-static-nodes…ate List of Static Device Nodes... <30>[ 49.228416] systemd[1]: Starting modprobe@configfs.service - Load Kernel Module configfs... Starting [0;1;39mmodprobe@configfs…m - Load Kernel Module configfs... <30>[ 49.312959] systemd[1]: Starting modprobe@dm_mod.service - Load Kernel Module dm_mod... Starting [0;1;39mmodprobe@dm_mod.s…[0m - Load Kernel Module dm_mod... <30>[ 49.372682] systemd[1]: Starting modprobe@drm.service - Load Kernel Module drm... Starting [0;1;39mmodprobe@drm.service[0m - Load Kernel Module drm... <30>[ 49.432109] systemd[1]: Starting modprobe@efi_pstore.service - Load Kernel Module efi_pstore... Starting [0;1;39mmodprobe@efi_psto…- Load Kernel Module efi_pstore... <30>[ 49.494703] systemd[1]: Starting modprobe@fuse.service - Load Kernel Module fuse... Starting [0;1;39mmodprobe@fuse.ser…e[0m - Load Kernel Module fuse... <30>[ 49.565718] systemd[1]: Starting modprobe@loop.service - Load Kernel Module loop... Starting [0;1;39mmodprobe@loop.ser…e[0m - Load Kernel Module loop... <30>[ 49.675774] systemd[1]: Starting systemd-journald.service - Journal Service... Starting [0;1;39msystemd-journald.service[0m - Journal Service... <6>[ 49.767720] fuse: init (API version 7.41) <30>[ 49.801123] systemd[1]: Starting systemd-modules-load.service - Load Kernel Modules... Starting [0;1;39msystemd-modules-l…rvice[0m - Load Kernel Modules... <30>[ 49.894017] systemd[1]: Starting systemd-network-generator.service - Generate network units from Kernel command line... Starting [0;1;39msystemd-network-g… units from Kernel command line... <30>[ 49.981125] systemd[1]: Starting systemd-remount-fs.service - Remount Root and Kernel File Systems... Starting [0;1;39msystemd-remount-f…nt Root and Kernel File Systems... <30>[ 50.089831] systemd[1]: Starting systemd-udev-trigger.service - Coldplug All udev Devices... Starting [0;1;39msystemd-udev-trig…[0m - Coldplug All udev Devices... <30>[ 50.290040] systemd[1]: Mounted sys-kernel-debug.mount - Kernel Debug File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-debug.m…nt[0m - Kernel Debug File System. <30>[ 50.336276] systemd[1]: Mounted sys-kernel-tracing.mount - Kernel Trace File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-tracing…nt[0m - Kernel Trace File System. <30>[ 50.392065] systemd[1]: Finished kmod-static-nodes.service - Create List of Static Device Nodes. [[0;32m OK [0m] Finished [0;1;39mkmod-static-nodes…reate List of Static Device Nodes. <30>[ 50.471048] systemd[1]: modprobe@configfs.service: Deactivated successfully. <30>[ 50.495139] systemd[1]: Finished modprobe@configfs.service - Load Kernel Module configfs. [[0;32m OK [0m] Finished [0;1;39mmodprobe@configfs…[0m - Load Kernel Module configfs. <30>[ 50.547761] systemd[1]: modprobe@dm_mod.service: Deactivated successfully. <30>[ 50.569157] systemd[1]: Finished modprobe@dm_mod.service - Load Kernel Module dm_mod. [[0;32m OK [0m] Finished [0;1;39mmodprobe@dm_mod.s…e[0m - Load Kernel Module dm_mod. <30>[ 50.621047] systemd[1]: modprobe@drm.service: Deactivated successfully. <30>[ 50.643191] systemd[1]: Finished modprobe@drm.service - Load Kernel Module drm. [[0;32m OK [0m] Finished [0;1;39mmodprobe@drm.service[0m - Load Kernel Module drm. <30>[ 50.685146] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. <30>[ 50.708885] systemd[1]: Finished modprobe@efi_pstore.service - Load Kernel Module efi_pstore. [[0;32m OK [0m] Finished [0;1;39mmodprobe@efi_psto…m - Load Kernel Module efi_pstore. <30>[ 50.761812] systemd[1]: modprobe@fuse.service: Deactivated successfully. <30>[ 50.785491] systemd[1]: Finished modprobe@fuse.service - Load Kernel Module fuse. [[0;32m OK [0m] Finished [0;1;39mmodprobe@fuse.service[0m - Load Kernel Module fuse. <30>[ 50.834365] systemd[1]: modprobe@loop.service: Deactivated successfully. <30>[ 50.858022] systemd[1]: Finished modprobe@loop.service - Load Kernel Module loop. [[0;32m OK [0m] Finished [0;1;39mmodprobe@loop.service[0m - Load Kernel Module loop. <30>[ 50.900326] systemd[1]: Finished systemd-modules-load.service - Load Kernel Modules. [[0;32m OK [0m] Finished [0;1;39msystemd-modules-l…service[0m - Load Kernel Modules. <30>[ 50.947007] systemd[1]: Finished systemd-network-generator.service - Generate network units from Kernel command line. [[0;32m OK [0m] Finished [0;1;39msystemd-network-g…rk units from Kernel command line. <30>[ 50.998525] systemd[1]: Finished systemd-remount-fs.service - Remount Root and Kernel File Systems. [[0;32m OK [0m] Finished [0;1;39msystemd-remount-f…ount Root and Kernel File Systems. <30>[ 51.043374] systemd[1]: Reached target network-pre.target - Preparation for Network. [[0;32m OK [0m] Reached target [0;1;39mnetwork-pre…get[0m - Preparation for Network. <30>[ 51.139516] systemd[1]: Mounting sys-fs-fuse-connections.mount - FUSE Control File System... Mounting [0;1;39msys-fs-fuse-conne…[0m - FUSE Control File System... <30>[ 51.227398] systemd[1]: Mounting sys-kernel-config.mount - Kernel Configuration File System... Mounting [0;1;39msys-kernel-config…ernel Configuration File System... <30>[ 51.264381] systemd[1]: systemd-firstboot.service - First Boot Wizard was skipped because of an unmet condition check (ConditionFirstBoot=yes). <30>[ 51.298791] systemd[1]: systemd-pstore.service - Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). <30>[ 51.419777] systemd[1]: Starting systemd-random-seed.service - Load/Save Random Seed... Starting [0;1;39msystemd-random-se…ice[0m - Load/Save Random Seed... <30>[ 51.468471] systemd[1]: systemd-repart.service - Repartition Root Disk was skipped because no trigger condition checks were met. <30>[ 51.567529] systemd[1]: Starting systemd-sysctl.service - Apply Kernel Variables... Starting [0;1;39msystemd-sysctl.se…ce[0m - Apply Kernel Variables... <30>[ 51.698139] systemd[1]: Starting systemd-sysusers.service - Create System Users... Starting [0;1;39msystemd-sysusers.…rvice[0m - Create System Users... <30>[ 51.892509] systemd[1]: Started systemd-journald.service - Journal Service. [[0;32m OK [0m] Started [0;1;39msystemd-journald.service[0m - Journal Service. [[0;32m OK [0m] Mounted [0;1;39msys-fs-fuse-connec…nt[0m - FUSE Control File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-config.… Kernel Configuration File System. [[0;32m OK [0m] Finished [0;1;39msystemd-random-se…rvice[0m - Load/Save Random Seed. Starting [0;1;39msystemd-journal-f…h Journal to Persistent Storage... [[0;32m OK [0m] Finished [0;1;39msystemd-sysctl.service[0m - Apply Kernel Variables. [[0;32m OK [0m] Finished [0;1;39msystemd-sysusers.service[0m - Create System Users. <46>[ 52.542756] systemd-journald[208]: Received client request to flush runtime journal. Starting [0;1;39msystemd-tmpfiles-…ate Static Device Nodes in /dev... [[0;32m OK [0m] Finished [0;1;39msystemd-tmpfiles-…reate Static Device Nodes in /dev. [[0;32m OK [0m] Reached target [0;1;39mlocal-fs-pr…reparation for Local File Systems. [[0;32m OK [0m] Reached target [0;1;39mlocal-fs.target[0m - Local File Systems. Starting [0;1;39msystemd-udevd.ser…ger for Device Events and Files... [[0;32m OK [0m] Finished [0;1;39msystemd-journal-f…ush Journal to Persistent Storage. Starting [0;1;39msystemd-tmpfiles-… Volatile Files and Directories... [[0;32m OK [0m] Started [0;1;39msystemd-udevd.serv…nager for Device Events and Files. Starting [0;1;39msystemd-networkd.…ice[0m - Network Configuration... [[0;32m OK [0m] Finished [0;1;39msystemd-tmpfiles-…te Volatile Files and Directories. Starting [0;1;39msystemd-timesyncd… - Network Time Synchronization... Starting [0;1;39msystemd-update-ut…rd System Boot/Shutdown in UTMP... [[0;32m OK [0m] Finished [0;1;39msystemd-update-ut…cord System Boot/Shutdown in UTMP. [[0;32m OK [0m] Started [0;1;39msystemd-networkd.service[0m - Network Configuration. [[0;32m OK [0m] Reached target [0;1;39mnetwork.target[0m - Network. [[0;32m OK [0m] Started [0;1;39msystemd-timesyncd.…0m - Network Time Synchronization. [[0;32m OK [0m] Reached target [0;1;39mtime-set.target[0m - System Time Set. [[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (11s / no limit) M [K[[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (12s / no limit) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (12s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (13s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (13s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m*[0m] (2 of 2) Job dev-ttySTM0.device/start running (14s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (14s / no limit) M [K[ [0;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (15s / no limit) M [K[ [0;31m*[0;1;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (16s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m*[0m] (2 of 2) Job dev-ttySTM0.device/start running (16s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (17s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (19s / 1min 30s) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (19s / no limit) <46>[ 68.392364] systemd-journald[208]: Oldest entry in /var/log/journal/658c871cd7314ccea6115dc5728f8992/system.journal is older than the configured file retention duration (1month), suggesting rotation. <46>[ 68.526478] systemd-journald[208]: /var/log/journal/658c871cd7314ccea6115dc5728f8992/system.journal: Journal header limits reached or header out-of-date, rotating. M [K[[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (21s / no limit) M [K[[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (22s / no limit) M [K[[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (23s / 1min 30s) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (24s / 1min 30s) M [K[[0;32m OK [0m] Found device [0;1;39mdev-ttySTM0.device[0m - /dev/ttySTM0. [K[[0;32m OK [0m] Finished [0;1;39msystemd-udev-trig…e[0m - Coldplug All udev Devices. [[0;32m OK [0m] Reached target [0;1;39mbluetooth.target[0m - Bluetooth Support. [[0;32m OK [0m] Reached target [0;1;39musb-gadget.…m - Hardware activated USB gadget. [[0;32m OK [0m] Listening on [0;1;39msystemd-rfkil…l Switch Status /dev/rfkill Watch. Starting [0;1;39mmodprobe@dm_mod.s…[0m - Load Kernel Module dm_mod... Starting [0;1;39mmodprobe@efi_psto…- Load Kernel Module efi_pstore... Starting [0;1;39mmodprobe@loop.ser…e[0m - Load Kernel Module loop... [[0;32m OK [0m] Finished [0;1;39mmodprobe@dm_mod.s…e[0m - Load Kernel Module dm_mod. [[0;32m OK [0m] Finished [0;1;39mmodprobe@efi_psto…m - Load Kernel Module efi_pstore. [[0;32m OK [0m] Finished [0;1;39mmodprobe@loop.service[0m - Load Kernel Module loop. [[0;32m OK [0m] Reached target [0;1;39msysinit.target[0m - System Initialization. [[0;32m OK [0m] Started [0;1;39mapt-daily.timer[0m - Daily apt download activities. [[0;32m OK [0m] Started [0;1;39mapt-daily-upgrade.… apt upgrade and clean activities. [[0;32m OK [0m] Started [0;1;39mdpkg-db-backup.tim… Daily dpkg database backup timer. [[0;32m OK [0m] Started [0;1;39me2scrub_all.timer…etadata Check for All Filesystems. [[0;32m OK [0m] Started [0;1;39mfstrim.timer[0m - Discard unused blocks once a week. [[0;32m OK [0m] Started [0;1;39msystemd-tmpfiles-c… Cleanup of Temporary Directories. [[0;32m OK [0m] Reached target [0;1;39mtimers.target[0m - Timer Units. [[0;32m OK [0m] Listening on [0;1;39mdbus.socket[…- D-Bus System Message Bus Socket. [[0;32m OK [0m] Reached target [0;1;39msockets.target[0m - Socket Units. [[0;32m OK [0m] Reached target [0;1;39mbasic.target[0m - Basic System. Starting [0;1;39malsa-restore.serv…- Save/Restore Sound Card State... Starting [0;1;39mdbus.service[0m - D-Bus System Message Bus... Starting [0;1;39me2scrub_reap.serv…e ext4 Metadata Check Snapshots... Starting [0;1;39msystemd-logind.se…ice[0m - User Login Management... Starting [0;1;39msystemd-rfkill.se…Load/Save RF Kill Switch Status... Starting [0;1;39msystemd-user-sess…vice[0m - Permit User Sessions... [[0;32m OK [0m] Finished [0;1;39malsa-restore.serv…m - Save/Restore Sound Card State. [[0;32m OK [0m] Reached target [0;1;39msound.target[0m - Sound Card. [[0;32m OK [0m] Started [0;1;39mdbus.service[0m - D-Bus System Message Bus. [[0;32m OK [0m] Started [0;1;39msystemd-rfkill.ser…- Load/Save RF Kill Switch Status. [[0;32m OK [0m] Finished [0;1;39msystemd-user-sess…ervice[0m - Permit User Sessions. [[0;32m OK [0m] Started [0;1;39mgetty@tty1.service[0m - Getty on tty1. [[0;32m OK [0m] Started [0;1;39mserial-getty@ttyST…ice[0m - Serial Getty on ttySTM0. [[0;32m OK [0m] Reached target [0;1;39mgetty.target[0m - Login Prompts. Starting [0;1;39msystemd-hostnamed.service[0m - Hostname Service... [[0;32m OK [0m] Started [0;1;39msystemd-logind.service[0m - User Login Management. [[0;32m OK [0m] Finished [0;1;39me2scrub_reap.serv…ine ext4 Metadata Check Snapshots. [[0;32m OK [0m] Reached target [0;1;39mmulti-user.target[0m - Multi-User System. [[0;32m OK [0m] Reached target [0;1;39mgraphical.target[0m - Graphical Interface. Starting [0;1;39msystemd-update-ut… Record Runlevel Change in UTMP... [[0;32m OK [0m] Finished [0;1;39msystemd-update-ut… - Record Runlevel Change in UTMP. [[0;32m OK [0m] Started [0;1;39msystemd-hostnamed.service[0m - Hostname Service. Debian GNU/Linux 12 debian-bookworm-armhf ttySTM0 debian-bookworm-armhf login: root (automatic login) Linux debian-bookworm-armhf 6.12.0-rc1-next-20241004 #1 SMP Fri Oct 4 06:46:52 UTC 2024 armv7l The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. / # / # export NFS_ROOTFS='/var/lib/lava/dispatcher/tmp/801154/extract-nfsrootfs-hbndu0yd' export NFS_ROOTFS='/var/lib/lava/dispatcher/tmp/801154/extract-nfsrootfs-hbndu0yd' / # export NFS_SERVER_IP='192.168.56.193' export NFS_SERVER_IP='192.168.56.193' / # # # / # export SHELL=/bin/bash export SHELL=/bin/bash / # . /lava-801154/environment . /lava-801154/environment / # /lava-801154/bin/lava-test-runner /lava-801154/0 /lava-801154/bin/lava-test-runner /lava-801154/0 + export TESTRUN_ID=0_timesync-off + TESTRUN_ID=0_timesync-off + cd /lava-801154/0/tests/0_timesync-off ++ cat uuid + UUID=801154_1.6.2.4.1 + set +x + systemctl stop systemd-timesyncd + set +x + export TESTRUN_ID=1_kselftest-lkdtm + TESTRUN_ID=1_kselftest-lkdtm + cd /lava-801154/0/tests/1_kselftest-lkdtm ++ cat uuid + UUID=801154_1.6.2.4.5 + set +x + cd ./automated/linux/kselftest/ + ./kselftest.sh -c lkdtm -T '' -t kselftest_armhf.tar.gz -s True -u http://storage.kernelci.org/next/master/next-20241004/arm/multi_v7_defconfig+kselftest/gcc-12/kselftest.tar.xz -L '' -S /dev/null -b stm32mp157a-dhcor-avenger96 -g next -e '' -p /opt/kselftests/mainline/ -n 1 -i 1 -E '' INFO: install_deps skipped --2024-10-04 07:50:15-- http://storage.kernelci.org/next/master/next-20241004/arm/multi_v7_defconfig+kselftest/gcc-12/kselftest.tar.xz Resolving storage.kernelci.org (storage.kernelci.org)... 20.171.243.82 Connecting to storage.kernelci.org (storage.kernelci.org)|20.171.243.82|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 3814840 (3.6M) [application/octet-stream] Saving to: 'kselftest_armhf.tar.gz' kselftest_armhf.tar 0%[ ] 0 --.-KB/s kselftest_armhf.tar 1%[ ] 49.92K 176KB/s kselftest_armhf.tar 5%[> ] 218.67K 385KB/s kselftest_armhf.tar 23%[===> ] 876.79K 1.01MB/s kselftest_armhf.tar 82%[===============> ] 3.01M 2.87MB/s kselftest_armhf.tar 100%[===================>] 3.64M 3.18MB/s in 1.1s 2024-10-04 07:50:16 (3.18 MB/s) - 'kselftest_armhf.tar.gz' saved [3814840/3814840] skiplist: ======================================== ======================================== lkdtm:PANIC.sh lkdtm:PANIC_STOP_IRQOFF.sh lkdtm:BUG.sh lkdtm:WARNING.sh lkdtm:WARNING_MESSAGE.sh lkdtm:EXCEPTION.sh lkdtm:LOOP.sh lkdtm:EXHAUST_STACK.sh lkdtm:CORRUPT_STACK.sh lkdtm:CORRUPT_STACK_STRONG.sh lkdtm:ARRAY_BOUNDS.sh lkdtm:CORRUPT_LIST_ADD.sh lkdtm:CORRUPT_LIST_DEL.sh lkdtm:STACK_GUARD_PAGE_LEADING.sh lkdtm:STACK_GUARD_PAGE_TRAILING.sh lkdtm:REPORT_STACK_CANARY.sh lkdtm:UNSET_SMEP.sh lkdtm:DOUBLE_FAULT.sh lkdtm:CORRUPT_PAC.sh lkdtm:UNALIGNED_LOAD_STORE_WRITE.sh lkdtm:SLAB_LINEAR_OVERFLOW.sh lkdtm:VMALLOC_LINEAR_OVERFLOW.sh lkdtm:WRITE_AFTER_FREE.sh lkdtm:READ_AFTER_FREE.sh lkdtm:WRITE_BUDDY_AFTER_FREE.sh lkdtm:READ_BUDDY_AFTER_FREE.sh lkdtm:SLAB_INIT_ON_ALLOC.sh lkdtm:BUDDY_INIT_ON_ALLOC.sh lkdtm:SLAB_FREE_DOUBLE.sh lkdtm:SLAB_FREE_CROSS.sh lkdtm:SLAB_FREE_PAGE.sh lkdtm:SOFTLOCKUP.sh lkdtm:HARDLOCKUP.sh lkdtm:SMP_CALL_LOCKUP.sh lkdtm:SPINLOCKUP.sh lkdtm:HUNG_TASK.sh lkdtm:EXEC_DATA.sh lkdtm:EXEC_STACK.sh lkdtm:EXEC_KMALLOC.sh lkdtm:EXEC_VMALLOC.sh lkdtm:EXEC_RODATA.sh lkdtm:EXEC_USERSPACE.sh lkdtm:EXEC_NULL.sh lkdtm:ACCESS_USERSPACE.sh lkdtm:ACCESS_NULL.sh lkdtm:WRITE_RO.sh lkdtm:WRITE_RO_AFTER_INIT.sh lkdtm:WRITE_KERN.sh lkdtm:WRITE_OPD.sh lkdtm:REFCOUNT_INC_OVERFLOW.sh lkdtm:REFCOUNT_ADD_OVERFLOW.sh lkdtm:REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_DEC_ZERO.sh lkdtm:REFCOUNT_DEC_NEGATIVE.sh lkdtm:REFCOUNT_DEC_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_SUB_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_INC_ZERO.sh lkdtm:REFCOUNT_ADD_ZERO.sh lkdtm:REFCOUNT_INC_SATURATED.sh lkdtm:REFCOUNT_DEC_SATURATED.sh lkdtm:REFCOUNT_ADD_SATURATED.sh lkdtm:REFCOUNT_INC_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_DEC_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_SUB_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_TIMING.sh lkdtm:ATOMIC_TIMING.sh lkdtm:USERCOPY_SLAB_SIZE_TO.sh lkdtm:USERCOPY_SLAB_SIZE_FROM.sh lkdtm:USERCOPY_SLAB_WHITELIST_TO.sh lkdtm:USERCOPY_SLAB_WHITELIST_FROM.sh lkdtm:USERCOPY_STACK_FRAME_TO.sh lkdtm:USERCOPY_STACK_FRAME_FROM.sh lkdtm:USERCOPY_STACK_BEYOND.sh lkdtm:USERCOPY_KERNEL.sh lkdtm:STACKLEAK_ERASING.sh lkdtm:CFI_FORWARD_PROTO.sh lkdtm:CFI_BACKWARD.sh lkdtm:FORTIFY_STRSCPY.sh lkdtm:FORTIFY_STR_OBJECT.sh lkdtm:FORTIFY_STR_MEMBER.sh lkdtm:FORTIFY_MEM_OBJECT.sh lkdtm:FORTIFY_MEM_MEMBER.sh lkdtm:PPC_SLB_MULTIHIT.sh lkdtm:stack-entropy.sh ============== Tests to run =============== lkdtm:PANIC.sh lkdtm:PANIC_STOP_IRQOFF.sh lkdtm:BUG.sh lkdtm:WARNING.sh lkdtm:WARNING_MESSAGE.sh lkdtm:EXCEPTION.sh lkdtm:LOOP.sh lkdtm:EXHAUST_STACK.sh lkdtm:CORRUPT_STACK.sh lkdtm:CORRUPT_STACK_STRONG.sh lkdtm:ARRAY_BOUNDS.sh lkdtm:CORRUPT_LIST_ADD.sh lkdtm:CORRUPT_LIST_DEL.sh lkdtm:STACK_GUARD_PAGE_LEADING.sh lkdtm:STACK_GUARD_PAGE_TRAILING.sh lkdtm:REPORT_STACK_CANARY.sh lkdtm:UNSET_SMEP.sh lkdtm:DOUBLE_FAULT.sh lkdtm:CORRUPT_PAC.sh lkdtm:UNALIGNED_LOAD_STORE_WRITE.sh lkdtm:SLAB_LINEAR_OVERFLOW.sh lkdtm:VMALLOC_LINEAR_OVERFLOW.sh lkdtm:WRITE_AFTER_FREE.sh lkdtm:READ_AFTER_FREE.sh lkdtm:WRITE_BUDDY_AFTER_FREE.sh lkdtm:READ_BUDDY_AFTER_FREE.sh lkdtm:SLAB_INIT_ON_ALLOC.sh lkdtm:BUDDY_INIT_ON_ALLOC.sh lkdtm:SLAB_FREE_DOUBLE.sh lkdtm:SLAB_FREE_CROSS.sh lkdtm:SLAB_FREE_PAGE.sh lkdtm:SOFTLOCKUP.sh lkdtm:HARDLOCKUP.sh lkdtm:SMP_CALL_LOCKUP.sh lkdtm:SPINLOCKUP.sh lkdtm:HUNG_TASK.sh lkdtm:EXEC_DATA.sh lkdtm:EXEC_STACK.sh lkdtm:EXEC_KMALLOC.sh lkdtm:EXEC_VMALLOC.sh lkdtm:EXEC_RODATA.sh lkdtm:EXEC_USERSPACE.sh lkdtm:EXEC_NULL.sh lkdtm:ACCESS_USERSPACE.sh lkdtm:ACCESS_NULL.sh lkdtm:WRITE_RO.sh lkdtm:WRITE_RO_AFTER_INIT.sh lkdtm:WRITE_KERN.sh lkdtm:WRITE_OPD.sh lkdtm:REFCOUNT_INC_OVERFLOW.sh lkdtm:REFCOUNT_ADD_OVERFLOW.sh lkdtm:REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_DEC_ZERO.sh lkdtm:REFCOUNT_DEC_NEGATIVE.sh lkdtm:REFCOUNT_DEC_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_SUB_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_INC_ZERO.sh lkdtm:REFCOUNT_ADD_ZERO.sh lkdtm:REFCOUNT_INC_SATURATED.sh lkdtm:REFCOUNT_DEC_SATURATED.sh lkdtm:REFCOUNT_ADD_SATURATED.sh lkdtm:REFCOUNT_INC_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_DEC_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_SUB_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_TIMING.sh lkdtm:ATOMIC_TIMING.sh lkdtm:USERCOPY_SLAB_SIZE_TO.sh lkdtm:USERCOPY_SLAB_SIZE_FROM.sh lkdtm:USERCOPY_SLAB_WHITELIST_TO.sh lkdtm:USERCOPY_SLAB_WHITELIST_FROM.sh lkdtm:USERCOPY_STACK_FRAME_TO.sh lkdtm:USERCOPY_STACK_FRAME_FROM.sh lkdtm:USERCOPY_STACK_BEYOND.sh lkdtm:USERCOPY_KERNEL.sh lkdtm:STACKLEAK_ERASING.sh lkdtm:CFI_FORWARD_PROTO.sh lkdtm:CFI_BACKWARD.sh lkdtm:FORTIFY_STRSCPY.sh lkdtm:FORTIFY_STR_OBJECT.sh lkdtm:FORTIFY_STR_MEMBER.sh lkdtm:FORTIFY_MEM_OBJECT.sh lkdtm:FORTIFY_MEM_MEMBER.sh lkdtm:PPC_SLB_MULTIHIT.sh lkdtm:stack-entropy.sh ===========End Tests to run =============== shardfile-lkdtm pass <12>[ 126.963564] kselftest: Running tests in lkdtm TAP version 13 1..86 # timeout set to 45 # selftests: lkdtm: PANIC.sh # Skipping PANIC: crashes entire system ok 1 selftests: lkdtm: PANIC.sh # SKIP # timeout set to 45 # selftests: lkdtm: PANIC_STOP_IRQOFF.sh # Skipping PANIC_STOP_IRQOFF: Crashes entire system ok 2 selftests: lkdtm: PANIC_STOP_IRQOFF.sh # SKIP # timeout set to 45 # selftests: lkdtm: BUG.sh <6>[ 129.521002] lkdtm: Performing direct entry BUG <4>[ 129.524567] ------------[ cut here ]------------ <2>[ 129.529224] kernel BUG at drivers/misc/lkdtm/bugs.c:105! <0>[ 129.534875] Internal error: Oops - BUG: 0 [#1] SMP ARM <4>[ 129.540231] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 129.578323] CPU: 1 UID: 0 PID: 744 Comm: cat Not tainted 6.12.0-rc1-next-20241004 #1 <4>[ 129.586394] Hardware name: STM32 (Device Tree Support) <4>[ 129.591842] PC is at lkdtm_BUG+0x8/0xc <4>[ 129.595803] LR is at lkdtm_do_action+0x24/0x4c <4>[ 129.600556] pc : [] lr : [] psr: a0080013 <4>[ 129.607112] sp : f124dec0 ip : 00000000 fp : 004efe38 <4>[ 129.612562] r10: c52cfb80 r9 : f124df80 r8 : c2687de4 <4>[ 129.618112] r7 : f124df80 r6 : 00000000 r5 : c5463000 r4 : 00000004 <4>[ 129.624871] r3 : c0df6c98 r2 : 00000000 r1 : 00000000 r0 : c2687de4 <4>[ 129.631730] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 129.639095] Control: 10c5387d Table: c536406a DAC: 00000051 <1>[ 129.645145] Register r0 information: non-slab/vmalloc memory <1>[ 129.651110] Register r1 information: NULL pointer <1>[ 129.656063] Register r2 information: NULL pointer <1>[ 129.661015] Register r3 information: non-slab/vmalloc memory <1>[ 129.666973] Register r4 information: non-paged memory <1>[ 129.672327] Register r5 information: non-slab/vmalloc memory <1>[ 129.678285] Register r6 information: NULL pointer <1>[ 129.683237] Register r7 information: 2-page vmalloc region starting at 0xf124c000 allocated at kernel_clone+0xac/0x388 <1>[ 129.694250] Register r8 information: non-slab/vmalloc memory <1>[ 129.700209] Register r9 information: 2-page vmalloc region starting at 0xf124c000 allocated at kernel_clone+0xac/0x388 <1>[ 129.711215] Register r10 information: slab kmalloc-192 start c52cfb40 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 129.725080] full_proxy_open+0x124/0x24c <6>[ 129.729533] do_dentry_open+0x144/0x4dc <6>[ 129.733896] vfs_open+0x2c/0xec <6>[ 129.737548] path_openat+0x748/0x1198 <6>[ 129.741800] do_filp_open+0x98/0x134 <6>[ 129.745851] do_sys_openat2+0xbc/0xe4 <6>[ 129.750005] sys_openat+0x98/0xd4 <6>[ 129.753857] ret_fast_syscall+0x0/0x1c <4>[ 129.758208] Free path: <6>[ 129.760839] xdr_free_bvec+0x18/0x24 <6>[ 129.764995] xprt_complete_rqst+0x30/0x8c <6>[ 129.769554] xs_stream_data_receive_workfn+0x4c8/0x594 <6>[ 129.775214] process_one_work+0x1b8/0x450 <6>[ 129.779770] worker_thread+0x1d4/0x3c4 <6>[ 129.784022] kthread+0xe8/0x104 <6>[ 129.787670] ret_from_fork+0x14/0x28 <1>[ 129.791819] Register r11 information: non-paged memory <1>[ 129.797177] Register r12 information: NULL pointer <0>[ 129.802331] Process cat (pid: 744, stack limit = 0xf124c000) <0>[ 129.808187] Stack: (0xf124dec0 to 0xf124e000) <0>[ 129.812844] dec0: 00000004 c0df65ac c0df6490 c5443140 b6d88000 00000004 c3824260 c08910e8 <0>[ 129.821318] dee0: c5443140 c089108c f124df80 b6d88000 c5203240 00000004 c52cfb80 c0628870 <0>[ 129.829791] df00: c5366db0 00000000 00000000 00000000 00000000 00000004 b6d88000 0001fffc <0>[ 129.838263] df20: 00000001 00000000 c5443840 00000000 00000000 00000000 00000000 00000000 <0>[ 129.846736] df40: 00000000 00000000 00000000 00000000 00000022 ad88e1e0 00000000 c5443140 <0>[ 129.855210] df60: c5443140 00000000 00000000 c03002f0 c5203240 00000004 004efe38 c0628dcc <0>[ 129.863682] df80: 00000000 00000000 00000000 ad88e1e0 000000c0 00000004 00000004 7ff00000 <0>[ 129.872155] dfa0: 00000004 c03000c0 00000004 00000004 00000001 b6d88000 00000004 00000001 <0>[ 129.880628] dfc0: 00000004 00000004 7ff00000 00000004 00000001 b6d88000 00020000 004efe38 <0>[ 129.889101] dfe0: 00000004 be9dc788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 <0>[ 129.897566] Call trace: <0>[ 129.897581] lkdtm_BUG from lkdtm_do_action+0x24/0x4c <0>[ 129.905674] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 129.911442] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 129.917109] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 129.922686] vfs_write from ksys_write+0x78/0xf8 <0>[ 129.927562] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 129.932932] Exception stack(0xf124dfa8 to 0xf124dff0) <0>[ 129.938288] dfa0: 00000004 00000004 00000001 b6d88000 00000004 00000001 <0>[ 129.946761] dfc0: 00000004 00000004 7ff00000 00000004 00000001 b6d88000 00020000 004efe38 <0>[ 129.955231] dfe0: 00000004 be9dc788 b6e4e33b b6dc7616 <0>[ 129.960589] Code: c2687d80 c2687d94 e52de004 e28dd004 (e7f001f2) <4>[ 129.966946] ---[ end trace 0000000000000000 ]--- <6>[ 129.971795] note: cat[744] exited with irqs disabled # Segmentation fault # [ 129.521002] lkdtm: Performing direct entry BUG # [ 129.524567] ------------[ cut here ]------------ # [ 129.529224] kernel BUG at drivers/misc/lkdtm/bugs.c:105! # [ 129.534875] Internal error: Oops - BUG: 0 [#1] SMP ARM # [ 129.540231] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 129.578323] CPU: 1 UID: 0 PID: 744 Comm: cat Not tainted 6.12.0-rc1-next-20241004 #1 # [ 129.586394] Hardware name: STM32 (Device Tree Support) # [ 129.591842] PC is at lkdtm_BUG+0x8/0xc # [ 129.595803] LR is at lkdtm_do_action+0x24/0x4c # [ 129.600556] pc : [] lr : [] psr: a0080013 # [ 129.607112] sp : f124dec0 ip : 00000000 fp : 004efe38 # [ 129.612562] r10: c52cfb80 r9 : f124df80 r8 : c2687de4 # [ 129.618112] r7 : f124df80 r6 : 00000000 r5 : c5463000 r4 : 00000004 # [ 129.624871] r3 : c0df6c98 r2 : 00000000 r1 : 00000000 r0 : c2687de4 # [ 129.631730] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 129.639095] Control: 10c5387d Table: c536406a DAC: 00000051 # [ 129.645145] Register r0 information: non-slab/vmalloc memory # [ 129.651110] Register r1 information: NULL pointer # [ 129.656063] Register r2 information: NULL pointer # [ 129.661015] Register r3 information: non-slab/vmalloc memory # [ 129.666973] Register r4 information: non-paged memory # [ 129.672327] Register r5 information: non-slab/vmalloc memory # [ 129.678285] Register r6 information: NULL pointer # [ 129.683237] Register r7 information: 2-page vmalloc region starting at 0xf124c000 allocated at kernel_clone+0xac/0x388 # [ 129.694250] Register r8 information: non-slab/vmalloc memory # [ 129.700209] Register r9 information: 2-page vmalloc region starting at 0xf124c000 allocated at kernel_clone+0xac/0x388 # [ 129.711215] Register r10 information: slab kmalloc-192 start c52cfb40 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 129.725080] full_proxy_open+0x124/0x24c # [ 129.729533] do_dentry_open+0x144/0x4dc # [ 129.733896] vfs_open+0x2c/0xec # [ 129.737548] path_openat+0x748/0x1198 # [ 129.741800] do_filp_open+0x98/0x134 # [ 129.745851] do_sys_openat2+0xbc/0xe4 # [ 129.750005] sys_openat+0x98/0xd4 # [ 129.753857] ret_fast_syscall+0x0/0x1c # [ 129.758208] Free path: # [ 129.760839] xdr_free_bvec+0x18/0x24 # [ 129.764995] xprt_complete_rqst+0x30/0x8c # [ 129.769554] xs_stream_data_receive_workfn+0x4c8/0x594 # [ 129.775214] process_one_work+0x1b8/0x450 # [ 129.779770] worker_thread+0x1d4/0x3c4 # [ 129.784022] kthread+0xe8/0x104 # [ 129.787670] ret_from_fork+0x14/0x28 # [ 129.791819] Register r11 information: non-paged memory # [ 129.797177] Register r12 information: NULL pointer # [ 129.802331] Process cat (pid: 744, stack limit = 0xf124c000) # [ 129.808187] Stack: (0xf124dec0 to 0xf124e000) # [ 129.812844] dec0: 00000004 c0df65ac c0df6490 c5443140 b6d88000 00000004 c3824260 c08910e8 # [ 129.821318] dee0: c5443140 c089108c f124df80 b6d88000 c5203240 00000004 c52cfb80 c0628870 # [ 129.829791] df00: c5366db0 00000000 00000000 00000000 00000000 00000004 b6d88000 0001fffc # [ 129.838263] df20: 00000001 00000000 c5443840 00000000 00000000 00000000 00000000 00000000 # [ 129.846736] df40: 00000000 00000000 00000000 00000000 00000022 ad88e1e0 00000000 c5443140 # [ 129.855210] df60: c5443140 00000000 00000000 c03002f0 c5203240 00000004 004efe38 c0628dcc # [ 129.863682] df80: 00000000 00000000 00000000 ad88e1e0 000000c0 00000004 00000004 7ff00000 # [ 129.872155] dfa0: 00000004 c03000c0 00000004 00000004 00000001 b6d88000 00000004 00000001 # [ 129.880628] dfc0: 00000004 00000004 7ff00000 00000004 00000001 b6d88000 00020000 004efe38 # [ 129.889101] dfe0: 00000004 be9dc788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 # [ 129.897566] Call trace: # [ 129.897581] lkdtm_BUG from lkdtm_do_action+0x24/0x4c # [ 129.905674] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 129.911442] direct_entry from full_proxy_write+0x5c/0x8c # [ 129.917109] full_proxy_write from vfs_write+0xbc/0x3cc # [ 129.922686] vfs_write from ksys_write+0x78/0xf8 # [ 129.927562] ksys_write from ret_fast_syscall+0x0/0x1c # [ 129.932932] Exception stack(0xf124dfa8 to 0xf124dff0) # [ 129.938288] dfa0: 00000004 00000004 00000001 b6d88000 00000004 00000001 # [ 129.946761] dfc0: 00000004 00000004 7ff00000 00000004 00000001 b6d88000 00020000 004efe38 # [ 129.955231] dfe0: 00000004 be9dc788 b6e4e33b b6dc7616 # [ 129.960589] Code: c2687d80 c2687d94 e52de004 e28dd004 (e7f001f2) # [ 129.966946] ---[ end trace 0000000000000000 ]--- # [ 129.971795] note: cat[744] exited with irqs disabled # BUG: saw 'kernel BUG at': ok ok 3 selftests: lkdtm: BUG.sh # timeout set to 45 # selftests: lkdtm: WARNING.sh <6>[ 131.404450] lkdtm: Performing direct entry WARNING <4>[ 131.408267] ------------[ cut here ]------------ <4>[ 131.413591] WARNING: CPU: 1 PID: 827 at drivers/misc/lkdtm/bugs.c:112 lkdtm_do_action+0x24/0x4c <4>[ 131.422553] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 131.460673] CPU: 1 UID: 0 PID: 827 Comm: cat Tainted: G D 6.12.0-rc1-next-20241004 #1 <4>[ 131.469683] Tainted: [D]=DIE <4>[ 131.472826] Hardware name: STM32 (Device Tree Support) <4>[ 131.478175] Call trace: <4>[ 131.478189] unwind_backtrace from show_stack+0x18/0x1c <4>[ 131.486496] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 131.491868] dump_stack_lvl from __warn+0x84/0x134 <4>[ 131.496943] __warn from warn_slowpath_fmt+0x190/0x198 <4>[ 131.502323] warn_slowpath_fmt from lkdtm_do_action+0x24/0x4c <4>[ 131.508301] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 131.514067] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 131.519735] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 131.525310] vfs_write from ksys_write+0x78/0xf8 <4>[ 131.530185] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 131.535557] Exception stack(0xf12c9fa8 to 0xf12c9ff0) <4>[ 131.540917] 9fa0: 00000008 00000008 00000001 b6d94000 00000008 00000001 <4>[ 131.549390] 9fc0: 00000008 00000008 7ff00000 00000004 00000001 b6d94000 00020000 0046fe38 <4>[ 131.557859] 9fe0: 00000004 bed95788 b6e5a33b b6dd3616 <4>[ 131.563335] ---[ end trace 0000000000000000 ]--- # [ 131.404450] lkdtm: Performing direct entry WARNING # [ 131.408267] ------------[ cut here ]------------ # [ 131.413591] WARNING: CPU: 1 PID: 827 at drivers/misc/lkdtm/bugs.c:112 lkdtm_do_action+0x24/0x4c # [ 131.422553] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 131.460673] CPU: 1 UID: 0 PID: 827 Comm: cat Tainted: G D 6.12.0-rc1-next-20241004 #1 # [ 131.469683] Tainted: [D]=DIE # [ 131.472826] Hardware name: STM32 (Device Tree Support) # [ 131.478175] Call trace: # [ 131.478189] unwind_backtrace from show_stack+0x18/0x1c # [ 131.486496] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 131.491868] dump_stack_lvl from __warn+0x84/0x134 # [ 131.496943] __warn from warn_slowpath_fmt+0x190/0x198 # [ 131.502323] warn_slowpath_fmt from lkdtm_do_action+0x24/0x4c # [ 131.508301] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 131.514067] direct_entry from full_proxy_write+0x5c/0x8c # [ 131.519735] full_proxy_write from vfs_write+0xbc/0x3cc # [ 131.525310] vfs_write from ksys_write+0x78/0xf8 # [ 131.530185] ksys_write from ret_fast_syscall+0x0/0x1c # [ 131.535557] Exception stack(0xf12c9fa8 to 0xf12c9ff0) # [ 131.540917] 9fa0: 00000008 00000008 00000001 b6d94000 00000008 00000001 # [ 131.549390] 9fc0: 00000008 00000008 7ff00000 00000004 00000001 b6d94000 00020000 0046fe38 # [ 131.557859] 9fe0: 00000004 bed95788 b6e5a33b b6dd3616 # [ 131.563335] ---[ end trace 0000000000000000 ]--- # WARNING: saw 'WARNING:': ok ok 4 selftests: lkdtm: WARNING.sh # timeout set to 45 # selftests: lkdtm: WARNING_MESSAGE.sh <6>[ 132.695576] lkdtm: Performing direct entry WARNING_MESSAGE <4>[ 132.700082] ------------[ cut here ]------------ <4>[ 132.704909] WARNING: CPU: 0 PID: 871 at drivers/misc/lkdtm/bugs.c:117 lkdtm_WARNING_MESSAGE+0x44/0x4c <4>[ 132.714543] Warning message trigger count: 2 <4>[ 132.718993] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 132.757320] CPU: 0 UID: 0 PID: 871 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 <4>[ 132.766528] Tainted: [D]=DIE, [W]=WARN <4>[ 132.770575] Hardware name: STM32 (Device Tree Support) <4>[ 132.776025] Call trace: <4>[ 132.776041] unwind_backtrace from show_stack+0x18/0x1c <4>[ 132.784249] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 132.789632] dump_stack_lvl from __warn+0x84/0x134 <4>[ 132.794718] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 132.800099] warn_slowpath_fmt from lkdtm_WARNING_MESSAGE+0x44/0x4c <4>[ 132.806685] lkdtm_WARNING_MESSAGE from lkdtm_do_action+0x24/0x4c <4>[ 132.813056] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 132.818822] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 132.824491] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 132.829966] vfs_write from ksys_write+0x78/0xf8 <4>[ 132.834842] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 132.840314] Exception stack(0xf1305fa8 to 0xf1305ff0) <4>[ 132.845575] 5fa0: 00000010 00000010 00000001 b6d88000 00000010 00000001 <4>[ 132.854049] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6d88000 00020000 0047fe38 <4>[ 132.862519] 5fe0: 00000004 bee5e788 b6e4e33b b6dc7616 <4>[ 132.868264] ---[ end trace 0000000000000000 ]--- # [ 132.695576] lkdtm: Performing direct entry WARNING_MESSAGE # [ 132.700082] ------------[ cut here ]------------ # [ 132.704909] WARNING: CPU: 0 PID: 871 at drivers/misc/lkdtm/bugs.c:117 lkdtm_WARNING_MESSAGE+0x44/0x4c # [ 132.714543] Warning message trigger count: 2 # [ 132.718993] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 132.757320] CPU: 0 UID: 0 PID: 871 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 # [ 132.766528] Tainted: [D]=DIE, [W]=WARN # [ 132.770575] Hardware name: STM32 (Device Tree Support) # [ 132.776025] Call trace: # [ 132.776041] unwind_backtrace from show_stack+0x18/0x1c # [ 132.784249] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 132.789632] dump_stack_lvl from __warn+0x84/0x134 # [ 132.794718] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 132.800099] warn_slowpath_fmt from lkdtm_WARNING_MESSAGE+0x44/0x4c # [ 132.806685] lkdtm_WARNING_MESSAGE from lkdtm_do_action+0x24/0x4c # [ 132.813056] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 132.818822] direct_entry from full_proxy_write+0x5c/0x8c # [ 132.824491] full_proxy_write from vfs_write+0xbc/0x3cc # [ 132.829966] vfs_write from ksys_write+0x78/0xf8 # [ 132.834842] ksys_write from ret_fast_syscall+0x0/0x1c # [ 132.840314] Exception stack(0xf1305fa8 to 0xf1305ff0) # [ 132.845575] 5fa0: 00000010 00000010 00000001 b6d88000 00000010 00000001 # [ 132.854049] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6d88000 00020000 0047fe38 # [ 132.862519] 5fe0: 00000004 bee5e788 b6e4e33b b6dc7616 # [ 132.868264] ---[ end trace 0000000000000000 ]--- # WARNING_MESSAGE: saw 'message trigger': ok ok 5 selftests: lkdtm: WARNING_MESSAGE.sh # timeout set to 45 # selftests: lkdtm: EXCEPTION.sh <6>[ 133.926939] lkdtm: Performing direct entry EXCEPTION <1>[ 133.930972] 8<--- cut here --- <1>[ 133.934224] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when write <1>[ 133.944028] [00000000] *pgd=00000000 <0>[ 133.947406] Internal error: Oops: 805 [#2] SMP ARM <4>[ 133.952392] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 133.990510] CPU: 1 UID: 0 PID: 910 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 <4>[ 134.000009] Tainted: [D]=DIE, [W]=WARN <4>[ 134.004049] Hardware name: STM32 (Device Tree Support) <4>[ 134.009399] PC is at lkdtm_EXCEPTION+0xc/0x14 <4>[ 134.014069] LR is at lkdtm_do_action+0x24/0x4c <4>[ 134.018826] pc : [] lr : [] psr: a0080013 <4>[ 134.025287] sp : f134dec0 ip : 00000000 fp : 004dfe38 <4>[ 134.030839] r10: c54b52c0 r9 : f134df80 r8 : c2687dfc <4>[ 134.036390] r7 : f134df80 r6 : 00000000 r5 : c5733000 r4 : 0000000a <4>[ 134.043149] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : c2687dfc <4>[ 134.050008] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 134.057373] Control: 10c5387d Table: c57cc06a DAC: 00000051 <1>[ 134.063425] Register r0 information: non-slab/vmalloc memory <1>[ 134.069392] Register r1 information: NULL pointer <1>[ 134.074349] Register r2 information: NULL pointer <1>[ 134.079302] Register r3 information: NULL pointer <1>[ 134.084254] Register r4 information: non-paged memory <1>[ 134.089608] Register r5 information: non-slab/vmalloc memory <1>[ 134.095568] Register r6 information: NULL pointer <1>[ 134.100520] Register r7 information: 2-page vmalloc region starting at 0xf134c000 allocated at kernel_clone+0xac/0x388 <1>[ 134.111537] Register r8 information: non-slab/vmalloc memory <1>[ 134.117498] Register r9 information: 2-page vmalloc region starting at 0xf134c000 allocated at kernel_clone+0xac/0x388 <1>[ 134.128506] Register r10 information: slab kmalloc-192 start c54b5280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 134.142374] full_proxy_open+0x124/0x24c <6>[ 134.146825] do_dentry_open+0x144/0x4dc <6>[ 134.151181] vfs_open+0x2c/0xec <6>[ 134.154931] path_openat+0x748/0x1198 <6>[ 134.159084] do_filp_open+0x98/0x134 <6>[ 134.163239] do_sys_openat2+0xbc/0xe4 <6>[ 134.167395] sys_openat+0x98/0xd4 <6>[ 134.171247] ret_fast_syscall+0x0/0x1c <4>[ 134.175498] Free path: <6>[ 134.178229] xdr_free_bvec+0x18/0x24 <6>[ 134.182285] xprt_transmit+0x29c/0x4a0 <6>[ 134.186645] call_transmit+0x80/0x8c <6>[ 134.190698] __rpc_execute+0xc8/0x5d0 <6>[ 134.194953] rpc_async_schedule+0x24/0x40 <6>[ 134.199407] process_one_work+0x1b8/0x450 <6>[ 134.203962] worker_thread+0x1d4/0x3c4 <6>[ 134.208314] kthread+0xe8/0x104 <6>[ 134.211962] ret_from_fork+0x14/0x28 <1>[ 134.216010] Register r11 information: non-paged memory <1>[ 134.221468] Register r12 information: NULL pointer <0>[ 134.226522] Process cat (pid: 910, stack limit = 0xf134c000) <0>[ 134.232479] Stack: (0xf134dec0 to 0xf134e000) <0>[ 134.237136] dec0: 0000000a c0df65ac c0df6490 c51c0a40 b6d88000 0000000a c3824260 c08910e8 <0>[ 134.245610] dee0: c51c0a40 c089108c f134df80 b6d88000 c8489440 0000000a c54b52c0 c0628870 <0>[ 134.254083] df00: c57cedb0 00000000 00000000 00000000 00000000 0000000a b6d88000 0001fff6 <0>[ 134.262559] df20: 00000001 00000000 c52bf540 00000000 00000000 00000000 00000000 00000000 <0>[ 134.271041] df40: 00000000 00000000 00000000 00000000 00000022 06d72674 00000000 c51c0a40 <0>[ 134.279528] df60: c51c0a40 00000000 00000000 c03002f0 c8489440 00000004 004dfe38 c0628dcc <0>[ 134.288007] df80: 00000000 00000000 00000000 06d72674 000000c0 0000000a 0000000a 7ff00000 <0>[ 134.296482] dfa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6d88000 0000000a 00000001 <0>[ 134.304956] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 <0>[ 134.313430] dfe0: 00000004 bed20788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 <0>[ 134.321897] Call trace: <0>[ 134.321911] lkdtm_EXCEPTION from lkdtm_do_action+0x24/0x4c <0>[ 134.330515] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 134.336285] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 134.341956] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 134.347433] vfs_write from ksys_write+0x78/0xf8 <0>[ 134.352310] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 134.357781] Exception stack(0xf134dfa8 to 0xf134dff0) <0>[ 134.363138] dfa0: 0000000a 0000000a 00000001 b6d88000 0000000a 00000001 <0>[ 134.371611] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 <0>[ 134.380080] dfe0: 00000004 bed20788 b6e4e33b b6dc7616 <0>[ 134.385439] Code: eb23a730 e52de004 e28dd004 e3a03000 (e5833000) <4>[ 134.392050] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 133.926939] lkdtm: Performing direct entry EXCEPTION # [ 133.930972] 8<--- cut here --- # [ 133.934224] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when write # [ 133.944028] [00000000] *pgd=00000000 # [ 133.947406] Internal error: Oops: 805 [#2] SMP ARM # [ 133.952392] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 133.990510] CPU: 1 UID: 0 PID: 910 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 # [ 134.000009] Tainted: [D]=DIE, [W]=WARN # [ 134.004049] Hardware name: STM32 (Device Tree Support) # [ 134.009399] PC is at lkdtm_EXCEPTION+0xc/0x14 # [ 134.014069] LR is at lkdtm_do_action+0x24/0x4c # [ 134.018826] pc : [] lr : [] psr: a0080013 # [ 134.025287] sp : f134dec0 ip : 00000000 fp : 004dfe38 # [ 134.030839] r10: c54b52c0 r9 : f134df80 r8 : c2687dfc # [ 134.036390] r7 : f134df80 r6 : 00000000 r5 : c5733000 r4 : 0000000a # [ 134.043149] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : c2687dfc # [ 134.050008] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 134.057373] Control: 10c5387d Table: c57cc06a DAC: 00000051 # [ 134.063425] Register r0 information: non-slab/vmalloc memory # [ 134.069392] Register r1 information: NULL pointer # [ 134.074349] Register r2 information: NULL pointer # [ 134.079302] Register r3 information: NULL pointer # [ 134.084254] Register r4 information: non-paged memory # [ 134.089608] Register r5 information: non-slab/vmalloc memory # [ 134.095568] Register r6 information: NULL pointer # [ 134.100520] Register r7 information: 2-page vmalloc region starting at 0xf134c000 allocated at kernel_clone+0xac/0x388 # [ 134.111537] Register r8 information: non-slab/vmalloc memory # [ 134.117498] Register r9 information: 2-page vmalloc region starting at 0xf134c000 allocated at kernel_clone+0xac/0x388 # [ 134.128506] Register r10 information: slab kmalloc-192 start c54b5280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 134.142374] full_proxy_open+0x124/0x24c # [ 134.146825] do_dentry_open+0x144/0x4dc # [ 134.151181] vfs_open+0x2c/0xec # [ 134.154931] path_openat+0x748/0x1198 # [ 134.159084] do_filp_open+0x98/0x134 # [ 134.163239] do_sys_openat2+0xbc/0xe4 # [ 134.167395] sys_openat+0x98/0xd4 # [ 134.171247] ret_fast_syscall+0x0/0x1c # [ 134.175498] Free path: # [ 134.178229] xdr_free_bvec+0x18/0x24 # [ 134.182285] xprt_transmit+0x29c/0x4a0 # [ 134.186645] call_transmit+0x80/0x8c # [ 134.190698] __rpc_execute+0xc8/0x5d0 # [ 134.194953] rpc_async_schedule+0x24/0x40 # [ 134.199407] process_one_work+0x1b8/0x450 # [ 134.203962] worker_thread+0x1d4/0x3c4 # [ 134.208314] kthread+0xe8/0x104 # [ 134.211962] ret_from_fork+0x14/0x28 # [ 134.216010] Register r11 information: non-paged memory # [ 134.221468] Register r12 information: NULL pointer # [ 134.226522] Process cat (pid: 910, stack limit = 0xf134c000) # [ 134.232479] Stack: (0xf134dec0 to 0xf134e000) # [ 134.237136] dec0: 0000000a c0df65ac c0df6490 c51c0a40 b6d88000 0000000a c3824260 c08910e8 # [ 134.245610] dee0: c51c0a40 c089108c f134df80 b6d88000 c8489440 0000000a c54b52c0 c0628870 # [ 134.254083] df00: c57cedb0 00000000 00000000 00000000 00000000 0000000a b6d88000 0001fff6 # [ 134.262559] df20: 00000001 00000000 c52bf540 00000000 00000000 00000000 00000000 00000000 # [ 134.271041] df40: 00000000 00000000 00000000 00000000 00000022 06d72674 00000000 c51c0a40 # [ 134.279528] df60: c51c0a40 00000000 00000000 c03002f0 c8489440 00000004 004dfe38 c0628dcc # [ 134.288007] df80: 00000000 00000000 00000000 06d72674 000000c0 0000000a 0000000a 7ff00000 # [ 134.296482] dfa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6d88000 0000000a 00000001 # [ 134.304956] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 # [ 134.313430] dfe0: 00000004 bed20788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 # [ 134.321897] Call trace: # [ 134.321911] lkdtm_EXCEPTION from lkdtm_do_action+0x24/0x4c # [ 134.330515] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 134.336285] direct_entry from full_proxy_write+0x5c/0x8c # [ 134.341956] full_proxy_write from vfs_write+0xbc/0x3cc # [ 134.347433] vfs_write from ksys_write+0x78/0xf8 # [ 134.352310] ksys_write from ret_fast_syscall+0x0/0x1c # [ 134.357781] Exception stack(0xf134dfa8 to 0xf134dff0) # [ 134.363138] dfa0: 0000000a 0000000a 00000001 b6d88000 0000000a 00000001 # [ 134.371611] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 # [ 134.380080] dfe0: 00000004 bed20788 b6e4e33b b6dc7616 # [ 134.385439] Code: eb23a730 e52de004 e28dd004 e3a03000 (e5833000) # [ 134.392050] ---[ end trace 0000000000000000 ]--- # EXCEPTION: saw 'call trace:': ok ok 6 selftests: lkdtm: EXCEPTION.sh # timeout set to 45 # selftests: lkdtm: LOOP.sh # Skipping LOOP: Hangs the system ok 7 selftests: lkdtm: LOOP.sh # SKIP # timeout set to 45 # selftests: lkdtm: EXHAUST_STACK.sh # Skipping EXHAUST_STACK: Corrupts memory on failure ok 8 selftests: lkdtm: EXHAUST_STACK.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_STACK.sh # Skipping CORRUPT_STACK: Crashes entire system on success ok 9 selftests: lkdtm: CORRUPT_STACK.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_STACK_STRONG.sh # Skipping CORRUPT_STACK_STRONG: Crashes entire system on success ok 10 selftests: lkdtm: CORRUPT_STACK_STRONG.sh # SKIP # timeout set to 45 # selftests: lkdtm: ARRAY_BOUNDS.sh <6>[ 138.551925] lkdtm: Performing direct entry ARRAY_BOUNDS <6>[ 138.556157] lkdtm: Array access within bounds ... <6>[ 138.561129] lkdtm: Array access beyond bounds ... <4>[ 138.566107] ------------[ cut here ]------------ <3>[ 138.570931] UBSAN: array-index-out-of-bounds in ../drivers/misc/lkdtm/bugs.c:406:16 <3>[ 138.579048] index 8 is out of range for type 'char [8]' <4>[ 138.584485] CPU: 1 UID: 0 PID: 1135 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 <4>[ 138.593987] Tainted: [D]=DIE, [W]=WARN <4>[ 138.598031] Hardware name: STM32 (Device Tree Support) <4>[ 138.603382] Call trace: <4>[ 138.603397] unwind_backtrace from show_stack+0x18/0x1c <4>[ 138.611706] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 138.617077] dump_stack_lvl from ubsan_epilogue+0x8/0x34 <4>[ 138.622652] ubsan_epilogue from __ubsan_handle_out_of_bounds+0x88/0x8c <4>[ 138.629535] __ubsan_handle_out_of_bounds from lkdtm_ARRAY_BOUNDS+0x13c/0x198 <4>[ 138.637014] lkdtm_ARRAY_BOUNDS from lkdtm_do_action+0x24/0x4c <4>[ 138.643084] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 138.648850] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 138.654518] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 138.659992] vfs_write from ksys_write+0x78/0xf8 <4>[ 138.664968] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 138.670340] Exception stack(0xf148dfa8 to 0xf148dff0) <4>[ 138.675698] dfa0: 0000000d 0000000d 00000001 b6e28000 0000000d 00000001 <4>[ 138.684172] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e28000 00020000 0041fe38 <4>[ 138.692641] dfe0: 00000004 bed21788 b6eee33b b6e67616 <4>[ 138.698165] ---[ end trace ]--- <3>[ 138.701475] lkdtm: FAIL: survived array bounds overflow! <4>[ 138.707012] lkdtm: This is probably expected, since this kernel (6.12.0-rc1-next-20241004 armv7l) was built *without* CONFIG_UBSAN_TRAP=y # [ 138.551925] lkdtm: Performing direct entry ARRAY_BOUNDS # [ 138.556157] lkdtm: Array access within bounds ... # [ 138.561129] lkdtm: Array access beyond bounds ... # [ 138.566107] ------------[ cut here ]------------ # [ 138.570931] UBSAN: array-index-out-of-bounds in ../drivers/misc/lkdtm/bugs.c:406:16 # [ 138.579048] index 8 is out of range for type 'char [8]' # [ 138.584485] CPU: 1 UID: 0 PID: 1135 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 # [ 138.593987] Tainted: [D]=DIE, [W]=WARN # [ 138.598031] Hardware name: STM32 (Device Tree Support) # [ 138.603382] Call trace: # [ 138.603397] unwind_backtrace from show_stack+0x18/0x1c # [ 138.611706] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 138.617077] dump_stack_lvl from ubsan_epilogue+0x8/0x34 # [ 138.622652] ubsan_epilogue from __ubsan_handle_out_of_bounds+0x88/0x8c # [ 138.629535] __ubsan_handle_out_of_bounds from lkdtm_ARRAY_BOUNDS+0x13c/0x198 # [ 138.637014] lkdtm_ARRAY_BOUNDS from lkdtm_do_action+0x24/0x4c # [ 138.643084] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 138.648850] direct_entry from full_proxy_write+0x5c/0x8c # [ 138.654518] full_proxy_write from vfs_write+0xbc/0x3cc # [ 138.659992] vfs_write from ksys_write+0x78/0xf8 # [ 138.664968] ksys_write from ret_fast_syscall+0x0/0x1c # [ 138.670340] Exception stack(0xf148dfa8 to 0xf148dff0) # [ 138.675698] dfa0: 0000000d 0000000d 00000001 b6e28000 0000000d 00000001 # [ 138.684172] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e28000 00020000 0041fe38 # [ 138.692641] dfe0: 00000004 bed21788 b6eee33b b6e67616 # [ 138.698165] ---[ end trace ]--- # [ 138.701475] lkdtm: FAIL: survived array bounds overflow! # [ 138.707012] lkdtm: This is probably expected, since this kernel (6.12.0-rc1-next-20241004 armv7l) was built *without* CONFIG_UBSAN_TRAP=y # ARRAY_BOUNDS: saw 'call trace:|UBSAN: array-index-out-of-bounds': ok ok 11 selftests: lkdtm: ARRAY_BOUNDS.sh # timeout set to 45 # selftests: lkdtm: CORRUPT_LIST_ADD.sh <6>[ 139.885416] lkdtm: Performing direct entry CORRUPT_LIST_ADD <6>[ 139.890018] lkdtm: attempting good list addition <6>[ 139.895432] lkdtm: attempting corrupted list addition <4>[ 139.900246] ------------[ cut here ]------------ <4>[ 139.905076] WARNING: CPU: 1 PID: 1179 at lib/list_debug.c:29 __list_add_valid_or_report+0xb0/0x104 <4>[ 139.914397] list_add corruption. next->prev should be prev (f14d5e80), but was 00000000. (next=f14d5e9c). <4>[ 139.924471] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 139.962497] CPU: 1 UID: 0 PID: 1179 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 <4>[ 139.971809] Tainted: [D]=DIE, [W]=WARN <4>[ 139.975855] Hardware name: STM32 (Device Tree Support) <4>[ 139.981306] Call trace: <4>[ 139.981321] unwind_backtrace from show_stack+0x18/0x1c <4>[ 139.989628] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 139.994899] dump_stack_lvl from __warn+0x84/0x134 <4>[ 139.999976] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 140.005356] warn_slowpath_fmt from __list_add_valid_or_report+0xb0/0x104 <4>[ 140.012449] __list_add_valid_or_report from lkdtm_CORRUPT_LIST_ADD+0xa0/0x124 <4>[ 140.019940] lkdtm_CORRUPT_LIST_ADD from lkdtm_do_action+0x24/0x4c <4>[ 140.026419] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 140.032185] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 140.037852] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 140.043427] vfs_write from ksys_write+0x78/0xf8 <4>[ 140.048302] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 140.053674] Exception stack(0xf14d5fa8 to 0xf14d5ff0) <4>[ 140.059034] 5fa0: 00000011 00000011 00000001 b6d88000 00000011 00000001 <4>[ 140.067507] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6d88000 00020000 0049fe38 <4>[ 140.075977] 5fe0: 00000004 bee61788 b6e4e33b b6dc7616 <4>[ 140.081466] ---[ end trace 0000000000000000 ]--- <3>[ 140.086314] lkdtm: Overwrite did not happen, but no BUG?! # [ 139.885416] lkdtm: Performing direct entry CORRUPT_LIST_ADD # [ 139.890018] lkdtm: attempting good list addition # [ 139.895432] lkdtm: attempting corrupted list addition # [ 139.900246] ------------[ cut here ]------------ # [ 139.905076] WARNING: CPU: 1 PID: 1179 at lib/list_debug.c:29 __list_add_valid_or_report+0xb0/0x104 # [ 139.914397] list_add corruption. next->prev should be prev (f14d5e80), but was 00000000. (next=f14d5e9c). # [ 139.924471] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 139.962497] CPU: 1 UID: 0 PID: 1179 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 # [ 139.971809] Tainted: [D]=DIE, [W]=WARN # [ 139.975855] Hardware name: STM32 (Device Tree Support) # [ 139.981306] Call trace: # [ 139.981321] unwind_backtrace from show_stack+0x18/0x1c # [ 139.989628] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 139.994899] dump_stack_lvl from __warn+0x84/0x134 # [ 139.999976] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 140.005356] warn_slowpath_fmt from __list_add_valid_or_report+0xb0/0x104 # [ 140.012449] __list_add_valid_or_report from lkdtm_CORRUPT_LIST_ADD+0xa0/0x124 # [ 140.019940] lkdtm_CORRUPT_LIST_ADD from lkdtm_do_action+0x24/0x4c # [ 140.026419] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 140.032185] direct_entry from full_proxy_write+0x5c/0x8c # [ 140.037852] full_proxy_write from vfs_write+0xbc/0x3cc # [ 140.043427] vfs_write from ksys_write+0x78/0xf8 # [ 140.048302] ksys_write from ret_fast_syscall+0x0/0x1c # [ 140.053674] Exception stack(0xf14d5fa8 to 0xf14d5ff0) # [ 140.059034] 5fa0: 00000011 00000011 00000001 b6d88000 00000011 00000001 # [ 140.067507] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6d88000 00020000 0049fe38 # [ 140.075977] 5fe0: 00000004 bee61788 b6e4e33b b6dc7616 # [ 140.081466] ---[ end trace 0000000000000000 ]--- # [ 140.086314] lkdtm: Overwrite did not happen, but no BUG?! # CORRUPT_LIST_ADD: saw 'list_add corruption': ok ok 12 selftests: lkdtm: CORRUPT_LIST_ADD.sh # timeout set to 45 # selftests: lkdtm: CORRUPT_LIST_DEL.sh <6>[ 141.271123] lkdtm: Performing direct entry CORRUPT_LIST_DEL <6>[ 141.275744] lkdtm: attempting good list removal <6>[ 141.280618] lkdtm: attempting corrupted list removal <4>[ 141.285828] ------------[ cut here ]------------ <4>[ 141.290603] WARNING: CPU: 1 PID: 1223 at lib/list_debug.c:65 __list_del_entry_valid_or_report+0x140/0x144 <4>[ 141.300552] list_del corruption. next->prev should be f152dea0, but was 00000000. (next=f152deac) <4>[ 141.309634] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 141.347782] CPU: 1 UID: 0 PID: 1223 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 <4>[ 141.357291] Tainted: [D]=DIE, [W]=WARN <4>[ 141.361337] Hardware name: STM32 (Device Tree Support) <4>[ 141.366688] Call trace: <4>[ 141.366704] unwind_backtrace from show_stack+0x18/0x1c <4>[ 141.375010] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 141.380381] dump_stack_lvl from __warn+0x84/0x134 <4>[ 141.385458] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 141.390839] warn_slowpath_fmt from __list_del_entry_valid_or_report+0x140/0x144 <4>[ 141.398535] __list_del_entry_valid_or_report from lkdtm_CORRUPT_LIST_DEL+0xd4/0x160 <4>[ 141.406527] lkdtm_CORRUPT_LIST_DEL from lkdtm_do_action+0x24/0x4c <4>[ 141.412999] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 141.418765] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 141.424433] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 141.430008] vfs_write from ksys_write+0x78/0xf8 <4>[ 141.434883] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 141.440254] Exception stack(0xf152dfa8 to 0xf152dff0) <4>[ 141.445614] dfa0: 00000011 00000011 00000001 b6e28000 00000011 00000001 <4>[ 141.454088] dfc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 0043fe38 <4>[ 141.462558] dfe0: 00000004 bebbe788 b6eee33b b6e67616 <4>[ 141.468056] ---[ end trace 0000000000000000 ]--- <3>[ 141.472829] lkdtm: Overwrite did not happen, but no BUG?! # [ 141.271123] lkdtm: Performing direct entry CORRUPT_LIST_DEL # [ 141.275744] lkdtm: attempting good list removal # [ 141.280618] lkdtm: attempting corrupted list removal # [ 141.285828] ------------[ cut here ]------------ # [ 141.290603] WARNING: CPU: 1 PID: 1223 at lib/list_debug.c:65 __list_del_entry_valid_or_report+0x140/0x144 # [ 141.300552] list_del corruption. next->prev should be f152dea0, but was 00000000. (next=f152deac) # [ 141.309634] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 141.347782] CPU: 1 UID: 0 PID: 1223 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 # [ 141.357291] Tainted: [D]=DIE, [W]=WARN # [ 141.361337] Hardware name: STM32 (Device Tree Support) # [ 141.366688] Call trace: # [ 141.366704] unwind_backtrace from show_stack+0x18/0x1c # [ 141.375010] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 141.380381] dump_stack_lvl from __warn+0x84/0x134 # [ 141.385458] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 141.390839] warn_slowpath_fmt from __list_del_entry_valid_or_report+0x140/0x144 # [ 141.398535] __list_del_entry_valid_or_report from lkdtm_CORRUPT_LIST_DEL+0xd4/0x160 # [ 141.406527] lkdtm_CORRUPT_LIST_DEL from lkdtm_do_action+0x24/0x4c # [ 141.412999] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 141.418765] direct_entry from full_proxy_write+0x5c/0x8c # [ 141.424433] full_proxy_write from vfs_write+0xbc/0x3cc # [ 141.430008] vfs_write from ksys_write+0x78/0xf8 # [ 141.434883] ksys_write from ret_fast_syscall+0x0/0x1c # [ 141.440254] Exception stack(0xf152dfa8 to 0xf152dff0) # [ 141.445614] dfa0: 00000011 00000011 00000001 b6e28000 00000011 00000001 # [ 141.454088] dfc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 0043fe38 # [ 141.462558] dfe0: 00000004 bebbe788 b6eee33b b6e67616 # [ 141.468056] ---[ end trace 0000000000000000 ]--- # [ 141.472829] lkdtm: Overwrite did not happen, but no BUG?! # CORRUPT_LIST_DEL: saw 'list_del corruption': ok ok 13 selftests: lkdtm: CORRUPT_LIST_DEL.sh # timeout set to 45 # selftests: lkdtm: STACK_GUARD_PAGE_LEADING.sh <6>[ 142.606880] lkdtm: Performing direct entry STACK_GUARD_PAGE_LEADING <6>[ 142.612190] lkdtm: attempting bad read from page below current stack <1>[ 142.619306] 8<--- cut here --- <1>[ 142.622533] Unable to handle kernel paging request at virtual address f157bfff when read <1>[ 142.630937] [f157bfff] *pgd=c5731811, *pte=00000000, *ppte=00000000 <0>[ 142.637041] Internal error: Oops: 7 [#3] SMP ARM <4>[ 142.641827] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 142.679947] CPU: 1 UID: 0 PID: 1262 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 <4>[ 142.689545] Tainted: [D]=DIE, [W]=WARN <4>[ 142.693588] Hardware name: STM32 (Device Tree Support) <4>[ 142.698939] PC is at lkdtm_STACK_GUARD_PAGE_LEADING+0x34/0x4c <4>[ 142.705022] LR is at lkdtm_STACK_GUARD_PAGE_LEADING+0x2c/0x4c <4>[ 142.710987] pc : [] lr : [] psr: 60080013 <4>[ 142.717545] sp : f157deb0 ip : 00000000 fp : 0041fe38 <4>[ 142.723096] r10: c56492c0 r9 : f157df80 r8 : c2687e94 <4>[ 142.728546] r7 : f157df80 r6 : 00000000 r5 : c8af1000 r4 : f157c000 <4>[ 142.735406] r3 : c8869440 r2 : 00000000 r1 : 00000000 r0 : c1f9cc8c <4>[ 142.742166] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 142.749632] Control: 10c5387d Table: c88b406a DAC: 00000051 <1>[ 142.755685] Register r0 information: non-slab/vmalloc memory <1>[ 142.761557] Register r1 information: NULL pointer <1>[ 142.766615] Register r2 information: NULL pointer <1>[ 142.771569] Register r3 information: slab task_struct start c8869400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 142.785246] copy_process+0x1f4/0x1f64 <6>[ 142.789503] kernel_clone+0xac/0x388 <6>[ 142.793658] sys_clone+0x78/0x9c <6>[ 142.797411] ret_fast_syscall+0x0/0x1c <4>[ 142.801662] Free path: <6>[ 142.804393] rcu_core+0x2dc/0xb14 <6>[ 142.808246] handle_softirqs+0x15c/0x430 <6>[ 142.812704] irq_exit+0xac/0xd4 <6>[ 142.816354] call_with_stack+0x18/0x20 <6>[ 142.820611] __irq_svc+0x9c/0xb8 <6>[ 142.824358] __kmap_local_page_prot+0x10/0x74 <6>[ 142.829316] __pte_offset_map+0x6c/0xb0 <6>[ 142.833668] pte_offset_map_rw_nolock+0x20/0x60 <6>[ 142.838723] handle_mm_fault+0x234/0x1198 <6>[ 142.843280] do_page_fault+0x1ac/0x470 <6>[ 142.847530] do_DataAbort+0x44/0xb8 <6>[ 142.851580] __dabt_usr+0x58/0x60 <1>[ 142.855428] Register r4 information: 2-page vmalloc region starting at 0xf157c000 allocated at kernel_clone+0xac/0x388 <1>[ 142.866441] Register r5 information: non-slab/vmalloc memory <1>[ 142.872406] Register r6 information: NULL pointer <1>[ 142.877361] Register r7 information: 2-page vmalloc region starting at 0xf157c000 allocated at kernel_clone+0xac/0x388 <1>[ 142.888370] Register r8 information: non-slab/vmalloc memory <1>[ 142.894330] Register r9 information: 2-page vmalloc region starting at 0xf157c000 allocated at kernel_clone+0xac/0x388 <1>[ 142.905337] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 142.919200] full_proxy_open+0x124/0x24c <6>[ 142.923651] do_dentry_open+0x144/0x4dc <6>[ 142.928007] vfs_open+0x2c/0xec <6>[ 142.931660] path_openat+0x748/0x1198 <6>[ 142.935911] do_filp_open+0x98/0x134 <6>[ 142.939960] do_sys_openat2+0xbc/0xe4 <6>[ 142.944215] sys_openat+0x98/0xd4 <6>[ 142.948066] ret_fast_syscall+0x0/0x1c <4>[ 142.952316] Free path: <6>[ 142.955047] xdr_free_bvec+0x18/0x24 <6>[ 142.959102] xprt_transmit+0x29c/0x4a0 <6>[ 142.963461] call_transmit+0x80/0x8c <6>[ 142.967514] __rpc_execute+0xc8/0x5d0 <6>[ 142.971669] rpc_async_schedule+0x24/0x40 <6>[ 142.976224] process_one_work+0x1b8/0x450 <6>[ 142.980779] worker_thread+0x1d4/0x3c4 <6>[ 142.985131] kthread+0xe8/0x104 <6>[ 142.988779] ret_from_fork+0x14/0x28 <1>[ 142.992827] Register r11 information: non-paged memory <1>[ 142.998285] Register r12 information: NULL pointer <0>[ 143.003340] Process cat (pid: 1262, stack limit = 0xf157c000) <0>[ 143.009399] Stack: (0xf157deb0 to 0xf157e000) <0>[ 143.014061] dea0: f157df80 00df65a4 00000019 c0df61c8 <0>[ 143.022549] dec0: 00000019 c0df65ac c0df6490 c853e240 b6e54000 00000019 c3824260 c08910e8 <0>[ 143.030937] dee0: c853e240 c089108c f157df80 b6e54000 c8869440 00000019 c56492c0 c0628870 <0>[ 143.039419] df00: c88b6db8 00000000 00000000 00000000 00000000 00000019 b6e54000 0001ffe7 <0>[ 143.047899] df20: 00000001 00000000 c853e740 00000000 00000000 00000000 00000000 00000000 <0>[ 143.056379] df40: 00000000 00000000 00000000 00000000 00000022 2cd663e5 00000000 c853e240 <0>[ 143.064854] df60: c853e240 00000000 00000000 c03002f0 c8869440 00000004 0041fe38 c0628dcc <0>[ 143.073329] df80: 00000000 00000000 00000000 2cd663e5 000000c0 00000019 00000019 7ff00000 <0>[ 143.081803] dfa0: 00000004 c03000c0 00000019 00000019 00000001 b6e54000 00000019 00000001 <0>[ 143.090278] dfc0: 00000019 00000019 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 <0>[ 143.098754] dfe0: 00000004 bec0e788 b6f1a33b b6e93616 60080030 00000001 00000000 00000000 <0>[ 143.107221] Call trace: <0>[ 143.107235] lkdtm_STACK_GUARD_PAGE_LEADING from lkdtm_do_action+0x24/0x4c <0>[ 143.117152] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 143.122922] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 143.128591] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 143.134169] vfs_write from ksys_write+0x78/0xf8 <0>[ 143.139044] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 143.144415] Exception stack(0xf157dfa8 to 0xf157dff0) <0>[ 143.149773] dfa0: 00000019 00000019 00000001 b6e54000 00000019 00000001 <0>[ 143.158247] dfc0: 00000019 00000019 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 <0>[ 143.166717] dfe0: 00000004 bec0e788 b6f1a33b b6e93616 <0>[ 143.172075] Code: e5934208 ebffc4d1 e30c0c8c e34c01f9 (e5543001) <4>[ 143.178712] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 142.606880] lkdtm: Performing direct entry STACK_GUARD_PAGE_LEADING # [ 142.612190] lkdtm: attempting bad read from page below current stack # [ 142.619306] 8<--- cut here --- # [ 142.622533] Unable to handle kernel paging request at virtual address f157bfff when read # [ 142.630937] [f157bfff] *pgd=c5731811, *pte=00000000, *ppte=00000000 # [ 142.637041] Internal error: Oops: 7 [#3] SMP ARM # [ 142.641827] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 142.679947] CPU: 1 UID: 0 PID: 1262 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 # [ 142.689545] Tainted: [D]=DIE, [W]=WARN # [ 142.693588] Hardware name: STM32 (Device Tree Support) # [ 142.698939] PC is at lkdtm_STACK_GUARD_PAGE_LEADING+0x34/0x4c # [ 142.705022] LR is at lkdtm_STACK_GUARD_PAGE_LEADING+0x2c/0x4c # [ 142.710987] pc : [] lr : [] psr: 60080013 # [ 142.717545] sp : f157deb0 ip : 00000000 fp : 0041fe38 # [ 142.723096] r10: c56492c0 r9 : f157df80 r8 : c2687e94 # [ 142.728546] r7 : f157df80 r6 : 00000000 r5 : c8af1000 r4 : f157c000 # [ 142.735406] r3 : c8869440 r2 : 00000000 r1 : 00000000 r0 : c1f9cc8c # [ 142.742166] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 142.749632] Control: 10c5387d Table: c88b406a DAC: 00000051 # [ 142.755685] Register r0 information: non-slab/vmalloc memory # [ 142.761557] Register r1 information: NULL pointer # [ 142.766615] Register r2 information: NULL pointer # [ 142.771569] Register r3 information: slab task_struct start c8869400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 142.785246] copy_process+0x1f4/0x1f64 # [ 142.789503] kernel_clone+0xac/0x388 # [ 142.793658] sys_clone+0x78/0x9c # [ 142.797411] ret_fast_syscall+0x0/0x1c # [ 142.801662] Free path: # [ 142.804393] rcu_core+0x2dc/0xb14 # [ 142.808246] handle_softirqs+0x15c/0x430 # [ 142.812704] irq_exit+0xac/0xd4 # [ 142.816354] call_with_stack+0x18/0x20 # [ 142.820611] __irq_svc+0x9c/0xb8 # [ 142.824358] __kmap_local_page_prot+0x10/0x74 # [ 142.829316] __pte_offset_map+0x6c/0xb0 # [ 142.833668] pte_offset_map_rw_nolock+0x20/0x60 # [ 142.838723] handle_mm_fault+0x234/0x1198 # [ 142.843280] do_page_fault+0x1ac/0x470 # [ 142.847530] do_DataAbort+0x44/0xb8 # [ 142.851580] __dabt_usr+0x58/0x60 # [ 142.855428] Register r4 information: 2-page vmalloc region starting at 0xf157c000 allocated at kernel_clone+0xac/0x388 # [ 142.866441] Register r5 information: non-slab/vmalloc memory # [ 142.872406] Register r6 information: NULL pointer # [ 142.877361] Register r7 information: 2-page vmalloc region starting at 0xf157c000 allocated at kernel_clone+0xac/0x388 # [ 142.888370] Register r8 information: non-slab/vmalloc memory # [ 142.894330] Register r9 information: 2-page vmalloc region starting at 0xf157c000 allocated at kernel_clone+0xac/0x388 # [ 142.905337] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 142.919200] full_proxy_open+0x124/0x24c # [ 142.923651] do_dentry_open+0x144/0x4dc # [ 142.928007] vfs_open+0x2c/0xec # [ 142.931660] path_openat+0x748/0x1198 # [ 142.935911] do_filp_open+0x98/0x134 # [ 142.939960] do_sys_openat2+0xbc/0xe4 # [ 142.944215] sys_openat+0x98/0xd4 # [ 142.948066] ret_fast_syscall+0x0/0x1c # [ 142.952316] Free path: # [ 142.955047] xdr_free_bvec+0x18/0x24 # [ 142.959102] xprt_transmit+0x29c/0x4a0 # [ 142.963461] call_transmit+0x80/0x8c # [ 142.967514] __rpc_execute+0xc8/0x5d0 # [ 142.971669] rpc_async_schedule+0x24/0x40 # [ 142.976224] process_one_work+0x1b8/0x450 # [ 142.980779] worker_thread+0x1d4/0x3c4 # [ 142.985131] kthread+0xe8/0x104 # [ 142.988779] ret_from_fork+0x14/0x28 # [ 142.992827] Register r11 information: non-paged memory # [ 142.998285] Register r12 information: NULL pointer # [ 143.003340] Process cat (pid: 1262, stack limit = 0xf157c000) # [ 143.009399] Stack: (0xf157deb0 to 0xf157e000) # [ 143.014061] dea0: f157df80 00df65a4 00000019 c0df61c8 # [ 143.022549] dec0: 00000019 c0df65ac c0df6490 c853e240 b6e54000 00000019 c3824260 c08910e8 # [ 143.030937] dee0: c853e240 c089108c f157df80 b6e54000 c8869440 00000019 c56492c0 c0628870 # [ 143.039419] df00: c88b6db8 00000000 00000000 00000000 00000000 00000019 b6e54000 0001ffe7 # [ 143.047899] df20: 00000001 00000000 c853e740 00000000 00000000 00000000 00000000 00000000 # [ 143.056379] df40: 00000000 00000000 00000000 00000000 00000022 2cd663e5 00000000 c853e240 # [ 143.064854] df60: c853e240 00000000 00000000 c03002f0 c8869440 00000004 0041fe38 c0628dcc # [ 143.073329] df80: 00000000 00000000 00000000 2cd663e5 000000c0 00000019 00000019 7ff00000 # [ 143.081803] dfa0: 00000004 c03000c0 00000019 00000019 00000001 b6e54000 00000019 00000001 # [ 143.090278] dfc0: 00000019 00000019 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 # [ 143.098754] dfe0: 00000004 bec0e788 b6f1a33b b6e93616 60080030 00000001 00000000 00000000 # [ 143.107221] Call trace: # [ 143.107235] lkdtm_STACK_GUARD_PAGE_LEADING from lkdtm_do_action+0x24/0x4c # [ 143.117152] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 143.122922] direct_entry from full_proxy_write+0x5c/0x8c # [ 143.128591] full_proxy_write from vfs_write+0xbc/0x3cc # [ 143.134169] vfs_write from ksys_write+0x78/0xf8 # [ 143.139044] ksys_write from ret_fast_syscall+0x0/0x1c # [ 143.144415] Exception stack(0xf157dfa8 to 0xf157dff0) # [ 143.149773] dfa0: 00000019 00000019 00000001 b6e54000 00000019 00000001 # [ 143.158247] dfc0: 00000019 00000019 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 # [ 143.166717] dfe0: 00000004 bec0e788 b6f1a33b b6e93616 # [ 143.172075] Code: e5934208 ebffc4d1 e30c0c8c e34c01f9 (e5543001) # [ 143.178712] ---[ end trace 0000000000000000 ]--- # STACK_GUARD_PAGE_LEADING: saw 'call trace:': ok ok 14 selftests: lkdtm: STACK_GUARD_PAGE_LEADING.sh # timeout set to 45 # selftests: lkdtm: STACK_GUARD_PAGE_TRAILING.sh <6>[ 144.655820] lkdtm: Performing direct entry STACK_GUARD_PAGE_TRAILING <6>[ 144.661266] lkdtm: attempting bad read from page above current stack <1>[ 144.667826] 8<--- cut here --- <1>[ 144.671185] Unable to handle kernel paging request at virtual address f15f2000 when read <1>[ 144.682153] [f15f2000] *pgd=c5731811, *pte=00000000, *ppte=00000000 <0>[ 144.688573] Internal error: Oops: 7 [#4] SMP ARM <4>[ 144.693154] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 144.731262] CPU: 0 UID: 0 PID: 1343 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 <4>[ 144.740859] Tainted: [D]=DIE, [W]=WARN <4>[ 144.744802] Hardware name: STM32 (Device Tree Support) <4>[ 144.750251] PC is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x38/0x50 <4>[ 144.756332] LR is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x2c/0x50 <4>[ 144.762496] pc : [] lr : [] psr: 60080013 <4>[ 144.769053] sp : f15f1eb0 ip : 00000000 fp : 004afe38 <4>[ 144.774503] r10: c56492c0 r9 : f15f1f80 r8 : c2687e9c <4>[ 144.780054] r7 : f15f1f80 r6 : 00000000 r5 : c88bd000 r4 : f15f2000 <4>[ 144.786813] r3 : c5204640 r2 : 00000000 r1 : 00000000 r0 : c1f9cc18 <4>[ 144.793672] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 144.801036] Control: 10c5387d Table: c8b5c06a DAC: 00000051 <1>[ 144.807088] Register r0 information: non-slab/vmalloc memory <1>[ 144.813054] Register r1 information: NULL pointer <1>[ 144.818010] Register r2 information: NULL pointer <1>[ 144.822962] Register r3 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 144.836737] copy_process+0x1f4/0x1f64 <6>[ 144.840994] kernel_clone+0xac/0x388 <6>[ 144.845149] sys_clone+0x78/0x9c <6>[ 144.848901] ret_fast_syscall+0x0/0x1c <4>[ 144.853152] Free path: <6>[ 144.855882] rcu_core+0x2dc/0xb14 <6>[ 144.859735] handle_softirqs+0x15c/0x430 <6>[ 144.864192] irq_exit+0xac/0xd4 <6>[ 144.867842] call_with_stack+0x18/0x20 <6>[ 144.872099] __irq_svc+0x9c/0xb8 <6>[ 144.875847] finish_task_switch+0xbc/0x28c <6>[ 144.880501] __schedule+0x354/0xa18 <6>[ 144.884555] schedule+0x28/0x150 <6>[ 144.888306] rpc_wait_bit_killable+0x14/0x68 <6>[ 144.893062] __wait_on_bit+0x7c/0x164 <6>[ 144.897215] out_of_line_wait_on_bit+0x7c/0xa0 <6>[ 144.902274] __rpc_execute+0x144/0x5d0 <6>[ 144.906528] rpc_execute+0xa4/0x14c <6>[ 144.910581] rpc_run_task+0x170/0x1b8 <6>[ 144.914738] rpc_call_sync+0x60/0x10c <6>[ 144.918892] nfs3_rpc_wrapper+0x30/0x70 <1>[ 144.923250] Register r4 information: 2-page vmalloc region starting at 0xf15f0000 allocated at kernel_clone+0xac/0x388 <1>[ 144.934264] Register r5 information: non-slab/vmalloc memory <1>[ 144.940225] Register r6 information: NULL pointer <1>[ 144.945178] Register r7 information: 2-page vmalloc region starting at 0xf15f0000 allocated at kernel_clone+0xac/0x388 <1>[ 144.956185] Register r8 information: non-slab/vmalloc memory <1>[ 144.962145] Register r9 information: 2-page vmalloc region starting at 0xf15f0000 allocated at kernel_clone+0xac/0x388 <1>[ 144.973151] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 144.987013] full_proxy_open+0x124/0x24c <6>[ 144.991463] do_dentry_open+0x144/0x4dc <6>[ 144.995818] vfs_open+0x2c/0xec <6>[ 144.999569] path_openat+0x748/0x1198 <6>[ 145.003721] do_filp_open+0x98/0x134 <6>[ 145.007870] do_sys_openat2+0xbc/0xe4 <6>[ 145.012024] sys_openat+0x98/0xd4 <6>[ 145.015876] ret_fast_syscall+0x0/0x1c <4>[ 145.020126] Free path: <6>[ 145.022856] xdr_free_bvec+0x18/0x24 <6>[ 145.026911] xprt_transmit+0x29c/0x4a0 <6>[ 145.031268] call_transmit+0x80/0x8c <6>[ 145.035320] __rpc_execute+0xc8/0x5d0 <6>[ 145.039574] rpc_async_schedule+0x24/0x40 <6>[ 145.044029] process_one_work+0x1b8/0x450 <6>[ 145.048584] worker_thread+0x1d4/0x3c4 <6>[ 145.052936] kthread+0xe8/0x104 <6>[ 145.056584] ret_from_fork+0x14/0x28 <1>[ 145.060632] Register r11 information: non-paged memory <1>[ 145.066088] Register r12 information: NULL pointer <0>[ 145.071142] Process cat (pid: 1343, stack limit = 0xf15f0000) <0>[ 145.077198] Stack: (0xf15f1eb0 to 0xf15f2000) <0>[ 145.081851] 1ea0: f15f1f80 00df65a4 0000001a c0df61c8 <0>[ 145.090325] 1ec0: 0000001a c0df65ac c0df6490 c5443740 b6db8000 0000001a c3824260 c08910e8 <0>[ 145.098799] 1ee0: c5443740 c089108c f15f1f80 b6db8000 c5204640 0000001a c56492c0 c0628870 <0>[ 145.107272] 1f00: c8b5edb0 00000000 00000000 00000000 00000000 0000001a b6db8000 0001ffe6 <0>[ 145.115745] 1f20: 00000001 00000000 c5443040 00000000 00000000 00000000 00000000 00000000 <0>[ 145.124218] 1f40: 00000000 00000000 00000000 00000000 00000022 16e8f0b3 00000000 c5443740 <0>[ 145.132691] 1f60: c5443740 00000000 00000000 c03002f0 c5204640 00000004 004afe38 c0628dcc <0>[ 145.141165] 1f80: 00000000 00000000 00000000 16e8f0b3 000000c0 0000001a 0000001a 7ff00000 <0>[ 145.149638] 1fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6db8000 0000001a 00000001 <0>[ 145.158112] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6db8000 00020000 004afe38 <0>[ 145.166585] 1fe0: 00000004 bedaa788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 <0>[ 145.175050] Call trace: <0>[ 145.175068] lkdtm_STACK_GUARD_PAGE_TRAILING from lkdtm_do_action+0x24/0x4c <0>[ 145.185081] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 145.190848] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 145.196516] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 145.201991] vfs_write from ksys_write+0x78/0xf8 <0>[ 145.206866] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 145.212337] Exception stack(0xf15f1fa8 to 0xf15f1ff0) <0>[ 145.217594] 1fa0: 0000001a 0000001a 00000001 b6db8000 0000001a 00000001 <0>[ 145.226068] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6db8000 00020000 004afe38 <0>[ 145.234538] 1fe0: 00000004 bedaa788 b6e7e33b b6df7616 <0>[ 145.239896] Code: ebffc4e5 e30c0c18 e34c01f9 e2844a02 (e5d43000) <4>[ 145.247411] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 144.655820] lkdtm: Performing direct entry STACK_GUARD_PAGE_TRAILING # [ 144.661266] lkdtm: attempting bad read from page above current stack # [ 144.667826] 8<--- cut here --- # [ 144.671185] Unable to handle kernel paging request at virtual address f15f2000 when read # [ 144.682153] [f15f2000] *pgd=c5731811, *pte=00000000, *ppte=00000000 # [ 144.688573] Internal error: Oops: 7 [#4] SMP ARM # [ 144.693154] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 144.731262] CPU: 0 UID: 0 PID: 1343 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 # [ 144.740859] Tainted: [D]=DIE, [W]=WARN # [ 144.744802] Hardware name: STM32 (Device Tree Support) # [ 144.750251] PC is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x38/0x50 # [ 144.756332] LR is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x2c/0x50 # [ 144.762496] pc : [] lr : [] psr: 60080013 # [ 144.769053] sp : f15f1eb0 ip : 00000000 fp : 004afe38 # [ 144.774503] r10: c56492c0 r9 : f15f1f80 r8 : c2687e9c # [ 144.780054] r7 : f15f1f80 r6 : 00000000 r5 : c88bd000 r4 : f15f2000 # [ 144.786813] r3 : c5204640 r2 : 00000000 r1 : 00000000 r0 : c1f9cc18 # [ 144.793672] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 144.801036] Control: 10c5387d Table: c8b5c06a DAC: 00000051 # [ 144.807088] Register r0 information: non-slab/vmalloc memory # [ 144.813054] Register r1 information: NULL pointer # [ 144.818010] Register r2 information: NULL pointer # [ 144.822962] Register r3 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 144.836737] copy_process+0x1f4/0x1f64 # [ 144.840994] kernel_clone+0xac/0x388 # [ 144.845149] sys_clone+0x78/0x9c # [ 144.848901] ret_fast_syscall+0x0/0x1c # [ 144.853152] Free path: # [ 144.855882] rcu_core+0x2dc/0xb14 # [ 144.859735] handle_softirqs+0x15c/0x430 # [ 144.864192] irq_exit+0xac/0xd4 # [ 144.867842] call_with_stack+0x18/0x20 # [ 144.872099] __irq_svc+0x9c/0xb8 # [ 144.875847] finish_task_switch+0xbc/0x28c # [ 144.880501] __schedule+0x354/0xa18 # [ 144.884555] schedule+0x28/0x150 # [ 144.888306] rpc_wait_bit_killable+0x14/0x68 # [ 144.893062] __wait_on_bit+0x7c/0x164 # [ 144.897215] out_of_line_wait_on_bit+0x7c/0xa0 # [ 144.902274] __rpc_execute+0x144/0x5d0 # [ 144.906528] rpc_execute+0xa4/0x14c # [ 144.910581] rpc_run_task+0x170/0x1b8 # [ 144.914738] rpc_call_sync+0x60/0x10c # [ 144.918892] nfs3_rpc_wrapper+0x30/0x70 # [ 144.923250] Register r4 information: 2-page vmalloc region starting at 0xf15f0000 allocated at kernel_clone+0xac/0x388 # [ 144.934264] Register r5 information: non-slab/vmalloc memory # [ 144.940225] Register r6 information: NULL pointer # [ 144.945178] Register r7 information: 2-page vmalloc region starting at 0xf15f0000 allocated at kernel_clone+0xac/0x388 # [ 144.956185] Register r8 information: non-slab/vmalloc memory # [ 144.962145] Register r9 information: 2-page vmalloc region starting at 0xf15f0000 allocated at kernel_clone+0xac/0x388 # [ 144.973151] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 144.987013] full_proxy_open+0x124/0x24c # [ 144.991463] do_dentry_open+0x144/0x4dc # [ 144.995818] vfs_open+0x2c/0xec # [ 144.999569] path_openat+0x748/0x1198 # [ 145.003721] do_filp_open+0x98/0x134 # [ 145.007870] do_sys_openat2+0xbc/0xe4 # [ 145.012024] sys_openat+0x98/0xd4 # [ 145.015876] ret_fast_syscall+0x0/0x1c # [ 145.020126] Free path: # [ 145.022856] xdr_free_bvec+0x18/0x24 # [ 145.026911] xprt_transmit+0x29c/0x4a0 # [ 145.031268] call_transmit+0x80/0x8c # [ 145.035320] __rpc_execute+0xc8/0x5d0 # [ 145.039574] rpc_async_schedule+0x24/0x40 # [ 145.044029] process_one_work+0x1b8/0x450 # [ 145.048584] worker_thread+0x1d4/0x3c4 # [ 145.052936] kthread+0xe8/0x104 # [ 145.056584] ret_from_fork+0x14/0x28 # [ 145.060632] Register r11 information: non-paged memory # [ 145.066088] Register r12 information: NULL pointer # [ 145.071142] Process cat (pid: 1343, stack limit = 0xf15f0000) # [ 145.077198] Stack: (0xf15f1eb0 to 0xf15f2000) # [ 145.081851] 1ea0: f15f1f80 00df65a4 0000001a c0df61c8 # [ 145.090325] 1ec0: 0000001a c0df65ac c0df6490 c5443740 b6db8000 0000001a c3824260 c08910e8 # [ 145.098799] 1ee0: c5443740 c089108c f15f1f80 b6db8000 c5204640 0000001a c56492c0 c0628870 # [ 145.107272] 1f00: c8b5edb0 00000000 00000000 00000000 00000000 0000001a b6db8000 0001ffe6 # [ 145.115745] 1f20: 00000001 00000000 c5443040 00000000 00000000 00000000 00000000 00000000 # [ 145.124218] 1f40: 00000000 00000000 00000000 00000000 00000022 16e8f0b3 00000000 c5443740 # [ 145.132691] 1f60: c5443740 00000000 00000000 c03002f0 c5204640 00000004 004afe38 c0628dcc # [ 145.141165] 1f80: 00000000 00000000 00000000 16e8f0b3 000000c0 0000001a 0000001a 7ff00000 # [ 145.149638] 1fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6db8000 0000001a 00000001 # [ 145.158112] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6db8000 00020000 004afe38 # [ 145.166585] 1fe0: 00000004 bedaa788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 # [ 145.175050] Call trace: # [ 145.175068] lkdtm_STACK_GUARD_PAGE_TRAILING from lkdtm_do_action+0x24/0x4c # [ 145.185081] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 145.190848] direct_entry from full_proxy_write+0x5c/0x8c # [ 145.196516] full_proxy_write from vfs_write+0xbc/0x3cc # [ 145.201991] vfs_write from ksys_write+0x78/0xf8 # [ 145.206866] ksys_write from ret_fast_syscall+0x0/0x1c # [ 145.212337] Exception stack(0xf15f1fa8 to 0xf15f1ff0) # [ 145.217594] 1fa0: 0000001a 0000001a 00000001 b6db8000 0000001a 00000001 # [ 145.226068] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6db8000 00020000 004afe38 # [ 145.234538] 1fe0: 00000004 bedaa788 b6e7e33b b6df7616 # [ 145.239896] Code: ebffc4e5 e30c0c18 e34c01f9 e2844a02 (e5d43000) # [ 145.247411] ---[ end trace 0000000000000000 ]--- # STACK_GUARD_PAGE_TRAILING: saw 'call trace:': ok ok 15 selftests: lkdtm: STACK_GUARD_PAGE_TRAILING.sh # timeout set to 45 # selftests: lkdtm: REPORT_STACK_CANARY.sh <6>[ 147.153747] lkdtm: Performing direct entry REPORT_STACK_CANARY <6>[ 147.159531] lkdtm: Recorded stack canary for pid 1436 at offset 2 <6>[ 147.198893] lkdtm: Performing direct entry REPORT_STACK_CANARY <6>[ 147.203812] lkdtm: ok: stack canaries differ between pid 1436 and pid 1438 at offset 2. # [ 147.153747] lkdtm: Performing direct entry REPORT_STACK_CANARY # [ 147.159531] lkdtm: Recorded stack canary for pid 1436 at offset 2 # [ 147.198893] lkdtm: Performing direct entry REPORT_STACK_CANARY # [ 147.203812] lkdtm: ok: stack canaries differ between pid 1436 and pid 1438 at offset 2. # REPORT_STACK_CANARY: saw 'ok: stack canaries differ': ok ok 16 selftests: lkdtm: REPORT_STACK_CANARY.sh # timeout set to 45 # selftests: lkdtm: UNSET_SMEP.sh <6>[ 148.388190] lkdtm: Performing direct entry UNSET_SMEP <3>[ 148.392338] lkdtm: XFAIL: this test is x86_64-only # [ 148.388190] lkdtm: Performing direct entry UNSET_SMEP # [ 148.392338] lkdtm: XFAIL: this test is x86_64-only # UNSET_SMEP: saw 'XFAIL': [SKIP] ok 17 selftests: lkdtm: UNSET_SMEP.sh # SKIP # timeout set to 45 # selftests: lkdtm: DOUBLE_FAULT.sh <6>[ 149.791351] lkdtm: Performing direct entry DOUBLE_FAULT <3>[ 149.795541] lkdtm: XFAIL: this test is ia32-only # [ 149.791351] lkdtm: Performing direct entry DOUBLE_FAULT # [ 149.795541] lkdtm: XFAIL: this test is ia32-only # DOUBLE_FAULT: saw 'XFAIL': [SKIP] ok 18 selftests: lkdtm: DOUBLE_FAULT.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_PAC.sh <6>[ 150.985927] lkdtm: Performing direct entry CORRUPT_PAC <3>[ 150.990312] lkdtm: XFAIL: this test is arm64-only # [ 150.985927] lkdtm: Performing direct entry CORRUPT_PAC # [ 150.990312] lkdtm: XFAIL: this test is arm64-only # CORRUPT_PAC: saw 'XFAIL': [SKIP] ok 19 selftests: lkdtm: CORRUPT_PAC.sh # SKIP # timeout set to 45 # selftests: lkdtm: UNALIGNED_LOAD_STORE_WRITE.sh <6>[ 152.168792] lkdtm: Performing direct entry UNALIGNED_LOAD_STORE_WRITE <3>[ 152.174322] lkdtm: XFAIL: arch has CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS # [ 152.168792] lkdtm: Performing direct entry UNALIGNED_LOAD_STORE_WRITE # [ 152.174322] lkdtm: XFAIL: arch has CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS # UNALIGNED_LOAD_STORE_WRITE: saw 'XFAIL': [SKIP] ok 20 selftests: lkdtm: UNALIGNED_LOAD_STORE_WRITE.sh # SKIP # timeout set to 45 # selftests: lkdtm: SLAB_LINEAR_OVERFLOW.sh <6>[ 153.346664] lkdtm: Performing direct entry SLAB_LINEAR_OVERFLOW <6>[ 153.351631] lkdtm: Attempting slab linear overflow ... <3>[ 153.356999] ============================================================================= <3>[ 153.365383] BUG kmalloc-1k (Tainted: G D W ): Right Redzone overwritten <3>[ 153.373458] ----------------------------------------------------------------------------- <3>[ 153.373458] <3>[ 153.383631] 0xc527c400-0xc527c403 @offset=17408. First byte 0x78 instead of 0xcc <3>[ 153.391303] FIX kmalloc-1k: Restoring Right Redzone 0xc527c400-0xc527c403=0xcc <3>[ 153.398876] Allocated in lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 age=5 cpu=0 pid=1646 <4>[ 153.406670] lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 <4>[ 153.411728] lkdtm_do_action+0x24/0x4c <4>[ 153.415677] direct_entry+0x11c/0x140 <4>[ 153.419625] full_proxy_write+0x5c/0x8c <4>[ 153.423776] vfs_write+0xbc/0x3cc <4>[ 153.427333] ksys_write+0x78/0xf8 <4>[ 153.430886] ret_fast_syscall+0x0/0x1c <3>[ 153.434937] Freed in nfs3_proc_create+0x1b4/0x2c4 age=221 cpu=1 pid=1642 <4>[ 153.441919] nfs3_proc_create+0x1b4/0x2c4 <4>[ 153.446176] nfs_do_create+0xa8/0x178 <4>[ 153.450132] nfs_atomic_open_v23+0x84/0xd4 <4>[ 153.454492] path_openat+0xb18/0x1198 <4>[ 153.458443] do_filp_open+0x98/0x134 <4>[ 153.462293] do_sys_openat2+0xbc/0xe4 <4>[ 153.466147] sys_openat+0x98/0xd4 <4>[ 153.469798] ret_fast_syscall+0x0/0x1c <3>[ 153.473746] Slab 0xef7b28e0 objects=10 used=4 fp=0xc527b400 flags=0x240(workingset|head|zone=0) <3>[ 153.482728] Object 0xc527c000 @offset=16384 fp=0xc527b400 <3>[ 153.482728] <3>[ 153.490196] Redzone c527bc00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.499267] Redzone c527bc10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.508337] Redzone c527bc20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.517407] Redzone c527bc30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.526577] Redzone c527bc40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.535647] Redzone c527bc50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.544716] Redzone c527bc60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.553786] Redzone c527bc70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.562856] Redzone c527bc80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.571926] Redzone c527bc90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.580996] Redzone c527bca0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.590166] Redzone c527bcb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.599236] Redzone c527bcc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.608306] Redzone c527bcd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.617376] Redzone c527bce0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.626446] Redzone c527bcf0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.635516] Redzone c527bd00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.644585] Redzone c527bd10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.653755] Redzone c527bd20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.662825] Redzone c527bd30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.671895] Redzone c527bd40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.680965] Redzone c527bd50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.690035] Redzone c527bd60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.699105] Redzone c527bd70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.708174] Redzone c527bd80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.717345] Redzone c527bd90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.726414] Redzone c527bda0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.735484] Redzone c527bdb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.744554] Redzone c527bdc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.753624] Redzone c527bdd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.762699] Redzone c527bde0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.771781] Redzone c527bdf0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.780861] Redzone c527be00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.789935] Redzone c527be10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.799107] Redzone c527be20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.808177] Redzone c527be30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.817247] Redzone c527be40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.826316] Redzone c527be50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.835386] Redzone c527be60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.844455] Redzone c527be70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.853525] Redzone c527be80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.862695] Redzone c527be90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.871765] Redzone c527bea0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.880835] Redzone c527beb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.889905] Redzone c527bec0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.898975] Redzone c527bed0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.908044] Redzone c527bee0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.917114] Redzone c527bef0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.926184] Redzone c527bf00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.935354] Redzone c527bf10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.944424] Redzone c527bf20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.953494] Redzone c527bf30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.962564] Redzone c527bf40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.971634] Redzone c527bf50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.980704] Redzone c527bf60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.989774] Redzone c527bf70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 153.998947] Redzone c527bf80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.008021] Redzone c527bf90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.017093] Redzone c527bfa0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.026163] Redzone c527bfb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.035232] Redzone c527bfc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.044302] Redzone c527bfd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.053372] Redzone c527bfe0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.062441] Redzone c527bff0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 154.071613] Object c527c000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.080683] Object c527c010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.089752] Object c527c020: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.098823] Object c527c030: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.107894] Object c527c040: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.116964] Object c527c050: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.126034] Object c527c060: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.135204] Object c527c070: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.144274] Object c527c080: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.153344] Object c527c090: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.162414] Object c527c0a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.171483] Object c527c0b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.180554] Object c527c0c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.189624] Object c527c0d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.198693] Object c527c0e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.207863] Object c527c0f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.216933] Object c527c100: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.226003] Object c527c110: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.235073] Object c527c120: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.244142] Object c527c130: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.253212] Object c527c140: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.262382] Object c527c150: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.271452] Object c527c160: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.280522] Object c527c170: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.289592] Object c527c180: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.298661] Object c527c190: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.307731] Object c527c1a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.316901] Object c527c1b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.325971] Object c527c1c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.335041] Object c527c1d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.344110] Object c527c1e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.353180] Object c527c1f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.362250] Object c527c200: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.371420] Object c527c210: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.380490] Object c527c220: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.389559] Object c527c230: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.398629] Object c527c240: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.407699] Object c527c250: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.416768] Object c527c260: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.425938] Object c527c270: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.435008] Object c527c280: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.444078] Object c527c290: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.453147] Object c527c2a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.462217] Object c527c2b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.471287] Object c527c2c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.480457] Object c527c2d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.489526] Object c527c2e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.498597] Object c527c2f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.507666] Object c527c300: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.516736] Object c527c310: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.525806] Object c527c320: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.534976] Object c527c330: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.544046] Object c527c340: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.553116] Object c527c350: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.562186] Object c527c360: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.571255] Object c527c370: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.580425] Object c527c380: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.589495] Object c527c390: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.598565] Object c527c3a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.607634] Object c527c3b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.616704] Object c527c3c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.625774] Object c527c3d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.634844] Object c527c3e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 154.644014] Object c527c3f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 cc cc cc cc kkkkkkkkkkk..... <3>[ 154.653085] Redzone c527c400: cc cc cc cc .... <3>[ 154.661051] Padding c527c434: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.670222] Padding c527c444: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.679291] Padding c527c454: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.688361] Padding c527c464: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.697431] Padding c527c474: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.706501] Padding c527c484: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.715571] Padding c527c494: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.724640] Padding c527c4a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.733811] Padding c527c4b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.742880] Padding c527c4c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.751950] Padding c527c4d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.761020] Padding c527c4e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.770090] Padding c527c4f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.779159] Padding c527c504: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.788229] Padding c527c514: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.797399] Padding c527c524: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.806469] Padding c527c534: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.815538] Padding c527c544: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.824608] Padding c527c554: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.833678] Padding c527c564: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.842748] Padding c527c574: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.851918] Padding c527c584: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.860988] Padding c527c594: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.870058] Padding c527c5a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.879128] Padding c527c5b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.888198] Padding c527c5c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.897267] Padding c527c5d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.906337] Padding c527c5e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.915507] Padding c527c5f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.924577] Padding c527c604: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.933647] Padding c527c614: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.942717] Padding c527c624: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.951786] Padding c527c634: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.960856] Padding c527c644: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.970026] Padding c527c654: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.979096] Padding c527c664: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.988165] Padding c527c674: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 154.997235] Padding c527c684: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.006305] Padding c527c694: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.015374] Padding c527c6a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.024444] Padding c527c6b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.033614] Padding c527c6c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.042684] Padding c527c6d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.051753] Padding c527c6e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.060822] Padding c527c6f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.069892] Padding c527c704: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.078961] Padding c527c714: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.088131] Padding c527c724: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.097201] Padding c527c734: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.106270] Padding c527c744: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.115340] Padding c527c754: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.124410] Padding c527c764: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.133480] Padding c527c774: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.142550] Padding c527c784: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.151720] Padding c527c794: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.160790] Padding c527c7a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.169860] Padding c527c7b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.178930] Padding c527c7c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.187999] Padding c527c7d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.197069] Padding c527c7e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 155.206139] Padding c527c7f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ <4>[ 155.214915] CPU: 0 UID: 0 PID: 1646 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 <4>[ 155.224502] Tainted: [D]=DIE, [W]=WARN <4>[ 155.228541] Hardware name: STM32 (Device Tree Support) <4>[ 155.233990] Call trace: <4>[ 155.234006] unwind_backtrace from show_stack+0x18/0x1c <4>[ 155.242206] show_stack from dump_stack_lvl+0x88/0xb8 <4>[ 155.247575] dump_stack_lvl from check_object+0x1c0/0x474 <4>[ 155.253254] check_object from free_to_partial_list+0x178/0x58c <4>[ 155.259436] free_to_partial_list from kfree+0x224/0x2dc <4>[ 155.265014] kfree from lkdtm_do_action+0x24/0x4c <4>[ 155.269986] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 155.275753] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 155.281521] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 155.286995] vfs_write from ksys_write+0x78/0xf8 <4>[ 155.291870] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 155.297242] Exception stack(0xf17a5fa8 to 0xf17a5ff0) <4>[ 155.302601] 5fa0: 00000015 00000015 00000001 b6e08000 00000015 00000001 <4>[ 155.311074] 5fc0: 00000015 00000015 7ff00000 00000004 00000001 b6e08000 00020000 004dfe38 <4>[ 155.319543] 5fe0: 00000004 beb60788 b6ece33b b6e47616 <3>[ 155.324893] FIX kmalloc-1k: Object at 0xc527c000 not freed # [ 153.346664] lkdtm: Performing direct entry SLAB_LINEAR_OVERFLOW # [ 153.351631] lkdtm: Attempting slab linear overflow ... # [ 153.356999] ============================================================================= # [ 153.365383] BUG kmalloc-1k (Tainted: G D W ): Right Redzone overwritten # [ 153.373458] ----------------------------------------------------------------------------- # # [ 153.383631] 0xc527c400-0xc527c403 @offset=17408. First byte 0x78 instead of 0xcc # [ 153.391303] FIX kmalloc-1k: Restoring Right Redzone 0xc527c400-0xc527c403=0xcc # [ 153.398876] Allocated in lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 age=5 cpu=0 pid=1646 # [ 153.406670] lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 # [ 153.411728] lkdtm_do_action+0x24/0x4c # [ 153.415677] direct_entry+0x11c/0x140 # [ 153.419625] full_proxy_write+0x5c/0x8c # [ 153.423776] vfs_write+0xbc/0x3cc # [ 153.427333] ksys_write+0x78/0xf8 # [ 153.430886] ret_fast_syscall+0x0/0x1c # [ 153.434937] Freed in nfs3_proc_create+0x1b4/0x2c4 age=221 cpu=1 pid=1642 # [ 153.441919] nfs3_proc_create+0x1b4/0x2c4 # [ 153.446176] nfs_do_create+0xa8/0x178 # [ 153.450132] nfs_atomic_open_v23+0x84/0xd4 # [ 153.454492] path_openat+0xb18/0x1198 # [ 153.458443] do_filp_open+0x98/0x134 # [ 153.462293] do_sys_openat2+0xbc/0xe4 # [ 153.466147] sys_openat+0x98/0xd4 # [ 153.469798] ret_fast_syscall+0x0/0x1c # [ 153.473746] Slab 0xef7b28e0 objects=10 used=4 fp=0xc527b400 flags=0x240(workingset|head|zone=0) # [ 153.482728] Object 0xc527c000 @offset=16384 fp=0xc527b400 # # [ 153.490196] Redzone c527bc00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.499267] Redzone c527bc10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.508337] Redzone c527bc20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.517407] Redzone c527bc30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.526577] Redzone c527bc40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.535647] Redzone c527bc50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.544716] Redzone c527bc60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.553786] Redzone c527bc70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.562856] Redzone c527bc80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.571926] Redzone c527bc90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.580996] Redzone c527bca0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.590166] Redzone c527bcb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.599236] Redzone c527bcc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.608306] Redzone c527bcd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.617376] Redzone c527bce0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.626446] Redzone c527bcf0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.635516] Redzone c527bd00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.644585] Redzone c527bd10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.653755] Redzone c527bd20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.662825] Redzone c527bd30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.671895] Redzone c527bd40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.680965] Redzone c527bd50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.690035] Redzone c527bd60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.699105] Redzone c527bd70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.708174] Redzone c527bd80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.717345] Redzone c527bd90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.726414] Redzone c527bda0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.735484] Redzone c527bdb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.744554] Redzone c527bdc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.753624] Redzone c527bdd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.762699] Redzone c527bde0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.771781] Redzone c527bdf0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.780861] Redzone c527be00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.789935] Redzone c527be10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.799107] Redzone c527be20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.808177] Redzone c527be30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.817247] Redzone c527be40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.826316] Redzone c527be50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.835386] Redzone c527be60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.844455] Redzone c527be70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.853525] Redzone c527be80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.862695] Redzone c527be90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.871765] Redzone c527bea0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.880835] Redzone c527beb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.889905] Redzone c527bec0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.898975] Redzone c527bed0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.908044] Redzone c527bee0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.917114] Redzone c527bef0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.926184] Redzone c527bf00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.935354] Redzone c527bf10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.944424] Redzone c527bf20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.953494] Redzone c527bf30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.962564] Redzone c527bf40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.971634] Redzone c527bf50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.980704] Redzone c527bf60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.989774] Redzone c527bf70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 153.998947] Redzone c527bf80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.008021] Redzone c527bf90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.017093] Redzone c527bfa0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.026163] Redzone c527bfb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.035232] Redzone c527bfc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.044302] Redzone c527bfd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.053372] Redzone c527bfe0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.062441] Redzone c527bff0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 154.071613] Object c527c000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.080683] Object c527c010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.089752] Object c527c020: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.098823] Object c527c030: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.107894] Object c527c040: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.116964] Object c527c050: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.126034] Object c527c060: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.135204] Object c527c070: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.144274] Object c527c080: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.153344] Object c527c090: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.162414] Object c527c0a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.171483] Object c527c0b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.180554] Object c527c0c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.189624] Object c527c0d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.198693] Object c527c0e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.207863] Object c527c0f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.216933] Object c527c100: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.226003] Object c527c110: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.235073] Object c527c120: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.244142] Object c527c130: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.253212] Object c527c140: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.262382] Object c527c150: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.271452] Object c527c160: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.280522] Object c527c170: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.289592] Object c527c180: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.298661] Object c527c190: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.307731] Object c527c1a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.316901] Object c527c1b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.325971] Object c527c1c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.335041] Object c527c1d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.344110] Object c527c1e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.353180] Object c527c1f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.362250] Object c527c200: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.371420] Object c527c210: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.380490] Object c527c220: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.389559] Object c527c230: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.398629] Object c527c240: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.407699] Object c527c250: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.416768] Object c527c260: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.425938] Object c527c270: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.435008] Object c527c280: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.444078] Object c527c290: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.453147] Object c527c2a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.462217] Object c527c2b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.471287] Object c527c2c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.480457] Object c527c2d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.489526] Object c527c2e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.498597] Object c527c2f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.507666] Object c527c300: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.516736] Object c527c310: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.525806] Object c527c320: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.534976] Object c527c330: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.544046] Object c527c340: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.553116] Object c527c350: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.562186] Object c527c360: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.571255] Object c527c370: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.580425] Object c527c380: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.589495] Object c527c390: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.598565] Object c527c3a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.607634] Object c527c3b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.616704] Object c527c3c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.625774] Object c527c3d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.634844] Object c527c3e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 154.644014] Object c527c3f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 cc cc cc cc kkkkkkkkkkk..... # [ 154.653085] Redzone c527c400: cc cc cc cc .... # [ 154.661051] Padding c527c434: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.670222] Padding c527c444: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.679291] Padding c527c454: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.688361] Padding c527c464: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.697431] Padding c527c474: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.706501] Padding c527c484: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.715571] Padding c527c494: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.724640] Padding c527c4a4: 5a 5a 5a 5a 5a 5<6>[ 156.937537] lkdtm: Performing direct entry VMALLOC_LINEAR_OVERFLOW <6>[ 156.943987] lkdtm: Attempting vmalloc linear overflow ... <1>[ 156.949456] 8<--- cut here --- <1>[ 156.952781] Unable to handle kernel paging request at virtual address f095c000 when write <1>[ 156.961276] [f095c000] *pgd=c3233811, *pte=00000000, *ppte=00000000 <0>[ 156.967767] Internal error: Oops: 807 [#5] SMP ARM <4>[ 156.972755] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 157.010873] CPU: 1 UID: 0 PID: 1685 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 157.020472] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 157.025721] Hardware name: STM32 (Device Tree Support) <4>[ 157.031171] PC is at mmioset+0x84/0xac <4>[ 157.035144] LR is at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 <4>[ 157.041111] pc : [] lr : [] psr: 00080013 <4>[ 157.047669] sp : f17d9eb0 ip : f095c000 fp : 0046fe38 <4>[ 157.053119] r10: c54b5b80 r9 : f17d9f80 r8 : c2687ed0 <4>[ 157.058670] r7 : f17d9f80 r6 : 00000000 r5 : f095d000 r4 : f095b000 <4>[ 157.065428] r3 : aaaaaaaa r2 : ffffffc1 r1 : aaaaaaaa r0 : f095b000 <4>[ 157.072288] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 157.079654] Control: 10c5387d Table: c8b9806a DAC: 00000051 <1>[ 157.085706] Register r0 information: 1-page vmalloc region starting at 0xf095b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <1>[ 157.098126] Register r1 information: non-paged memory <1>[ 157.103484] Register r2 information: non-paged memory <1>[ 157.108739] Register r3 information: non-paged memory <1>[ 157.114093] Register r4 information: 1-page vmalloc region starting at 0xf095b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <1>[ 157.126504] Register r5 information: 1-page vmalloc region starting at 0xf095d000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x20/0x60 <1>[ 157.138914] Register r6 information: NULL pointer <1>[ 157.143867] Register r7 information: 2-page vmalloc region starting at 0xf17d8000 allocated at kernel_clone+0xac/0x388 <1>[ 157.154879] Register r8 information: non-slab/vmalloc memory <1>[ 157.160841] Register r9 information: 2-page vmalloc region starting at 0xf17d8000 allocated at kernel_clone+0xac/0x388 <1>[ 157.171847] Register r10 information: slab kmalloc-192 start c54b5b40 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 157.185713] full_proxy_open+0x124/0x24c <6>[ 157.190163] do_dentry_open+0x144/0x4dc <6>[ 157.194620] vfs_open+0x2c/0xec <6>[ 157.198271] path_openat+0x748/0x1198 <6>[ 157.202422] do_filp_open+0x98/0x134 <6>[ 157.206572] do_sys_openat2+0xbc/0xe4 <6>[ 157.210726] sys_openat+0x98/0xd4 <6>[ 157.214578] ret_fast_syscall+0x0/0x1c <4>[ 157.218828] Free path: <6>[ 157.221559] full_proxy_release+0x78/0xc0 <6>[ 157.226110] __fput+0xdc/0x2e8 <6>[ 157.229655] task_work_run+0x98/0xc8 <6>[ 157.233813] do_exit+0x374/0xa1c <6>[ 157.237563] do_group_exit+0x40/0x8c <6>[ 157.241613] pid_child_should_wake+0x0/0x94 <1>[ 157.246368] Register r11 information: non-paged memory <1>[ 157.251825] Register r12 information: 1-page vmalloc region starting at 0xf095b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <0>[ 157.264342] Process cat (pid: 1685, stack limit = 0xf17d8000) <0>[ 157.270312] Stack: (0xf17d9eb0 to 0xf17da000) <0>[ 157.274982] 9ea0: 00000018 c57dc000 00000000 c0df61c8 <0>[ 157.283468] 9ec0: 00000018 c0df65ac c0df6490 c52cdc40 b6e08000 00000018 c3824260 c08910e8 <0>[ 157.291951] 9ee0: c52cdc40 c089108c f17d9f80 b6e08000 c5204640 00000018 c54b5b80 c0628870 <0>[ 157.300334] 9f00: c8b9adb8 00000000 00000000 00000000 00000000 00000018 b6e08000 0001ffe8 <0>[ 157.308815] 9f20: 00000001 00000000 c52cdd40 00000000 00000000 00000000 00000000 00000000 <0>[ 157.317293] 9f40: 00000000 00000000 00000000 00000000 00000022 9227dbd0 00000000 c52cdc40 <0>[ 157.325768] 9f60: c52cdc40 00000000 00000000 c03002f0 c5204640 00000004 0046fe38 c0628dcc <0>[ 157.334242] 9f80: 00000000 00000000 00000000 9227dbd0 000000c0 00000018 00000018 7ff00000 <0>[ 157.342718] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e08000 00000018 00000001 <0>[ 157.351195] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e08000 00020000 0046fe38 <0>[ 157.359670] 9fe0: 00000004 be9e6788 b6ece33b b6e47616 60080030 00000001 00000000 00000000 <0>[ 157.368135] Call trace: <0>[ 157.368149] mmioset from lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 <0>[ 157.377371] lkdtm_VMALLOC_LINEAR_OVERFLOW from lkdtm_do_action+0x24/0x4c <0>[ 157.384452] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 157.390223] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 157.395894] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 157.401370] vfs_write from ksys_write+0x78/0xf8 <0>[ 157.406247] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 157.411719] Exception stack(0xf17d9fa8 to 0xf17d9ff0) <0>[ 157.416976] 9fa0: 00000018 00000018 00000001 b6e08000 00000018 00000001 <0>[ 157.425450] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e08000 00020000 0046fe38 <0>[ 157.433920] 9fe0: 00000004 be9e6788 b6ece33b b6e47616 <0>[ 157.439279] Code: e3120002 14cc1001 14cc1001 e3120001 (14cc1001) <4>[ 157.445924] ---[ end trace 0000000000000000 ]--- a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.733811] Padding c527c4b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.742880] Padding c527c4c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.751950] Padding c527c4d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.761020] Padding c527c4e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.770090] Padding c527c4f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.779159] Padding c527c504: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.788229] Padding c527c514: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.797399] Padding c527c524: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.806469] Padding c527c534: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.815538] Padding c527c544: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.824608] Padding c527c554: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.833678] Padding c527c564: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.842748] Padding c527c574: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.851918] Padding c527c584: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.860988] Padding c527c594: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.870058] Padding c527c5a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.879128] Padding c527c5b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.888198] Padding c527c5c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.897267] Padding c527c5d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.906337] Padding c527c5e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.915507] Padding c527c5f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.924577] Padding c527c604: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.933647] Padding c527c614: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.942717] Padding c527c624: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.951786] Padding c527c634: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.960856] Padding c527c644: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.970026] Padding c527c654: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.979096] Padding c527c664: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.988165] Padding c527c674: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 154.997235] Padding c527c684: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.006305] Padding c527c694: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.015374] Padding c527c6a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.024444] Padding c527c6b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.033614] Padding c527c6c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.042684] Padding c527c6d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.051753] Padding c527c6e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.060822] Padding c527c6f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.069892] Padding c527c704: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.078961] Padding c527c714: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.088131] Padding c527c724: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.097201] Padding c527c734: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.106270] Padding c527c744: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.115340] Padding c527c754: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.124410] Padding c527c764: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.133480] Padding c527c774: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.142550] Padding c527c784: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.151720] Padding c527c794: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.160790] Padding c527c7a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.169860] Padding c527c7b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.178930] Padding c527c7c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.187999] Padding c527c7d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.197069] Padding c527c7e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 155.206139] Padding c527c7f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ # [ 155.214915] CPU: 0 UID: 0 PID: 1646 Comm: cat Tainted: G D W 6.12.0-rc1-next-20241004 #1 # [ 155.224502] Tainted: [D]=DIE, [W]=WARN # [ 155.228541] Hardware name: STM32 (Device Tree Support) # [ 155.233990] Call trace: # [ 155.234006] unwind_backtrace from show_stack+0x18/0x1c # [ 155.242206] show_stack from dump_stack_lvl+0x88/0xb8 # [ 155.247575] dump_stack_lvl from check_object+0x1c0/0x474 # [ 155.253254] check_object from free_to_partial_list+0x178/0x58c # [ 155.259436] free_to_partial_list from kfree+0x224/0x2dc # [ 155.265014] kfree from lkdtm_do_action+0x24/0x4c # [ 155.269986] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 155.275753] direct_entry from full_proxy_write+0x5c/0x8c # [ 155.281521] full_proxy_write from vfs_write+0xbc/0x3cc # [ 155.286995] vfs_write from ksys_write+0x78/0xf8 # [ 155.291870] ksys_write from ret_fast_syscall+0x0/0x1c # [ 155.297242] Exception stack(0xf17a5fa8 to 0xf17a5ff0) # [ 155.302601] 5fa0: 00000015 00000015 00000001 b6e08000 00000015 00000001 # [ 155.311074] 5fc0: 00000015 00000015 7ff00000 00000004 00000001 b6e08000 00020000 004dfe38 # [ 155.319543] 5fe0: 00000004 beb60788 b6ece33b b6e47616 # [ 155.324893] FIX kmalloc-1k: Object at 0xc527c000 not freed # SLAB_LINEAR_OVERFLOW: saw 'call trace:': ok ok 21 selftests: lkdtm: SLAB_LINEAR_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: VMALLOC_LINEAR_OVERFLOW.sh # Segmentation fault # [ 156.937537] lkdtm: Performing direct entry VMALLOC_LINEAR_OVERFLOW # [ 156.943987] lkdtm: Attempting vmalloc linear overflow ... # [ 156.949456] 8<--- cut here --- # [ 156.952781] Unable to handle kernel paging request at virtual address f095c000 when write # [ 156.961276] [f095c000] *pgd=c3233811, *pte=00000000, *ppte=00000000 # [ 156.967767] Internal error: Oops: 807 [#5] SMP ARM # [ 156.972755] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 157.010873] CPU: 1 UID: 0 PID: 1685 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 157.020472] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 157.025721] Hardware name: STM32 (Device Tree Support) # [ 157.031171] PC is at mmioset+0x84/0xac # [ 157.035144] LR is at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 # [ 157.041111] pc : [] lr : [] psr: 00080013 # [ 157.047669] sp : f17d9eb0 ip : f095c000 fp : 0046fe38 # [ 157.053119] r10: c54b5b80 r9 : f17d9f80 r8 : c2687ed0 # [ 157.058670] r7 : f17d9f80 r6 : 00000000 r5 : f095d000 r4 : f095b000 # [ 157.065428] r3 : aaaaaaaa r2 : ffffffc1 r1 : aaaaaaaa r0 : f095b000 # [ 157.072288] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 157.079654] Control: 10c5387d Table: c8b9806a DAC: 00000051 # [ 157.085706] Register r0 information: 1-page vmalloc region starting at 0xf095b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 157.098126] Register r1 information: non-paged memory # [ 157.103484] Register r2 information: non-paged memory # [ 157.108739] Register r3 information: non-paged memory # [ 157.114093] Register r4 information: 1-page vmalloc region starting at 0xf095b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 157.126504] Register r5 information: 1-page vmalloc region starting at 0xf095d000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x20/0x60 # [ 157.138914] Register r6 information: NULL pointer # [ 157.143867] Register r7 information: 2-page vmalloc region starting at 0xf17d8000 allocated at kernel_clone+0xac/0x388 # [ 157.154879] Register r8 information: non-slab/vmalloc memory # [ 157.160841] Register r9 information: 2-page vmalloc region starting at 0xf17d8000 allocated at kernel_clone+0xac/0x388 # [ 157.171847] Register r10 information: slab kmalloc-192 start c54b5b40 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 157.185713] full_proxy_open+0x124/0x24c # [ 157.190163] do_dentry_open+0x144/0x4dc # [ 157.194620] vfs_open+0x2c/0xec # [ 157.198271] path_openat+0x748/0x1198 # [ 157.202422] do_filp_open+0x98/0x134 # [ 157.206572] do_sys_openat2+0xbc/0xe4 # [ 157.210726] sys_openat+0x98/0xd4 # [ 157.214578] ret_fast_syscall+0x0/0x1c # [ 157.218828] Free path: # [ 157.221559] full_proxy_release+0x78/0xc0 # [ 157.226110] __fput+0xdc/0x2e8 # [ 157.229655] task_work_run+0x98/0xc8 # [ 157.233813] do_exit+0x374/0xa1c # [ 157.237563] do_group_exit+0x40/0x8c # [ 157.241613] pid_child_should_wake+0x0/0x94 # [ 157.246368] Register r11 information: non-paged memory # [ 157.251825] Register r12 information: 1-page vmalloc region starting at 0xf095b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 157.264342] Process cat (pid: 1685, stack limit = 0xf17d8000) # [ 157.270312] Stack: (0xf17d9eb0 to 0xf17da000) # [ 157.274982] 9ea0: 00000018 c57dc000 00000000 c0df61c8 # [ 157.283468] 9ec0: 00000018 c0df65ac c0df6490 c52cdc40 b6e08000 00000018 c3824260 c08910e8 # [ 157.291951] 9ee0: c52cdc40 c089108c f17d9f80 b6e08000 c5204640 00000018 c54b5b80 c0628870 # [ 157.300334] 9f00: c8b9adb8 00000000 00000000 00000000 00000000 00000018 b6e08000 0001ffe8 # [ 157.308815] 9f20: 00000001 00000000 c52cdd40 00000000 00000000 00000000 00000000 00000000 # [ 157.317293] 9f40: 00000000 00000000 00000000 00000000 00000022 9227dbd0 00000000 c52cdc40 # [ 157.325768] 9f60: c52cdc40 00000000 00000000 c03002f0 c5204640 00000004 0046fe38 c0628dcc # [ 157.334242] 9f80: 00000000 00000000 00000000 9227dbd0 000000c0 00000018 00000018 7ff00000 # [ 157.342718] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e08000 00000018 00000001 # [ 157.351195] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e08000 00020000 0046fe38 # [ 157.359670] 9fe0: 00000004 be9e6788 b6ece33b b6e47616 60080030 00000001 00000000 00000000 # [ 157.368135] Call trace: # [ 157.368149] mmioset from lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 # [ 157.377371] lkdtm_VMALLOC_LINEAR_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 157.384452] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 157.390223] direct_entry from full_proxy_write+0x5c/0x8c # [ 157.395894] full_proxy_write from vfs_write+0xbc/0x3cc # [ 157.401370] vfs_write from ksys_write+0x78/0xf8 # [ 157.406247] ksys_write from ret_fast_syscall+0x0/0x1c # [ 157.411719] Exception stack(0xf17d9fa8 to 0xf17d9ff0) # [ 157.416976] 9fa0: 00000018 00000018 00000001 b6e08000 00000018 00000001 # [ 157.425450] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e08000 00020000 0046fe38 # [ 157.433920] 9fe0: 00000004 be9e6788 b6ece33b b6e47616 # [ 157.439279] Code: e3120002 14cc1001 14cc1001 e3120001 (14cc1001) # [ 157.445924] ---[ end trace 0000000000000000 ]--- # VMALLOC_LINEAR_OVERFLOW: saw 'call trace:': ok ok 22 selftests: lkdtm: VMALLOC_LINEAR_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: WRITE_AFTER_FREE.sh # Skipping WRITE_AFTER_FREE: Corrupts memory on failure ok 23 selftests: lkdtm: WRITE_AFTER_FREE.sh # SKIP # timeout set to 45 # selftests: lkdtm: READ_AFTER_FREE.sh <6>[ 159.829037] lkdtm: Performing direct entry READ_AFTER_FREE <6>[ 159.833644] lkdtm: Value in memory before free: 12345678 <6>[ 159.839138] lkdtm: Attempting bad read from freed memory <6>[ 159.844717] lkdtm: Memory correctly poisoned (6b6b6b6b) # [ 159.829037] lkdtm: Performing direct entry READ_AFTER_FREE # [ 159.833644] lkdtm: Value in memory before free: 12345678 # [ 159.839138] lkdtm: Attempting bad read from freed memory # [ 159.844717] lkdtm: Memory correctly poisoned (6b6b6b6b) # READ_AFTER_FREE: saw 'call trace:|Memory correctly poisoned': ok ok 24 selftests: lkdtm: READ_AFTER_FREE.sh # timeout set to 45 # selftests: lkdtm: WRITE_BUDDY_AFTER_FREE.sh # Skipping WRITE_BUDDY_AFTER_FREE: Corrupts memory on failure ok 25 selftests: lkdtm: WRITE_BUDDY_AFTER_FREE.sh # SKIP # timeout set to 45 # selftests: lkdtm: READ_BUDDY_AFTER_FREE.sh <6>[ 161.872489] lkdtm: Performing direct entry READ_BUDDY_AFTER_FREE <6>[ 161.877561] lkdtm: Value in memory before free: 12345678 <6>[ 161.883667] lkdtm: Attempting to read from freed memory <6>[ 161.888671] lkdtm: Memory correctly poisoned (0) # [ 161.872489] lkdtm: Performing direct entry READ_BUDDY_AFTER_FREE # [ 161.877561] lkdtm: Value in memory before free: 12345678 # [ 161.883667] lkdtm: Attempting to read from freed memory # [ 161.888671] lkdtm: Memory correctly poisoned (0) # READ_BUDDY_AFTER_FREE: saw 'call trace:|Memory correctly poisoned': ok ok 26 selftests: lkdtm: READ_BUDDY_AFTER_FREE.sh # timeout set to 45 # selftests: lkdtm: SLAB_INIT_ON_ALLOC.sh <6>[ 163.215353] lkdtm: Performing direct entry SLAB_INIT_ON_ALLOC <6>[ 163.220295] lkdtm: Memory appears initialized (6b, no earlier values) # [ 163.215353] lkdtm: Performing direct entry SLAB_INIT_ON_ALLOC # [ 163.220295] lkdtm: Memory appears initialized (6b, no earlier values) # SLAB_INIT_ON_ALLOC: saw 'Memory appears initialized': ok ok 27 selftests: lkdtm: SLAB_INIT_ON_ALLOC.sh # timeout set to 45 # selftests: lkdtm: BUDDY_INIT_ON_ALLOC.sh <6>[ 164.547490] lkdtm: Performing direct entry BUDDY_INIT_ON_ALLOC <6>[ 164.552447] lkdtm: Memory appears initialized (0, no earlier values) # [ 164.547490] lkdtm: Performing direct entry BUDDY_INIT_ON_ALLOC # [ 164.552447] lkdtm: Memory appears initialized (0, no earlier values) # BUDDY_INIT_ON_ALLOC: saw 'Memory appears initialized': ok ok 28 selftests: lkdtm: BUDDY_INIT_ON_ALLOC.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_DOUBLE.sh <6>[ 165.799319] lkdtm: Performing direct entry SLAB_FREE_DOUBLE <6>[ 165.803974] lkdtm: Attempting double slab free ... <3>[ 165.809540] ============================================================================= <3>[ 165.817329] BUG lkdtm-heap-double_free (Tainted: G B D W ): Slab has 0 allocated objects but 1 are to be freed <3>[ 165.817329] <3>[ 165.830332] ----------------------------------------------------------------------------- <3>[ 165.830332] <3>[ 165.840603] Slab 0xef831834 objects=32 used=0 fp=0xc8ae5008 flags=0x200(workingset|zone=0) <4>[ 165.849192] CPU: 1 UID: 0 PID: 2013 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 165.858780] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 165.864025] Hardware name: STM32 (Device Tree Support) <4>[ 165.869474] Call trace: <4>[ 165.869488] unwind_backtrace from show_stack+0x18/0x1c <4>[ 165.877698] show_stack from dump_stack_lvl+0x88/0xb8 <4>[ 165.883075] dump_stack_lvl from slab_err+0x78/0xb0 <4>[ 165.888245] slab_err from free_to_partial_list+0x4ec/0x58c <4>[ 165.894027] free_to_partial_list from kmem_cache_free+0x1a8/0x3c0 <4>[ 165.900513] kmem_cache_free from lkdtm_do_action+0x24/0x4c <4>[ 165.906390] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 165.912156] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 165.917824] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 165.923298] vfs_write from ksys_write+0x78/0xf8 <4>[ 165.928274] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 165.933646] Exception stack(0xf19c5fa8 to 0xf19c5ff0) <4>[ 165.939005] 5fa0: 00000011 00000011 00000001 b6e78000 00000011 00000001 <4>[ 165.947479] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e78000 00020000 004dfe38 <4>[ 165.955948] 5fe0: 00000004 be8cb788 b6f3e33b b6eb7616 <3>[ 165.961297] FIX lkdtm-heap-double_free: Object at 0xc8ae5008 not freed # [ 165.799319] lkdtm: Performing direct entry SLAB_FREE_DOUBLE # [ 165.803974] lkdtm: Attempting double slab free ... # [ 165.809540] ============================================================================= # [ 165.817329] BUG lkdtm-heap-double_free (Tainted: G B D W ): Slab has 0 allocated objects but 1 are to be freed # # [ 165.830332] ----------------------------------------------------------------------------- # # [ 165.840603] Slab 0xef831834 objects=32 used=0 fp=0xc8ae5008 flags=0x200(workingset|zone=0) # [ 165.849192] CPU: 1 UID: 0 PID: 2013 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 165.858780] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 165.864025] Hardware name: STM32 (Device Tree Support) # [ 165.869474] Call trace: # [ 165.869488] unwind_backtrace from show_stack+0x18/0x1c # [ 165.877698] show_stack from dump_stack_lvl+0x88/0xb8 # [ 165.883075] dump_stack_lvl from slab_err+0x78/0xb0 # [ 165.888245] slab_err from free_to_partial_list+0x4ec/0x58c # [ 165.894027] free_to_partial_list from kmem_cache_free+0x1a8/0x3c0 # [ 165.900513] kmem_cache_free from lkdtm_do_action+0x24/0x4c # [ 165.906390] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 165.912156] direct_entry from full_proxy_write+0x5c/0x8c # [ 165.917824] full_proxy_write from vfs_write+0xbc/0x3cc # [ 165.923298] vfs_write from ksys_write+0x78/0xf8 # [ 165.928274] ksys_write from ret_fast_syscall+0x0/0x1c # [ 165.933646] Exception stack(0xf19c5fa8 to 0xf19c5ff0) # [ 165.939005] 5fa0: 00000011 00000011 00000001 b6e78000 00000011 00000001 # [ 165.947479] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e78000 00020000 004dfe38 # [ 165.955948] 5fe0: 00000004 be8cb788 b6f3e33b b6eb7616 # [ 165.961297] FIX lkdtm-heap-double_free: Object at 0xc8ae5008 not freed # SLAB_FREE_DOUBLE: saw 'call trace:': ok ok 29 selftests: lkdtm: SLAB_FREE_DOUBLE.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_CROSS.sh <6>[ 167.242102] lkdtm: Performing direct entry SLAB_FREE_CROSS <6>[ 167.246691] lkdtm: Attempting cross-cache slab free ... <4>[ 167.252133] ------------[ cut here ]------------ <4>[ 167.257000] WARNING: CPU: 0 PID: 2052 at mm/slub.c:4669 kmem_cache_free+0x2bc/0x3c0 <4>[ 167.264891] cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a <4>[ 167.273464] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 167.311807] CPU: 0 UID: 0 PID: 2052 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 167.321117] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 167.326370] Hardware name: STM32 (Device Tree Support) <4>[ 167.331821] Call trace: <4>[ 167.331839] unwind_backtrace from show_stack+0x18/0x1c <4>[ 167.340048] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 167.345420] dump_stack_lvl from __warn+0x84/0x134 <4>[ 167.350497] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 167.355878] warn_slowpath_fmt from kmem_cache_free+0x2bc/0x3c0 <4>[ 167.362067] kmem_cache_free from lkdtm_do_action+0x24/0x4c <4>[ 167.367946] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 167.373713] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 167.379381] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 167.384855] vfs_write from ksys_write+0x78/0xf8 <4>[ 167.389730] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 167.395202] Exception stack(0xf19fdfa8 to 0xf19fdff0) <4>[ 167.400562] dfa0: 00000010 00000010 00000001 b6e48000 00000010 00000001 <4>[ 167.409036] dfc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 0042fe38 <4>[ 167.417505] dfe0: 00000004 bed76788 b6f0e33b b6e87616 <4>[ 167.423092] ---[ end trace 0000000000000000 ]--- <3>[ 167.427755] Allocated in lkdtm_SLAB_FREE_CROSS+0x20/0x60 age=181 cpu=0 pid=2052 <4>[ 167.435380] lkdtm_SLAB_FREE_CROSS+0x20/0x60 <4>[ 167.439926] lkdtm_do_action+0x24/0x4c <4>[ 167.443983] direct_entry+0x11c/0x140 <4>[ 167.447838] full_proxy_write+0x5c/0x8c <4>[ 167.451970] vfs_write+0xbc/0x3cc <4>[ 167.455542] ksys_write+0x78/0xf8 <4>[ 167.459088] ret_fast_syscall+0x0/0x1c # [ 167.242102] lkdtm: Performing direct entry SLAB_FREE_CROSS # [ 167.246691] lkdtm: Attempting cross-cache slab free ... # [ 167.252133] ------------[ cut here ]------------ # [ 167.257000] WARNING: CPU: 0 PID: 2052 at mm/slub.c:4669 kmem_cache_free+0x2bc/0x3c0 # [ 167.264891] cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a # [ 167.273464] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 167.311807] CPU: 0 UID: 0 PID: 2052 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 167.321117] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 167.326370] Hardware name: STM32 (Device Tree Support) # [ 167.331821] Call trace: # [ 167.331839] unwind_backtrace from show_stack+0x18/0x1c # [ 167.340048] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 167.345420] dump_stack_lvl from __warn+0x84/0x134 # [ 167.350497] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 167.355878] warn_slowpath_fmt from kmem_cache_free+0x2bc/0x3c0 # [ 167.362067] kmem_cache_free from lkdtm_do_action+0x24/0x4c # [ 167.367946] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 167.373713] direct_entry from full_proxy_write+0x5c/0x8c # [ 167.379381] full_proxy_write from vfs_write+0xbc/0x3cc # [ 167.384855] vfs_write from ksys_write+0x78/0xf8 # [ 167.389730] ksys_write from ret_fast_syscall+0x0/0x1c # [ 167.395202] Exception stack(0xf19fdfa8 to 0xf19fdff0) # [ 167.400562] dfa0: 00000010 00000010 00000001 b6e48000 00000010 00000001 # [ 167.409036] dfc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 0042fe38 # [ 167.417505] dfe0: 00000004 bed76788 b6f0e33b b6e87616 # [ 167.423092] ---[ end trace 0000000000000000 ]--- # [ 167.427755] Allocated in lkdtm_SLAB_FREE_CROSS+0x20/0x60 age=181 cpu=0 pid=2052 # [ 167.435380] lkdtm_SLAB_FREE_CROSS+0x20/0x60 # [ 167.439926] lkdtm_do_action+0x24/0x4c # [ 167.443983] direct_entry+0x11c/0x140 # [ 167.447838] full_proxy_write+0x5c/0x8c # [ 167.451970] vfs_write+0xbc/0x3cc # [ 167.455542] ksys_write+0x78/0xf8 # [ 167.459088] ret_fast_syscall+0x0/0x1c # SLAB_FREE_CROSS: saw 'call trace:': ok ok 30 selftests: lkdtm: SLAB_FREE_CROSS.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_PAGE.sh <6>[ 168.748681] lkdtm: Performing direct entry SLAB_FREE_PAGE <6>[ 168.753102] lkdtm: Attempting non-Slab slab free ... <4>[ 168.758870] ------------[ cut here ]------------ <4>[ 168.763267] WARNING: CPU: 0 PID: 2091 at mm/slub.c:4655 kmem_cache_free+0x314/0x3c0 <4>[ 168.771152] virt_to_cache: Object is not a Slab page! <4>[ 168.776506] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 168.815110] CPU: 0 UID: 0 PID: 2091 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 168.824126] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 168.829379] Hardware name: STM32 (Device Tree Support) <4>[ 168.834729] Call trace: <4>[ 168.834746] unwind_backtrace from show_stack+0x18/0x1c <4>[ 168.843053] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 168.848423] dump_stack_lvl from __warn+0x84/0x134 <4>[ 168.853500] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 168.858880] warn_slowpath_fmt from kmem_cache_free+0x314/0x3c0 <4>[ 168.865068] kmem_cache_free from lkdtm_SLAB_FREE_PAGE+0x34/0x44 <4>[ 168.871351] lkdtm_SLAB_FREE_PAGE from lkdtm_do_action+0x24/0x4c <4>[ 168.877622] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 168.883388] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 168.889156] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 168.894631] vfs_write from ksys_write+0x78/0xf8 <4>[ 168.899509] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 168.904881] Exception stack(0xf1a39fa8 to 0xf1a39ff0) <4>[ 168.910241] 9fa0: 0000000f 0000000f 00000001 b6da8000 0000000f 00000001 <4>[ 168.918714] 9fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6da8000 00020000 0049fe38 <4>[ 168.927183] 9fe0: 00000004 bee78788 b6e6e33b b6de7616 <4>[ 168.932747] ---[ end trace 0000000000000000 ]--- # [ 168.748681] lkdtm: Performing direct entry SLAB_FREE_PAGE # [ 168.753102] lkdtm: Attempting non-Slab slab free ... # [ 168.758870] ------------[ cut here ]------------ # [ 168.763267] WARNING: CPU: 0 PID: 2091 at mm/slub.c:4655 kmem_cache_free+0x314/0x3c0 # [ 168.771152] virt_to_cache: Object is not a Slab page! # [ 168.776506] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 168.815110] CPU: 0 UID: 0 PID: 2091 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 168.824126] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 168.829379] Hardware name: STM32 (Device Tree Support) # [ 168.834729] Call trace: # [ 168.834746] unwind_backtrace from show_stack+0x18/0x1c # [ 168.843053] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 168.848423] dump_stack_lvl from __warn+0x84/0x134 # [ 168.853500] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 168.858880] warn_slowpath_fmt from kmem_cache_free+0x314/0x3c0 # [ 168.865068] kmem_cache_free from lkdtm_SLAB_FREE_PAGE+0x34/0x44 # [ 168.871351] lkdtm_SLAB_FREE_PAGE from lkdtm_do_action+0x24/0x4c # [ 168.877622] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 168.883388] direct_entry from full_proxy_write+0x5c/0x8c # [ 168.889156] full_proxy_write from vfs_write+0xbc/0x3cc # [ 168.894631] vfs_write from ksys_write+0x78/0xf8 # [ 168.899509] ksys_write from ret_fast_syscall+0x0/0x1c # [ 168.904881] Exception stack(0xf1a39fa8 to 0xf1a39ff0) # [ 168.910241] 9fa0: 0000000f 0000000f 00000001 b6da8000 0000000f 00000001 # [ 168.918714] 9fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6da8000 00020000 0049fe38 # [ 168.927183] 9fe0: 00000004 bee78788 b6e6e33b b6de7616 # [ 168.932747] ---[ end trace 0000000000000000 ]--- # SLAB_FREE_PAGE: saw 'call trace:': ok ok 31 selftests: lkdtm: SLAB_FREE_PAGE.sh # timeout set to 45 # selftests: lkdtm: SOFTLOCKUP.sh # Skipping SOFTLOCKUP: Hangs the system ok 32 selftests: lkdtm: SOFTLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: HARDLOCKUP.sh # Skipping HARDLOCKUP: Hangs the system ok 33 selftests: lkdtm: HARDLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: SMP_CALL_LOCKUP.sh # Skipping SMP_CALL_LOCKUP: Hangs the system ok 34 selftests: lkdtm: SMP_CALL_LOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: SPINLOCKUP.sh # Skipping SPINLOCKUP: Hangs the system ok 35 selftests: lkdtm: SPINLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: HUNG_TASK.sh # Skipping HUNG_TASK: Hangs the system ok 36 selftests: lkdtm: HUNG_TASK.sh # SKIP # timeout set to 45 # selftests: lkdtm: EXEC_DATA.sh <6>[ 173.635990] lkdtm: Performing direct entry EXEC_DATA <6>[ 173.640013] lkdtm: attempting ok execution at c0df7aa0 <6>[ 173.645353] lkdtm: attempting bad execution at c2803368 <1>[ 173.651428] 8<--- cut here --- <1>[ 173.654089] Unable to handle kernel paging request at virtual address c2803368 when execute <1>[ 173.662766] [c2803368] *pgd=c281141e(bad) <0>[ 173.667035] Internal error: Oops: 8000000d [#6] SMP ARM <4>[ 173.672594] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 173.710695] CPU: 1 UID: 0 PID: 2305 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 173.720287] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 173.725534] Hardware name: STM32 (Device Tree Support) <4>[ 173.730981] PC is at data_area+0x0/0x40 <4>[ 173.735043] LR is at execute_location+0x9c/0xac <4>[ 173.739804] pc : [] lr : [] psr: 60080013 <4>[ 173.746361] sp : f1b75eb0 ip : 00000000 fp : 004bfe38 <4>[ 173.751911] r10: c56497c0 r9 : f1b75f80 r8 : c2687f50 <4>[ 173.757462] r7 : f1b75f80 r6 : 00000001 r5 : c2803368 r4 : c0df7aa0 <4>[ 173.764221] r3 : c8c80a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 173.771080] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 173.778444] Control: 10c5387d Table: c8a5406a DAC: 00000051 <1>[ 173.784495] Register r0 information: non-paged memory <1>[ 173.789854] Register r1 information: NULL pointer <1>[ 173.794807] Register r2 information: NULL pointer <1>[ 173.799759] Register r3 information: slab task_struct start c8c80a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 173.813533] copy_process+0x1f4/0x1f64 <6>[ 173.817790] kernel_clone+0xac/0x388 <6>[ 173.821945] sys_clone+0x78/0x9c <6>[ 173.825697] ret_fast_syscall+0x0/0x1c <4>[ 173.829948] Free path: <6>[ 173.832678] rcu_core+0x2dc/0xb14 <6>[ 173.836531] handle_softirqs+0x15c/0x430 <6>[ 173.840988] irq_exit+0xac/0xd4 <6>[ 173.844638] __irq_svc+0x8c/0xb8 <6>[ 173.848385] default_idle_call+0x20/0xc0 <6>[ 173.852841] do_idle+0x25c/0x2f4 <6>[ 173.856591] cpu_startup_entry+0x30/0x34 <6>[ 173.861044] rest_init+0xd4/0xd8 <6>[ 173.864794] start_kernel+0x744/0x764 <1>[ 173.869050] Register r4 information: non-slab/vmalloc memory <1>[ 173.875011] Register r5 information: non-slab/vmalloc memory <1>[ 173.880870] Register r6 information: non-paged memory <1>[ 173.886227] Register r7 information: 2-page vmalloc region starting at 0xf1b74000 allocated at kernel_clone+0xac/0x388 <1>[ 173.897257] Register r8 information: non-slab/vmalloc memory <1>[ 173.903227] Register r9 information: 2-page vmalloc region starting at 0xf1b74000 allocated at kernel_clone+0xac/0x388 <1>[ 173.914238] Register r10 information: slab kmalloc-192 start c5649780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 173.928104] full_proxy_open+0x124/0x24c <6>[ 173.932554] do_dentry_open+0x144/0x4dc <6>[ 173.936909] vfs_open+0x2c/0xec <6>[ 173.940559] path_openat+0x748/0x1198 <6>[ 173.944811] do_filp_open+0x98/0x134 <6>[ 173.948861] do_sys_openat2+0xbc/0xe4 <6>[ 173.953115] sys_openat+0x98/0xd4 <6>[ 173.956966] ret_fast_syscall+0x0/0x1c <4>[ 173.961217] Free path: <6>[ 173.963946] __free_slab+0xdc/0xec <6>[ 173.967903] kmem_cache_free_bulk.part.0+0x2e0/0x364 <6>[ 173.973370] kvfree_rcu_bulk+0x208/0x284 <6>[ 173.977829] kfree_rcu_monitor+0x1e0/0x2cc <6>[ 173.982484] process_one_work+0x1b8/0x450 <6>[ 173.987039] worker_thread+0x1d4/0x3c4 <6>[ 173.991291] kthread+0xe8/0x104 <6>[ 173.994939] ret_from_fork+0x14/0x28 <1>[ 173.999088] Register r11 information: non-paged memory <1>[ 174.004446] Register r12 information: NULL pointer <0>[ 174.009500] Process cat (pid: 2305, stack limit = 0xf1b74000) <0>[ 174.015561] Stack: (0xf1b75eb0 to 0xf1b76000) <0>[ 174.020228] 5ea0: 0000000a c884c000 00000000 c0df61c8 <0>[ 174.028716] 5ec0: 0000000a c0df65ac c0df6490 c5443440 b6e58000 0000000a c3824260 c08910e8 <0>[ 174.037201] 5ee0: c5443440 c089108c f1b75f80 b6e58000 c8c80a40 0000000a c56497c0 c0628870 <0>[ 174.045687] 5f00: c8a56db8 00000000 00000000 00000000 00000000 0000000a b6e58000 0001fff6 <0>[ 174.054166] 5f20: 00000001 00000000 c5443a40 00000000 00000000 00000000 00000000 00000000 <0>[ 174.062641] 5f40: 00000000 00000000 00000000 00000000 00000022 bdcc029a 00000000 c5443440 <0>[ 174.071115] 5f60: c5443440 00000000 00000000 c03002f0 c8c80a40 00000004 004bfe38 c0628dcc <0>[ 174.079588] 5f80: 00000000 00000000 00000000 bdcc029a 000000c0 0000000a 0000000a 7ff00000 <0>[ 174.088063] 5fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e58000 0000000a 00000001 <0>[ 174.096539] 5fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e58000 00020000 004bfe38 <0>[ 174.105013] 5fe0: 00000004 bee5f788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 <0>[ 174.113479] Call trace: <0>[ 174.113496] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 174.122208] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 174.127977] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 174.133647] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 174.139126] vfs_write from ksys_write+0x78/0xf8 <0>[ 174.144002] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 174.149473] Exception stack(0xf1b75fa8 to 0xf1b75ff0) <0>[ 174.154831] 5fa0: 0000000a 0000000a 00000001 b6e58000 0000000a 00000001 <0>[ 174.163307] 5fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e58000 00020000 004bfe38 <0>[ 174.171779] 5fe0: 00000004 bee5f788 b6f1e33b b6e97616 <0>[ 174.177038] Code: 00000002 c61a7f40 c67c2040 c61a7e40 (e52de004) <4>[ 174.183496] ---[ end trace 0000000000000000 ]--- <6>[ 174.188345] note: cat[2305] exited with irqs disabled # Segmentation fault # [ 173.635990] lkdtm: Performing direct entry EXEC_DATA # [ 173.640013] lkdtm: attempting ok execution at c0df7aa0 # [ 173.645353] lkdtm: attempting bad execution at c2803368 # [ 173.651428] 8<--- cut here --- # [ 173.654089] Unable to handle kernel paging request at virtual address c2803368 when execute # [ 173.662766] [c2803368] *pgd=c281141e(bad) # [ 173.667035] Internal error: Oops: 8000000d [#6] SMP ARM # [ 173.672594] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 173.710695] CPU: 1 UID: 0 PID: 2305 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 173.720287] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 173.725534] Hardware name: STM32 (Device Tree Support) # [ 173.730981] PC is at data_area+0x0/0x40 # [ 173.735043] LR is at execute_location+0x9c/0xac # [ 173.739804] pc : [] lr : [] psr: 60080013 # [ 173.746361] sp : f1b75eb0 ip : 00000000 fp : 004bfe38 # [ 173.751911] r10: c56497c0 r9 : f1b75f80 r8 : c2687f50 # [ 173.757462] r7 : f1b75f80 r6 : 00000001 r5 : c2803368 r4 : c0df7aa0 # [ 173.764221] r3 : c8c80a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 173.771080] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 173.778444] Control: 10c5387d Table: c8a5406a DAC: 00000051 # [ 173.784495] Register r0 information: non-paged memory # [ 173.789854] Register r1 information: NULL pointer # [ 173.794807] Register r2 information: NULL pointer # [ 173.799759] Register r3 information: slab task_struct start c8c80a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 173.813533] copy_process+0x1f4/0x1f64 # [ 173.817790] kernel_clone+0xac/0x388 # [ 173.821945] sys_clone+0x78/0x9c # [ 173.825697] ret_fast_syscall+0x0/0x1c # [ 173.829948] Free path: # [ 173.832678] rcu_core+0x2dc/0xb14 # [ 173.836531] handle_softirqs+0x15c/0x430 # [ 173.840988] irq_exit+0xac/0xd4 # [ 173.844638] __irq_svc+0x8c/0xb8 # [ 173.848385] default_idle_call+0x20/0xc0 # [ 173.852841] do_idle+0x25c/0x2f4 # [ 173.856591] cpu_startup_entry+0x30/0x34 # [ 173.861044] rest_init+0xd4/0xd8 # [ 173.864794] start_kernel+0x744/0x764 # [ 173.869050] Register r4 information: non-slab/vmalloc memory # [ 173.875011] Register r5 information: non-slab/vmalloc memory # [ 173.880870] Register r6 information: non-paged memory # [ 173.886227] Register r7 information: 2-page vmalloc region starting at 0xf1b74000 allocated at kernel_clone+0xac/0x388 # [ 173.897257] Register r8 information: non-slab/vmalloc memory # [ 173.903227] Register r9 information: 2-page vmalloc region starting at 0xf1b74000 allocated at kernel_clone+0xac/0x388 # [ 173.914238] Register r10 information: slab kmalloc-192 start c5649780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 173.928104] full_proxy_open+0x124/0x24c # [ 173.932554] do_dentry_open+0x144/0x4dc # [ 173.936909] vfs_open+0x2c/0xec # [ 173.940559] path_openat+0x748/0x1198 # [ 173.944811] do_filp_open+0x98/0x134 # [ 173.948861] do_sys_openat2+0xbc/0xe4 # [ 173.953115] sys_openat+0x98/0xd4 # [ 173.956966] ret_fast_syscall+0x0/0x1c # [ 173.961217] Free path: # [ 173.963946] __free_slab+0xdc/0xec # [ 173.967903] kmem_cache_free_bulk.part.0+0x2e0/0x364 # [ 173.973370] kvfree_rcu_bulk+0x208/0x284 # [ 173.977829] kfree_rcu_monitor+0x1e0/0x2cc # [ 173.982484] process_one_work+0x1b8/0x450 # [ 173.987039] worker_thread+0x1d4/0x3c4 # [ 173.991291] kthread+0xe8/0x104 # [ 173.994939] ret_from_fork+0x14/0x28 # [ 173.999088] Register r11 information: non-paged memory # [ 174.004446] Register r12 information: NULL pointer # [ 174.009500] Process cat (pid: 2305, stack limit = 0xf1b74000) # [ 174.015561] Stack: (0xf1b75eb0 to 0xf1b76000) # [ 174.020228] 5ea0: 0000000a c884c000 00000000 c0df61c8 # [ 174.028716] 5ec0: 0000000a c0df65ac c0df6490 c5443440 b6e58000 0000000a c3824260 c08910e8 # [ 174.037201] 5ee0: c5443440 c089108c f1b75f80 b6e58000 c8c80a40 0000000a c56497c0 c0628870 # [ 174.045687] 5f00: c8a56db8 00000000 00000000 00000000 00000000 0000000a b6e58000 0001fff6 # [ 174.054166] 5f20: 00000001 00000000 c5443a40 00000000 00000000 00000000 00000000 00000000 # [ 174.062641] 5f40: 00000000 00000000 00000000 00000000 00000022 bdcc029a 00000000 c5443440 # [ 174.071115] 5f60: c5443440 00000000 00000000 c03002f0 c8c80a40 00000004 004bfe38 c0628dcc # [ 174.079588] 5f80: 00000000 00000000 00000000 bdcc029a 000000c0 0000000a 0000000a 7ff00000 # [ 174.088063] 5fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e58000 0000000a 00000001 # [ 174.096539] 5fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e58000 00020000 004bfe38 # [ 174.105013] 5fe0: 00000004 bee5f788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 # [ 174.113479] Call trace: # [ 174.113496] execute_location from lkdtm_do_action+0x24/0x4c # [ 174.122208] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 174.127977] direct_entry from full_proxy_write+0x5c/0x8c # [ 174.133647] full_proxy_write from vfs_write+0xbc/0x3cc # [ 174.139126] vfs_write from ksys_write+0x78/0xf8 # [ 174.144002] ksys_write from ret_fast_syscall+0x0/0x1c # [ 174.149473] Exception stack(0xf1b75fa8 to 0xf1b75ff0) # [ 174.154831] 5fa0: 0000000a 0000000a 00000001 b6e58000 0000000a 00000001 # [ 174.163307] 5fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e58000 00020000 004bfe38 # [ 174.171779] 5fe0: 00000004 bee5f788 b6f1e33b b6e97616 # [ 174.177038] Code: 00000002 c61a7f40 c67c2040 c61a7e40 (e52de004) # [ 174.183496] ---[ end trace 0000000000000000 ]--- # [ 174.188345] note: cat[2305] exited with irqs disabled # EXEC_DATA: saw 'call trace:': ok ok 37 selftests: lkdtm: EXEC_DATA.sh # timeout set to 45 # selftests: lkdtm: EXEC_STACK.sh <6>[ 175.942015] lkdtm: Performing direct entry EXEC_STACK <6>[ 175.946139] lkdtm: attempting ok execution at c0df7aa0 <6>[ 175.951570] lkdtm: attempting bad execution at f1bd9e74 <1>[ 175.957061] 8<--- cut here --- <1>[ 175.960312] Unable to handle kernel execution of memory at virtual address f1bd9e74 when execute <1>[ 175.969381] [f1bd9e74] *pgd=c8ae4811, *pte=f897c65f, *ppte=f897c45f <0>[ 175.975966] Internal error: Oops: 8000000f [#7] SMP ARM <4>[ 175.981351] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 176.019467] CPU: 1 UID: 0 PID: 2387 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 176.029069] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 176.034317] Hardware name: STM32 (Device Tree Support) <4>[ 176.039766] PC is at 0xf1bd9e74 <4>[ 176.043121] LR is at execute_location+0x9c/0xac <4>[ 176.047987] pc : [] lr : [] psr: 60080013 <4>[ 176.054545] sp : f1bd9e60 ip : 00000000 fp : 0049fe38 <4>[ 176.059996] r10: c5649680 r9 : f1bd9f80 r8 : c2687f58 <4>[ 176.065547] r7 : f1bd9f80 r6 : 00000001 r5 : f1bd9e74 r4 : c0df7aa0 <4>[ 176.072306] r3 : c5204640 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 176.079166] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 176.086534] Control: 10c5387d Table: c57cc06a DAC: 00000051 <1>[ 176.092589] Register r0 information: non-paged memory <1>[ 176.097953] Register r1 information: NULL pointer <1>[ 176.102907] Register r2 information: NULL pointer <1>[ 176.107860] Register r3 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 176.121642] copy_process+0x1f4/0x1f64 <6>[ 176.125900] kernel_clone+0xac/0x388 <6>[ 176.130056] sys_clone+0x78/0x9c <6>[ 176.133808] ret_fast_syscall+0x0/0x1c <4>[ 176.138059] Free path: <6>[ 176.140789] rcu_core+0x2dc/0xb14 <6>[ 176.144643] handle_softirqs+0x15c/0x430 <6>[ 176.149099] irq_exit+0xac/0xd4 <6>[ 176.152750] call_with_stack+0x18/0x20 <6>[ 176.157006] __irq_svc+0x9c/0xb8 <6>[ 176.160753] copy_page_from_iter+0xd0/0x130 <6>[ 176.165510] pipe_write+0x10c/0x5ec <6>[ 176.169470] vfs_write+0x328/0x3cc <6>[ 176.173428] ksys_write+0xc4/0xf8 <6>[ 176.177283] ret_fast_syscall+0x0/0x1c <1>[ 176.181533] Register r4 information: non-slab/vmalloc memory <1>[ 176.187496] Register r5 information: 2-page vmalloc region starting at 0xf1bd8000 allocated at kernel_clone+0xac/0x388 <1>[ 176.198509] Register r6 information: non-paged memory <1>[ 176.203865] Register r7 information: 2-page vmalloc region starting at 0xf1bd8000 allocated at kernel_clone+0xac/0x388 <1>[ 176.214873] Register r8 information: non-slab/vmalloc memory <1>[ 176.220833] Register r9 information: 2-page vmalloc region starting at 0xf1bd8000 allocated at kernel_clone+0xac/0x388 <1>[ 176.231838] Register r10 information: slab kmalloc-192 start c5649640 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 176.245701] full_proxy_open+0x124/0x24c <6>[ 176.250155] do_dentry_open+0x144/0x4dc <6>[ 176.254509] vfs_open+0x2c/0xec <6>[ 176.258160] path_openat+0x748/0x1198 <6>[ 176.262415] do_filp_open+0x98/0x134 <6>[ 176.266473] do_sys_openat2+0xbc/0xe4 <6>[ 176.270742] sys_openat+0x98/0xd4 <6>[ 176.274507] ret_fast_syscall+0x0/0x1c <4>[ 176.278871] Free path: <6>[ 176.281512] __free_slab+0xdc/0xec <6>[ 176.285485] kmem_cache_free_bulk.part.0+0x2e0/0x364 <6>[ 176.290960] kvfree_rcu_bulk+0x208/0x284 <6>[ 176.295425] kfree_rcu_monitor+0x1e0/0x2cc <6>[ 176.300091] process_one_work+0x1b8/0x450 <6>[ 176.304555] worker_thread+0x1d4/0x3c4 <6>[ 176.308910] kthread+0xe8/0x104 <6>[ 176.312560] ret_from_fork+0x14/0x28 <1>[ 176.316709] Register r11 information: non-paged memory <1>[ 176.322071] Register r12 information: NULL pointer <0>[ 176.327126] Process cat (pid: 2387, stack limit = 0xf1bd8000) <0>[ 176.333186] Stack: (0xf1bd9e60 to 0xf1bda000) <0>[ 176.337847] 9e60: 0000000b c8b42000 00000000 c16d4788 c23d2b40 e52de004 e28dd004 e12fff1e <0>[ 176.346325] 9e80: e92d4010 e52de004 e28dd004 e3a00040 ebdf899b e3a01001 e1a04000 eb2372e9 <0>[ 176.354801] 9ea0: e1a00004 e8bd4010 eadf8671 e92d4010 e52de004 960ad96f c1f9c948 c0df61c8 <0>[ 176.363275] 9ec0: 0000000b c0df65ac c0df6490 c52cdb40 b6db8000 0000000b c3824260 c08910e8 <0>[ 176.371750] 9ee0: c52cdb40 c089108c f1bd9f80 b6db8000 c5204640 0000000b c5649680 c0628870 <0>[ 176.380224] 9f00: c57cedb0 00000000 00000000 00000000 00000000 0000000b b6db8000 0001fff5 <0>[ 176.388696] 9f20: 00000001 00000000 c52cdc40 00000000 00000000 00000000 00000000 00000000 <0>[ 176.397170] 9f40: 00000000 00000000 00000000 00000000 00000022 960ad96f 00000000 c52cdb40 <0>[ 176.405643] 9f60: c52cdb40 00000000 00000000 c03002f0 c5204640 00000004 0049fe38 c0628dcc <0>[ 176.414116] 9f80: 00000000 00000000 00000000 960ad96f 000000c0 0000000b 0000000b 7ff00000 <0>[ 176.422589] 9fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6db8000 0000000b 00000001 <0>[ 176.431062] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6db8000 00020000 0049fe38 <0>[ 176.439536] 9fe0: 00000004 bed08788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 <0>[ 176.448001] Call trace: <0>[ 176.448018] execute_location from lkdtm_EXEC_STACK+0x3c/0x60 <0>[ 176.456829] lkdtm_EXEC_STACK from lkdtm_do_action+0x24/0x4c <0>[ 176.462807] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 176.468575] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 176.474243] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 176.479720] vfs_write from ksys_write+0x78/0xf8 <0>[ 176.484597] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 176.490072] Exception stack(0xf1bd9fa8 to 0xf1bd9ff0) <0>[ 176.495330] 9fa0: 0000000b 0000000b 00000001 b6db8000 0000000b 00000001 <0>[ 176.503806] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6db8000 00020000 0049fe38 <0>[ 176.512275] 9fe0: 00000004 bed08788 b6e7e33b b6df7616 <0>[ 176.517633] Code: c8b42000 00000000 c16d4788 c23d2b40 (e52de004) <4>[ 176.524154] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 175.942015] lkdtm: Performing direct entry EXEC_STACK # [ 175.946139] lkdtm: attempting ok execution at c0df7aa0 # [ 175.951570] lkdtm: attempting bad execution at f1bd9e74 # [ 175.957061] 8<--- cut here --- # [ 175.960312] Unable to handle kernel execution of memory at virtual address f1bd9e74 when execute # [ 175.969381] [f1bd9e74] *pgd=c8ae4811, *pte=f897c65f, *ppte=f897c45f # [ 175.975966] Internal error: Oops: 8000000f [#7] SMP ARM # [ 175.981351] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 176.019467] CPU: 1 UID: 0 PID: 2387 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 176.029069] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 176.034317] Hardware name: STM32 (Device Tree Support) # [ 176.039766] PC is at 0xf1bd9e74 # [ 176.043121] LR is at execute_location+0x9c/0xac # [ 176.047987] pc : [] lr : [] psr: 60080013 # [ 176.054545] sp : f1bd9e60 ip : 00000000 fp : 0049fe38 # [ 176.059996] r10: c5649680 r9 : f1bd9f80 r8 : c2687f58 # [ 176.065547] r7 : f1bd9f80 r6 : 00000001 r5 : f1bd9e74 r4 : c0df7aa0 # [ 176.072306] r3 : c5204640 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 176.079166] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 176.086534] Control: 10c5387d Table: c57cc06a DAC: 00000051 # [ 176.092589] Register r0 information: non-paged memory # [ 176.097953] Register r1 information: NULL pointer # [ 176.102907] Register r2 information: NULL pointer # [ 176.107860] Register r3 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 176.121642] copy_process+0x1f4/0x1f64 # [ 176.125900] kernel_clone+0xac/0x388 # [ 176.130056] sys_clone+0x78/0x9c # [ 176.133808] ret_fast_syscall+0x0/0x1c # [ 176.138059] Free path: # [ 176.140789] rcu_core+0x2dc/0xb14 # [ 176.144643] handle_softirqs+0x15c/0x430 # [ 176.149099] irq_exit+0xac/0xd4 # [ 176.152750] call_with_stack+0x18/0x20 # [ 176.157006] __irq_svc+0x9c/0xb8 # [ 176.160753] copy_page_from_iter+0xd0/0x130 # [ 176.165510] pipe_write+0x10c/0x5ec # [ 176.169470] vfs_write+0x328/0x3cc # [ 176.173428] ksys_write+0xc4/0xf8 # [ 176.177283] ret_fast_syscall+0x0/0x1c # [ 176.181533] Register r4 information: non-slab/vmalloc memory # [ 176.187496] Register r5 information: 2-page vmalloc region starting at 0xf1bd8000 allocated at kernel_clone+0xac/0x388 # [ 176.198509] Register r6 information: non-paged memory # [ 176.203865] Register r7 information: 2-page vmalloc region starting at 0xf1bd8000 allocated at kernel_clone+0xac/0x388 # [ 176.214873] Register r8 information: non-slab/vmalloc memory # [ 176.220833] Register r9 information: 2-page vmalloc region starting at 0xf1bd8000 allocated at kernel_clone+0xac/0x388 # [ 176.231838] Register r10 information: slab kmalloc-192 start c5649640 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 176.245701] full_proxy_open+0x124/0x24c # [ 176.250155] do_dentry_open+0x144/0x4dc # [ 176.254509] vfs_open+0x2c/0xec # [ 176.258160] path_openat+0x748/0x1198 # [ 176.262415] do_filp_open+0x98/0x134 # [ 176.266473] do_sys_openat2+0xbc/0xe4 # [ 176.270742] sys_openat+0x98/0xd4 # [ 176.274507] ret_fast_syscall+0x0/0x1c # [ 176.278871] Free path: # [ 176.281512] __free_slab+0xdc/0xec # [ 176.285485] kmem_cache_free_bulk.part.0+0x2e0/0x364 # [ 176.290960] kvfree_rcu_bulk+0x208/0x284 # [ 176.295425] kfree_rcu_monitor+0x1e0/0x2cc # [ 176.300091] process_one_work+0x1b8/0x450 # [ 176.304555] worker_thread+0x1d4/0x3c4 # [ 176.308910] kthread+0xe8/0x104 # [ 176.312560] ret_from_fork+0x14/0x28 # [ 176.316709] Register r11 information: non-paged memory # [ 176.322071] Register r12 information: NULL pointer # [ 176.327126] Process cat (pid: 2387, stack limit = 0xf1bd8000) # [ 176.333186] Stack: (0xf1bd9e60 to 0xf1bda000) # [ 176.337847] 9e60: 0000000b c8b42000 00000000 c16d4788 c23d2b40 e52de004 e28dd004 e12fff1e # [ 176.346325] 9e80: e92d4010 e52de004 e28dd004 e3a00040 ebdf899b e3a01001 e1a04000 eb2372e9 # [ 176.354801] 9ea0: e1a00004 e8bd4010 eadf8671 e92d4010 e52de004 960ad96f c1f9c948 c0df61c8 # [ 176.363275] 9ec0: 0000000b c0df65ac c0df6490 c52cdb40 b6db8000 0000000b c3824260 c08910e8 # [ 176.371750] 9ee0: c52cdb40 c089108c f1bd9f80 b6db8000 c5204640 0000000b c5649680 c0628870 # [ 176.380224] 9f00: c57cedb0 00000000 00000000 00000000 00000000 0000000b b6db8000 0001fff5 # [ 176.388696] 9f20: 00000001 00000000 c52cdc40 00000000 00000000 00000000 00000000 00000000 # [ 176.397170] 9f40: 00000000 00000000 00000000 00000000 00000022 960ad96f 00000000 c52cdb40 # [ 176.405643] 9f60: c52cdb40 00000000 00000000 c03002f0 c5204640 00000004 0049fe38 c0628dcc # [ 176.414116] 9f80: 00000000 00000000 00000000 960ad96f 000000c0 0000000b 0000000b 7ff00000 # [ 176.422589] 9fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6db8000 0000000b 00000001 # [ 176.431062] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6db8000 00020000 0049fe38 # [ 176.439536] 9fe0: 00000004 bed08788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 # [ 176.448001] Call trace: # [ 176.448018] execute_location from lkdtm_EXEC_STACK+0x3c/0x60 # [ 176.456829] lkdtm_EXEC_STACK from lkdtm_do_action+0x24/0x4c # [ 176.462807] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 176.468575] direct_entry from full_proxy_write+0x5c/0x8c # [ 176.474243] full_proxy_write from vfs_write+0xbc/0x3cc # [ 176.479720] vfs_write from ksys_write+0x78/0xf8 # [ 176.484597] ksys_write from ret_fast_syscall+0x0/0x1c # [ 176.490072] Exception stack(0xf1bd9fa8 to 0xf1bd9ff0) # [ 176.495330] 9fa0: 0000000b 0000000b 00000001 b6db8000 0000000b 00000001 # [ 176.503806] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6db8000 00020000 0049fe38 # [ 176.512275] 9fe0: 00000004 bed08788 b6e7e33b b6df7616 # [ 176.517633] Code: c8b42000 00000000 c16d4788 c23d2b40 (e52de004) # [ 176.524154] ---[ end trace 0000000000000000 ]--- # EXEC_STACK: saw 'call trace:': ok ok 38 selftests: lkdtm: EXEC_STACK.sh # timeout set to 45 # selftests: lkdtm: EXEC_KMALLOC.sh <6>[ 178.328134] lkdtm: Performing direct entry EXEC_KMALLOC <6>[ 178.332431] lkdtm: attempting ok execution at c0df7aa0 <6>[ 178.338417] lkdtm: attempting bad execution at c6891640 <1>[ 178.343520] 8<--- cut here --- <1>[ 178.346581] Unable to handle kernel paging request at virtual address c6891640 when execute <1>[ 178.355253] [c6891640] *pgd=c681141e(bad) <0>[ 178.359522] Internal error: Oops: 8000000d [#8] SMP ARM <4>[ 178.365077] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 178.403169] CPU: 1 UID: 0 PID: 2471 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 178.412757] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 178.418002] Hardware name: STM32 (Device Tree Support) <4>[ 178.423449] PC is at 0xc6891640 <4>[ 178.426799] LR is at execute_location+0x9c/0xac <4>[ 178.431662] pc : [] lr : [] psr: 60080013 <4>[ 178.438118] sp : f1c3dea8 ip : 00000000 fp : 0048fe38 <4>[ 178.443670] r10: c5649680 r9 : f1c3df80 r8 : c2687f60 <4>[ 178.449224] r7 : f1c3df80 r6 : 00000001 r5 : c6891640 r4 : c0df7aa0 <4>[ 178.455986] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 178.462848] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 178.470217] Control: 10c5387d Table: c897c06a DAC: 00000051 <1>[ 178.476269] Register r0 information: non-paged memory <1>[ 178.481632] Register r1 information: NULL pointer <1>[ 178.486586] Register r2 information: NULL pointer <1>[ 178.491537] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 178.505317] copy_process+0x1f4/0x1f64 <6>[ 178.509574] kernel_clone+0xac/0x388 <6>[ 178.513629] sys_clone+0x78/0x9c <6>[ 178.517381] ret_fast_syscall+0x0/0x1c <4>[ 178.521732] Free path: <6>[ 178.524362] rcu_core+0x2dc/0xb14 <6>[ 178.528215] handle_softirqs+0x15c/0x430 <6>[ 178.532674] irq_exit+0xac/0xd4 <6>[ 178.536425] call_with_stack+0x18/0x20 <6>[ 178.540681] __irq_svc+0x9c/0xb8 <6>[ 178.544428] queue_work_on+0x44/0xc0 <6>[ 178.548482] rpc_wake_up_queued_task_set_status+0x60/0x7c <6>[ 178.554448] xprt_transmit+0x2c4/0x4a0 <6>[ 178.558709] call_transmit+0x80/0x8c <6>[ 178.562861] __rpc_execute+0xc8/0x5d0 <6>[ 178.567013] rpc_async_schedule+0x24/0x40 <6>[ 178.571567] process_one_work+0x1b8/0x450 <6>[ 178.576120] worker_thread+0x1d4/0x3c4 <6>[ 178.580473] kthread+0xe8/0x104 <6>[ 178.584121] ret_from_fork+0x14/0x28 <1>[ 178.588169] Register r4 information: non-slab/vmalloc memory <1>[ 178.594131] Register r5 information: slab kmalloc-64 start c6891600 data offset 64 pointer offset 0 size 64 allocated at lkdtm_EXEC_KMALLOC+0x24/0x3c <6>[ 178.607893] lkdtm_EXEC_KMALLOC+0x24/0x3c <6>[ 178.612448] lkdtm_do_action+0x24/0x4c <6>[ 178.616699] direct_entry+0x11c/0x140 <6>[ 178.620850] full_proxy_write+0x5c/0x8c <6>[ 178.625202] vfs_write+0xbc/0x3cc <6>[ 178.629060] ksys_write+0x78/0xf8 <6>[ 178.632916] ret_fast_syscall+0x0/0x1c <4>[ 178.637267] Free path: <6>[ 178.639898] rcu_core+0x2dc/0xb14 <6>[ 178.643748] handle_softirqs+0x15c/0x430 <6>[ 178.648203] irq_exit+0xac/0xd4 <6>[ 178.651953] call_with_stack+0x18/0x20 <6>[ 178.656206] __irq_svc+0x9c/0xb8 <6>[ 178.659953] privileged_wrt_inode_uidgid+0x48/0x74 <6>[ 178.665308] generic_permission+0xd8/0x22c <6>[ 178.669869] proc_fd_permission+0x1c/0x5c <6>[ 178.674422] inode_permission+0xd4/0x188 <6>[ 178.678872] path_openat+0xce4/0x1198 <6>[ 178.683123] do_filp_open+0x98/0x134 <6>[ 178.687173] do_sys_openat2+0xbc/0xe4 <6>[ 178.691427] sys_openat+0x98/0xd4 <6>[ 178.695278] ret_fast_syscall+0x0/0x1c <1>[ 178.699527] Register r6 information: non-paged memory <1>[ 178.704883] Register r7 information: 2-page vmalloc region starting at 0xf1c3c000 allocated at kernel_clone+0xac/0x388 <1>[ 178.715892] Register r8 information: non-slab/vmalloc memory <1>[ 178.721851] Register r9 information: 2-page vmalloc region starting at 0xf1c3c000 allocated at kernel_clone+0xac/0x388 <1>[ 178.732856] Register r10 information: slab kmalloc-192 start c5649640 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 178.746713] full_proxy_open+0x124/0x24c <6>[ 178.751163] do_dentry_open+0x144/0x4dc <6>[ 178.755516] vfs_open+0x2c/0xec <6>[ 178.759166] path_openat+0x748/0x1198 <6>[ 178.763421] do_filp_open+0x98/0x134 <6>[ 178.767485] do_sys_openat2+0xbc/0xe4 <6>[ 178.771754] sys_openat+0x98/0xd4 <6>[ 178.775519] ret_fast_syscall+0x0/0x1c <4>[ 178.779885] Free path: <6>[ 178.782525] full_proxy_release+0x78/0xc0 <6>[ 178.787090] __fput+0xdc/0x2e8 <6>[ 178.790647] task_work_run+0x98/0xc8 <6>[ 178.794809] do_exit+0x374/0xa1c <6>[ 178.798567] do_group_exit+0x40/0x8c <6>[ 178.802628] pid_child_should_wake+0x0/0x94 <1>[ 178.807393] Register r11 information: non-paged memory <1>[ 178.812757] Register r12 information: NULL pointer <0>[ 178.817812] Process cat (pid: 2471, stack limit = 0xf1c3c000) <0>[ 178.823870] Stack: (0xf1c3dea8 to 0xf1c3e000) <0>[ 178.828526] dea0: c6891640 c57d7000 00000000 c0df7b08 0000000d c0df61c8 <0>[ 178.837000] dec0: 0000000d c0df65ac c0df6490 c5443a40 b6e48000 0000000d c3824260 c08910e8 <0>[ 178.845476] dee0: c5443a40 c089108c f1c3df80 b6e48000 c5205040 0000000d c5649680 c0628870 <0>[ 178.853951] df00: c897edb8 00000000 00000000 00000000 00000000 0000000d b6e48000 0001fff3 <0>[ 178.862425] df20: 00000001 00000000 c5443840 00000000 00000000 00000000 00000000 00000000 <0>[ 178.870898] df40: 00000000 00000000 00000000 00000000 00000022 5b71722f 00000000 c5443a40 <0>[ 178.879372] df60: c5443a40 00000000 00000000 c03002f0 c5205040 00000004 0048fe38 c0628dcc <0>[ 178.887845] df80: 00000000 00000000 00000000 5b71722f 000000c0 0000000d 0000000d 7ff00000 <0>[ 178.896318] dfa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6e48000 0000000d 00000001 <0>[ 178.904792] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e48000 00020000 0048fe38 <0>[ 178.913266] dfe0: 00000004 becb7788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 178.921731] Call trace: <0>[ 178.921748] execute_location from lkdtm_EXEC_KMALLOC+0x30/0x3c <0>[ 178.930765] lkdtm_EXEC_KMALLOC from lkdtm_do_action+0x24/0x4c <0>[ 178.936840] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 178.942610] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 178.948279] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 178.953754] vfs_write from ksys_write+0x78/0xf8 <0>[ 178.958731] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 178.964101] Exception stack(0xf1c3dfa8 to 0xf1c3dff0) <0>[ 178.969458] dfa0: 0000000d 0000000d 00000001 b6e48000 0000000d 00000001 <0>[ 178.977932] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e48000 00020000 0048fe38 <0>[ 178.986402] dfe0: 00000004 becb7788 b6f0e33b b6e87616 <0>[ 178.991761] Code: cccccccc cccccccc cccccccc cccccccc (e52de004) <4>[ 178.998119] ---[ end trace 0000000000000000 ]--- <6>[ 179.002967] note: cat[2471] exited with irqs disabled # Segmentation fault # [ 178.328134] lkdtm: Performing direct entry EXEC_KMALLOC # [ 178.332431] lkdtm: attempting ok execution at c0df7aa0 # [ 178.338417] lkdtm: attempting bad execution at c6891640 # [ 178.343520] 8<--- cut here --- # [ 178.346581] Unable to handle kernel paging request at virtual address c6891640 when execute # [ 178.355253] [c6891640] *pgd=c681141e(bad) # [ 178.359522] Internal error: Oops: 8000000d [#8] SMP ARM # [ 178.365077] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 178.403169] CPU: 1 UID: 0 PID: 2471 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 178.412757] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 178.418002] Hardware name: STM32 (Device Tree Support) # [ 178.423449] PC is at 0xc6891640 # [ 178.426799] LR is at execute_location+0x9c/0xac # [ 178.431662] pc : [] lr : [] psr: 60080013 # [ 178.438118] sp : f1c3dea8 ip : 00000000 fp : 0048fe38 # [ 178.443670] r10: c5649680 r9 : f1c3df80 r8 : c2687f60 # [ 178.449224] r7 : f1c3df80 r6 : 00000001 r5 : c6891640 r4 : c0df7aa0 # [ 178.455986] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 178.462848] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 178.470217] Control: 10c5387d Table: c897c06a DAC: 00000051 # [ 178.476269] Register r0 information: non-paged memory # [ 178.481632] Register r1 information: NULL pointer # [ 178.486586] Register r2 information: NULL pointer # [ 178.491537] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 178.505317] copy_process+0x1f4/0x1f64 # [ 178.509574] kernel_clone+0xac/0x388 # [ 178.513629] sys_clone+0x78/0x9c # [ 178.517381] ret_fast_syscall+0x0/0x1c # [ 178.521732] Free path: # [ 178.524362] rcu_core+0x2dc/0xb14 # [ 178.528215] handle_softirqs+0x15c/0x430 # [ 178.532674] irq_exit+0xac/0xd4 # [ 178.536425] call_with_stack+0x18/0x20 # [ 178.540681] __irq_svc+0x9c/0xb8 # [ 178.544428] queue_work_on+0x44/0xc0 # [ 178.548482] rpc_wake_up_queued_task_set_status+0x60/0x7c # [ 178.554448] xprt_transmit+0x2c4/0x4a0 # [ 178.558709] call_transmit+0x80/0x8c # [ 178.562861] __rpc_execute+0xc8/0x5d0 # [ 178.567013] rpc_async_schedule+0x24/0x40 # [ 178.571567] process_one_work+0x1b8/0x450 # [ 178.576120] worker_thread+0x1d4/0x3c4 # [ 178.580473] kthread+0xe8/0x104 # [ 178.584121] ret_from_fork+0x14/0x28 # [ 178.588169] Register r4 information: non-slab/vmalloc memory # [ 178.594131] Register r5 information: slab kmalloc-64 start c6891600 data offset 64 pointer offset 0 size 64 allocated at lkdtm_EXEC_KMALLOC+0x24/0x3c # [ 178.607893] lkdtm_EXEC_KMALLOC+0x24/0x3c # [ 178.612448] lkdtm_do_action+0x24/0x4c # [ 178.616699] direct_entry+0x11c/0x140 # [ 178.620850] full_proxy_write+0x5c/0x8c # [ 178.625202] vfs_write+0xbc/0x3cc # [ 178.629060] ksys_write+0x78/0xf8 # [ 178.632916] ret_fast_syscall+0x0/0x1c # [ 178.637267] Free path: # [ 178.639898] rcu_core+0x2dc/0xb14 # [ 178.643748] handle_softirqs+0x15c/0x430 # [ 178.648203] irq_exit+0xac/0xd4 # [ 178.651953] call_with_stack+0x18/0x20 # [ 178.656206] __irq_svc+0x9c/0xb8 # [ 178.659953] privileged_wrt_inode_uidgid+0x48/0x74 # [ 178.665308] generic_permission+0xd8/0x22c # [ 178.669869] proc_fd_permission+0x1c/0x5c # [ 178.674422] inode_permission+0xd4/0x188 # [ 178.678872] path_openat+0xce4/0x1198 # [ 178.683123] do_filp_open+0x98/0x134 # [ 178.687173] do_sys_openat2+0xbc/0xe4 # [ 178.691427] sys_openat+0x98/0xd4 # [ 178.695278] ret_fast_syscall+0x0/0x1c # [ 178.699527] Register r6 information: non-paged memory # [ 178.704883] Register r7 information: 2-page vmalloc region starting at 0xf1c3c000 allocated at kernel_clone+0xac/0x388 # [ 178.715892] Register r8 information: non-slab/vmalloc memory # [ 178.721851] Register r9 information: 2-page vmalloc region starting at 0xf1c3c000 allocated at kernel_clone+0xac/0x388 # [ 178.732856] Register r10 information: slab kmalloc-192 start c5649640 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 178.746713] full_proxy_open+0x124/0x24c # [ 178.751163] do_dentry_open+0x144/0x4dc # [ 178.755516] vfs_open+0x2c/0xec # [ 178.759166] path_openat+0x748/0x1198 # [ 178.763421] do_filp_open+0x98/0x134 # [ 178.767485] do_sys_openat2+0xbc/0xe4 # [ 178.771754] sys_openat+0x98/0xd4 # [ 178.775519] ret_fast_syscall+0x0/0x1c # [ 178.779885] Free path: # [ 178.782525] full_proxy_release+0x78/0xc0 # [ 178.787090] __fput+0xdc/0x2e8 # [ 178.790647] task_work_run+0x98/0xc8 # [ 178.794809] do_exit+0x374/0xa1c # [ 178.798567] do_group_exit+0x40/0x8c # [ 178.802628] pid_child_should_wake+0x0/0x94 # [ 178.807393] Register r11 information: non-paged memory # [ 178.812757] Register r12 information: NULL pointer # [ 178.817812] Process cat (pid: 2471, stack limit = 0xf1c3c000) # [ 178.823870] Stack: (0xf1c3dea8 to 0xf1c3e000) # [ 178.828526] dea0: c6891640 c57d7000 00000000 c0df7b08 0000000d c0df61c8 # [ 178.837000] dec0: 0000000d c0df65ac c0df6490 c5443a40 b6e48000 0000000d c3824260 c08910e8 # [ 178.845476] dee0: c5443a40 c089108c f1c3df80 b6e48000 c5205040 0000000d c5649680 c0628870 # [ 178.853951] df00: c897edb8 00000000 00000000 00000000 00000000 0000000d b6e48000 0001fff3 # [ 178.862425] df20: 00000001 00000000 c5443840 00000000 00000000 00000000 00000000 00000000 # [ 178.870898] df40: 00000000 00000000 00000000 00000000 00000022 5b71722f 00000000 c5443a40 # [ 178.879372] df60: c5443a40 00000000 00000000 c03002f0 c5205040 00000004 0048fe38 c0628dcc # [ 178.887845] df80: 00000000 00000000 00000000 5b71722f 000000c0 0000000d 0000000d 7ff00000 # [ 178.896318] dfa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6e48000 0000000d 00000001 # [ 178.904792] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e48000 00020000 0048fe38 # [ 178.913266] dfe0: 00000004 becb7788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 178.921731] Call trace: # [ 178.921748] execute_location from lkdtm_EXEC_KMALLOC+0x30/0x3c # [ 178.930765] lkdtm_EXEC_KMALLOC from lkdtm_do_action+0x24/0x4c # [ 178.936840] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 178.942610] direct_entry from full_proxy_write+0x5c/0x8c # [ 178.948279] full_proxy_write from vfs_write+0xbc/0x3cc # [ 178.953754] vfs_write from ksys_write+0x78/0xf8 # [ 178.958731] ksys_write from ret_fast_syscall+0x0/0x1c # [ 178.964101] Exception stack(0xf1c3dfa8 to 0xf1c3dff0) # [ 178.969458] dfa0: 0000000d 0000000d 00000001 b6e48000 0000000d 00000001 # [ 178.977932] dfc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e48000 00020000 0048fe38 # [ 178.986402] dfe0: 00000004 becb7788 b6f0e33b b6e87616 # [ 178.991761] Code: cccccccc cccccccc cccccccc cccccccc (e52de004) # [ 178.998119] ---[ end trace 0000000000000000 ]--- # [ 179.002967] note: cat[2471] exited with irqs disabled # EXEC_KMALLOC: saw 'call trace:': ok ok 39 selftests: lkdtm: EXEC_KMALLOC.sh # timeout set to 45 # selftests: lkdtm: EXEC_VMALLOC.sh <6>[ 180.973167] lkdtm: Performing direct entry EXEC_VMALLOC <6>[ 180.977625] lkdtm: attempting ok execution at c0df7aa0 <6>[ 180.982884] lkdtm: attempting bad execution at f0969000 <1>[ 180.988460] 8<--- cut here --- <1>[ 180.991674] Unable to handle kernel execution of memory at virtual address f0969000 when execute <1>[ 181.000859] [f0969000] *pgd=c3233811, *pte=fac0c65f, *ppte=fac0c45f <0>[ 181.007354] Internal error: Oops: 8000000f [#9] SMP ARM <4>[ 181.012844] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 181.050864] CPU: 1 UID: 0 PID: 2553 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 181.060466] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 181.065715] Hardware name: STM32 (Device Tree Support) <4>[ 181.071164] PC is at 0xf0969000 <4>[ 181.074620] LR is at execute_location+0x9c/0xac <4>[ 181.079388] pc : [] lr : [] psr: 60080013 <4>[ 181.085946] sp : f1c95ea8 ip : 00000000 fp : 004bfe38 <4>[ 181.091397] r10: c56492c0 r9 : f1c95f80 r8 : c2687f68 <4>[ 181.096948] r7 : f1c95f80 r6 : 00000001 r5 : f0969000 r4 : c0df7aa0 <4>[ 181.103806] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 181.110566] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 181.118032] Control: 10c5387d Table: c528c06a DAC: 00000051 <1>[ 181.124084] Register r0 information: non-paged memory <1>[ 181.129346] Register r1 information: NULL pointer <1>[ 181.134300] Register r2 information: NULL pointer <1>[ 181.139352] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 181.153028] copy_process+0x1f4/0x1f64 <6>[ 181.157285] kernel_clone+0xac/0x388 <6>[ 181.161440] sys_clone+0x78/0x9c <6>[ 181.165193] ret_fast_syscall+0x0/0x1c <4>[ 181.169443] Free path: <6>[ 181.172173] rcu_core+0x2dc/0xb14 <6>[ 181.176026] handle_softirqs+0x15c/0x430 <6>[ 181.180484] irq_exit+0xac/0xd4 <6>[ 181.184134] call_with_stack+0x18/0x20 <6>[ 181.188490] __irq_svc+0x9c/0xb8 <6>[ 181.192238] lock_timer_base+0x88/0xfc <6>[ 181.196489] __mod_timer+0x74/0x45c <6>[ 181.200540] sk_reset_timer+0x20/0x70 <6>[ 181.204690] tcp_schedule_loss_probe.part.0+0x17c/0x2cc <6>[ 181.210451] tcp_write_xmit+0x8f8/0x18bc <6>[ 181.214904] __tcp_push_pending_frames+0x38/0x11c <6>[ 181.220161] tcp_sendmsg_locked+0xa20/0xdc8 <6>[ 181.224920] tcp_sendmsg+0x30/0x44 <6>[ 181.228772] __sock_sendmsg+0x44/0x7c <6>[ 181.233026] sock_sendmsg+0x70/0xa4 <6>[ 181.237076] xprt_sock_sendmsg+0x148/0x30c <1>[ 181.241639] Register r4 information: non-slab/vmalloc memory <1>[ 181.247603] Register r5 information: 1-page vmalloc region starting at 0xf0969000 allocated at lkdtm_EXEC_VMALLOC+0x14/0x2c <1>[ 181.259013] Register r6 information: non-paged memory <1>[ 181.264373] Register r7 information: 2-page vmalloc region starting at 0xf1c94000 allocated at kernel_clone+0xac/0x388 <1>[ 181.275405] Register r8 information: non-slab/vmalloc memory <1>[ 181.281383] Register r9 information: 2-page vmalloc region starting at 0xf1c94000 allocated at kernel_clone+0xac/0x388 <1>[ 181.292312] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 181.306204] full_proxy_open+0x124/0x24c <6>[ 181.310666] do_dentry_open+0x144/0x4dc <6>[ 181.315027] vfs_open+0x2c/0xec <6>[ 181.318779] path_openat+0x748/0x1198 <6>[ 181.322930] do_filp_open+0x98/0x134 <6>[ 181.327081] do_sys_openat2+0xbc/0xe4 <6>[ 181.331236] sys_openat+0x98/0xd4 <6>[ 181.335087] ret_fast_syscall+0x0/0x1c <4>[ 181.339339] Free path: <6>[ 181.342070] full_proxy_release+0x78/0xc0 <6>[ 181.346621] __fput+0xdc/0x2e8 <6>[ 181.350166] task_work_run+0x98/0xc8 <6>[ 181.354328] do_exit+0x374/0xa1c <6>[ 181.358079] do_group_exit+0x40/0x8c <6>[ 181.362129] pid_child_should_wake+0x0/0x94 <1>[ 181.366886] Register r11 information: non-paged memory <1>[ 181.372346] Register r12 information: NULL pointer <0>[ 181.377401] Process cat (pid: 2553, stack limit = 0xf1c94000) <0>[ 181.383459] Stack: (0xf1c95ea8 to 0xf1c96000) <0>[ 181.388014] 5ea0: f0969000 c88f8000 00000000 c0df7acc 0000000d c0df61c8 <0>[ 181.396489] 5ec0: 0000000d c0df65ac c0df6490 c52cda40 b6d98000 0000000d c3824260 c08910e8 <0>[ 181.404964] 5ee0: c52cda40 c089108c f1c95f80 b6d98000 c5205040 0000000d c56492c0 c0628870 <0>[ 181.413442] 5f00: c528edb0 00000000 00000000 00000000 00000000 0000000d b6d98000 0001fff3 <0>[ 181.421918] 5f20: 00000001 00000000 c52cdf40 00000000 00000000 00000000 00000000 00000000 <0>[ 181.430392] 5f40: 00000000 00000000 00000000 00000000 00000022 9f596503 00000000 c52cda40 <0>[ 181.438868] 5f60: c52cda40 00000000 00000000 c03002f0 c5205040 00000004 004bfe38 c0628dcc <0>[ 181.447343] 5f80: 00000000 00000000 00000000 9f596503 000000c0 0000000d 0000000d 7ff00000 <0>[ 181.455817] 5fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6d98000 0000000d 00000001 <0>[ 181.464393] 5fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d98000 00020000 004bfe38 <0>[ 181.472869] 5fe0: 00000004 beeb9788 b6e5e33b b6dd7616 60080030 00000001 00000000 00000000 <0>[ 181.481334] Call trace: <0>[ 181.481349] execute_location from lkdtm_EXEC_VMALLOC+0x20/0x2c <0>[ 181.490266] lkdtm_EXEC_VMALLOC from lkdtm_do_action+0x24/0x4c <0>[ 181.496440] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 181.502208] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 181.507876] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 181.513351] vfs_write from ksys_write+0x78/0xf8 <0>[ 181.518227] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 181.523698] Exception stack(0xf1c95fa8 to 0xf1c95ff0) <0>[ 181.529055] 5fa0: 0000000d 0000000d 00000001 b6d98000 0000000d 00000001 <0>[ 181.537528] 5fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d98000 00020000 004bfe38 <0>[ 181.545998] 5fe0: 00000004 beeb9788 b6e5e33b b6dd7616 <0>[ 181.551255] Code: bad PC value <4>[ 181.554759] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 180.973167] lkdtm: Performing direct entry EXEC_VMALLOC # [ 180.977625] lkdtm: attempting ok execution at c0df7aa0 # [ 180.982884] lkdtm: attempting bad execution at f0969000 # [ 180.988460] 8<--- cut here --- # [ 180.991674] Unable to handle kernel execution of memory at virtual address f0969000 when execute # [ 181.000859] [f0969000] *pgd=c3233811, *pte=fac0c65f, *ppte=fac0c45f # [ 181.007354] Internal error: Oops: 8000000f [#9] SMP ARM # [ 181.012844] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 181.050864] CPU: 1 UID: 0 PID: 2553 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 181.060466] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 181.065715] Hardware name: STM32 (Device Tree Support) # [ 181.071164] PC is at 0xf0969000 # [ 181.074620] LR is at execute_location+0x9c/0xac # [ 181.079388] pc : [] lr : [] psr: 60080013 # [ 181.085946] sp : f1c95ea8 ip : 00000000 fp : 004bfe38 # [ 181.091397] r10: c56492c0 r9 : f1c95f80 r8 : c2687f68 # [ 181.096948] r7 : f1c95f80 r6 : 00000001 r5 : f0969000 r4 : c0df7aa0 # [ 181.103806] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 181.110566] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 181.118032] Control: 10c5387d Table: c528c06a DAC: 00000051 # [ 181.124084] Register r0 information: non-paged memory # [ 181.129346] Register r1 information: NULL pointer # [ 181.134300] Register r2 information: NULL pointer # [ 181.139352] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 181.153028] copy_process+0x1f4/0x1f64 # [ 181.157285] kernel_clone+0xac/0x388 # [ 181.161440] sys_clone+0x78/0x9c # [ 181.165193] ret_fast_syscall+0x0/0x1c # [ 181.169443] Free path: # [ 181.172173] rcu_core+0x2dc/0xb14 # [ 181.176026] handle_softirqs+0x15c/0x430 # [ 181.180484] irq_exit+0xac/0xd4 # [ 181.184134] call_with_stack+0x18/0x20 # [ 181.188490] __irq_svc+0x9c/0xb8 # [ 181.192238] lock_timer_base+0x88/0xfc # [ 181.196489] __mod_timer+0x74/0x45c # [ 181.200540] sk_reset_timer+0x20/0x70 # [ 181.204690] tcp_schedule_loss_probe.part.0+0x17c/0x2cc # [ 181.210451] tcp_write_xmit+0x8f8/0x18bc # [ 181.214904] __tcp_push_pending_frames+0x38/0x11c # [ 181.220161] tcp_sendmsg_locked+0xa20/0xdc8 # [ 181.224920] tcp_sendmsg+0x30/0x44 # [ 181.228772] __sock_sendmsg+0x44/0x7c # [ 181.233026] sock_sendmsg+0x70/0xa4 # [ 181.237076] xprt_sock_sendmsg+0x148/0x30c # [ 181.241639] Register r4 information: non-slab/vmalloc memory # [ 181.247603] Register r5 information: 1-page vmalloc region starting at 0xf0969000 allocated at lkdtm_EXEC_VMALLOC+0x14/0x2c # [ 181.259013] Register r6 information: non-paged memory # [ 181.264373] Register r7 information: 2-page vmalloc region starting at 0xf1c94000 allocated at kernel_clone+0xac/0x388 # [ 181.275405] Register r8 information: non-slab/vmalloc memory # [ 181.281383] Register r9 information: 2-page vmalloc region starting at 0xf1c94000 allocated at kernel_clone+0xac/0x388 # [ 181.292312] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 181.306204] full_proxy_open+0x124/0x24c # [ 181.310666] do_dentry_open+0x144/0x4dc # [ 181.315027] vfs_open+0x2c/0xec # [ 181.318779] path_openat+0x748/0x1198 # [ 181.322930] do_filp_open+0x98/0x134 # [ 181.327081] do_sys_openat2+0xbc/0xe4 # [ 181.331236] sys_openat+0x98/0xd4 # [ 181.335087] ret_fast_syscall+0x0/0x1c # [ 181.339339] Free path: # [ 181.342070] full_proxy_release+0x78/0xc0 # [ 181.346621] __fput+0xdc/0x2e8 # [ 181.350166] task_work_run+0x98/0xc8 # [ 181.354328] do_exit+0x374/0xa1c # [ 181.358079] do_group_exit+0x40/0x8c # [ 181.362129] pid_child_should_wake+0x0/0x94 # [ 181.366886] Register r11 information: non-paged memory # [ 181.372346] Register r12 information: NULL pointer # [ 181.377401] Process cat (pid: 2553, stack limit = 0xf1c94000) # [ 181.383459] Stack: (0xf1c95ea8 to 0xf1c96000) # [ 181.388014] 5ea0: f0969000 c88f8000 00000000 c0df7acc 0000000d c0df61c8 # [ 181.396489] 5ec0: 0000000d c0df65ac c0df6490 c52cda40 b6d98000 0000000d c3824260 c08910e8 # [ 181.404964] 5ee0: c52cda40 c089108c f1c95f80 b6d98000 c5205040 0000000d c56492c0 c0628870 # [ 181.413442] 5f00: c528edb0 00000000 00000000 00000000 00000000 0000000d b6d98000 0001fff3 # [ 181.421918] 5f20: 00000001 00000000 c52cdf40 00000000 00000000 00000000 00000000 00000000 # [ 181.430392] 5f40: 00000000 00000000 00000000 00000000 00000022 9f596503 00000000 c52cda40 # [ 181.438868] 5f60: c52cda40 00000000 00000000 c03002f0 c5205040 00000004 004bfe38 c0628dcc # [ 181.447343] 5f80: 00000000 00000000 00000000 9f596503 000000c0 0000000d 0000000d 7ff00000 # [ 181.455817] 5fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6d98000 0000000d 00000001 # [ 181.464393] 5fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d98000 00020000 004bfe38 # [ 181.472869] 5fe0: 00000004 beeb9788 b6e5e33b b6dd7616 60080030 00000001 00000000 00000000 # [ 181.481334] Call trace: # [ 181.481349] execute_location from lkdtm_EXEC_VMALLOC+0x20/0x2c # [ 181.490266] lkdtm_EXEC_VMALLOC from lkdtm_do_action+0x24/0x4c # [ 181.496440] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 181.502208] direct_entry from full_proxy_write+0x5c/0x8c # [ 181.507876] full_proxy_write from vfs_write+0xbc/0x3cc # [ 181.513351] vfs_write from ksys_write+0x78/0xf8 # [ 181.518227] ksys_write from ret_fast_syscall+0x0/0x1c # [ 181.523698] Exception stack(0xf1c95fa8 to 0xf1c95ff0) # [ 181.529055] 5fa0: 0000000d 0000000d 00000001 b6d98000 0000000d 00000001 # [ 181.537528] 5fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d98000 00020000 004bfe38 # [ 181.545998] 5fe0: 00000004 beeb9788 b6e5e33b b6dd7616 # [ 181.551255] Code: bad PC value # [ 181.554759] ---[ end trace 0000000000000000 ]--- # EXEC_VMALLOC: saw 'call trace:': ok ok 40 selftests: lkdtm: EXEC_VMALLOC.sh # timeout set to 45 # selftests: lkdtm: EXEC_RODATA.sh <6>[ 183.378626] lkdtm: Performing direct entry EXEC_RODATA <6>[ 183.382943] lkdtm: attempting ok execution at c0df7aa0 <6>[ 183.388262] lkdtm: attempting bad execution at c19711a8 <1>[ 183.393749] 8<--- cut here --- <1>[ 183.396905] Unable to handle kernel paging request at virtual address c19711a8 when execute <1>[ 183.405576] [c19711a8] *pgd=c181941e(bad) <0>[ 183.409847] Internal error: Oops: 8000000d [#10] SMP ARM <4>[ 183.415404] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 183.453599] CPU: 1 UID: 0 PID: 2635 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 183.463196] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 183.468443] Hardware name: STM32 (Device Tree Support) <4>[ 183.473791] PC is at lkdtm_rodata_do_nothing+0x0/0x4 <4>[ 183.479065] LR is at execute_location+0x9c/0xac <4>[ 183.483831] pc : [] lr : [] psr: 60080013 <4>[ 183.490392] sp : f1d15eb0 ip : 00000000 fp : 0041fe38 <4>[ 183.495946] r10: c56492c0 r9 : f1d15f80 r8 : c2687f70 <4>[ 183.501397] r7 : f1d15f80 r6 : 00000000 r5 : c19711a8 r4 : c0df7aa0 <4>[ 183.508258] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 183.515018] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 183.522485] Control: 10c5387d Table: c887406a DAC: 00000051 <1>[ 183.528538] Register r0 information: non-paged memory <1>[ 183.533802] Register r1 information: NULL pointer <1>[ 183.538857] Register r2 information: NULL pointer <1>[ 183.543811] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 183.557491] copy_process+0x1f4/0x1f64 <6>[ 183.561848] kernel_clone+0xac/0x388 <6>[ 183.565904] sys_clone+0x78/0x9c <6>[ 183.569656] ret_fast_syscall+0x0/0x1c <4>[ 183.573908] Free path: <6>[ 183.576639] rcu_core+0x2dc/0xb14 <6>[ 183.580492] handle_softirqs+0x15c/0x430 <6>[ 183.584949] irq_exit+0xac/0xd4 <6>[ 183.588599] call_with_stack+0x18/0x20 <6>[ 183.592856] __irq_svc+0x9c/0xb8 <6>[ 183.596703] default_idle_call+0x20/0xc0 <6>[ 183.601159] do_idle+0x25c/0x2f4 <6>[ 183.604910] cpu_startup_entry+0x30/0x34 <6>[ 183.609362] secondary_start_kernel+0x138/0x158 <6>[ 183.614423] __enable_mmu+0x0/0x20 <1>[ 183.618373] Register r4 information: non-slab/vmalloc memory <1>[ 183.624236] Register r5 information: non-slab/vmalloc memory <1>[ 183.630195] Register r6 information: NULL pointer <1>[ 183.635148] Register r7 information: 2-page vmalloc region starting at 0xf1d14000 allocated at kernel_clone+0xac/0x388 <1>[ 183.646160] Register r8 information: non-slab/vmalloc memory <1>[ 183.652120] Register r9 information: 2-page vmalloc region starting at 0xf1d14000 allocated at kernel_clone+0xac/0x388 <1>[ 183.663126] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 183.677094] full_proxy_open+0x124/0x24c <6>[ 183.681546] do_dentry_open+0x144/0x4dc <6>[ 183.685902] vfs_open+0x2c/0xec <6>[ 183.689553] path_openat+0x748/0x1198 <6>[ 183.693705] do_filp_open+0x98/0x134 <6>[ 183.697854] do_sys_openat2+0xbc/0xe4 <6>[ 183.702008] sys_openat+0x98/0xd4 <6>[ 183.705859] ret_fast_syscall+0x0/0x1c <4>[ 183.710210] Free path: <6>[ 183.712840] nfs_pgio_header_free+0x34/0x48 <6>[ 183.717600] nfs_write_completion+0x60/0x240 <6>[ 183.722452] rpc_free_task+0x34/0x54 <6>[ 183.726508] rpc_async_release+0x24/0x40 <6>[ 183.730961] process_one_work+0x1b8/0x450 <6>[ 183.735517] worker_thread+0x1d4/0x3c4 <6>[ 183.739769] kthread+0xe8/0x104 <6>[ 183.743517] ret_from_fork+0x14/0x28 <1>[ 183.747565] Register r11 information: non-paged memory <1>[ 183.753022] Register r12 information: NULL pointer <0>[ 183.758076] Process cat (pid: 2635, stack limit = 0xf1d14000) <0>[ 183.764137] Stack: (0xf1d15eb0 to 0xf1d16000) <0>[ 183.768702] 5ea0: 0000000c c5607000 00000000 c0df61c8 <0>[ 183.777190] 5ec0: 0000000c c0df65ac c0df6490 c5443640 b6e58000 0000000c c3824260 c08910e8 <0>[ 183.785676] 5ee0: c5443640 c089108c f1d15f80 b6e58000 c5205040 0000000c c56492c0 c0628870 <0>[ 183.794159] 5f00: c8876db8 00000000 00000000 00000000 00000000 0000000c b6e58000 0001fff4 <0>[ 183.802640] 5f20: 00000001 00000000 c5443840 00000000 00000000 00000000 00000000 00000000 <0>[ 183.811121] 5f40: 00000000 00000000 00000000 00000000 00000022 d7e96bfd 00000000 c5443640 <0>[ 183.819598] 5f60: c5443640 00000000 00000000 c03002f0 c5205040 00000004 0041fe38 c0628dcc <0>[ 183.828072] 5f80: 00000000 00000000 00000000 d7e96bfd 000000c0 0000000c 0000000c 7ff00000 <0>[ 183.836547] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6e58000 0000000c 00000001 <0>[ 183.845022] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e58000 00020000 0041fe38 <0>[ 183.853497] 5fe0: 00000004 beaaa788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 <0>[ 183.861963] Call trace: <0>[ 183.861981] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 183.870692] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 183.876462] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 183.882131] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 183.887707] vfs_write from ksys_write+0x78/0xf8 <0>[ 183.892583] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 183.897955] Exception stack(0xf1d15fa8 to 0xf1d15ff0) <0>[ 183.903312] 5fa0: 0000000c 0000000c 00000001 b6e58000 0000000c 00000001 <0>[ 183.911787] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e58000 00020000 0041fe38 <0>[ 183.920257] 5fe0: 00000004 beaaa788 b6f1e33b b6e97616 <0>[ 183.925616] Code: 5f727563 6e756f63 00000074 aa55aa55 (e12fff1e) <4>[ 183.931973] ---[ end trace 0000000000000000 ]--- <6>[ 183.936921] note: cat[2635] exited with irqs disabled # Segmentation fault # [ 183.378626] lkdtm: Performing direct entry EXEC_RODATA # [ 183.382943] lkdtm: attempting ok execution at c0df7aa0 # [ 183.388262] lkdtm: attempting bad execution at c19711a8 # [ 183.393749] 8<--- cut here --- # [ 183.396905] Unable to handle kernel paging request at virtual address c19711a8 when execute # [ 183.405576] [c19711a8] *pgd=c181941e(bad) # [ 183.409847] Internal error: Oops: 8000000d [#10] SMP ARM # [ 183.415404] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 183.453599] CPU: 1 UID: 0 PID: 2635 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 183.463196] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 183.468443] Hardware name: STM32 (Device Tree Support) # [ 183.473791] PC is at lkdtm_rodata_do_nothing+0x0/0x4 # [ 183.479065] LR is at execute_location+0x9c/0xac # [ 183.483831] pc : [] lr : [] psr: 60080013 # [ 183.490392] sp : f1d15eb0 ip : 00000000 fp : 0041fe38 # [ 183.495946] r10: c56492c0 r9 : f1d15f80 r8 : c2687f70 # [ 183.501397] r7 : f1d15f80 r6 : 00000000 r5 : c19711a8 r4 : c0df7aa0 # [ 183.508258] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 183.515018] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 183.522485] Control: 10c5387d Table: c887406a DAC: 00000051 # [ 183.528538] Register r0 information: non-paged memory # [ 183.533802] Register r1 information: NULL pointer # [ 183.538857] Register r2 information: NULL pointer # [ 183.543811] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 183.557491] copy_process+0x1f4/0x1f64 # [ 183.561848] kernel_clone+0xac/0x388 # [ 183.565904] sys_clone+0x78/0x9c # [ 183.569656] ret_fast_syscall+0x0/0x1c # [ 183.573908] Free path: # [ 183.576639] rcu_core+0x2dc/0xb14 # [ 183.580492] handle_softirqs+0x15c/0x430 # [ 183.584949] irq_exit+0xac/0xd4 # [ 183.588599] call_with_stack+0x18/0x20 # [ 183.592856] __irq_svc+0x9c/0xb8 # [ 183.596703] default_idle_call+0x20/0xc0 # [ 183.601159] do_idle+0x25c/0x2f4 # [ 183.604910] cpu_startup_entry+0x30/0x34 # [ 183.609362] secondary_start_kernel+0x138/0x158 # [ 183.614423] __enable_mmu+0x0/0x20 # [ 183.618373] Register r4 information: non-slab/vmalloc memory # [ 183.624236] Register r5 information: non-slab/vmalloc memory # [ 183.630195] Register r6 information: NULL pointer # [ 183.635148] Register r7 information: 2-page vmalloc region starting at 0xf1d14000 allocated at kernel_clone+0xac/0x388 # [ 183.646160] Register r8 information: non-slab/vmalloc memory # [ 183.652120] Register r9 information: 2-page vmalloc region starting at 0xf1d14000 allocated at kernel_clone+0xac/0x388 # [ 183.663126] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 183.677094] full_proxy_open+0x124/0x24c # [ 183.681546] do_dentry_open+0x144/0x4dc # [ 183.685902] vfs_open+0x2c/0xec # [ 183.689553] path_openat+0x748/0x1198 # [ 183.693705] do_filp_open+0x98/0x134 # [ 183.697854] do_sys_openat2+0xbc/0xe4 # [ 183.702008] sys_openat+0x98/0xd4 # [ 183.705859] ret_fast_syscall+0x0/0x1c # [ 183.710210] Free path: # [ 183.712840] nfs_pgio_header_free+0x34/0x48 # [ 183.717600] nfs_write_completion+0x60/0x240 # [ 183.722452] rpc_free_task+0x34/0x54 # [ 183.726508] rpc_async_release+0x24/0x40 # [ 183.730961] process_one_work+0x1b8/0x450 # [ 183.735517] worker_thread+0x1d4/0x3c4 # [ 183.739769] kthread+0xe8/0x104 # [ 183.743517] ret_from_fork+0x14/0x28 # [ 183.747565] Register r11 information: non-paged memory # [ 183.753022] Register r12 information: NULL pointer # [ 183.758076] Process cat (pid: 2635, stack limit = 0xf1d14000) # [ 183.764137] Stack: (0xf1d15eb0 to 0xf1d16000) # [ 183.768702] 5ea0: 0000000c c5607000 00000000 c0df61c8 # [ 183.777190] 5ec0: 0000000c c0df65ac c0df6490 c5443640 b6e58000 0000000c c3824260 c08910e8 # [ 183.785676] 5ee0: c5443640 c089108c f1d15f80 b6e58000 c5205040 0000000c c56492c0 c0628870 # [ 183.794159] 5f00: c8876db8 00000000 00000000 00000000 00000000 0000000c b6e58000 0001fff4 # [ 183.802640] 5f20: 00000001 00000000 c5443840 00000000 00000000 00000000 00000000 00000000 # [ 183.811121] 5f40: 00000000 00000000 00000000 00000000 00000022 d7e96bfd 00000000 c5443640 # [ 183.819598] 5f60: c5443640 00000000 00000000 c03002f0 c5205040 00000004 0041fe38 c0628dcc # [ 183.828072] 5f80: 00000000 00000000 00000000 d7e96bfd 000000c0 0000000c 0000000c 7ff00000 # [ 183.836547] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6e58000 0000000c 00000001 # [ 183.845022] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e58000 00020000 0041fe38 # [ 183.853497] 5fe0: 00000004 beaaa788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 # [ 183.861963] Call trace: # [ 183.861981] execute_location from lkdtm_do_action+0x24/0x4c # [ 183.870692] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 183.876462] direct_entry from full_proxy_write+0x5c/0x8c # [ 183.882131] full_proxy_write from vfs_write+0xbc/0x3cc # [ 183.887707] vfs_write from ksys_write+0x78/0xf8 # [ 183.892583] ksys_write from ret_fast_syscall+0x0/0x1c # [ 183.897955] Exception stack(0xf1d15fa8 to 0xf1d15ff0) # [ 183.903312] 5fa0: 0000000c 0000000c 00000001 b6e58000 0000000c 00000001 # [ 183.911787] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e58000 00020000 0041fe38 # [ 183.920257] 5fe0: 00000004 beaaa788 b6f1e33b b6e97616 # [ 183.925616] Code: 5f727563 6e756f63 00000074 aa55aa55 (e12fff1e) # [ 183.931973] ---[ end trace 0000000000000000 ]--- # [ 183.936921] note: cat[2635] exited with irqs disabled # EXEC_RODATA: saw 'call trace:': ok ok 41 selftests: lkdtm: EXEC_RODATA.sh # timeout set to 45 # selftests: lkdtm: EXEC_USERSPACE.sh <6>[ 185.787131] lkdtm: Performing direct entry EXEC_USERSPACE <6>[ 185.791709] lkdtm: attempting ok execution at c0df7aa0 <6>[ 185.797803] lkdtm: attempting bad execution at b6f0c000 <1>[ 185.802599] 8<--- cut here --- <1>[ 185.805655] Unhandled prefetch abort: page domain fault (0x00b) at 0xb6f0c000 <0>[ 185.813129] Internal error: : b [#11] SMP ARM <4>[ 185.817781] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 185.855876] CPU: 0 UID: 0 PID: 2716 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 185.865467] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 185.870714] Hardware name: STM32 (Device Tree Support) <4>[ 185.876162] PC is at 0xb6f0c000 <4>[ 185.879513] LR is at lkdtm_EXEC_USERSPACE+0xb4/0xc4 <4>[ 185.884677] pc : [] lr : [] psr: 60080013 <4>[ 185.891233] sp : f1d91eb0 ip : 00000000 fp : 0043fe38 <4>[ 185.896783] r10: c56492c0 r9 : f1d91f80 r8 : c2687f78 <4>[ 185.902233] r7 : f1d91f80 r6 : 00000000 r5 : c5483000 r4 : b6f0c000 <4>[ 185.909092] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 185.915851] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 185.923316] Control: 10c5387d Table: c89dc06a DAC: 00000051 <1>[ 185.929366] Register r0 information: non-paged memory <1>[ 185.934626] Register r1 information: NULL pointer <1>[ 185.939678] Register r2 information: NULL pointer <1>[ 185.944630] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 185.958403] copy_process+0x1f4/0x1f64 <6>[ 185.962658] kernel_clone+0xac/0x388 <6>[ 185.966713] sys_clone+0x78/0x9c <6>[ 185.970466] ret_fast_syscall+0x0/0x1c <4>[ 185.974817] Free path: <6>[ 185.977447] rcu_core+0x2dc/0xb14 <6>[ 185.981299] handle_softirqs+0x15c/0x430 <6>[ 185.985757] irq_exit+0xac/0xd4 <6>[ 185.989507] call_with_stack+0x18/0x20 <6>[ 185.993764] __irq_svc+0x9c/0xb8 <6>[ 185.997511] worker_thread+0x190/0x3c4 <6>[ 186.001765] kthread+0xe8/0x104 <6>[ 186.005414] ret_from_fork+0x14/0x28 <1>[ 186.009562] Register r4 information: non-paged memory <1>[ 186.014917] Register r5 information: non-slab/vmalloc memory <1>[ 186.020877] Register r6 information: NULL pointer <1>[ 186.025829] Register r7 information: 2-page vmalloc region starting at 0xf1d90000 allocated at kernel_clone+0xac/0x388 <1>[ 186.036839] Register r8 information: non-slab/vmalloc memory <1>[ 186.042798] Register r9 information: 2-page vmalloc region starting at 0xf1d90000 allocated at kernel_clone+0xac/0x388 <1>[ 186.053804] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 186.067663] full_proxy_open+0x124/0x24c <6>[ 186.072113] do_dentry_open+0x144/0x4dc <6>[ 186.076469] vfs_open+0x2c/0xec <6>[ 186.080119] path_openat+0x748/0x1198 <6>[ 186.084372] do_filp_open+0x98/0x134 <6>[ 186.088421] do_sys_openat2+0xbc/0xe4 <6>[ 186.092675] sys_openat+0x98/0xd4 <6>[ 186.096527] ret_fast_syscall+0x0/0x1c <4>[ 186.100776] Free path: <6>[ 186.103506] nfs_pgio_header_free+0x34/0x48 <6>[ 186.108265] nfs_write_completion+0x60/0x240 <6>[ 186.113017] rpc_free_task+0x34/0x54 <6>[ 186.117173] rpc_async_release+0x24/0x40 <6>[ 186.121625] process_one_work+0x1b8/0x450 <6>[ 186.126179] worker_thread+0x1d4/0x3c4 <6>[ 186.130431] kthread+0xe8/0x104 <6>[ 186.134078] ret_from_fork+0x14/0x28 <1>[ 186.138225] Register r11 information: non-paged memory <1>[ 186.143582] Register r12 information: NULL pointer <0>[ 186.148636] Process cat (pid: 2716, stack limit = 0xf1d90000) <0>[ 186.154691] Stack: (0xf1d91eb0 to 0xf1d92000) <0>[ 186.159344] 1ea0: 00000001 00000000 0000000f c0df61c8 <0>[ 186.167817] 1ec0: 0000000f c0df65ac c0df6490 c52cdd40 b6da8000 0000000f c3824260 c08910e8 <0>[ 186.176291] 1ee0: c52cdd40 c089108c f1d91f80 b6da8000 c5200040 0000000f c56492c0 c0628870 <0>[ 186.184764] 1f00: c89dedb0 00000000 00000000 00000000 00000000 0000000f b6da8000 0001fff1 <0>[ 186.193236] 1f20: 00000001 00000000 c52cd240 00000000 00000000 00000000 00000000 00000000 <0>[ 186.201709] 1f40: 00000000 00000000 00000000 00000000 00000022 15e9f098 00000000 c52cdd40 <0>[ 186.210182] 1f60: c52cdd40 00000000 00000000 c03002f0 c5200040 00000004 0043fe38 c0628dcc <0>[ 186.218655] 1f80: 00000000 00000000 00000000 15e9f098 000000c0 0000000f 0000000f 7ff00000 <0>[ 186.227127] 1fa0: 00000004 c03000c0 0000000f 0000000f 00000001 b6da8000 0000000f 00000001 <0>[ 186.235600] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6da8000 00020000 0043fe38 <0>[ 186.244074] 1fe0: 00000004 beaac788 b6e6e33b b6de7616 60080030 00000001 00000000 00000000 <0>[ 186.252538] Call trace: <0>[ 186.252556] lkdtm_EXEC_USERSPACE from lkdtm_do_action+0x24/0x4c <0>[ 186.261660] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 186.267437] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 186.273125] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 186.278614] vfs_write from ksys_write+0x78/0xf8 <0>[ 186.283496] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 186.288969] Exception stack(0xf1d91fa8 to 0xf1d91ff0) <0>[ 186.294227] 1fa0: 0000000f 0000000f 00000001 b6da8000 0000000f 00000001 <0>[ 186.302701] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6da8000 00020000 0043fe38 <0>[ 186.311170] 1fe0: 00000004 beaac788 b6e6e33b b6de7616 <0>[ 186.316521] Code: bad PC value <4>[ 186.319861] ---[ end trace 0000000000000000 ]--- <6>[ 186.324709] note: cat[2716] exited with irqs disabled # Segmentation fault # [ 185.787131] lkdtm: Performing direct entry EXEC_USERSPACE # [ 185.791709] lkdtm: attempting ok execution at c0df7aa0 # [ 185.797803] lkdtm: attempting bad execution at b6f0c000 # [ 185.802599] 8<--- cut here --- # [ 185.805655] Unhandled prefetch abort: page domain fault (0x00b) at 0xb6f0c000 # [ 185.813129] Internal error: : b [#11] SMP ARM # [ 185.817781] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 185.855876] CPU: 0 UID: 0 PID: 2716 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 185.865467] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 185.870714] Hardware name: STM32 (Device Tree Support) # [ 185.876162] PC is at 0xb6f0c000 # [ 185.879513] LR is at lkdtm_EXEC_USERSPACE+0xb4/0xc4 # [ 185.884677] pc : [] lr : [] psr: 60080013 # [ 185.891233] sp : f1d91eb0 ip : 00000000 fp : 0043fe38 # [ 185.896783] r10: c56492c0 r9 : f1d91f80 r8 : c2687f78 # [ 185.902233] r7 : f1d91f80 r6 : 00000000 r5 : c5483000 r4 : b6f0c000 # [ 185.909092] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 185.915851] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 185.923316] Control: 10c5387d Table: c89dc06a DAC: 00000051 # [ 185.929366] Register r0 information: non-paged memory # [ 185.934626] Register r1 information: NULL pointer # [ 185.939678] Register r2 information: NULL pointer # [ 185.944630] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 185.958403] copy_process+0x1f4/0x1f64 # [ 185.962658] kernel_clone+0xac/0x388 # [ 185.966713] sys_clone+0x78/0x9c # [ 185.970466] ret_fast_syscall+0x0/0x1c # [ 185.974817] Free path: # [ 185.977447] rcu_core+0x2dc/0xb14 # [ 185.981299] handle_softirqs+0x15c/0x430 # [ 185.985757] irq_exit+0xac/0xd4 # [ 185.989507] call_with_stack+0x18/0x20 # [ 185.993764] __irq_svc+0x9c/0xb8 # [ 185.997511] worker_thread+0x190/0x3c4 # [ 186.001765] kthread+0xe8/0x104 # [ 186.005414] ret_from_fork+0x14/0x28 # [ 186.009562] Register r4 information: non-paged memory # [ 186.014917] Register r5 information: non-slab/vmalloc memory # [ 186.020877] Register r6 information: NULL pointer # [ 186.025829] Register r7 information: 2-page vmalloc region starting at 0xf1d90000 allocated at kernel_clone+0xac/0x388 # [ 186.036839] Register r8 information: non-slab/vmalloc memory # [ 186.042798] Register r9 information: 2-page vmalloc region starting at 0xf1d90000 allocated at kernel_clone+0xac/0x388 # [ 186.053804] Register r10 information: slab kmalloc-192 start c5649280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 186.067663] full_proxy_open+0x124/0x24c # [ 186.072113] do_dentry_open+0x144/0x4dc # [ 186.076469] vfs_open+0x2c/0xec # [ 186.080119] path_openat+0x748/0x1198 # [ 186.084372] do_filp_open+0x98/0x134 # [ 186.088421] do_sys_openat2+0xbc/0xe4 # [ 186.092675] sys_openat+0x98/0xd4 # [ 186.096527] ret_fast_syscall+0x0/0x1c # [ 186.100776] Free path: # [ 186.103506] nfs_pgio_header_free+0x34/0x48 # [ 186.108265] nfs_write_completion+0x60/0x240 # [ 186.113017] rpc_free_task+0x34/0x54 # [ 186.117173] rpc_async_release+0x24/0x40 # [ 186.121625] process_one_work+0x1b8/0x450 # [ 186.126179] worker_thread+0x1d4/0x3c4 # [ 186.130431] kthread+0xe8/0x104 # [ 186.134078] ret_from_fork+0x14/0x28 # [ 186.138225] Register r11 information: non-paged memory # [ 186.143582] Register r12 information: NULL pointer # [ 186.148636] Process cat (pid: 2716, stack limit = 0xf1d90000) # [ 186.154691] Stack: (0xf1d91eb0 to 0xf1d92000) # [ 186.159344] 1ea0: 00000001 00000000 0000000f c0df61c8 # [ 186.167817] 1ec0: 0000000f c0df65ac c0df6490 c52cdd40 b6da8000 0000000f c3824260 c08910e8 # [ 186.176291] 1ee0: c52cdd40 c089108c f1d91f80 b6da8000 c5200040 0000000f c56492c0 c0628870 # [ 186.184764] 1f00: c89dedb0 00000000 00000000 00000000 00000000 0000000f b6da8000 0001fff1 # [ 186.193236] 1f20: 00000001 00000000 c52cd240 00000000 00000000 00000000 00000000 00000000 # [ 186.201709] 1f40: 00000000 00000000 00000000 00000000 00000022 15e9f098 00000000 c52cdd40 # [ 186.210182] 1f60: c52cdd40 00000000 00000000 c03002f0 c5200040 00000004 0043fe38 c0628dcc # [ 186.218655] 1f80: 00000000 00000000 00000000 15e9f098 000000c0 0000000f 0000000f 7ff00000 # [ 186.227127] 1fa0: 00000004 c03000c0 0000000f 0000000f 00000001 b6da8000 0000000f 00000001 # [ 186.235600] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6da8000 00020000 0043fe38 # [ 186.244074] 1fe0: 00000004 beaac788 b6e6e33b b6de7616 60080030 00000001 00000000 00000000 # [ 186.252538] Call trace: # [ 186.252556] lkdtm_EXEC_USERSPACE from lkdtm_do_action+0x24/0x4c # [ 186.261660] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 186.267437] direct_entry from full_proxy_write+0x5c/0x8c # [ 186.273125] full_proxy_write from vfs_write+0xbc/0x3cc # [ 186.278614] vfs_write from ksys_write+0x78/0xf8 # [ 186.283496] ksys_write from ret_fast_syscall+0x0/0x1c # [ 186.288969] Exception stack(0xf1d91fa8 to 0xf1d91ff0) # [ 186.294227] 1fa0: 0000000f 0000000f 00000001 b6da8000 0000000f 00000001 # [ 186.302701] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6da8000 00020000 0043fe38 # [ 186.311170] 1fe0: 00000004 beaac788 b6e6e33b b6de7616 # [ 186.316521] Code: bad PC value # [ 186.319861] ---[ end trace 0000000000000000 ]--- # [ 186.324709] note: cat[2716] exited with irqs disabled # EXEC_USERSPACE: saw 'call trace:': ok ok 42 selftests: lkdtm: EXEC_USERSPACE.sh # timeout set to 45 # selftests: lkdtm: EXEC_NULL.sh <6>[ 188.185898] lkdtm: Performing direct entry EXEC_NULL <6>[ 188.189912] lkdtm: attempting ok execution at c0df7aa0 <6>[ 188.195258] lkdtm: attempting bad execution at 00000000 <1>[ 188.200839] 8<--- cut here --- <1>[ 188.204106] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute <1>[ 188.216998] [00000000] *pgd=00000000 <0>[ 188.220904] Internal error: Oops: 80000005 [#12] SMP ARM <4>[ 188.225096] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 188.263200] CPU: 0 UID: 0 PID: 2796 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 188.272794] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 188.278040] Hardware name: STM32 (Device Tree Support) <4>[ 188.283488] PC is at 0x0 <4>[ 188.286235] LR is at execute_location+0x9c/0xac <4>[ 188.291101] pc : [<00000000>] lr : [] psr: 60080013 <4>[ 188.297659] sp : f1e09eb0 ip : 00000000 fp : 0050fe38 <4>[ 188.303110] r10: c5649900 r9 : f1e09f80 r8 : c2687f80 <4>[ 188.308661] r7 : f1e09f80 r6 : 00000000 r5 : 00000000 r4 : c0df7aa0 <4>[ 188.315419] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 188.322280] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 188.329747] Control: 10c5387d Table: c8d3806a DAC: 00000051 <1>[ 188.335698] Register r0 information: non-paged memory <1>[ 188.341060] Register r1 information: NULL pointer <1>[ 188.346014] Register r2 information: NULL pointer <1>[ 188.351066] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 188.364744] copy_process+0x1f4/0x1f64 <6>[ 188.369001] kernel_clone+0xac/0x388 <6>[ 188.373157] sys_clone+0x78/0x9c <6>[ 188.376909] ret_fast_syscall+0x0/0x1c <4>[ 188.381160] Free path: <6>[ 188.383890] rcu_core+0x2dc/0xb14 <6>[ 188.387742] handle_softirqs+0x15c/0x430 <6>[ 188.392201] irq_exit+0xac/0xd4 <6>[ 188.395851] call_with_stack+0x18/0x20 <6>[ 188.400108] __irq_svc+0x9c/0xb8 <6>[ 188.403856] __tcp_transmit_skb+0x550/0xd68 <6>[ 188.408611] tcp_write_xmit+0x378/0x18bc <6>[ 188.413063] __tcp_push_pending_frames+0x38/0x11c <6>[ 188.418320] tcp_sock_set_cork+0x44/0x50 <6>[ 188.422777] xs_tcp_send_request+0x1e0/0x288 <6>[ 188.427531] xprt_transmit+0x1a0/0x4a0 <6>[ 188.431892] call_transmit+0x80/0x8c <6>[ 188.435944] __rpc_execute+0xc8/0x5d0 <6>[ 188.440099] rpc_async_schedule+0x24/0x40 <6>[ 188.444654] process_one_work+0x1b8/0x450 <6>[ 188.449209] worker_thread+0x1d4/0x3c4 <1>[ 188.453562] Register r4 information: non-slab/vmalloc memory <1>[ 188.459424] Register r5 information: NULL pointer <1>[ 188.464478] Register r6 information: NULL pointer <1>[ 188.469430] Register r7 information: 2-page vmalloc region starting at 0xf1e08000 allocated at kernel_clone+0xac/0x388 <1>[ 188.480440] Register r8 information: non-slab/vmalloc memory <1>[ 188.486400] Register r9 information: 2-page vmalloc region starting at 0xf1e08000 allocated at kernel_clone+0xac/0x388 <1>[ 188.497407] Register r10 information: slab kmalloc-192 start c56498c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 188.511268] full_proxy_open+0x124/0x24c <6>[ 188.515718] do_dentry_open+0x144/0x4dc <6>[ 188.520073] vfs_open+0x2c/0xec <6>[ 188.523725] path_openat+0x748/0x1198 <6>[ 188.527976] do_filp_open+0x98/0x134 <6>[ 188.532026] do_sys_openat2+0xbc/0xe4 <6>[ 188.536280] sys_openat+0x98/0xd4 <6>[ 188.540132] ret_fast_syscall+0x0/0x1c <4>[ 188.544382] Free path: <6>[ 188.547112] nfs_pgio_header_free+0x34/0x48 <6>[ 188.551772] nfs_write_completion+0x60/0x240 <6>[ 188.556625] rpc_free_task+0x34/0x54 <6>[ 188.560680] rpc_async_release+0x24/0x40 <6>[ 188.565131] process_one_work+0x1b8/0x450 <6>[ 188.569686] worker_thread+0x1d4/0x3c4 <6>[ 188.574039] kthread+0xe8/0x104 <6>[ 188.577688] ret_from_fork+0x14/0x28 <1>[ 188.581736] Register r11 information: non-paged memory <1>[ 188.587195] Register r12 information: NULL pointer <0>[ 188.592249] Process cat (pid: 2796, stack limit = 0xf1e08000) <0>[ 188.598306] Stack: (0xf1e09eb0 to 0xf1e0a000) <0>[ 188.602959] 9ea0: 0000000a c8944000 00000000 c0df61c8 <0>[ 188.611434] 9ec0: 0000000a c0df65ac c0df6490 c5443c40 b6dd4000 0000000a c3824260 c08910e8 <0>[ 188.619909] 9ee0: c5443c40 c089108c f1e09f80 b6dd4000 c5205040 0000000a c5649900 c0628870 <0>[ 188.628383] 9f00: c8d3adb0 00000000 00000000 00000000 00000000 0000000a b6dd4000 0001fff6 <0>[ 188.636854] 9f20: 00000001 00000000 c5443640 00000000 00000000 00000000 00000000 00000000 <0>[ 188.645327] 9f40: 00000000 00000000 00000000 00000000 00000022 9644a006 00000000 c5443c40 <0>[ 188.653801] 9f60: c5443c40 00000000 00000000 c03002f0 c5205040 00000004 0050fe38 c0628dcc <0>[ 188.662275] 9f80: 00000000 00000000 00000000 9644a006 000000c0 0000000a 0000000a 7ff00000 <0>[ 188.670748] 9fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6dd4000 0000000a 00000001 <0>[ 188.679222] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6dd4000 00020000 0050fe38 <0>[ 188.687695] 9fe0: 00000004 beb40788 b6e9a33b b6e13616 60080030 00000001 00000000 00000000 <0>[ 188.696160] Call trace: <0>[ 188.696182] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 188.704887] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 188.710655] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 188.716324] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 188.721800] vfs_write from ksys_write+0x78/0xf8 <0>[ 188.726677] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 188.732148] Exception stack(0xf1e09fa8 to 0xf1e09ff0) <0>[ 188.737505] 9fa0: 0000000a 0000000a 00000001 b6dd4000 0000000a 00000001 <0>[ 188.745979] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6dd4000 00020000 0050fe38 <0>[ 188.754449] 9fe0: 00000004 beb40788 b6e9a33b b6e13616 <0>[ 188.759808] Code: bad PC value <4>[ 188.764785] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 0.000000] ** administrator! ** # [ 0.000000] ** ** # [ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** # [ 0.000000] ********************************************************** # [ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1 # [ 0.000000] ftrace: allocating 70447 entries in 207 pages # [ 0.000000] ftrace: allocated 207 pages with 6 groups # [ 188.185898] lkdtm: Performing direct entry EXEC_NULL # [ 188.189912] lkdtm: attempting ok execution at c0df7aa0 # [ 188.195258] lkdtm: attempting bad execution at 00000000 # [ 188.200839] 8<--- cut here --- # [ 188.204106] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute # [ 188.216998] [00000000] *pgd=00000000 # [ 188.220904] Internal error: Oops: 80000005 [#12] SMP ARM # [ 188.225096] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 188.263200] CPU: 0 UID: 0 PID: 2796 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 188.272794] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 188.278040] Hardware name: STM32 (Device Tree Support) # [ 188.283488] PC is at 0x0 # [ 188.286235] LR is at execute_location+0x9c/0xac # [ 188.291101] pc : [<00000000>] lr : [] psr: 60080013 # [ 188.297659] sp : f1e09eb0 ip : 00000000 fp : 0050fe38 # [ 188.303110] r10: c5649900 r9 : f1e09f80 r8 : c2687f80 # [ 188.308661] r7 : f1e09f80 r6 : 00000000 r5 : 00000000 r4 : c0df7aa0 # [ 188.315419] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 188.322280] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 188.329747] Control: 10c5387d Table: c8d3806a DAC: 00000051 # [ 188.335698] Register r0 information: non-paged memory # [ 188.341060] Register r1 information: NULL pointer # [ 188.346014] Register r2 information: NULL pointer # [ 188.351066] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 188.364744] copy_process+0x1f4/0x1f64 # [ 188.369001] kernel_clone+0xac/0x388 # [ 188.373157] sys_clone+0x78/0x9c # [ 188.376909] ret_fast_syscall+0x0/0x1c # [ 188.381160] Free path: # [ 188.383890] rcu_core+0x2dc/0xb14 # [ 188.387742] handle_softirqs+0x15c/0x430 # [ 188.392201] irq_exit+0xac/0xd4 # [ 188.395851] call_with_stack+0x18/0x20 # [ 188.400108] __irq_svc+0x9c/0xb8 # [ 188.403856] __tcp_transmit_skb+0x550/0xd68 # [ 188.408611] tcp_write_xmit+0x378/0x18bc # [ 188.413063] __tcp_push_pending_frames+0x38/0x11c # [ 188.418320] tcp_sock_set_cork+0x44/0x50 # [ 188.422777] xs_tcp_send_request+0x1e0/0x288 # [ 188.427531] xprt_transmit+0x1a0/0x4a0 # [ 188.431892] call_transmit+0x80/0x8c # [ 188.435944] __rpc_execute+0xc8/0x5d0 # [ 188.440099] rpc_async_schedule+0x24/0x40 # [ 188.444654] process_one_work+0x1b8/0x450 # [ 188.449209] worker_thread+0x1d4/0x3c4 # [ 188.453562] Register r4 information: non-slab/vmalloc memory # [ 188.459424] Register r5 information: NULL pointer # [ 188.464478] Register r6 information: NULL pointer # [ 188.469430] Register r7 information: 2-page vmalloc region starting at 0xf1e08000 allocated at kernel_clone+0xac/0x388 # [ 188.480440] Register r8 information: non-slab/vmalloc memory # [ 188.486400] Register r9 information: 2-page vmalloc region starting at 0xf1e08000 allocated at kernel_clone+0xac/0x388 # [ 188.497407] Register r10 information: slab kmalloc-192 start c56498c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 188.511268] full_proxy_open+0x124/0x24c # [ 188.515718] do_dentry_open+0x144/0x4dc # [ 188.520073] vfs_open+0x2c/0xec # [ 188.523725] path_openat+0x748/0x1198 # [ 188.527976] do_filp_open+0x98/0x134 # [ 188.532026] do_sys_openat2+0xbc/0xe4 # [ 188.536280] sys_openat+0x98/0xd4 # [ 188.540132] ret_fast_syscall+0x0/0x1c # [ 188.544382] Free path: # [ 188.547112] nfs_pgio_header_free+0x34/0x48 # [ 188.551772] nfs_write_completion+0x60/0x240 # [ 188.556625] rpc_free_task+0x34/0x54 # [ 188.560680] rpc_async_release+0x24/0x40 # [ 188.565131] process_one_work+0x1b8/0x450 # [ 188.569686] worker_thread+0x1d4/0x3c4 # [ 188.574039] kthread+0xe8/0x104 # [ 188.577688] ret_from_fork+0x14/0x28 # [ 188.581736] Register r11 information: non-paged memory # [ 188.587195] Register r12 information: NULL pointer # [ 188.592249] Process cat (pid: 2796, stack limit = 0xf1e08000) # [ 188.598306] Stack: (0xf1e09eb0 to 0xf1e0a000) # [ 188.602959] 9ea0: 0000000a c8944000 00000000 c0df61c8 # [ 188.611434] 9ec0: 0000000a c0df65ac c0df6490 c5443c40 b6dd4000 0000000a c3824260 c08910e8 # [ 188.619909] 9ee0: c5443c40 c089108c f1e09f80 b6dd4000 c5205040 0000000a c5649900 c0628870 # [ 188.628383] 9f00: c8d3adb0 00000000 00000000 00000000 00000000 0000000a b6dd4000 0001fff6 # [ 188.636854] 9f20: 00000001 00000000 c5443640 00000000 00000000 00000000 00000000 00000000 # [ 188.645327] 9f40: 00000000 00000000 00000000 00000000 00000022 9644a006 00000000 c5443c40 # [ 188.653801] 9f60: c5443c40 00000000 00000000 c03002f0 c5205040 00000004 0050fe38 c0628dcc # [ 188.662275] 9f80: 00000000 00000000 00000000 9644a006 000000c0 0000000a 0000000a 7ff00000 # [ 188.670748] 9fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6dd4000 0000000a 00000001 # [ 188.679222] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6dd4000 00020000 0050fe38 # [ 188.687695] 9fe0: 00000004 beb40788 b6e9a33b b6e13616 60080030 00000001 00000000 00000000 # [ 188.696160] Call trace: # [ 188.696182] execute_location from lkdtm_do_action+0x24/0x4c # [ 188.704887] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 188.710655] direct_entry from full_proxy_write+0x5c/0x8c # [ 188.716324] full_proxy_write from vfs_write+0xbc/0x3cc # [ 188.721800] vfs_write from ksys_write+0x78/0xf8 # [ 188.726677] ksys_write from ret_fast_syscall+0x0/0x1c # [ 188.732148] Exception stack(0xf1e09fa8 to 0xf1e09ff0) # [ 188.737505] 9fa0: 0000000a 0000000a 00000001 b6dd4000 0000000a 00000001 # [ 188.745979] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6dd4000 00020000 0050fe38 # [ 188.754449] 9fe0: 00000004 beb40788 b6e9a33b b6e13616 # [ 188.759808] Code: bad PC value # [ 188.764785] ---[ end trace 0000000000000000 ]--- # EXEC_NULL: saw 'call trace:': ok ok 43 selftests: lkdtm: EXEC_NULL.sh # timeout set to 45 # selftests: lkdtm: ACCESS_USERSPACE.sh <6>[ 190.734144] lkdtm: Performing direct entry ACCESS_USERSPACE <6>[ 190.739056] lkdtm: attempting bad read at b6f4f000 <1>[ 190.744040] 8<--- cut here --- <1>[ 190.747090] Unhandled fault: page domain fault (0x01b) at 0xb6f4f000 <1>[ 190.753765] [b6f4f000] *pgd=fb0d8835 <0>[ 190.757644] Internal error: : 1b [#13] SMP ARM <4>[ 190.762310] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 190.800431] CPU: 1 UID: 0 PID: 2877 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 190.810037] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 190.815290] Hardware name: STM32 (Device Tree Support) <4>[ 190.820642] PC is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 <4>[ 190.826119] LR is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 <4>[ 190.831478] pc : [] lr : [] psr: 60080013 <4>[ 190.838036] sp : f1e69ea0 ip : 00000000 fp : 0041fe38 <4>[ 190.843588] r10: c5649900 r9 : f1e69f80 r8 : c2687f88 <4>[ 190.849040] r7 : f1e69f80 r6 : 00000000 r5 : 00000051 r4 : b6f4f000 <4>[ 190.855902] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 00000026 <4>[ 190.862662] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 190.870130] Control: 10c5387d Table: c8b8006a DAC: 00000051 <1>[ 190.876182] Register r0 information: non-paged memory <1>[ 190.881446] Register r1 information: NULL pointer <1>[ 190.886500] Register r2 information: NULL pointer <1>[ 190.891453] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 190.905131] copy_process+0x1f4/0x1f64 <6>[ 190.909489] kernel_clone+0xac/0x388 <6>[ 190.913545] sys_clone+0x78/0x9c <6>[ 190.917298] ret_fast_syscall+0x0/0x1c <4>[ 190.921549] Free path: <6>[ 190.924279] rcu_core+0x2dc/0xb14 <6>[ 190.928133] handle_softirqs+0x15c/0x430 <6>[ 190.932590] irq_exit+0xac/0xd4 <6>[ 190.936240] call_with_stack+0x18/0x20 <6>[ 190.940598] __irq_svc+0x9c/0xb8 <6>[ 190.944346] mas_prev+0x0/0x88 <6>[ 190.947905] vm_unmapped_area+0x130/0x2e0 <6>[ 190.952468] arch_get_unmapped_area_topdown+0xfc/0x158 <6>[ 190.958133] __get_unmapped_area+0xf4/0xfc <6>[ 190.962795] do_mmap+0x124/0x4c4 <6>[ 190.966540] vm_mmap_pgoff+0xf4/0x1b0 <6>[ 190.970695] ksys_mmap_pgoff+0x9c/0xe4 <6>[ 190.974952] ret_fast_syscall+0x0/0x1c <1>[ 190.979302] Register r4 information: non-paged memory <1>[ 190.984560] Register r5 information: non-paged memory <1>[ 190.989915] Register r6 information: NULL pointer <1>[ 190.994868] Register r7 information: 2-page vmalloc region starting at 0xf1e68000 allocated at kernel_clone+0xac/0x388 <1>[ 191.005879] Register r8 information: non-slab/vmalloc memory <1>[ 191.011844] Register r9 information: 2-page vmalloc region starting at 0xf1e68000 allocated at kernel_clone+0xac/0x388 <1>[ 191.022864] Register r10 information: slab kmalloc-192 start c56498c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 191.036743] full_proxy_open+0x124/0x24c <6>[ 191.041204] do_dentry_open+0x144/0x4dc <6>[ 191.045563] vfs_open+0x2c/0xec <6>[ 191.049215] path_openat+0x748/0x1198 <6>[ 191.053468] do_filp_open+0x98/0x134 <6>[ 191.057518] do_sys_openat2+0xbc/0xe4 <6>[ 191.061773] sys_openat+0x98/0xd4 <6>[ 191.065625] ret_fast_syscall+0x0/0x1c <4>[ 191.069876] Free path: <6>[ 191.072607] nfs_pgio_header_free+0x34/0x48 <6>[ 191.077267] nfs_write_completion+0x60/0x240 <6>[ 191.082120] rpc_free_task+0x34/0x54 <6>[ 191.086176] rpc_async_release+0x24/0x40 <6>[ 191.090628] process_one_work+0x1b8/0x450 <6>[ 191.095184] worker_thread+0x1d4/0x3c4 <6>[ 191.099536] kthread+0xe8/0x104 <6>[ 191.103185] ret_from_fork+0x14/0x28 <1>[ 191.107233] Register r11 information: non-paged memory <1>[ 191.112693] Register r12 information: NULL pointer <0>[ 191.117747] Process cat (pid: 2877, stack limit = 0xf1e68000) <0>[ 191.123805] Stack: (0xf1e69ea0 to 0xf1e6a000) <0>[ 191.128463] 9ea0: 00000022 00000000 00000000 82c653a7 f1e69f80 00000011 c8c78000 c0df61c8 <0>[ 191.136938] 9ec0: 00000011 c0df65ac c0df6490 c52cd740 b6de8000 00000011 c3824260 c08910e8 <0>[ 191.145413] 9ee0: c52cd740 c089108c f1e69f80 b6de8000 c5205040 00000011 c5649900 c0628870 <0>[ 191.153888] 9f00: c8b82db0 00000000 00000000 00000000 00000000 00000011 b6de8000 0001ffef <0>[ 191.162359] 9f20: 00000001 00000000 c52cd640 00000000 00000000 00000000 00000000 00000000 <0>[ 191.170833] 9f40: 00000000 00000000 00000000 00000000 00000022 82c653a7 00000000 c52cd740 <0>[ 191.179307] 9f60: c52cd740 00000000 00000000 c03002f0 c5205040 00000004 0041fe38 c0628dcc <0>[ 191.187780] 9f80: 00000000 00000000 00000000 82c653a7 000000c0 00000011 00000011 7ff00000 <0>[ 191.196254] 9fa0: 00000004 c03000c0 00000011 00000011 00000001 b6de8000 00000011 00000001 <0>[ 191.204729] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6de8000 00020000 0041fe38 <0>[ 191.213203] 9fe0: 00000004 bee92788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 <0>[ 191.221669] Call trace: <0>[ 191.221683] lkdtm_ACCESS_USERSPACE from lkdtm_do_action+0x24/0x4c <0>[ 191.230887] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 191.236655] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 191.242323] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 191.247899] vfs_write from ksys_write+0x78/0xf8 <0>[ 191.252776] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 191.258147] Exception stack(0xf1e69fa8 to 0xf1e69ff0) <0>[ 191.263505] 9fa0: 00000011 00000011 00000001 b6de8000 00000011 00000001 <0>[ 191.271980] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6de8000 00020000 0041fe38 <0>[ 191.280449] 9fe0: 00000004 bee92788 b6eae33b b6e27616 <0>[ 191.285808] Code: e1a01004 e30e0040 e34c01f9 eb233615 (e5943000) <4>[ 191.292167] ---[ end trace 0000000000000000 ]--- <6>[ 191.297016] note: cat[2877] exited with irqs disabled # Segmentation fault # [ 190.734144] lkdtm: Performing direct entry ACCESS_USERSPACE # [ 190.739056] lkdtm: attempting bad read at b6f4f000 # [ 190.744040] 8<--- cut here --- # [ 190.747090] Unhandled fault: page domain fault (0x01b) at 0xb6f4f000 # [ 190.753765] [b6f4f000] *pgd=fb0d8835 # [ 190.757644] Internal error: : 1b [#13] SMP ARM # [ 190.762310] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 190.800431] CPU: 1 UID: 0 PID: 2877 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 190.810037] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 190.815290] Hardware name: STM32 (Device Tree Support) # [ 190.820642] PC is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 # [ 190.826119] LR is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 # [ 190.831478] pc : [] lr : [] psr: 60080013 # [ 190.838036] sp : f1e69ea0 ip : 00000000 fp : 0041fe38 # [ 190.843588] r10: c5649900 r9 : f1e69f80 r8 : c2687f88 # [ 190.849040] r7 : f1e69f80 r6 : 00000000 r5 : 00000051 r4 : b6f4f000 # [ 190.855902] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 00000026 # [ 190.862662] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 190.870130] Control: 10c5387d Table: c8b8006a DAC: 00000051 # [ 190.876182] Register r0 information: non-paged memory # [ 190.881446] Register r1 information: NULL pointer # [ 190.886500] Register r2 information: NULL pointer # [ 190.891453] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 190.905131] copy_process+0x1f4/0x1f64 # [ 190.909489] kernel_clone+0xac/0x388 # [ 190.913545] sys_clone+0x78/0x9c # [ 190.917298] ret_fast_syscall+0x0/0x1c # [ 190.921549] Free path: # [ 190.924279] rcu_core+0x2dc/0xb14 # [ 190.928133] handle_softirqs+0x15c/0x430 # [ 190.932590] irq_exit+0xac/0xd4 # [ 190.936240] call_with_stack+0x18/0x20 # [ 190.940598] __irq_svc+0x9c/0xb8 # [ 190.944346] mas_prev+0x0/0x88 # [ 190.947905] vm_unmapped_area+0x130/0x2e0 # [ 190.952468] arch_get_unmapped_area_topdown+0xfc/0x158 # [ 190.958133] __get_unmapped_area+0xf4/0xfc # [ 190.962795] do_mmap+0x124/0x4c4 # [ 190.966540] vm_mmap_pgoff+0xf4/0x1b0 # [ 190.970695] ksys_mmap_pgoff+0x9c/0xe4 # [ 190.974952] ret_fast_syscall+0x0/0x1c # [ 190.979302] Register r4 information: non-paged memory # [ 190.984560] Register r5 information: non-paged memory # [ 190.989915] Register r6 information: NULL pointer # [ 190.994868] Register r7 information: 2-page vmalloc region starting at 0xf1e68000 allocated at kernel_clone+0xac/0x388 # [ 191.005879] Register r8 information: non-slab/vmalloc memory # [ 191.011844] Register r9 information: 2-page vmalloc region starting at 0xf1e68000 allocated at kernel_clone+0xac/0x388 # [ 191.022864] Register r10 information: slab kmalloc-192 start c56498c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 191.036743] full_proxy_open+0x124/0x24c # [ 191.041204] do_dentry_open+0x144/0x4dc # [ 191.045563] vfs_open+0x2c/0xec # [ 191.049215] path_openat+0x748/0x1198 # [ 191.053468] do_filp_open+0x98/0x134 # [ 191.057518] do_sys_openat2+0xbc/0xe4 # [ 191.061773] sys_openat+0x98/0xd4 # [ 191.065625] ret_fast_syscall+0x0/0x1c # [ 191.069876] Free path: # [ 191.072607] nfs_pgio_header_free+0x34/0x48 # [ 191.077267] nfs_write_completion+0x60/0x240 # [ 191.082120] rpc_free_task+0x34/0x54 # [ 191.086176] rpc_async_release+0x24/0x40 # [ 191.090628] process_one_work+0x1b8/0x450 # [ 191.095184] worker_thread+0x1d4/0x3c4 # [ 191.099536] kthread+0xe8/0x104 # [ 191.103185] ret_from_fork+0x14/0x28 # [ 191.107233] Register r11 information: non-paged memory # [ 191.112693] Register r12 information: NULL pointer # [ 191.117747] Process cat (pid: 2877, stack limit = 0xf1e68000) # [ 191.123805] Stack: (0xf1e69ea0 to 0xf1e6a000) # [ 191.128463] 9ea0: 00000022 00000000 00000000 82c653a7 f1e69f80 00000011 c8c78000 c0df61c8 # [ 191.136938] 9ec0: 00000011 c0df65ac c0df6490 c52cd740 b6de8000 00000011 c3824260 c08910e8 # [ 191.145413] 9ee0: c52cd740 c089108c f1e69f80 b6de8000 c5205040 00000011 c5649900 c0628870 # [ 191.153888] 9f00: c8b82db0 00000000 00000000 00000000 00000000 00000011 b6de8000 0001ffef # [ 191.162359] 9f20: 00000001 00000000 c52cd640 00000000 00000000 00000000 00000000 00000000 # [ 191.170833] 9f40: 00000000 00000000 00000000 00000000 00000022 82c653a7 00000000 c52cd740 # [ 191.179307] 9f60: c52cd740 00000000 00000000 c03002f0 c5205040 00000004 0041fe38 c0628dcc # [ 191.187780] 9f80: 00000000 00000000 00000000 82c653a7 000000c0 00000011 00000011 7ff00000 # [ 191.196254] 9fa0: 00000004 c03000c0 00000011 00000011 00000001 b6de8000 00000011 00000001 # [ 191.204729] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6de8000 00020000 0041fe38 # [ 191.213203] 9fe0: 00000004 bee92788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 # [ 191.221669] Call trace: # [ 191.221683] lkdtm_ACCESS_USERSPACE from lkdtm_do_action+0x24/0x4c # [ 191.230887] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 191.236655] direct_entry from full_proxy_write+0x5c/0x8c # [ 191.242323] full_proxy_write from vfs_write+0xbc/0x3cc # [ 191.247899] vfs_write from ksys_write+0x78/0xf8 # [ 191.252776] ksys_write from ret_fast_syscall+0x0/0x1c # [ 191.258147] Exception stack(0xf1e69fa8 to 0xf1e69ff0) # [ 191.263505] 9fa0: 00000011 00000011 00000001 b6de8000 00000011 00000001 # [ 191.271980] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6de8000 00020000 0041fe38 # [ 191.280449] 9fe0: 00000004 bee92788 b6eae33b b6e27616 # [ 191.285808] Code: e1a01004 e30e0040 e34c01f9 eb233615 (e5943000) # [ 191.292167] ---[ end trace 0000000000000000 ]--- # [ 191.297016] note: cat[2877] exited with irqs disabled # ACCESS_USERSPACE: saw 'call trace:': ok ok 44 selftests: lkdtm: ACCESS_USERSPACE.sh # timeout set to 45 # selftests: lkdtm: ACCESS_NULL.sh <6>[ 193.131437] lkdtm: Performing direct entry ACCESS_NULL <6>[ 193.135625] lkdtm: attempting bad read at 00000000 <1>[ 193.140694] 8<--- cut here --- <1>[ 193.143931] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read <1>[ 193.153234] [00000000] *pgd=00000000 <0>[ 193.157093] Internal error: Oops: 5 [#14] SMP ARM <4>[ 193.161980] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 193.200107] CPU: 1 UID: 0 PID: 2958 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 193.209709] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 193.214858] Hardware name: STM32 (Device Tree Support) <4>[ 193.220307] PC is at lkdtm_ACCESS_NULL+0x20/0x60 <4>[ 193.225182] LR is at lkdtm_ACCESS_NULL+0x20/0x60 <4>[ 193.230140] pc : [] lr : [] psr: 60080013 <4>[ 193.236698] sp : f1ed5eb0 ip : 00000000 fp : 004afe38 <4>[ 193.242149] r10: c5649900 r9 : f1ed5f80 r8 : c2687f90 <4>[ 193.247702] r7 : f1ed5f80 r6 : 00000000 r5 : c894b000 r4 : 00000000 <4>[ 193.254461] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 00000026 <4>[ 193.261321] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 193.268688] Control: 10c5387d Table: c57f806a DAC: 00000051 <1>[ 193.274740] Register r0 information: non-paged memory <1>[ 193.280105] Register r1 information: NULL pointer <1>[ 193.285059] Register r2 information: NULL pointer <1>[ 193.290012] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 193.303792] copy_process+0x1f4/0x1f64 <6>[ 193.308051] kernel_clone+0xac/0x388 <6>[ 193.312206] sys_clone+0x78/0x9c <6>[ 193.315960] ret_fast_syscall+0x0/0x1c <4>[ 193.320211] Free path: <6>[ 193.322942] rcu_core+0x2dc/0xb14 <6>[ 193.326796] handle_softirqs+0x15c/0x430 <6>[ 193.331254] irq_exit+0xac/0xd4 <6>[ 193.334905] call_with_stack+0x18/0x20 <6>[ 193.339161] __irq_svc+0x9c/0xb8 <6>[ 193.342908] unwind_frame+0xac/0x92c <6>[ 193.347067] arch_stack_walk+0x84/0x100 <6>[ 193.351418] stack_trace_save+0x50/0x78 <6>[ 193.355778] set_track_prepare+0x40/0x74 <6>[ 193.360237] ___slab_alloc+0xd28/0xd7c <6>[ 193.364497] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 193.369660] nfs_writehdr_alloc+0x34/0x74 <6>[ 193.374222] nfs_generic_pg_pgios+0x20/0xcc <6>[ 193.378879] nfs_pageio_doio+0x4c/0x6c <6>[ 193.383234] nfs_pageio_complete+0x88/0x124 <6>[ 193.387892] nfs_writepages_callback+0x24/0x50 <1>[ 193.392855] Register r4 information: NULL pointer <1>[ 193.397910] Register r5 information: non-slab/vmalloc memory <1>[ 193.403871] Register r6 information: NULL pointer <1>[ 193.408824] Register r7 information: 2-page vmalloc region starting at 0xf1ed4000 allocated at kernel_clone+0xac/0x388 <1>[ 193.419836] Register r8 information: non-slab/vmalloc memory <1>[ 193.425797] Register r9 information: 2-page vmalloc region starting at 0xf1ed4000 allocated at kernel_clone+0xac/0x388 <1>[ 193.436805] Register r10 information: slab kmalloc-192 start c56498c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 193.450669] full_proxy_open+0x124/0x24c <6>[ 193.455119] do_dentry_open+0x144/0x4dc <6>[ 193.459475] vfs_open+0x2c/0xec <6>[ 193.463127] path_openat+0x748/0x1198 <6>[ 193.467379] do_filp_open+0x98/0x134 <6>[ 193.471428] do_sys_openat2+0xbc/0xe4 <6>[ 193.475682] sys_openat+0x98/0xd4 <6>[ 193.479535] ret_fast_syscall+0x0/0x1c <4>[ 193.483785] Free path: <6>[ 193.486515] nfs_pgio_header_free+0x34/0x48 <6>[ 193.491174] nfs_write_completion+0x60/0x240 <6>[ 193.496030] rpc_free_task+0x34/0x54 <6>[ 193.500089] rpc_async_release+0x24/0x40 <6>[ 193.504543] process_one_work+0x1b8/0x450 <6>[ 193.509100] worker_thread+0x1d4/0x3c4 <6>[ 193.513458] kthread+0xe8/0x104 <6>[ 193.517121] ret_from_fork+0x14/0x28 <1>[ 193.521184] Register r11 information: non-paged memory <1>[ 193.526658] Register r12 information: NULL pointer <0>[ 193.531730] Process cat (pid: 2958, stack limit = 0xf1ed4000) <0>[ 193.537701] Stack: (0xf1ed5eb0 to 0xf1ed6000) <0>[ 193.542368] 5ea0: 0000000c c894b000 00000000 c0df61c8 <0>[ 193.550854] 5ec0: 0000000c c0df65ac c0df6490 c5443c40 b6e38000 0000000c c3824260 c08910e8 <0>[ 193.559340] 5ee0: c5443c40 c089108c f1ed5f80 b6e38000 c5205040 0000000c c5649900 c0628870 <0>[ 193.567820] 5f00: c57fadb8 00000000 00000000 00000000 00000000 0000000c b6e38000 0001fff4 <0>[ 193.576295] 5f20: 00000001 00000000 c5443640 00000000 00000000 00000000 00000000 00000000 <0>[ 193.584770] 5f40: 00000000 00000000 00000000 00000000 00000022 2bf51a58 00000000 c5443c40 <0>[ 193.593245] 5f60: c5443c40 00000000 00000000 c03002f0 c5205040 00000004 004afe38 c0628dcc <0>[ 193.601720] 5f80: 00000000 00000000 00000000 2bf51a58 000000c0 0000000c 0000000c 7ff00000 <0>[ 193.610193] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6e38000 0000000c 00000001 <0>[ 193.618668] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 <0>[ 193.627142] 5fe0: 00000004 beac3788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 193.635609] Call trace: <0>[ 193.635623] lkdtm_ACCESS_NULL from lkdtm_do_action+0x24/0x4c <0>[ 193.644435] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 193.650205] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 193.655876] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 193.661353] vfs_write from ksys_write+0x78/0xf8 <0>[ 193.666230] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 193.671702] Exception stack(0xf1ed5fa8 to 0xf1ed5ff0) <0>[ 193.676959] 5fa0: 0000000c 0000000c 00000001 b6e38000 0000000c 00000001 <0>[ 193.685433] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 <0>[ 193.693903] 5fe0: 00000004 beac3788 b6efe33b b6e77616 <0>[ 193.699262] Code: e30e0040 e34c01f9 e1a01004 ebffc40b (e5945000) <4>[ 193.705902] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 193.131437] lkdtm: Performing direct entry ACCESS_NULL # [ 193.135625] lkdtm: attempting bad read at 00000000 # [ 193.140694] 8<--- cut here --- # [ 193.143931] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read # [ 193.153234] [00000000] *pgd=00000000 # [ 193.157093] Internal error: Oops: 5 [#14] SMP ARM # [ 193.161980] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 193.200107] CPU: 1 UID: 0 PID: 2958 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 193.209709] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 193.214858] Hardware name: STM32 (Device Tree Support) # [ 193.220307] PC is at lkdtm_ACCESS_NULL+0x20/0x60 # [ 193.225182] LR is at lkdtm_ACCESS_NULL+0x20/0x60 # [ 193.230140] pc : [] lr : [] psr: 60080013 # [ 193.236698] sp : f1ed5eb0 ip : 00000000 fp : 004afe38 # [ 193.242149] r10: c5649900 r9 : f1ed5f80 r8 : c2687f90 # [ 193.247702] r7 : f1ed5f80 r6 : 00000000 r5 : c894b000 r4 : 00000000 # [ 193.254461] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 00000026 # [ 193.261321] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 193.268688] Control: 10c5387d Table: c57f806a DAC: 00000051 # [ 193.274740] Register r0 information: non-paged memory # [ 193.280105] Register r1 information: NULL pointer # [ 193.285059] Register r2 information: NULL pointer # [ 193.290012] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 193.303792] copy_process+0x1f4/0x1f64 # [ 193.308051] kernel_clone+0xac/0x388 # [ 193.312206] sys_clone+0x78/0x9c # [ 193.315960] ret_fast_syscall+0x0/0x1c # [ 193.320211] Free path: # [ 193.322942] rcu_core+0x2dc/0xb14 # [ 193.326796] handle_softirqs+0x15c/0x430 # [ 193.331254] irq_exit+0xac/0xd4 # [ 193.334905] call_with_stack+0x18/0x20 # [ 193.339161] __irq_svc+0x9c/0xb8 # [ 193.342908] unwind_frame+0xac/0x92c # [ 193.347067] arch_stack_walk+0x84/0x100 # [ 193.351418] stack_trace_save+0x50/0x78 # [ 193.355778] set_track_prepare+0x40/0x74 # [ 193.360237] ___slab_alloc+0xd28/0xd7c # [ 193.364497] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 193.369660] nfs_writehdr_alloc+0x34/0x74 # [ 193.374222] nfs_generic_pg_pgios+0x20/0xcc # [ 193.378879] nfs_pageio_doio+0x4c/0x6c # [ 193.383234] nfs_pageio_complete+0x88/0x124 # [ 193.387892] nfs_writepages_callback+0x24/0x50 # [ 193.392855] Register r4 information: NULL pointer # [ 193.397910] Register r5 information: non-slab/vmalloc memory # [ 193.403871] Register r6 information: NULL pointer # [ 193.408824] Register r7 information: 2-page vmalloc region starting at 0xf1ed4000 allocated at kernel_clone+0xac/0x388 # [ 193.419836] Register r8 information: non-slab/vmalloc memory # [ 193.425797] Register r9 information: 2-page vmalloc region starting at 0xf1ed4000 allocated at kernel_clone+0xac/0x388 # [ 193.436805] Register r10 information: slab kmalloc-192 start c56498c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 193.450669] full_proxy_open+0x124/0x24c # [ 193.455119] do_dentry_open+0x144/0x4dc # [ 193.459475] vfs_open+0x2c/0xec # [ 193.463127] path_openat+0x748/0x1198 # [ 193.467379] do_filp_open+0x98/0x134 # [ 193.471428] do_sys_openat2+0xbc/0xe4 # [ 193.475682] sys_openat+0x98/0xd4 # [ 193.479535] ret_fast_syscall+0x0/0x1c # [ 193.483785] Free path: # [ 193.486515] nfs_pgio_header_free+0x34/0x48 # [ 193.491174] nfs_write_completion+0x60/0x240 # [ 193.496030] rpc_free_task+0x34/0x54 # [ 193.500089] rpc_async_release+0x24/0x40 # [ 193.504543] process_one_work+0x1b8/0x450 # [ 193.509100] worker_thread+0x1d4/0x3c4 # [ 193.513458] kthread+0xe8/0x104 # [ 193.517121] ret_from_fork+0x14/0x28 # [ 193.521184] Register r11 information: non-paged memory # [ 193.526658] Register r12 information: NULL pointer # [ 193.531730] Process cat (pid: 2958, stack limit = 0xf1ed4000) # [ 193.537701] Stack: (0xf1ed5eb0 to 0xf1ed6000) # [ 193.542368] 5ea0: 0000000c c894b000 00000000 c0df61c8 # [ 193.550854] 5ec0: 0000000c c0df65ac c0df6490 c5443c40 b6e38000 0000000c c3824260 c08910e8 # [ 193.559340] 5ee0: c5443c40 c089108c f1ed5f80 b6e38000 c5205040 0000000c c5649900 c0628870 # [ 193.567820] 5f00: c57fadb8 00000000 00000000 00000000 00000000 0000000c b6e38000 0001fff4 # [ 193.576295] 5f20: 00000001 00000000 c5443640 00000000 00000000 00000000 00000000 00000000 # [ 193.584770] 5f40: 00000000 00000000 00000000 00000000 00000022 2bf51a58 00000000 c5443c40 # [ 193.593245] 5f60: c5443c40 00000000 00000000 c03002f0 c5205040 00000004 004afe38 c0628dcc # [ 193.601720] 5f80: 00000000 00000000 00000000 2bf51a58 000000c0 0000000c 0000000c 7ff00000 # [ 193.610193] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6e38000 0000000c 00000001 # [ 193.618668] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 # [ 193.627142] 5fe0: 00000004 beac3788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 193.635609] Call trace: # [ 193.635623] lkdtm_ACCESS_NULL from lkdtm_do_action+0x24/0x4c # [ 193.644435] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 193.650205] direct_entry from full_proxy_write+0x5c/0x8c # [ 193.655876] full_proxy_write from vfs_write+0xbc/0x3cc # [ 193.661353] vfs_write from ksys_write+0x78/0xf8 # [ 193.666230] ksys_write from ret_fast_syscall+0x0/0x1c # [ 193.671702] Exception stack(0xf1ed5fa8 to 0xf1ed5ff0) # [ 193.676959] 5fa0: 0000000c 0000000c 00000001 b6e38000 0000000c 00000001 # [ 193.685433] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 # [ 193.693903] 5fe0: 00000004 beac3788 b6efe33b b6e77616 # [ 193.699262] Code: e30e0040 e34c01f9 e1a01004 ebffc40b (e5945000) # [ 193.705902] ---[ end trace 0000000000000000 ]--- # ACCESS_NULL: saw 'call trace:': ok ok 45 selftests: lkdtm: ACCESS_NULL.sh # timeout set to 45 # selftests: lkdtm: WRITE_RO.sh <6>[ 195.532529] lkdtm: Performing direct entry WRITE_RO <6>[ 195.536433] lkdtm: attempting bad rodata write at c19711a4 <1>[ 195.542230] 8<--- cut here --- <1>[ 195.545383] Unable to handle kernel paging request at virtual address c19711a4 when write <1>[ 195.553866] [c19711a4] *pgd=c181941e(bad) <0>[ 195.558152] Internal error: Oops: 80d [#15] SMP ARM <4>[ 195.563323] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 195.601447] CPU: 1 UID: 0 PID: 3039 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 195.611051] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 195.616301] Hardware name: STM32 (Device Tree Support) <4>[ 195.621650] PC is at lkdtm_WRITE_RO+0x34/0x48 <4>[ 195.626323] LR is at lkdtm_WRITE_RO+0x24/0x48 <4>[ 195.630979] pc : [] lr : [] psr: 60080013 <4>[ 195.637539] sp : f1f3deb8 ip : 00000000 fp : 0046fe38 <4>[ 195.642991] r10: c5649b80 r9 : f1f3df80 r8 : c2687f30 <4>[ 195.648542] r7 : f1f3df80 r6 : 00000000 r5 : c8c50000 r4 : c19711a4 <4>[ 195.655303] r3 : 0198b861 r2 : aa55aa55 r1 : 00000000 r0 : 0000002e <4>[ 195.662163] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 195.669530] Control: 10c5387d Table: c8d2806a DAC: 00000051 <1>[ 195.675583] Register r0 information: non-paged memory <1>[ 195.680951] Register r1 information: NULL pointer <1>[ 195.685906] Register r2 information: non-paged memory <1>[ 195.691262] Register r3 information: non-paged memory <1>[ 195.696618] Register r4 information: non-slab/vmalloc memory <1>[ 195.702479] Register r5 information: non-slab/vmalloc memory <1>[ 195.708439] Register r6 information: NULL pointer <1>[ 195.713492] Register r7 information: 2-page vmalloc region starting at 0xf1f3c000 allocated at kernel_clone+0xac/0x388 <1>[ 195.724411] Register r8 information: non-slab/vmalloc memory <1>[ 195.730372] Register r9 information: 2-page vmalloc region starting at 0xf1f3c000 allocated at kernel_clone+0xac/0x388 <1>[ 195.741379] Register r10 information: slab kmalloc-192 start c5649b40 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 195.755349] full_proxy_open+0x124/0x24c <6>[ 195.759799] do_dentry_open+0x144/0x4dc <6>[ 195.764155] vfs_open+0x2c/0xec <6>[ 195.767806] path_openat+0x748/0x1198 <6>[ 195.771958] do_filp_open+0x98/0x134 <6>[ 195.776108] do_sys_openat2+0xbc/0xe4 <6>[ 195.780263] sys_openat+0x98/0xd4 <6>[ 195.784115] ret_fast_syscall+0x0/0x1c <4>[ 195.788466] Free path: <6>[ 195.791097] nfs_pgio_header_free+0x34/0x48 <6>[ 195.795857] nfs_write_completion+0x60/0x240 <6>[ 195.800609] rpc_free_task+0x34/0x54 <6>[ 195.804765] rpc_async_release+0x24/0x40 <6>[ 195.809217] process_one_work+0x1b8/0x450 <6>[ 195.813773] worker_thread+0x1d4/0x3c4 <6>[ 195.818026] kthread+0xe8/0x104 <6>[ 195.821674] ret_from_fork+0x14/0x28 <1>[ 195.825823] Register r11 information: non-paged memory <1>[ 195.831280] Register r12 information: NULL pointer <0>[ 195.836335] Process cat (pid: 3039, stack limit = 0xf1f3c000) <0>[ 195.842292] Stack: (0xf1f3deb8 to 0xf1f3e000) <0>[ 195.846944] dea0: 00000009 c0df61c8 <0>[ 195.855419] dec0: 00000009 c0df65ac c0df6490 c52cdc40 b6e78000 00000009 c3824260 c08910e8 <0>[ 195.863893] dee0: c52cdc40 c089108c f1f3df80 b6e78000 c5204640 00000009 c5649b80 c0628870 <0>[ 195.872367] df00: c8d2adb8 00000000 00000000 00000000 00000000 00000009 b6e78000 0001fff7 <0>[ 195.880839] df20: 00000001 00000000 c52cd840 00000000 00000000 00000000 00000000 00000000 <0>[ 195.889312] df40: 00000000 00000000 00000000 00000000 00000022 6cd3245b 00000000 c52cdc40 <0>[ 195.897787] df60: c52cdc40 00000000 00000000 c03002f0 c5204640 00000004 0046fe38 c0628dcc <0>[ 195.906260] df80: 00000000 00000000 00000000 6cd3245b 000000c0 00000009 00000009 7ff00000 <0>[ 195.914733] dfa0: 00000004 c03000c0 00000009 00000009 00000001 b6e78000 00000009 00000001 <0>[ 195.923206] dfc0: 00000009 00000009 7ff00000 00000004 00000001 b6e78000 00020000 0046fe38 <0>[ 195.931679] dfe0: 00000004 be96f788 b6f3e33b b6eb7616 60080030 00000001 00000000 00000000 <0>[ 195.940145] Call trace: <0>[ 195.940163] lkdtm_WRITE_RO from lkdtm_do_action+0x24/0x4c <0>[ 195.948767] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 195.954536] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 195.960205] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 195.965681] vfs_write from ksys_write+0x78/0xf8 <0>[ 195.970558] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 195.976030] Exception stack(0xf1f3dfa8 to 0xf1f3dff0) <0>[ 195.981386] dfa0: 00000009 00000009 00000001 b6e78000 00000009 00000001 <0>[ 195.989860] dfc0: 00000009 00000009 7ff00000 00000004 00000001 b6e78000 00020000 0046fe38 <0>[ 195.998330] dfe0: 00000004 be96f788 b6f3e33b b6eb7616 <0>[ 196.003589] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) <4>[ 196.010046] ---[ end trace 0000000000000000 ]--- <6>[ 196.014897] note: cat[3039] exited with irqs disabled # Segmentation fault # [ 195.532529] lkdtm: Performing direct entry WRITE_RO # [ 195.536433] lkdtm: attempting bad rodata write at c19711a4 # [ 195.542230] 8<--- cut here --- # [ 195.545383] Unable to handle kernel paging request at virtual address c19711a4 when write # [ 195.553866] [c19711a4] *pgd=c181941e(bad) # [ 195.558152] Internal error: Oops: 80d [#15] SMP ARM # [ 195.563323] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 195.601447] CPU: 1 UID: 0 PID: 3039 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 195.611051] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 195.616301] Hardware name: STM32 (Device Tree Support) # [ 195.621650] PC is at lkdtm_WRITE_RO+0x34/0x48 # [ 195.626323] LR is at lkdtm_WRITE_RO+0x24/0x48 # [ 195.630979] pc : [] lr : [] psr: 60080013 # [ 195.637539] sp : f1f3deb8 ip : 00000000 fp : 0046fe38 # [ 195.642991] r10: c5649b80 r9 : f1f3df80 r8 : c2687f30 # [ 195.648542] r7 : f1f3df80 r6 : 00000000 r5 : c8c50000 r4 : c19711a4 # [ 195.655303] r3 : 0198b861 r2 : aa55aa55 r1 : 00000000 r0 : 0000002e # [ 195.662163] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 195.669530] Control: 10c5387d Table: c8d2806a DAC: 00000051 # [ 195.675583] Register r0 information: non-paged memory # [ 195.680951] Register r1 information: NULL pointer # [ 195.685906] Register r2 information: non-paged memory # [ 195.691262] Register r3 information: non-paged memory # [ 195.696618] Register r4 information: non-slab/vmalloc memory # [ 195.702479] Register r5 information: non-slab/vmalloc memory # [ 195.708439] Register r6 information: NULL pointer # [ 195.713492] Register r7 information: 2-page vmalloc region starting at 0xf1f3c000 allocated at kernel_clone+0xac/0x388 # [ 195.724411] Register r8 information: non-slab/vmalloc memory # [ 195.730372] Register r9 information: 2-page vmalloc region starting at 0xf1f3c000 allocated at kernel_clone+0xac/0x388 # [ 195.741379] Register r10 information: slab kmalloc-192 start c5649b40 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 195.755349] full_proxy_open+0x124/0x24c # [ 195.759799] do_dentry_open+0x144/0x4dc # [ 195.764155] vfs_open+0x2c/0xec # [ 195.767806] path_openat+0x748/0x1198 # [ 195.771958] do_filp_open+0x98/0x134 # [ 195.776108] do_sys_openat2+0xbc/0xe4 # [ 195.780263] sys_openat+0x98/0xd4 # [ 195.784115] ret_fast_syscall+0x0/0x1c # [ 195.788466] Free path: # [ 195.791097] nfs_pgio_header_free+0x34/0x48 # [ 195.795857] nfs_write_completion+0x60/0x240 # [ 195.800609] rpc_free_task+0x34/0x54 # [ 195.804765] rpc_async_release+0x24/0x40 # [ 195.809217] process_one_work+0x1b8/0x450 # [ 195.813773] worker_thread+0x1d4/0x3c4 # [ 195.818026] kthread+0xe8/0x104 # [ 195.821674] ret_from_fork+0x14/0x28 # [ 195.825823] Register r11 information: non-paged memory # [ 195.831280] Register r12 information: NULL pointer # [ 195.836335] Process cat (pid: 3039, stack limit = 0xf1f3c000) # [ 195.842292] Stack: (0xf1f3deb8 to 0xf1f3e000) # [ 195.846944] dea0: 00000009 c0df61c8 # [ 195.855419] dec0: 00000009 c0df65ac c0df6490 c52cdc40 b6e78000 00000009 c3824260 c08910e8 # [ 195.863893] dee0: c52cdc40 c089108c f1f3df80 b6e78000 c5204640 00000009 c5649b80 c0628870 # [ 195.872367] df00: c8d2adb8 00000000 00000000 00000000 00000000 00000009 b6e78000 0001fff7 # [ 195.880839] df20: 00000001 00000000 c52cd840 00000000 00000000 00000000 00000000 00000000 # [ 195.889312] df40: 00000000 00000000 00000000 00000000 00000022 6cd3245b 00000000 c52cdc40 # [ 195.897787] df60: c52cdc40 00000000 00000000 c03002f0 c5204640 00000004 0046fe38 c0628dcc # [ 195.906260] df80: 00000000 00000000 00000000 6cd3245b 000000c0 00000009 00000009 7ff00000 # [ 195.914733] dfa0: 00000004 c03000c0 00000009 00000009 00000001 b6e78000 00000009 00000001 # [ 195.923206] dfc0: 00000009 00000009 7ff00000 00000004 00000001 b6e78000 00020000 0046fe38 # [ 195.931679] dfe0: 00000004 be96f788 b6f3e33b b6eb7616 60080030 00000001 00000000 00000000 # [ 195.940145] Call trace: # [ 195.940163] lkdtm_WRITE_RO from lkdtm_do_action+0x24/0x4c # [ 195.948767] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 195.954536] direct_entry from full_proxy_write+0x5c/0x8c # [ 195.960205] full_proxy_write from vfs_write+0xbc/0x3cc # [ 195.965681] vfs_write from ksys_write+0x78/0xf8 # [ 195.970558] ksys_write from ret_fast_syscall+0x0/0x1c # [ 195.976030] Exception stack(0xf1f3dfa8 to 0xf1f3dff0) # [ 195.981386] dfa0: 00000009 00000009 00000001 b6e78000 00000009 00000001 # [ 195.989860] dfc0: 00000009 00000009 7ff00000 00000004 00000001 b6e78000 00020000 0046fe38 # [ 195.998330] dfe0: 00000004 be96f788 b6f3e33b b6eb7616 # [ 196.003589] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) # [ 196.010046] ---[ end trace 0000000000000000 ]--- # [ 196.014897] note: cat[3039] exited with irqs disabled # WRITE_RO: saw 'call trace:': ok ok 46 selftests: lkdtm: WRITE_RO.sh # timeout set to 45 # selftests: lkdtm: WRITE_RO_AFTER_INIT.sh <6>[ 197.890575] lkdtm: Performing direct entry WRITE_RO_AFTER_INIT <6>[ 197.895479] lkdtm: attempting bad ro_after_init write at c208bcb4 <1>[ 197.901857] 8<--- cut here --- <1>[ 197.905009] Unable to handle kernel paging request at virtual address c208bcb4 when write <1>[ 197.913495] [c208bcb4] *pgd=c201941e(bad) <0>[ 197.917786] Internal error: Oops: 80d [#16] SMP ARM <4>[ 197.922956] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 197.961078] CPU: 1 UID: 0 PID: 3120 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 197.970682] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 197.975929] Hardware name: STM32 (Device Tree Support) <4>[ 197.981277] PC is at lkdtm_WRITE_RO_AFTER_INIT+0x58/0x6c <4>[ 197.986856] LR is at lkdtm_WRITE_RO_AFTER_INIT+0x48/0x6c <4>[ 197.992520] pc : [] lr : [] psr: 60080013 <4>[ 197.999080] sp : f1fc5eb8 ip : 00000000 fp : 004bfe38 <4>[ 198.004531] r10: c5649e00 r9 : f1fc5f80 r8 : c2687f38 <4>[ 198.010083] r7 : f1fc5f80 r6 : 00000000 r5 : c882d000 r4 : c208bcb4 <4>[ 198.016845] r3 : fe67479e r2 : 55aa55aa r1 : 00000000 r0 : 00000035 <4>[ 198.023712] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 198.031080] Control: 10c5387d Table: c8c5c06a DAC: 00000051 <1>[ 198.037134] Register r0 information: non-paged memory <1>[ 198.042500] Register r1 information: NULL pointer <1>[ 198.047454] Register r2 information: non-paged memory <1>[ 198.052810] Register r3 information: vmalloc memory <1>[ 198.057966] Register r4 information: non-slab/vmalloc memory <1>[ 198.063827] Register r5 information: non-slab/vmalloc memory <1>[ 198.069786] Register r6 information: NULL pointer <1>[ 198.074739] Register r7 information: 2-page vmalloc region starting at 0xf1fc4000 allocated at kernel_clone+0xac/0x388 <1>[ 198.085759] Register r8 information: non-slab/vmalloc memory <1>[ 198.091721] Register r9 information: 2-page vmalloc region starting at 0xf1fc4000 allocated at kernel_clone+0xac/0x388 <1>[ 198.102728] Register r10 information: slab kmalloc-192 start c5649dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 198.116598] full_proxy_open+0x124/0x24c <6>[ 198.121049] do_dentry_open+0x144/0x4dc <6>[ 198.125506] vfs_open+0x2c/0xec <6>[ 198.129157] path_openat+0x748/0x1198 <6>[ 198.133309] do_filp_open+0x98/0x134 <6>[ 198.137459] do_sys_openat2+0xbc/0xe4 <6>[ 198.141613] sys_openat+0x98/0xd4 <6>[ 198.145465] ret_fast_syscall+0x0/0x1c <4>[ 198.149716] Free path: <6>[ 198.152446] nfs_pgio_header_free+0x34/0x48 <6>[ 198.157206] nfs_write_completion+0x60/0x240 <6>[ 198.161958] rpc_free_task+0x34/0x54 <6>[ 198.166115] rpc_async_release+0x24/0x40 <6>[ 198.170569] process_one_work+0x1b8/0x450 <6>[ 198.175127] worker_thread+0x1d4/0x3c4 <6>[ 198.179380] kthread+0xe8/0x104 <6>[ 198.183031] ret_from_fork+0x14/0x28 <1>[ 198.187181] Register r11 information: non-paged memory <1>[ 198.192541] Register r12 information: NULL pointer <0>[ 198.197596] Process cat (pid: 3120, stack limit = 0xf1fc4000) <0>[ 198.203654] Stack: (0xf1fc5eb8 to 0xf1fc6000) <0>[ 198.208304] 5ea0: 00000014 c0df61c8 <0>[ 198.216780] 5ec0: 00000014 c0df65ac c0df6490 c5443740 b6dd8000 00000014 c3824260 c08910e8 <0>[ 198.225255] 5ee0: c5443740 c089108c f1fc5f80 b6dd8000 c5205040 00000014 c5649e00 c0628870 <0>[ 198.233729] 5f00: c8c5edb0 00000000 00000000 00000000 00000000 00000014 b6dd8000 0001ffec <0>[ 198.242202] 5f20: 00000001 00000000 c5443940 00000000 00000000 00000000 00000000 00000000 <0>[ 198.250676] 5f40: 00000000 00000000 00000000 00000000 00000022 5465d797 00000000 c5443740 <0>[ 198.259150] 5f60: c5443740 00000000 00000000 c03002f0 c5205040 00000004 004bfe38 c0628dcc <0>[ 198.267630] 5f80: 00000000 00000000 00000000 5465d797 000000c0 00000014 00000014 7ff00000 <0>[ 198.276118] 5fa0: 00000004 c03000c0 00000014 00000014 00000001 b6dd8000 00000014 00000001 <0>[ 198.284605] 5fc0: 00000014 00000014 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 <0>[ 198.293091] 5fe0: 00000004 bea61788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 198.301567] Call trace: <0>[ 198.301585] lkdtm_WRITE_RO_AFTER_INIT from lkdtm_do_action+0x24/0x4c <0>[ 198.311013] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 198.316791] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 198.322462] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 198.328040] vfs_write from ksys_write+0x78/0xf8 <0>[ 198.332917] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 198.338289] Exception stack(0xf1fc5fa8 to 0xf1fc5ff0) <0>[ 198.343649] 5fa0: 00000014 00000014 00000001 b6dd8000 00000014 00000001 <0>[ 198.352125] 5fc0: 00000014 00000014 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 <0>[ 198.360598] 5fe0: 00000004 bea61788 b6e9e33b b6e17616 <0>[ 198.365958] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) <4>[ 198.372317] ---[ end trace 0000000000000000 ]--- <6>[ 198.377166] note: cat[3120] exited with irqs disabled # Segmentation fault # [ 197.890575] lkdtm: Performing direct entry WRITE_RO_AFTER_INIT # [ 197.895479] lkdtm: attempting bad ro_after_init write at c208bcb4 # [ 197.901857] 8<--- cut here --- # [ 197.905009] Unable to handle kernel paging request at virtual address c208bcb4 when write # [ 197.913495] [c208bcb4] *pgd=c201941e(bad) # [ 197.917786] Internal error: Oops: 80d [#16] SMP ARM # [ 197.922956] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 197.961078] CPU: 1 UID: 0 PID: 3120 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 197.970682] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 197.975929] Hardware name: STM32 (Device Tree Support) # [ 197.981277] PC is at lkdtm_WRITE_RO_AFTER_INIT+0x58/0x6c # [ 197.986856] LR is at lkdtm_WRITE_RO_AFTER_INIT+0x48/0x6c # [ 197.992520] pc : [] lr : [] psr: 60080013 # [ 197.999080] sp : f1fc5eb8 ip : 00000000 fp : 004bfe38 # [ 198.004531] r10: c5649e00 r9 : f1fc5f80 r8 : c2687f38 # [ 198.010083] r7 : f1fc5f80 r6 : 00000000 r5 : c882d000 r4 : c208bcb4 # [ 198.016845] r3 : fe67479e r2 : 55aa55aa r1 : 00000000 r0 : 00000035 # [ 198.023712] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 198.031080] Control: 10c5387d Table: c8c5c06a DAC: 00000051 # [ 198.037134] Register r0 information: non-paged memory # [ 198.042500] Register r1 information: NULL pointer # [ 198.047454] Register r2 information: non-paged memory # [ 198.052810] Register r3 information: vmalloc memory # [ 198.057966] Register r4 information: non-slab/vmalloc memory # [ 198.063827] Register r5 information: non-slab/vmalloc memory # [ 198.069786] Register r6 information: NULL pointer # [ 198.074739] Register r7 information: 2-page vmalloc region starting at 0xf1fc4000 allocated at kernel_clone+0xac/0x388 # [ 198.085759] Register r8 information: non-slab/vmalloc memory # [ 198.091721] Register r9 information: 2-page vmalloc region starting at 0xf1fc4000 allocated at kernel_clone+0xac/0x388 # [ 198.102728] Register r10 information: slab kmalloc-192 start c5649dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 198.116598] full_proxy_open+0x124/0x24c # [ 198.121049] do_dentry_open+0x144/0x4dc # [ 198.125506] vfs_open+0x2c/0xec # [ 198.129157] path_openat+0x748/0x1198 # [ 198.133309] do_filp_open+0x98/0x134 # [ 198.137459] do_sys_openat2+0xbc/0xe4 # [ 198.141613] sys_openat+0x98/0xd4 # [ 198.145465] ret_fast_syscall+0x0/0x1c # [ 198.149716] Free path: # [ 198.152446] nfs_pgio_header_free+0x34/0x48 # [ 198.157206] nfs_write_completion+0x60/0x240 # [ 198.161958] rpc_free_task+0x34/0x54 # [ 198.166115] rpc_async_release+0x24/0x40 # [ 198.170569] process_one_work+0x1b8/0x450 # [ 198.175127] worker_thread+0x1d4/0x3c4 # [ 198.179380] kthread+0xe8/0x104 # [ 198.183031] ret_from_fork+0x14/0x28 # [ 198.187181] Register r11 information: non-paged memory # [ 198.192541] Register r12 information: NULL pointer # [ 198.197596] Process cat (pid: 3120, stack limit = 0xf1fc4000) # [ 198.203654] Stack: (0xf1fc5eb8 to 0xf1fc6000) # [ 198.208304] 5ea0: 00000014 c0df61c8 # [ 198.216780] 5ec0: 00000014 c0df65ac c0df6490 c5443740 b6dd8000 00000014 c3824260 c08910e8 # [ 198.225255] 5ee0: c5443740 c089108c f1fc5f80 b6dd8000 c5205040 00000014 c5649e00 c0628870 # [ 198.233729] 5f00: c8c5edb0 00000000 00000000 00000000 00000000 00000014 b6dd8000 0001ffec # [ 198.242202] 5f20: 00000001 00000000 c5443940 00000000 00000000 00000000 00000000 00000000 # [ 198.250676] 5f40: 00000000 00000000 00000000 00000000 00000022 5465d797 00000000 c5443740 # [ 198.259150] 5f60: c5443740 00000000 00000000 c03002f0 c5205040 00000004 004bfe38 c0628dcc # [ 198.267630] 5f80: 00000000 00000000 00000000 5465d797 000000c0 00000014 00000014 7ff00000 # [ 198.276118] 5fa0: 00000004 c03000c0 00000014 00000014 00000001 b6dd8000 00000014 00000001 # [ 198.284605] 5fc0: 00000014 00000014 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 # [ 198.293091] 5fe0: 00000004 bea61788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 198.301567] Call trace: # [ 198.301585] lkdtm_WRITE_RO_AFTER_INIT from lkdtm_do_action+0x24/0x4c # [ 198.311013] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 198.316791] direct_entry from full_proxy_write+0x5c/0x8c # [ 198.322462] full_proxy_write from vfs_write+0xbc/0x3cc # [ 198.328040] vfs_write from ksys_write+0x78/0xf8 # [ 198.332917] ksys_write from ret_fast_syscall+0x0/0x1c # [ 198.338289] Exception stack(0xf1fc5fa8 to 0xf1fc5ff0) # [ 198.343649] 5fa0: 00000014 00000014 00000001 b6dd8000 00000014 00000001 # [ 198.352125] 5fc0: 00000014 00000014 7ff00000 00000004 00000001 b6dd8000 00020000 004bfe38 # [ 198.360598] 5fe0: 00000004 bea61788 b6e9e33b b6e17616 # [ 198.365958] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) # [ 198.372317] ---[ end trace 0000000000000000 ]--- # [ 198.377166] note: cat[3120] exited with irqs disabled # WRITE_RO_AFTER_INIT: saw 'call trace:': ok ok 47 selftests: lkdtm: WRITE_RO_AFTER_INIT.sh # timeout set to 45 # selftests: lkdtm: WRITE_KERN.sh <6>[ 200.143322] lkdtm: Performing direct entry WRITE_KERN <6>[ 200.147405] lkdtm: attempting bad 9292424 byte write at c16d4528 <1>[ 200.154181] 8<--- cut here --- <1>[ 200.156947] Unable to handle kernel paging request at virtual address c16d4528 when write <1>[ 200.165331] [c16d4528] *pgd=c161940e(bad) <0>[ 200.169619] Internal error: Oops: 80d [#17] SMP ARM <4>[ 200.174789] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 200.212907] CPU: 1 UID: 0 PID: 3201 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 200.222510] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 200.227759] Hardware name: STM32 (Device Tree Support) <4>[ 200.233208] PC is at mmiocpy+0x54/0x334 <4>[ 200.237284] LR is at 0xebdf899b <4>[ 200.240733] pc : [] lr : [] psr: 20080013 <4>[ 200.247293] sp : f2031e90 ip : e3a00040 fp : f2031ea0 <4>[ 200.252745] r10: c5649e00 r9 : e28dd004 r8 : e52de004 <4>[ 200.258296] r7 : f2031f80 r6 : e92d4010 r5 : e12fff1e r4 : e28dd004 <4>[ 200.265055] r3 : e52de004 r2 : 008dc9e8 r1 : c0df7ac0 r0 : c16d4528 <4>[ 200.271915] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 200.279382] Control: 10c5387d Table: c8ce406a DAC: 00000051 <1>[ 200.285332] Register r0 information: non-slab/vmalloc memory <1>[ 200.291299] Register r1 information: non-slab/vmalloc memory <1>[ 200.297262] Register r2 information: non-paged memory <1>[ 200.302618] Register r3 information: non-slab/vmalloc memory <1>[ 200.308478] Register r4 information: non-slab/vmalloc memory <1>[ 200.314437] Register r5 information: non-slab/vmalloc memory <1>[ 200.320396] Register r6 information: non-slab/vmalloc memory <1>[ 200.326355] Register r7 information: 2-page vmalloc region starting at 0xf2030000 allocated at kernel_clone+0xac/0x388 <1>[ 200.337373] Register r8 information: non-slab/vmalloc memory <1>[ 200.343334] Register r9 information: non-slab/vmalloc memory <1>[ 200.349293] Register r10 information: slab kmalloc-192 start c5649dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 200.363160] full_proxy_open+0x124/0x24c <6>[ 200.367610] do_dentry_open+0x144/0x4dc <6>[ 200.371966] vfs_open+0x2c/0xec <6>[ 200.375616] path_openat+0x748/0x1198 <6>[ 200.379868] do_filp_open+0x98/0x134 <6>[ 200.383918] do_sys_openat2+0xbc/0xe4 <6>[ 200.388173] sys_openat+0x98/0xd4 <6>[ 200.392025] ret_fast_syscall+0x0/0x1c <4>[ 200.396276] Free path: <6>[ 200.399006] nfs_pgio_header_free+0x34/0x48 <6>[ 200.403666] nfs_write_completion+0x60/0x240 <6>[ 200.408518] rpc_free_task+0x34/0x54 <6>[ 200.412574] rpc_async_release+0x24/0x40 <6>[ 200.417026] process_one_work+0x1b8/0x450 <6>[ 200.421582] worker_thread+0x1d4/0x3c4 <6>[ 200.425935] kthread+0xe8/0x104 <6>[ 200.429583] ret_from_fork+0x14/0x28 <1>[ 200.433632] Register r11 information: 2-page vmalloc region starting at 0xf2030000 allocated at kernel_clone+0xac/0x388 <1>[ 200.444744] Register r12 information: non-slab/vmalloc memory <0>[ 200.450805] Process cat (pid: 3201, stack limit = 0xf2030000) <0>[ 200.456862] Stack: (0xf2031e90 to 0xf2032000) <0>[ 200.461515] 1e80: c0df7aa0 008dca88 c2687f40 f2031f80 <0>[ 200.469990] 1ea0: c16d4528 c16d4528 0044fe38 c16d4648 0000000b c8bc0000 00000000 c0df61c8 <0>[ 200.478464] 1ec0: 0000000b c0df65ac c0df6490 c5443d40 b6e28000 0000000b c3824260 c08910e8 <0>[ 200.486938] 1ee0: c5443d40 c089108c f2031f80 b6e28000 c8c86440 0000000b c5649e00 c0628870 <0>[ 200.495411] 1f00: c8ce6db8 00000000 00000000 00000000 00000000 0000000b b6e28000 0001fff5 <0>[ 200.503883] 1f20: 00000001 00000000 c5443a40 00000000 00000000 00000000 00000000 00000000 <0>[ 200.512361] 1f40: 00000000 00000000 00000000 00000000 00000022 1161130f 00000000 c5443d40 <0>[ 200.520846] 1f60: c5443d40 00000000 00000000 c03002f0 c8c86440 00000004 0044fe38 c0628dcc <0>[ 200.529233] 1f80: 00000000 00000000 00000000 1161130f 000000c0 0000000b 0000000b 7ff00000 <0>[ 200.537719] 1fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6e28000 0000000b 00000001 <0>[ 200.546204] 1fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6e28000 00020000 0044fe38 <0>[ 200.554686] 1fe0: 00000004 bee7c788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 <0>[ 200.563159] Call trace: <0>[ 200.563176] mmiocpy from lkdtm_WRITE_KERN+0x44/0x70 <0>[ 200.571197] lkdtm_WRITE_KERN from lkdtm_do_action+0x24/0x4c <0>[ 200.577177] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 200.582945] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 200.588615] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 200.594092] vfs_write from ksys_write+0x78/0xf8 <0>[ 200.598968] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 200.604441] Exception stack(0xf2031fa8 to 0xf2031ff0) <0>[ 200.609700] 1fa0: 0000000b 0000000b 00000001 b6e28000 0000000b 00000001 <0>[ 200.618177] 1fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6e28000 00020000 0044fe38 <0>[ 200.626651] 1fe0: 00000004 bee7c788 b6eee33b b6e67616 <0>[ 200.632011] Code: f5d1f05c f5d1f07c e8b15378 e2522020 (e8a05378) <4>[ 200.638369] ---[ end trace 0000000000000000 ]--- <6>[ 200.643318] note: cat[3201] exited with irqs disabled # Segmentation fault # [ 200.143322] lkdtm: Performing direct entry WRITE_KERN # [ 200.147405] lkdtm: attempting bad 9292424 byte write at c16d4528 # [ 200.154181] 8<--- cut here --- # [ 200.156947] Unable to handle kernel paging request at virtual address c16d4528 when write # [ 200.165331] [c16d4528] *pgd=c161940e(bad) # [ 200.169619] Internal error: Oops: 80d [#17] SMP ARM # [ 200.174789] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 200.212907] CPU: 1 UID: 0 PID: 3201 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 200.222510] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 200.227759] Hardware name: STM32 (Device Tree Support) # [ 200.233208] PC is at mmiocpy+0x54/0x334 # [ 200.237284] LR is at 0xebdf899b # [ 200.240733] pc : [] lr : [] psr: 20080013 # [ 200.247293] sp : f2031e90 ip : e3a00040 fp : f2031ea0 # [ 200.252745] r10: c5649e00 r9 : e28dd004 r8 : e52de004 # [ 200.258296] r7 : f2031f80 r6 : e92d4010 r5 : e12fff1e r4 : e28dd004 # [ 200.265055] r3 : e52de004 r2 : 008dc9e8 r1 : c0df7ac0 r0 : c16d4528 # [ 200.271915] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 200.279382] Control: 10c5387d Table: c8ce406a DAC: 00000051 # [ 200.285332] Register r0 information: non-slab/vmalloc memory # [ 200.291299] Register r1 information: non-slab/vmalloc memory # [ 200.297262] Register r2 information: non-paged memory # [ 200.302618] Register r3 information: non-slab/vmalloc memory # [ 200.308478] Register r4 information: non-slab/vmalloc memory # [ 200.314437] Register r5 information: non-slab/vmalloc memory # [ 200.320396] Register r6 information: non-slab/vmalloc memory # [ 200.326355] Register r7 information: 2-page vmalloc region starting at 0xf2030000 allocated at kernel_clone+0xac/0x388 # [ 200.337373] Register r8 information: non-slab/vmalloc memory # [ 200.343334] Register r9 information: non-slab/vmalloc memory # [ 200.349293] Register r10 information: slab kmalloc-192 start c5649dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 200.363160] full_proxy_open+0x124/0x24c # [ 200.367610] do_dentry_open+0x144/0x4dc # [ 200.371966] vfs_open+0x2c/0xec # [ 200.375616] path_openat+0x748/0x1198 # [ 200.379868] do_filp_open+0x98/0x134 # [ 200.383918] do_sys_openat2+0xbc/0xe4 # [ 200.388173] sys_openat+0x98/0xd4 # [ 200.392025] ret_fast_syscall+0x0/0x1c # [ 200.396276] Free path: # [ 200.399006] nfs_pgio_header_free+0x34/0x48 # [ 200.403666] nfs_write_completion+0x60/0x240 # [ 200.408518] rpc_free_task+0x34/0x54 # [ 200.412574] rpc_async_release+0x24/0x40 # [ 200.417026] process_one_work+0x1b8/0x450 # [ 200.421582] worker_thread+0x1d4/0x3c4 # [ 200.425935] kthread+0xe8/0x104 # [ 200.429583] ret_from_fork+0x14/0x28 # [ 200.433632] Register r11 information: 2-page vmalloc region starting at 0xf2030000 allocated at kernel_clone+0xac/0x388 # [ 200.444744] Register r12 information: non-slab/vmalloc memory # [ 200.450805] Process cat (pid: 3201, stack limit = 0xf2030000) # [ 200.456862] Stack: (0xf2031e90 to 0xf2032000) # [ 200.461515] 1e80: c0df7aa0 008dca88 c2687f40 f2031f80 # [ 200.469990] 1ea0: c16d4528 c16d4528 0044fe38 c16d4648 0000000b c8bc0000 00000000 c0df61c8 # [ 200.478464] 1ec0: 0000000b c0df65ac c0df6490 c5443d40 b6e28000 0000000b c3824260 c08910e8 # [ 200.486938] 1ee0: c5443d40 c089108c f2031f80 b6e28000 c8c86440 0000000b c5649e00 c0628870 # [ 200.495411] 1f00: c8ce6db8 00000000 00000000 00000000 00000000 0000000b b6e28000 0001fff5 # [ 200.503883] 1f20: 00000001 00000000 c5443a40 00000000 00000000 00000000 00000000 00000000 # [ 200.512361] 1f40: 00000000 00000000 00000000 00000000 00000022 1161130f 00000000 c5443d40 # [ 200.520846] 1f60: c5443d40 00000000 00000000 c03002f0 c8c86440 00000004 0044fe38 c0628dcc # [ 200.529233] 1f80: 00000000 00000000 00000000 1161130f 000000c0 0000000b 0000000b 7ff00000 # [ 200.537719] 1fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6e28000 0000000b 00000001 # [ 200.546204] 1fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6e28000 00020000 0044fe38 # [ 200.554686] 1fe0: 00000004 bee7c788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 # [ 200.563159] Call trace: # [ 200.563176] mmiocpy from lkdtm_WRITE_KERN+0x44/0x70 # [ 200.571197] lkdtm_WRITE_KERN from lkdtm_do_action+0x24/0x4c # [ 200.577177] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 200.582945] direct_entry from full_proxy_write+0x5c/0x8c # [ 200.588615] full_proxy_write from vfs_write+0xbc/0x3cc # [ 200.594092] vfs_write from ksys_write+0x78/0xf8 # [ 200.598968] ksys_write from ret_fast_syscall+0x0/0x1c # [ 200.604441] Exception stack(0xf2031fa8 to 0xf2031ff0) # [ 200.609700] 1fa0: 0000000b 0000000b 00000001 b6e28000 0000000b 00000001 # [ 200.618177] 1fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6e28000 00020000 0044fe38 # [ 200.626651] 1fe0: 00000004 bee7c788 b6eee33b b6e67616 # [ 200.632011] Code: f5d1f05c f5d1f07c e8b15378 e2522020 (e8a05378) # [ 200.638369] ---[ end trace 0000000000000000 ]--- # [ 200.643318] note: cat[3201] exited with irqs disabled # WRITE_KERN: saw 'call trace:': ok ok 48 selftests: lkdtm: WRITE_KERN.sh # timeout set to 45 # selftests: lkdtm: WRITE_OPD.sh <6>[ 202.488535] lkdtm: Performing direct entry WRITE_OPD <6>[ 202.492535] lkdtm: XFAIL: Platform doesn't use function descriptors. # [ 202.488535] lkdtm: Performing direct entry WRITE_OPD # [ 202.492535] lkdtm: XFAIL: Platform doesn't use function descriptors. # WRITE_OPD: saw 'XFAIL': [SKIP] ok 49 selftests: lkdtm: WRITE_OPD.sh # SKIP # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_OVERFLOW.sh <6>[ 203.925330] lkdtm: Performing direct entry REFCOUNT_INC_OVERFLOW <6>[ 203.930326] lkdtm: attempting good refcount_inc() without overflow <6>[ 203.936823] lkdtm: attempting bad refcount_inc() overflow <4>[ 203.942499] ------------[ cut here ]------------ <4>[ 203.947327] WARNING: CPU: 1 PID: 3325 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 <4>[ 203.956452] refcount_t: saturated; leaking memory. <4>[ 203.961502] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 203.999646] CPU: 1 UID: 0 PID: 3325 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 204.009161] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 204.014412] Hardware name: STM32 (Device Tree Support) <4>[ 204.019762] Call trace: <4>[ 204.019779] unwind_backtrace from show_stack+0x18/0x1c <4>[ 204.028084] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 204.033455] dump_stack_lvl from __warn+0x84/0x134 <4>[ 204.038531] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 204.043912] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 <4>[ 204.051002] lkdtm_REFCOUNT_INC_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 204.057884] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 204.063651] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 204.069320] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 204.074895] vfs_write from ksys_write+0x78/0xf8 <4>[ 204.079770] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 204.085142] Exception stack(0xf20cdfa8 to 0xf20cdff0) <4>[ 204.090502] dfa0: 00000016 00000016 00000001 b6db8000 00000016 00000001 <4>[ 204.098976] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6db8000 00020000 004ffe38 <4>[ 204.107446] dfe0: 00000004 be942788 b6e7e33b b6df7616 <4>[ 204.112939] ---[ end trace 0000000000000000 ]--- <6>[ 204.117786] lkdtm: Overflow detected: saturated # [ 203.925330] lkdtm: Performing direct entry REFCOUNT_INC_OVERFLOW # [ 203.930326] lkdtm: attempting good refcount_inc() without overflow # [ 203.936823] lkdtm: attempting bad refcount_inc() overflow # [ 203.942499] ------------[ cut here ]------------ # [ 203.947327] WARNING: CPU: 1 PID: 3325 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 # [ 203.956452] refcount_t: saturated; leaking memory. # [ 203.961502] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 203.999646] CPU: 1 UID: 0 PID: 3325 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 204.009161] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 204.014412] Hardware name: STM32 (Device Tree Support) # [ 204.019762] Call trace: # [ 204.019779] unwind_backtrace from show_stack+0x18/0x1c # [ 204.028084] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 204.033455] dump_stack_lvl from __warn+0x84/0x134 # [ 204.038531] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 204.043912] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 # [ 204.051002] lkdtm_REFCOUNT_INC_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 204.057884] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 204.063651] direct_entry from full_proxy_write+0x5c/0x8c # [ 204.069320] full_proxy_write from vfs_write+0xbc/0x3cc # [ 204.074895] vfs_write from ksys_write+0x78/0xf8 # [ 204.079770] ksys_write from ret_fast_syscall+0x0/0x1c # [ 204.085142] Exception stack(0xf20cdfa8 to 0xf20cdff0) # [ 204.090502] dfa0: 00000016 00000016 00000001 b6db8000 00000016 00000001 # [ 204.098976] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6db8000 00020000 004ffe38 # [ 204.107446] dfe0: 00000004 be942788 b6e7e33b b6df7616 # [ 204.112939] ---[ end trace 0000000000000000 ]--- # [ 204.117786] lkdtm: Overflow detected: saturated # REFCOUNT_INC_OVERFLOW: saw 'call trace:': ok ok 50 selftests: lkdtm: REFCOUNT_INC_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_OVERFLOW.sh <6>[ 205.501011] lkdtm: Performing direct entry REFCOUNT_ADD_OVERFLOW <6>[ 205.506568] lkdtm: attempting good refcount_add() without overflow <6>[ 205.512522] lkdtm: attempting bad refcount_add() overflow <4>[ 205.518187] ------------[ cut here ]------------ <4>[ 205.523069] WARNING: CPU: 0 PID: 3364 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 <4>[ 205.532160] refcount_t: saturated; leaking memory. <4>[ 205.537411] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 205.575506] CPU: 0 UID: 0 PID: 3364 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 205.584817] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 205.590073] Hardware name: STM32 (Device Tree Support) <4>[ 205.595525] Call trace: <4>[ 205.595540] unwind_backtrace from show_stack+0x18/0x1c <4>[ 205.603848] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 205.609118] dump_stack_lvl from __warn+0x84/0x134 <4>[ 205.614196] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 205.619676] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 <4>[ 205.626665] lkdtm_REFCOUNT_ADD_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 205.633647] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 205.639413] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 205.645082] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 205.650556] vfs_write from ksys_write+0x78/0xf8 <4>[ 205.655431] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 205.660904] Exception stack(0xf2105fa8 to 0xf2105ff0) <4>[ 205.666263] 5fa0: 00000016 00000016 00000001 b6e38000 00000016 00000001 <4>[ 205.674737] 5fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 0048fe38 <4>[ 205.683207] 5fe0: 00000004 be865788 b6efe33b b6e77616 <4>[ 205.688628] ---[ end trace 0000000000000000 ]--- <6>[ 205.693470] lkdtm: Overflow detected: saturated # [ 205.501011] lkdtm: Performing direct entry REFCOUNT_ADD_OVERFLOW # [ 205.506568] lkdtm: attempting good refcount_add() without overflow # [ 205.512522] lkdtm: attempting bad refcount_add() overflow # [ 205.518187] ------------[ cut here ]------------ # [ 205.523069] WARNING: CPU: 0 PID: 3364 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 # [ 205.532160] refcount_t: saturated; leaking memory. # [ 205.537411] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 205.575506] CPU: 0 UID: 0 PID: 3364 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 205.584817] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 205.590073] Hardware name: STM32 (Device Tree Support) # [ 205.595525] Call trace: # [ 205.595540] unwind_backtrace from show_stack+0x18/0x1c # [ 205.603848] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 205.609118] dump_stack_lvl from __warn+0x84/0x134 # [ 205.614196] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 205.619676] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 # [ 205.626665] lkdtm_REFCOUNT_ADD_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 205.633647] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 205.639413] direct_entry from full_proxy_write+0x5c/0x8c # [ 205.645082] full_proxy_write from vfs_write+0xbc/0x3cc # [ 205.650556] vfs_write from ksys_write+0x78/0xf8 # [ 205.655431] ksys_write from ret_fast_syscall+0x0/0x1c # [ 205.660904] Exception stack(0xf2105fa8 to 0xf2105ff0) # [ 205.666263] 5fa0: 00000016 00000016 00000001 b6e38000 00000016 00000001 # [ 205.674737] 5fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 0048fe38 # [ 205.683207] 5fe0: 00000004 be865788 b6efe33b b6e77616 # [ 205.688628] ---[ end trace 0000000000000000 ]--- # [ 205.693470] lkdtm: Overflow detected: saturated # REFCOUNT_ADD_OVERFLOW: saw 'call trace:': ok ok 51 selftests: lkdtm: REFCOUNT_ADD_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh <6>[ 207.058713] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_OVERFLOW <6>[ 207.064540] lkdtm: attempting bad refcount_inc_not_zero() overflow <4>[ 207.071576] ------------[ cut here ]------------ <4>[ 207.075870] WARNING: CPU: 1 PID: 3403 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 207.085675] refcount_t: saturated; leaking memory. <4>[ 207.090732] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 207.129065] CPU: 1 UID: 0 PID: 3403 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 207.138378] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 207.143630] Hardware name: STM32 (Device Tree Support) <4>[ 207.148980] Call trace: <4>[ 207.148994] unwind_backtrace from show_stack+0x18/0x1c <4>[ 207.157300] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 207.162671] dump_stack_lvl from __warn+0x84/0x134 <4>[ 207.167749] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 207.173129] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 207.180924] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW+0x40/0x80 <4>[ 207.190322] lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 207.198008] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 207.203776] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 207.209444] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 207.215020] vfs_write from ksys_write+0x78/0xf8 <4>[ 207.219895] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 207.225268] Exception stack(0xf212dfa8 to 0xf212dff0) <4>[ 207.230628] dfa0: 0000001f 0000001f 00000001 b6dd8000 0000001f 00000001 <4>[ 207.239103] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6dd8000 00020000 0041fe38 <4>[ 207.247573] dfe0: 00000004 beade788 b6e9e33b b6e17616 <4>[ 207.253291] ---[ end trace 0000000000000000 ]--- <6>[ 207.257862] lkdtm: Overflow detected: saturated # [ 207.058713] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_OVERFLOW # [ 207.064540] lkdtm: attempting bad refcount_inc_not_zero() overflow # [ 207.071576] ------------[ cut here ]------------ # [ 207.075870] WARNING: CPU: 1 PID: 3403 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 207.085675] refcount_t: saturated; leaking memory. # [ 207.090732] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 207.129065] CPU: 1 UID: 0 PID: 3403 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 207.138378] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 207.143630] Hardware name: STM32 (Device Tree Support) # [ 207.148980] Call trace: # [ 207.148994] unwind_backtrace from show_stack+0x18/0x1c # [ 207.157300] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 207.162671] dump_stack_lvl from __warn+0x84/0x134 # [ 207.167749] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 207.173129] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 207.180924] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW+0x40/0x80 # [ 207.190322] lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 207.198008] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 207.203776] direct_entry from full_proxy_write+0x5c/0x8c # [ 207.209444] full_proxy_write from vfs_write+0xbc/0x3cc # [ 207.215020] vfs_write from ksys_write+0x78/0xf8 # [ 207.219895] ksys_write from ret_fast_syscall+0x0/0x1c # [ 207.225268] Exception stack(0xf212dfa8 to 0xf212dff0) # [ 207.230628] dfa0: 0000001f 0000001f 00000001 b6dd8000 0000001f 00000001 # [ 207.239103] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6dd8000 00020000 0041fe38 # [ 207.247573] dfe0: 00000004 beade788 b6e9e33b b6e17616 # [ 207.253291] ---[ end trace 0000000000000000 ]--- # [ 207.257862] lkdtm: Overflow detected: saturated # REFCOUNT_INC_NOT_ZERO_OVERFLOW: saw 'call trace:': ok ok 52 selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh <6>[ 208.632930] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_OVERFLOW <6>[ 208.638760] lkdtm: attempting bad refcount_add_not_zero() overflow <4>[ 208.645226] ------------[ cut here ]------------ <4>[ 208.650491] WARNING: CPU: 1 PID: 3442 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 208.659902] refcount_t: saturated; leaking memory. <4>[ 208.664955] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 208.703042] CPU: 1 UID: 0 PID: 3442 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 208.712550] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 208.717807] Hardware name: STM32 (Device Tree Support) <4>[ 208.723258] Call trace: <4>[ 208.723273] unwind_backtrace from show_stack+0x18/0x1c <4>[ 208.731480] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 208.736851] dump_stack_lvl from __warn+0x84/0x134 <4>[ 208.741928] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 208.747310] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 208.755104] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW+0x40/0x80 <4>[ 208.764503] lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 208.772191] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 208.777958] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 208.783627] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 208.789202] vfs_write from ksys_write+0x78/0xf8 <4>[ 208.794078] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 208.799449] Exception stack(0xf2179fa8 to 0xf2179ff0) <4>[ 208.804810] 9fa0: 0000001f 0000001f 00000001 b6e68000 0000001f 00000001 <4>[ 208.813285] 9fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e68000 00020000 0042fe38 <4>[ 208.821757] 9fe0: 00000004 bef68788 b6f2e33b b6ea7616 <4>[ 208.827252] ---[ end trace 0000000000000000 ]--- <6>[ 208.832120] lkdtm: Overflow detected: saturated # [ 208.632930] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_OVERFLOW # [ 208.638760] lkdtm: attempting bad refcount_add_not_zero() overflow # [ 208.645226] ------------[ cut here ]------------ # [ 208.650491] WARNING: CPU: 1 PID: 3442 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 208.659902] refcount_t: saturated; leaking memory. # [ 208.664955] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 208.703042] CPU: 1 UID: 0 PID: 3442 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 208.712550] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 208.717807] Hardware name: STM32 (Device Tree Support) # [ 208.723258] Call trace: # [ 208.723273] unwind_backtrace from show_stack+0x18/0x1c # [ 208.731480] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 208.736851] dump_stack_lvl from __warn+0x84/0x134 # [ 208.741928] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 208.747310] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 208.755104] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW+0x40/0x80 # [ 208.764503] lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 208.772191] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 208.777958] direct_entry from full_proxy_write+0x5c/0x8c # [ 208.783627] full_proxy_write from vfs_write+0xbc/0x3cc # [ 208.789202] vfs_write from ksys_write+0x78/0xf8 # [ 208.794078] ksys_write from ret_fast_syscall+0x0/0x1c # [ 208.799449] Exception stack(0xf2179fa8 to 0xf2179ff0) # [ 208.804810] 9fa0: 0000001f 0000001f 00000001 b6e68000 0000001f 00000001 # [ 208.813285] 9fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e68000 00020000 0042fe38 # [ 208.821757] 9fe0: 00000004 bef68788 b6f2e33b b6ea7616 # [ 208.827252] ---[ end trace 0000000000000000 ]--- # [ 208.832120] lkdtm: Overflow detected: saturated # REFCOUNT_ADD_NOT_ZERO_OVERFLOW: saw 'call trace:': ok ok 53 selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_ZERO.sh <6>[ 210.186796] lkdtm: Performing direct entry REFCOUNT_DEC_ZERO <6>[ 210.191668] lkdtm: attempting good refcount_dec() <6>[ 210.196412] lkdtm: attempting bad refcount_dec() to zero <4>[ 210.202560] ------------[ cut here ]------------ <4>[ 210.206926] WARNING: CPU: 1 PID: 3481 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 <4>[ 210.215641] refcount_t: decrement hit 0; leaking memory. <4>[ 210.221292] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 210.259351] CPU: 1 UID: 0 PID: 3481 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 210.268866] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 210.274119] Hardware name: STM32 (Device Tree Support) <4>[ 210.279571] Call trace: <4>[ 210.279587] unwind_backtrace from show_stack+0x18/0x1c <4>[ 210.287793] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 210.293164] dump_stack_lvl from __warn+0x84/0x134 <4>[ 210.298240] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 210.303621] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 <4>[ 210.310409] lkdtm_REFCOUNT_DEC_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 210.316888] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 210.322656] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 210.328425] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 210.333900] vfs_write from ksys_write+0x78/0xf8 <4>[ 210.338776] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 210.344248] Exception stack(0xf21b9fa8 to 0xf21b9ff0) <4>[ 210.349508] 9fa0: 00000012 00000012 00000001 b6e34000 00000012 00000001 <4>[ 210.357987] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e34000 00020000 004dfe38 <4>[ 210.366461] 9fe0: 00000004 beb4d788 b6efa33b b6e73616 <4>[ 210.371914] ---[ end trace 0000000000000000 ]--- <6>[ 210.376749] lkdtm: Zero detected: saturated # [ 210.186796] lkdtm: Performing direct entry REFCOUNT_DEC_ZERO # [ 210.191668] lkdtm: attempting good refcount_dec() # [ 210.196412] lkdtm: attempting bad refcount_dec() to zero # [ 210.202560] ------------[ cut here ]------------ # [ 210.206926] WARNING: CPU: 1 PID: 3481 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 # [ 210.215641] refcount_t: decrement hit 0; leaking memory. # [ 210.221292] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 210.259351] CPU: 1 UID: 0 PID: 3481 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 210.268866] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 210.274119] Hardware name: STM32 (Device Tree Support) # [ 210.279571] Call trace: # [ 210.279587] unwind_backtrace from show_stack+0x18/0x1c # [ 210.287793] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 210.293164] dump_stack_lvl from __warn+0x84/0x134 # [ 210.298240] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 210.303621] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 # [ 210.310409] lkdtm_REFCOUNT_DEC_ZERO from lkdtm_do_action+0x24/0x4c # [ 210.316888] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 210.322656] direct_entry from full_proxy_write+0x5c/0x8c # [ 210.328425] full_proxy_write from vfs_write+0xbc/0x3cc # [ 210.333900] vfs_write from ksys_write+0x78/0xf8 # [ 210.338776] ksys_write from ret_fast_syscall+0x0/0x1c # [ 210.344248] Exception stack(0xf21b9fa8 to 0xf21b9ff0) # [ 210.349508] 9fa0: 00000012 00000012 00000001 b6e34000 00000012 00000001 # [ 210.357987] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e34000 00020000 004dfe38 # [ 210.366461] 9fe0: 00000004 beb4d788 b6efa33b b6e73616 # [ 210.371914] ---[ end trace 0000000000000000 ]--- # [ 210.376749] lkdtm: Zero detected: saturated # REFCOUNT_DEC_ZERO: saw 'call trace:': ok ok 54 selftests: lkdtm: REFCOUNT_DEC_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_NEGATIVE.sh <6>[ 211.871102] lkdtm: Performing direct entry REFCOUNT_DEC_NEGATIVE <6>[ 211.876118] lkdtm: attempting bad refcount_dec() below zero <4>[ 211.882106] ------------[ cut here ]------------ <4>[ 211.886900] WARNING: CPU: 1 PID: 3525 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c <4>[ 211.895897] refcount_t: decrement hit 0; leaking memory. <4>[ 211.901551] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 211.939726] CPU: 1 UID: 0 PID: 3525 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 211.949135] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 211.954390] Hardware name: STM32 (Device Tree Support) <4>[ 211.959841] Call trace: <4>[ 211.959857] unwind_backtrace from show_stack+0x18/0x1c <4>[ 211.968163] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 211.973434] dump_stack_lvl from __warn+0x84/0x134 <4>[ 211.978512] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 211.983894] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c <4>[ 211.990983] lkdtm_REFCOUNT_DEC_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 211.997865] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 212.003632] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 212.009400] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 212.014877] vfs_write from ksys_write+0x78/0xf8 <4>[ 212.019754] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 212.025128] Exception stack(0xf21fdfa8 to 0xf21fdff0) <4>[ 212.030489] dfa0: 00000016 00000016 00000001 b6e48000 00000016 00000001 <4>[ 212.038963] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e48000 00020000 0049fe38 <4>[ 212.047433] dfe0: 00000004 be930788 b6f0e33b b6e87616 <4>[ 212.052896] ---[ end trace 0000000000000000 ]--- <6>[ 212.057739] lkdtm: Negative detected: saturated # [ 211.871102] lkdtm: Performing direct entry REFCOUNT_DEC_NEGATIVE # [ 211.876118] lkdtm: attempting bad refcount_dec() below zero # [ 211.882106] ------------[ cut here ]------------ # [ 211.886900] WARNING: CPU: 1 PID: 3525 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c # [ 211.895897] refcount_t: decrement hit 0; leaking memory. # [ 211.901551] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 211.939726] CPU: 1 UID: 0 PID: 3525 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 211.949135] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 211.954390] Hardware name: STM32 (Device Tree Support) # [ 211.959841] Call trace: # [ 211.959857] unwind_backtrace from show_stack+0x18/0x1c # [ 211.968163] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 211.973434] dump_stack_lvl from __warn+0x84/0x134 # [ 211.978512] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 211.983894] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c # [ 211.990983] lkdtm_REFCOUNT_DEC_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 211.997865] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 212.003632] direct_entry from full_proxy_write+0x5c/0x8c # [ 212.009400] full_proxy_write from vfs_write+0xbc/0x3cc # [ 212.014877] vfs_write from ksys_write+0x78/0xf8 # [ 212.019754] ksys_write from ret_fast_syscall+0x0/0x1c # [ 212.025128] Exception stack(0xf21fdfa8 to 0xf21fdff0) # [ 212.030489] dfa0: 00000016 00000016 00000001 b6e48000 00000016 00000001 # [ 212.038963] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e48000 00020000 0049fe38 # [ 212.047433] dfe0: 00000004 be930788 b6f0e33b b6e87616 # [ 212.052896] ---[ end trace 0000000000000000 ]--- # [ 212.057739] lkdtm: Negative detected: saturated # REFCOUNT_DEC_NEGATIVE: saw 'Negative detected: saturated': ok ok 55 selftests: lkdtm: REFCOUNT_DEC_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_AND_TEST_NEGATIVE.sh <6>[ 213.512369] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_NEGATIVE <6>[ 213.518174] lkdtm: attempting bad refcount_dec_and_test() below zero <4>[ 213.525270] ------------[ cut here ]------------ <4>[ 213.529761] WARNING: CPU: 0 PID: 3569 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 213.539496] refcount_t: underflow; use-after-free. <4>[ 213.544874] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 213.582892] CPU: 0 UID: 0 PID: 3569 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 213.592205] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 213.597353] Hardware name: STM32 (Device Tree Support) <4>[ 213.602802] Call trace: <4>[ 213.602817] unwind_backtrace from show_stack+0x18/0x1c <4>[ 213.611121] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 213.616491] dump_stack_lvl from __warn+0x84/0x134 <4>[ 213.621468] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 213.626949] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 213.634742] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE+0x3c/0x80 <4>[ 213.644142] lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 213.651826] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 213.657592] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 213.663261] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 213.668738] vfs_write from ksys_write+0x78/0xf8 <4>[ 213.673714] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 213.679086] Exception stack(0xf2239fa8 to 0xf2239ff0) <4>[ 213.684445] 9fa0: 0000001f 0000001f 00000001 b6da8000 0000001f 00000001 <4>[ 213.692920] 9fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6da8000 00020000 0047fe38 <4>[ 213.701390] 9fe0: 00000004 be82a788 b6e6e33b b6de7616 <4>[ 213.707040] ---[ end trace 0000000000000000 ]--- <6>[ 213.711697] lkdtm: Negative detected: saturated # [ 213.512369] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_NEGATIVE # [ 213.518174] lkdtm: attempting bad refcount_dec_and_test() below zero # [ 213.525270] ------------[ cut here ]------------ # [ 213.529761] WARNING: CPU: 0 PID: 3569 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 213.539496] refcount_t: underflow; use-after-free. # [ 213.544874] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 213.582892] CPU: 0 UID: 0 PID: 3569 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 213.592205] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 213.597353] Hardware name: STM32 (Device Tree Support) # [ 213.602802] Call trace: # [ 213.602817] unwind_backtrace from show_stack+0x18/0x1c # [ 213.611121] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 213.616491] dump_stack_lvl from __warn+0x84/0x134 # [ 213.621468] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 213.626949] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 213.634742] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE+0x3c/0x80 # [ 213.644142] lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 213.651826] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 213.657592] direct_entry from full_proxy_write+0x5c/0x8c # [ 213.663261] full_proxy_write from vfs_write+0xbc/0x3cc # [ 213.668738] vfs_write from ksys_write+0x78/0xf8 # [ 213.673714] ksys_write from ret_fast_syscall+0x0/0x1c # [ 213.679086] Exception stack(0xf2239fa8 to 0xf2239ff0) # [ 213.684445] 9fa0: 0000001f 0000001f 00000001 b6da8000 0000001f 00000001 # [ 213.692920] 9fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6da8000 00020000 0047fe38 # [ 213.701390] 9fe0: 00000004 be82a788 b6e6e33b b6de7616 # [ 213.707040] ---[ end trace 0000000000000000 ]--- # [ 213.711697] lkdtm: Negative detected: saturated # REFCOUNT_DEC_AND_TEST_NEGATIVE: saw 'Negative detected: saturated': ok ok 56 selftests: lkdtm: REFCOUNT_DEC_AND_TEST_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_SUB_AND_TEST_NEGATIVE.sh <6>[ 215.190068] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_NEGATIVE <6>[ 215.196028] lkdtm: attempting bad refcount_sub_and_test() below zero <4>[ 215.202474] ------------[ cut here ]------------ <4>[ 215.207869] WARNING: CPU: 1 PID: 3614 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 215.217327] refcount_t: underflow; use-after-free. <4>[ 215.222293] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 215.260331] CPU: 1 UID: 0 PID: 3614 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 215.269841] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 215.275098] Hardware name: STM32 (Device Tree Support) <4>[ 215.280546] Call trace: <4>[ 215.280563] unwind_backtrace from show_stack+0x18/0x1c <4>[ 215.288872] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 215.294143] dump_stack_lvl from __warn+0x84/0x134 <4>[ 215.299220] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 215.304600] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 215.312395] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE+0x40/0x84 <4>[ 215.321895] lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 215.329578] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 215.335345] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 215.341013] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 215.346489] vfs_write from ksys_write+0x78/0xf8 <4>[ 215.351364] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 215.356836] Exception stack(0xf227dfa8 to 0xf227dff0) <4>[ 215.362095] dfa0: 0000001f 0000001f 00000001 b6e48000 0000001f 00000001 <4>[ 215.370570] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 <4>[ 215.379041] dfe0: 00000004 bef12788 b6f0e33b b6e87616 <4>[ 215.384499] ---[ end trace 0000000000000000 ]--- <6>[ 215.389333] lkdtm: Negative detected: saturated # [ 215.190068] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_NEGATIVE # [ 215.196028] lkdtm: attempting bad refcount_sub_and_test() below zero # [ 215.202474] ------------[ cut here ]------------ # [ 215.207869] WARNING: CPU: 1 PID: 3614 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 215.217327] refcount_t: underflow; use-after-free. # [ 215.222293] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 215.260331] CPU: 1 UID: 0 PID: 3614 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 215.269841] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 215.275098] Hardware name: STM32 (Device Tree Support) # [ 215.280546] Call trace: # [ 215.280563] unwind_backtrace from show_stack+0x18/0x1c # [ 215.288872] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 215.294143] dump_stack_lvl from __warn+0x84/0x134 # [ 215.299220] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 215.304600] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 215.312395] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE+0x40/0x84 # [ 215.321895] lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 215.329578] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 215.335345] direct_entry from full_proxy_write+0x5c/0x8c # [ 215.341013] full_proxy_write from vfs_write+0xbc/0x3cc # [ 215.346489] vfs_write from ksys_write+0x78/0xf8 # [ 215.351364] ksys_write from ret_fast_syscall+0x0/0x1c # [ 215.356836] Exception stack(0xf227dfa8 to 0xf227dff0) # [ 215.362095] dfa0: 0000001f 0000001f 00000001 b6e48000 0000001f 00000001 # [ 215.370570] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 # [ 215.379041] dfe0: 00000004 bef12788 b6f0e33b b6e87616 # [ 215.384499] ---[ end trace 0000000000000000 ]--- # [ 215.389333] lkdtm: Negative detected: saturated # REFCOUNT_SUB_AND_TEST_NEGATIVE: saw 'Negative detected: saturated': ok ok 57 selftests: lkdtm: REFCOUNT_SUB_AND_TEST_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_ZERO.sh <6>[ 216.793390] lkdtm: Performing direct entry REFCOUNT_INC_ZERO <6>[ 216.798091] lkdtm: attempting safe refcount_inc_not_zero() from zero <6>[ 216.805331] lkdtm: Good: zero detected <6>[ 216.808685] lkdtm: Correctly stayed at zero <6>[ 216.813114] lkdtm: attempting bad refcount_inc() from zero <4>[ 216.818940] ------------[ cut here ]------------ <4>[ 216.823892] WARNING: CPU: 0 PID: 3653 at lib/refcount.c:25 lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 <4>[ 216.832773] refcount_t: addition on 0; use-after-free. <4>[ 216.838165] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 216.876083] CPU: 0 UID: 0 PID: 3653 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 216.885591] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 216.890843] Hardware name: STM32 (Device Tree Support) <4>[ 216.896294] Call trace: <4>[ 216.896309] unwind_backtrace from show_stack+0x18/0x1c <4>[ 216.904616] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 216.909889] dump_stack_lvl from __warn+0x84/0x134 <4>[ 216.914966] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 216.920346] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 <4>[ 216.927136] lkdtm_REFCOUNT_INC_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 216.933717] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 216.939483] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 216.945151] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 216.950626] vfs_write from ksys_write+0x78/0xf8 <4>[ 216.955504] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 216.960978] Exception stack(0xf22c1fa8 to 0xf22c1ff0) <4>[ 216.966238] 1fa0: 00000012 00000012 00000001 b6e28000 00000012 00000001 <4>[ 216.974714] 1fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e28000 00020000 004afe38 <4>[ 216.983184] 1fe0: 00000004 bee53788 b6eee33b b6e67616 <4>[ 216.990058] ---[ end trace 0000000000000000 ]--- <6>[ 216.993662] lkdtm: Zero detected: saturated # [ 216.793390] lkdtm: Performing direct entry REFCOUNT_INC_ZERO # [ 216.798091] lkdtm: attempting safe refcount_inc_not_zero() from zero # [ 216.805331] lkdtm: Good: zero detected # [ 216.808685] lkdtm: Correctly stayed at zero # [ 216.813114] lkdtm: attempting bad refcount_inc() from zero # [ 216.818940] ------------[ cut here ]------------ # [ 216.823892] WARNING: CPU: 0 PID: 3653 at lib/refcount.c:25 lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 # [ 216.832773] refcount_t: addition on 0; use-after-free. # [ 216.838165] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 216.876083] CPU: 0 UID: 0 PID: 3653 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 216.885591] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 216.890843] Hardware name: STM32 (Device Tree Support) # [ 216.896294] Call trace: # [ 216.896309] unwind_backtrace from show_stack+0x18/0x1c # [ 216.904616] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 216.909889] dump_stack_lvl from __warn+0x84/0x134 # [ 216.914966] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 216.920346] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 # [ 216.927136] lkdtm_REFCOUNT_INC_ZERO from lkdtm_do_action+0x24/0x4c # [ 216.933717] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 216.939483] direct_entry from full_proxy_write+0x5c/0x8c # [ 216.945151] full_proxy_write from vfs_write+0xbc/0x3cc # [ 216.950626] vfs_write from ksys_write+0x78/0xf8 # [ 216.955504] ksys_write from ret_fast_syscall+0x0/0x1c # [ 216.960978] Exception stack(0xf22c1fa8 to 0xf22c1ff0) # [ 216.966238] 1fa0: 00000012 00000012 00000001 b6e28000 00000012 00000001 # [ 216.974714] 1fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e28000 00020000 004afe38 # [ 216.983184] 1fe0: 00000004 bee53788 b6eee33b b6e67616 # [ 216.990058] ---[ end trace 0000000000000000 ]--- # [ 216.993662] lkdtm: Zero detected: saturated # REFCOUNT_INC_ZERO: saw 'call trace:': ok ok 58 selftests: lkdtm: REFCOUNT_INC_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_ZERO.sh <6>[ 218.421810] lkdtm: Performing direct entry REFCOUNT_ADD_ZERO <6>[ 218.427139] lkdtm: attempting safe refcount_add_not_zero() from zero <6>[ 218.433096] lkdtm: Good: zero detected <6>[ 218.437165] lkdtm: Correctly stayed at zero <6>[ 218.441547] lkdtm: attempting bad refcount_add() from zero <4>[ 218.447398] ------------[ cut here ]------------ <4>[ 218.452283] WARNING: CPU: 1 PID: 3692 at lib/refcount.c:25 lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 <4>[ 218.460978] refcount_t: addition on 0; use-after-free. <4>[ 218.466404] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 218.504514] CPU: 1 UID: 0 PID: 3692 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 218.514026] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 218.519278] Hardware name: STM32 (Device Tree Support) <4>[ 218.524628] Call trace: <4>[ 218.524643] unwind_backtrace from show_stack+0x18/0x1c <4>[ 218.532951] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 218.538323] dump_stack_lvl from __warn+0x84/0x134 <4>[ 218.543401] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 218.548782] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 <4>[ 218.555472] lkdtm_REFCOUNT_ADD_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 218.562054] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 218.567822] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 218.573492] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 218.578967] vfs_write from ksys_write+0x78/0xf8 <4>[ 218.583944] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 218.589317] Exception stack(0xf22f9fa8 to 0xf22f9ff0) <4>[ 218.594677] 9fa0: 00000012 00000012 00000001 b6e18000 00000012 00000001 <4>[ 218.603153] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e18000 00020000 004afe38 <4>[ 218.611623] 9fe0: 00000004 bea57788 b6ede33b b6e57616 <4>[ 218.617073] ---[ end trace 0000000000000000 ]--- <6>[ 218.621917] lkdtm: Zero detected: saturated # [ 218.421810] lkdtm: Performing direct entry REFCOUNT_ADD_ZERO # [ 218.427139] lkdtm: attempting safe refcount_add_not_zero() from zero # [ 218.433096] lkdtm: Good: zero detected # [ 218.437165] lkdtm: Correctly stayed at zero # [ 218.441547] lkdtm: attempting bad refcount_add() from zero # [ 218.447398] ------------[ cut here ]------------ # [ 218.452283] WARNING: CPU: 1 PID: 3692 at lib/refcount.c:25 lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 # [ 218.460978] refcount_t: addition on 0; use-after-free. # [ 218.466404] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 218.504514] CPU: 1 UID: 0 PID: 3692 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 218.514026] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 218.519278] Hardware name: STM32 (Device Tree Support) # [ 218.524628] Call trace: # [ 218.524643] unwind_backtrace from show_stack+0x18/0x1c # [ 218.532951] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 218.538323] dump_stack_lvl from __warn+0x84/0x134 # [ 218.543401] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 218.548782] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 # [ 218.555472] lkdtm_REFCOUNT_ADD_ZERO from lkdtm_do_action+0x24/0x4c # [ 218.562054] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 218.567822] direct_entry from full_proxy_write+0x5c/0x8c # [ 218.573492] full_proxy_write from vfs_write+0xbc/0x3cc # [ 218.578967] vfs_write from ksys_write+0x78/0xf8 # [ 218.583944] ksys_write from ret_fast_syscall+0x0/0x1c # [ 218.589317] Exception stack(0xf22f9fa8 to 0xf22f9ff0) # [ 218.594677] 9fa0: 00000012 00000012 00000001 b6e18000 00000012 00000001 # [ 218.603153] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e18000 00020000 004afe38 # [ 218.611623] 9fe0: 00000004 bea57788 b6ede33b b6e57616 # [ 218.617073] ---[ end trace 0000000000000000 ]--- # [ 218.621917] lkdtm: Zero detected: saturated # REFCOUNT_ADD_ZERO: saw 'call trace:': ok ok 59 selftests: lkdtm: REFCOUNT_ADD_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_SATURATED.sh <6>[ 220.145719] lkdtm: Performing direct entry REFCOUNT_INC_SATURATED <6>[ 220.150849] lkdtm: attempting bad refcount_inc() from saturated <4>[ 220.157253] ------------[ cut here ]------------ <4>[ 220.162460] WARNING: CPU: 0 PID: 3736 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c <4>[ 220.171153] refcount_t: saturated; leaking memory. <4>[ 220.176227] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 220.214490] CPU: 0 UID: 0 PID: 3736 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 220.223807] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 220.229069] Hardware name: STM32 (Device Tree Support) <4>[ 220.234426] Call trace: <4>[ 220.234444] unwind_backtrace from show_stack+0x18/0x1c <4>[ 220.242758] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 220.248029] dump_stack_lvl from __warn+0x84/0x134 <4>[ 220.253106] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 220.258587] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c <4>[ 220.265679] lkdtm_REFCOUNT_INC_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 220.272663] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 220.278429] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 220.284098] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 220.289674] vfs_write from ksys_write+0x78/0xf8 <4>[ 220.294550] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 220.299922] Exception stack(0xf2345fa8 to 0xf2345ff0) <4>[ 220.305282] 5fa0: 00000017 00000017 00000001 b6dc8000 00000017 00000001 <4>[ 220.313758] 5fc0: 00000017 00000017 7ff00000 00000004 00000001 b6dc8000 00020000 0042fe38 <4>[ 220.322227] 5fe0: 00000004 be802788 b6e8e33b b6e07616 <4>[ 220.333623] ---[ end trace 0000000000000000 ]--- <6>[ 220.337774] lkdtm: Saturation detected: still saturated # [ 220.145719] lkdtm: Performing direct entry REFCOUNT_INC_SATURATED # [ 220.150849] lkdtm: attempting bad refcount_inc() from saturated # [ 220.157253] ------------[ cut here ]------------ # [ 220.162460] WARNING: CPU: 0 PID: 3736 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c # [ 220.171153] refcount_t: saturated; leaking memory. # [ 220.176227] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 220.214490] CPU: 0 UID: 0 PID: 3736 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 220.223807] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 220.229069] Hardware name: STM32 (Device Tree Support) # [ 220.234426] Call trace: # [ 220.234444] unwind_backtrace from show_stack+0x18/0x1c # [ 220.242758] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 220.248029] dump_stack_lvl from __warn+0x84/0x134 # [ 220.253106] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 220.258587] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c # [ 220.265679] lkdtm_REFCOUNT_INC_SATURATED from lkdtm_do_action+0x24/0x4c # [ 220.272663] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 220.278429] direct_entry from full_proxy_write+0x5c/0x8c # [ 220.284098] full_proxy_write from vfs_write+0xbc/0x3cc # [ 220.289674] vfs_write from ksys_write+0x78/0xf8 # [ 220.294550] ksys_write from ret_fast_syscall+0x0/0x1c # [ 220.299922] Exception stack(0xf2345fa8 to 0xf2345ff0) # [ 220.305282] 5fa0: 00000017 00000017 00000001 b6dc8000 00000017 00000001 # [ 220.313758] 5fc0: 00000017 00000017 7ff00000 00000004 00000001 b6dc8000 00020000 0042fe38 # [ 220.322227] 5fe0: 00000004 be802788 b6e8e33b b6e07616 # [ 220.333623] ---[ end trace 0000000000000000 ]--- # [ 220.337774] lkdtm: Saturation detected: still saturated # REFCOUNT_INC_SATURATED: saw 'Saturation detected: still saturated': ok ok 60 selftests: lkdtm: REFCOUNT_INC_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_SATURATED.sh <6>[ 221.861047] lkdtm: Performing direct entry REFCOUNT_DEC_SATURATED <6>[ 221.866179] lkdtm: attempting bad refcount_dec() from saturated <4>[ 221.872630] ------------[ cut here ]------------ <4>[ 221.877277] WARNING: CPU: 1 PID: 3780 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 <4>[ 221.886392] refcount_t: decrement hit 0; leaking memory. <4>[ 221.892049] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 221.930167] CPU: 1 UID: 0 PID: 3780 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 221.939675] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 221.944829] Hardware name: STM32 (Device Tree Support) <4>[ 221.950279] Call trace: <4>[ 221.950295] unwind_backtrace from show_stack+0x18/0x1c <4>[ 221.958601] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 221.963872] dump_stack_lvl from __warn+0x84/0x134 <4>[ 221.968948] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 221.974431] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 <4>[ 221.981527] lkdtm_REFCOUNT_DEC_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 221.988512] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 221.994281] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 221.999954] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 222.005531] vfs_write from ksys_write+0x78/0xf8 <4>[ 222.010407] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 222.015779] Exception stack(0xf238dfa8 to 0xf238dff0) <4>[ 222.021140] dfa0: 00000017 00000017 00000001 b6dd8000 00000017 00000001 <4>[ 222.029615] dfc0: 00000017 00000017 7ff00000 00000004 00000001 b6dd8000 00020000 004cfe38 <4>[ 222.038085] dfe0: 00000004 beb4e788 b6e9e33b b6e17616 <4>[ 222.043557] ---[ end trace 0000000000000000 ]--- <6>[ 222.048391] lkdtm: Saturation detected: still saturated # [ 221.861047] lkdtm: Performing direct entry REFCOUNT_DEC_SATURATED # [ 221.866179] lkdtm: attempting bad refcount_dec() from saturated # [ 221.872630] ------------[ cut here ]------------ # [ 221.877277] WARNING: CPU: 1 PID: 3780 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 # [ 221.886392] refcount_t: decrement hit 0; leaking memory. # [ 221.892049] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 221.930167] CPU: 1 UID: 0 PID: 3780 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 221.939675] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 221.944829] Hardware name: STM32 (Device Tree Support) # [ 221.950279] Call trace: # [ 221.950295] unwind_backtrace from show_stack+0x18/0x1c # [ 221.958601] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 221.963872] dump_stack_lvl from __warn+0x84/0x134 # [ 221.968948] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 221.974431] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 # [ 221.981527] lkdtm_REFCOUNT_DEC_SATURATED from lkdtm_do_action+0x24/0x4c # [ 221.988512] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 221.994281] direct_entry from full_proxy_write+0x5c/0x8c # [ 221.999954] full_proxy_write from vfs_write+0xbc/0x3cc # [ 222.005531] vfs_write from ksys_write+0x78/0xf8 # [ 222.010407] ksys_write from ret_fast_syscall+0x0/0x1c # [ 222.015779] Exception stack(0xf238dfa8 to 0xf238dff0) # [ 222.021140] dfa0: 00000017 00000017 00000001 b6dd8000 00000017 00000001 # [ 222.029615] dfc0: 00000017 00000017 7ff00000 00000004 00000001 b6dd8000 00020000 004cfe38 # [ 222.038085] dfe0: 00000004 beb4e788 b6e9e33b b6e17616 # [ 222.043557] ---[ end trace 0000000000000000 ]--- # [ 222.048391] lkdtm: Saturation detected: still saturated # REFCOUNT_DEC_SATURATED: saw 'Saturation detected: still saturated': ok ok 61 selftests: lkdtm: REFCOUNT_DEC_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_SATURATED.sh <6>[ 223.534729] lkdtm: Performing direct entry REFCOUNT_ADD_SATURATED <6>[ 223.540546] lkdtm: attempting bad refcount_dec() from saturated <4>[ 223.546024] ------------[ cut here ]------------ <4>[ 223.551001] WARNING: CPU: 0 PID: 3824 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c <4>[ 223.560385] refcount_t: saturated; leaking memory. <4>[ 223.565161] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 223.603464] CPU: 0 UID: 0 PID: 3824 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 223.612775] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 223.618028] Hardware name: STM32 (Device Tree Support) <4>[ 223.623480] Call trace: <4>[ 223.623495] unwind_backtrace from show_stack+0x18/0x1c <4>[ 223.631803] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 223.637077] dump_stack_lvl from __warn+0x84/0x134 <4>[ 223.642155] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 223.647536] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c <4>[ 223.654729] lkdtm_REFCOUNT_ADD_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 223.661712] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 223.667479] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 223.673146] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 223.678723] vfs_write from ksys_write+0x78/0xf8 <4>[ 223.683599] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 223.688970] Exception stack(0xf23cdfa8 to 0xf23cdff0) <4>[ 223.694330] dfa0: 00000017 00000017 00000001 b6db8000 00000017 00000001 <4>[ 223.702804] dfc0: 00000017 00000017 7ff00000 00000004 00000001 b6db8000 00020000 0042fe38 <4>[ 223.711274] dfe0: 00000004 be8af788 b6e7e33b b6df7616 <4>[ 223.717126] ---[ end trace 0000000000000000 ]--- <6>[ 223.721583] lkdtm: Saturation detected: still saturated # [ 223.534729] lkdtm: Performing direct entry REFCOUNT_ADD_SATURATED # [ 223.540546] lkdtm: attempting bad refcount_dec() from saturated # [ 223.546024] ------------[ cut here ]------------ # [ 223.551001] WARNING: CPU: 0 PID: 3824 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c # [ 223.560385] refcount_t: saturated; leaking memory. # [ 223.565161] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 223.603464] CPU: 0 UID: 0 PID: 3824 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 223.612775] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 223.618028] Hardware name: STM32 (Device Tree Support) # [ 223.623480] Call trace: # [ 223.623495] unwind_backtrace from show_stack+0x18/0x1c # [ 223.631803] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 223.637077] dump_stack_lvl from __warn+0x84/0x134 # [ 223.642155] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 223.647536] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c # [ 223.654729] lkdtm_REFCOUNT_ADD_SATURATED from lkdtm_do_action+0x24/0x4c # [ 223.661712] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 223.667479] direct_entry from full_proxy_write+0x5c/0x8c # [ 223.673146] full_proxy_write from vfs_write+0xbc/0x3cc # [ 223.678723] vfs_write from ksys_write+0x78/0xf8 # [ 223.683599] ksys_write from ret_fast_syscall+0x0/0x1c # [ 223.688970] Exception stack(0xf23cdfa8 to 0xf23cdff0) # [ 223.694330] dfa0: 00000017 00000017 00000001 b6db8000 00000017 00000001 # [ 223.702804] dfc0: 00000017 00000017 7ff00000 00000004 00000001 b6db8000 00020000 0042fe38 # [ 223.711274] dfe0: 00000004 be8af788 b6e7e33b b6df7616 # [ 223.717126] ---[ end trace 0000000000000000 ]--- # [ 223.721583] lkdtm: Saturation detected: still saturated # REFCOUNT_ADD_SATURATED: saw 'Saturation detected: still saturated': ok ok 62 selftests: lkdtm: REFCOUNT_ADD_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_SATURATED.sh <6>[ 225.158507] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_SATURATED <6>[ 225.164415] lkdtm: attempting bad refcount_inc_not_zero() from saturated <4>[ 225.171385] ------------[ cut here ]------------ <4>[ 225.176257] WARNING: CPU: 1 PID: 3863 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 225.186054] refcount_t: saturated; leaking memory. <4>[ 225.191107] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 225.229200] CPU: 1 UID: 0 PID: 3863 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 225.238807] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 225.243960] Hardware name: STM32 (Device Tree Support) <4>[ 225.249411] Call trace: <4>[ 225.249426] unwind_backtrace from show_stack+0x18/0x1c <4>[ 225.257733] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 225.263003] dump_stack_lvl from __warn+0x84/0x134 <4>[ 225.268080] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 225.273560] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 225.281254] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED+0x40/0x80 <4>[ 225.290852] lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 225.298640] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 225.304407] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 225.310076] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 225.315551] vfs_write from ksys_write+0x78/0xf8 <4>[ 225.320427] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 225.325899] Exception stack(0xf2401fa8 to 0xf2401ff0) <4>[ 225.331160] 1fa0: 00000020 00000020 00000001 b6de8000 00000020 00000001 <4>[ 225.339737] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6de8000 00020000 0048fe38 <4>[ 225.348111] 1fe0: 00000004 bebc6788 b6eae33b b6e27616 <4>[ 225.353575] ---[ end trace 0000000000000000 ]--- <6>[ 225.358431] lkdtm: Saturation detected: still saturated # [ 225.158507] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_SATURATED # [ 225.164415] lkdtm: attempting bad refcount_inc_not_zero() from saturated # [ 225.171385] ------------[ cut here ]------------ # [ 225.176257] WARNING: CPU: 1 PID: 3863 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 225.186054] refcount_t: saturated; leaking memory. # [ 225.191107] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 225.229200] CPU: 1 UID: 0 PID: 3863 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 225.238807] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 225.243960] Hardware name: STM32 (Device Tree Support) # [ 225.249411] Call trace: # [ 225.249426] unwind_backtrace from show_stack+0x18/0x1c # [ 225.257733] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 225.263003] dump_stack_lvl from __warn+0x84/0x134 # [ 225.268080] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 225.273560] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 225.281254] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED+0x40/0x80 # [ 225.290852] lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c # [ 225.298640] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 225.304407] direct_entry from full_proxy_write+0x5c/0x8c # [ 225.310076] full_proxy_write from vfs_write+0xbc/0x3cc # [ 225.315551] vfs_write from ksys_write+0x78/0xf8 # [ 225.320427] ksys_write from ret_fast_syscall+0x0/0x1c # [ 225.325899] Exception stack(0xf2401fa8 to 0xf2401ff0) # [ 225.331160] 1fa0: 00000020 00000020 00000001 b6de8000 00000020 00000001 # [ 225.339737] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6de8000 00020000 0048fe38 # [ 225.348111] 1fe0: 00000004 bebc6788 b6eae33b b6e27616 # [ 225.353575] ---[ end trace 0000000000000000 ]--- # [ 225.358431] lkdtm: Saturation detected: still saturated # REFCOUNT_INC_NOT_ZERO_SATURATED: saw 'call trace:': ok ok 63 selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_SATURATED.sh <6>[ 226.786331] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_SATURATED <6>[ 226.792252] lkdtm: attempting bad refcount_add_not_zero() from saturated <4>[ 226.799219] ------------[ cut here ]------------ <4>[ 226.804506] WARNING: CPU: 1 PID: 3902 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 226.813920] refcount_t: saturated; leaking memory. <4>[ 226.818963] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 226.857038] CPU: 1 UID: 0 PID: 3902 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 226.866546] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 226.871801] Hardware name: STM32 (Device Tree Support) <4>[ 226.877253] Call trace: <4>[ 226.877269] unwind_backtrace from show_stack+0x18/0x1c <4>[ 226.885475] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 226.890845] dump_stack_lvl from __warn+0x84/0x134 <4>[ 226.895923] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 226.901303] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 226.909099] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED+0x40/0x80 <4>[ 226.918600] lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 226.926394] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 226.932163] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 226.937832] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 226.943308] vfs_write from ksys_write+0x78/0xf8 <4>[ 226.948283] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 226.953656] Exception stack(0xf243dfa8 to 0xf243dff0) <4>[ 226.959017] dfa0: 00000020 00000020 00000001 b6e38000 00000020 00000001 <4>[ 226.967491] dfc0: 00000020 00000020 7ff00000 00000004 00000001 b6e38000 00020000 0045fe38 <4>[ 226.975961] dfe0: 00000004 bece9788 b6efe33b b6e77616 <4>[ 226.981452] ---[ end trace 0000000000000000 ]--- <6>[ 226.986231] lkdtm: Saturation detected: still saturated # [ 226.786331] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_SATURATED # [ 226.792252] lkdtm: attempting bad refcount_add_not_zero() from saturated # [ 226.799219] ------------[ cut here ]------------ # [ 226.804506] WARNING: CPU: 1 PID: 3902 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 226.813920] refcount_t: saturated; leaking memory. # [ 226.818963] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 226.857038] CPU: 1 UID: 0 PID: 3902 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 226.866546] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 226.871801] Hardware name: STM32 (Device Tree Support) # [ 226.877253] Call trace: # [ 226.877269] unwind_backtrace from show_stack+0x18/0x1c # [ 226.885475] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 226.890845] dump_stack_lvl from __warn+0x84/0x134 # [ 226.895923] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 226.901303] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 226.909099] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED+0x40/0x80 # [ 226.918600] lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c # [ 226.926394] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 226.932163] direct_entry from full_proxy_write+0x5c/0x8c # [ 226.937832] full_proxy_write from vfs_write+0xbc/0x3cc # [ 226.943308] vfs_write from ksys_write+0x78/0xf8 # [ 226.948283] ksys_write from ret_fast_syscall+0x0/0x1c # [ 226.953656] Exception stack(0xf243dfa8 to 0xf243dff0) # [ 226.959017] dfa0: 00000020 00000020 00000001 b6e38000 00000020 00000001 # [ 226.967491] dfc0: 00000020 00000020 7ff00000 00000004 00000001 b6e38000 00020000 0045fe38 # [ 226.975961] dfe0: 00000004 bece9788 b6efe33b b6e77616 # [ 226.981452] ---[ end trace 0000000000000000 ]--- # [ 226.986231] lkdtm: Saturation detected: still saturated # REFCOUNT_ADD_NOT_ZERO_SATURATED: saw 'call trace:': ok ok 64 selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_AND_TEST_SATURATED.sh <6>[ 228.496282] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_SATURATED <6>[ 228.502184] lkdtm: attempting bad refcount_dec_and_test() from saturated <4>[ 228.509227] ------------[ cut here ]------------ <4>[ 228.514577] WARNING: CPU: 1 PID: 3946 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 228.523886] refcount_t: underflow; use-after-free. <4>[ 228.528924] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 228.567158] CPU: 1 UID: 0 PID: 3946 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 228.576570] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 228.581719] Hardware name: STM32 (Device Tree Support) <4>[ 228.587169] Call trace: <4>[ 228.587183] unwind_backtrace from show_stack+0x18/0x1c <4>[ 228.595487] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 228.600857] dump_stack_lvl from __warn+0x84/0x134 <4>[ 228.605833] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 228.611313] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 228.619106] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED+0x40/0x80 <4>[ 228.628607] lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 228.636391] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 228.642157] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 228.647825] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 228.653300] vfs_write from ksys_write+0x78/0xf8 <4>[ 228.658176] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 228.663649] Exception stack(0xf2481fa8 to 0xf2481ff0) <4>[ 228.669010] 1fa0: 00000020 00000020 00000001 b6de8000 00000020 00000001 <4>[ 228.677485] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6de8000 00020000 0042fe38 <4>[ 228.685955] 1fe0: 00000004 befdd788 b6eae33b b6e27616 <4>[ 228.691334] ---[ end trace 0000000000000000 ]--- <6>[ 228.696173] lkdtm: Saturation detected: still saturated # [ 228.496282] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_SATURATED # [ 228.502184] lkdtm: attempting bad refcount_dec_and_test() from saturated # [ 228.509227] ------------[ cut here ]------------ # [ 228.514577] WARNING: CPU: 1 PID: 3946 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 228.523886] refcount_t: underflow; use-after-free. # [ 228.528924] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 228.567158] CPU: 1 UID: 0 PID: 3946 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 228.576570] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 228.581719] Hardware name: STM32 (Device Tree Support) # [ 228.587169] Call trace: # [ 228.587183] unwind_backtrace from show_stack+0x18/0x1c # [ 228.595487] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 228.600857] dump_stack_lvl from __warn+0x84/0x134 # [ 228.605833] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 228.611313] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 228.619106] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED+0x40/0x80 # [ 228.628607] lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c # [ 228.636391] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 228.642157] direct_entry from full_proxy_write+0x5c/0x8c # [ 228.647825] full_proxy_write from vfs_write+0xbc/0x3cc # [ 228.653300] vfs_write from ksys_write+0x78/0xf8 # [ 228.658176] ksys_write from ret_fast_syscall+0x0/0x1c # [ 228.663649] Exception stack(0xf2481fa8 to 0xf2481ff0) # [ 228.669010] 1fa0: 00000020 00000020 00000001 b6de8000 00000020 00000001 # [ 228.677485] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6de8000 00020000 0042fe38 # [ 228.685955] 1fe0: 00000004 befdd788 b6eae33b b6e27616 # [ 228.691334] ---[ end trace 0000000000000000 ]--- # [ 228.696173] lkdtm: Saturation detected: still saturated # REFCOUNT_DEC_AND_TEST_SATURATED: saw 'Saturation detected: still saturated': ok ok 65 selftests: lkdtm: REFCOUNT_DEC_AND_TEST_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_SUB_AND_TEST_SATURATED.sh <6>[ 230.195917] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_SATURATED <6>[ 230.201839] lkdtm: attempting bad refcount_sub_and_test() from saturated <4>[ 230.208938] ------------[ cut here ]------------ <4>[ 230.213727] WARNING: CPU: 1 PID: 3990 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 230.223427] refcount_t: underflow; use-after-free. <4>[ 230.228575] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 230.266616] CPU: 1 UID: 0 PID: 3990 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 230.276126] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 230.281382] Hardware name: STM32 (Device Tree Support) <4>[ 230.286832] Call trace: <4>[ 230.286847] unwind_backtrace from show_stack+0x18/0x1c <4>[ 230.295154] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 230.300423] dump_stack_lvl from __warn+0x84/0x134 <4>[ 230.305501] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 230.310880] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 230.318673] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED+0x40/0x80 <4>[ 230.328275] lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 230.335960] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 230.341727] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 230.347497] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 230.352979] vfs_write from ksys_write+0x78/0xf8 <4>[ 230.357858] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 230.363232] Exception stack(0xf24c1fa8 to 0xf24c1ff0) <4>[ 230.368593] 1fa0: 00000020 00000020 00000001 b6da8000 00000020 00000001 <4>[ 230.377068] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6da8000 00020000 004dfe38 <4>[ 230.385538] 1fe0: 00000004 bec06788 b6e6e33b b6de7616 <4>[ 230.391007] ---[ end trace 0000000000000000 ]--- <6>[ 230.395860] lkdtm: Saturation detected: still saturated # [ 230.195917] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_SATURATED # [ 230.201839] lkdtm: attempting bad refcount_sub_and_test() from saturated # [ 230.208938] ------------[ cut here ]------------ # [ 230.213727] WARNING: CPU: 1 PID: 3990 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 230.223427] refcount_t: underflow; use-after-free. # [ 230.228575] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 230.266616] CPU: 1 UID: 0 PID: 3990 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 230.276126] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 230.281382] Hardware name: STM32 (Device Tree Support) # [ 230.286832] Call trace: # [ 230.286847] unwind_backtrace from show_stack+0x18/0x1c # [ 230.295154] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 230.300423] dump_stack_lvl from __warn+0x84/0x134 # [ 230.305501] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 230.310880] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 230.318673] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED+0x40/0x80 # [ 230.328275] lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c # [ 230.335960] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 230.341727] direct_entry from full_proxy_write+0x5c/0x8c # [ 230.347497] full_proxy_write from vfs_write+0xbc/0x3cc # [ 230.352979] vfs_write from ksys_write+0x78/0xf8 # [ 230.357858] ksys_write from ret_fast_syscall+0x0/0x1c # [ 230.363232] Exception stack(0xf24c1fa8 to 0xf24c1ff0) # [ 230.368593] 1fa0: 00000020 00000020 00000001 b6da8000 00000020 00000001 # [ 230.377068] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6da8000 00020000 004dfe38 # [ 230.385538] 1fe0: 00000004 bec06788 b6e6e33b b6de7616 # [ 230.391007] ---[ end trace 0000000000000000 ]--- # [ 230.395860] lkdtm: Saturation detected: still saturated # REFCOUNT_SUB_AND_TEST_SATURATED: saw 'Saturation detected: still saturated': ok ok 66 selftests: lkdtm: REFCOUNT_SUB_AND_TEST_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_TIMING.sh # Skipping REFCOUNT_TIMING: timing only ok 67 selftests: lkdtm: REFCOUNT_TIMING.sh # SKIP # timeout set to 45 # selftests: lkdtm: ATOMIC_TIMING.sh # Skipping ATOMIC_TIMING: timing only ok 68 selftests: lkdtm: ATOMIC_TIMING.sh # SKIP # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_SIZE_TO.sh <6>[ 233.218366] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_TO <6>[ 233.223589] lkdtm: attempting good copy_to_user of correct size <6>[ 233.229650] lkdtm: attempting bad copy_to_user of too large size <0>[ 233.236437] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-1k' (offset 16, size 1024)! <4>[ 233.246641] ------------[ cut here ]------------ <2>[ 233.251399] kernel BUG at mm/usercopy.c:102! <0>[ 233.255960] Internal error: Oops - BUG: 0 [#18] SMP ARM <4>[ 233.261431] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 233.299559] CPU: 1 UID: 0 PID: 4099 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 233.309169] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 233.314424] Hardware name: STM32 (Device Tree Support) <4>[ 233.319874] PC is at usercopy_abort+0x98/0x9c <4>[ 233.324444] LR is at usercopy_abort+0x98/0x9c <4>[ 233.329099] pc : [] lr : [] psr: 60080013 <4>[ 233.335657] sp : f2569e28 ip : 00000000 fp : 00000200 <4>[ 233.341109] r10: b6f95010 r9 : c527f010 r8 : c527f010 <4>[ 233.346662] r7 : 00000001 r6 : 00000400 r5 : 00000400 r4 : 00000010 <4>[ 233.353424] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 00000067 <4>[ 233.360286] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 233.367758] Control: 10c5387d Table: c57a406a DAC: 00000051 <1>[ 233.373712] Register r0 information: non-paged memory <1>[ 233.379076] Register r1 information: NULL pointer <1>[ 233.384031] Register r2 information: NULL pointer <1>[ 233.388984] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 233.402767] copy_process+0x1f4/0x1f64 <6>[ 233.407025] kernel_clone+0xac/0x388 <6>[ 233.411081] sys_clone+0x78/0x9c <6>[ 233.414835] ret_fast_syscall+0x0/0x1c <4>[ 233.419186] Free path: <6>[ 233.421916] rcu_core+0x2dc/0xb14 <6>[ 233.425670] handle_softirqs+0x15c/0x430 <6>[ 233.430128] irq_exit+0xac/0xd4 <6>[ 233.433879] call_with_stack+0x18/0x20 <6>[ 233.438138] __irq_svc+0x9c/0xb8 <6>[ 233.441886] mmioset+0x4c/0xac <6>[ 233.445439] unwind_frame+0x34/0x92c <6>[ 233.449596] arch_stack_walk+0x84/0x100 <6>[ 233.453948] stack_trace_save+0x50/0x78 <6>[ 233.458307] set_track_prepare+0x40/0x74 <6>[ 233.462765] free_to_partial_list+0x390/0x58c <6>[ 233.467626] kmem_cache_free+0x1a8/0x3c0 <6>[ 233.472085] unlink_anon_vmas+0x170/0x250 <6>[ 233.476641] free_pgtables+0xb4/0x27c <6>[ 233.480896] exit_mmap+0x190/0x424 <6>[ 233.484753] mmput+0x50/0x114 <1>[ 233.488305] Register r4 information: zero-size pointer <1>[ 233.493663] Register r5 information: non-paged memory <1>[ 233.499019] Register r6 information: non-paged memory <1>[ 233.504373] Register r7 information: non-paged memory <1>[ 233.509728] Register r8 information: slab kmalloc-1k start c527ec00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 233.524205] do_usercopy_slab_size+0x30/0x330 <6>[ 233.529080] lkdtm_do_action+0x24/0x4c <6>[ 233.533346] direct_entry+0x11c/0x140 <6>[ 233.537509] full_proxy_write+0x5c/0x8c <6>[ 233.541971] vfs_write+0xbc/0x3cc <6>[ 233.545733] ksys_write+0x78/0xf8 <6>[ 233.549597] ret_fast_syscall+0x0/0x1c <4>[ 233.553856] Free path: <6>[ 233.556590] nfs3_proc_create+0x1b4/0x2c4 <6>[ 233.561156] nfs_do_create+0xa8/0x178 <6>[ 233.565321] nfs_atomic_open_v23+0x84/0xd4 <6>[ 233.569989] path_openat+0xb18/0x1198 <6>[ 233.574144] do_filp_open+0x98/0x134 <6>[ 233.578295] do_sys_openat2+0xbc/0xe4 <6>[ 233.582451] sys_openat+0x98/0xd4 <6>[ 233.586303] ret_fast_syscall+0x0/0x1c <1>[ 233.590552] Register r9 information: slab kmalloc-1k start c527ec00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 233.605128] do_usercopy_slab_size+0x30/0x330 <6>[ 233.609989] lkdtm_do_action+0x24/0x4c <6>[ 233.614240] direct_entry+0x11c/0x140 <6>[ 233.618490] full_proxy_write+0x5c/0x8c <6>[ 233.622840] vfs_write+0xbc/0x3cc <6>[ 233.626696] ksys_write+0x78/0xf8 <6>[ 233.630551] ret_fast_syscall+0x0/0x1c <4>[ 233.634801] Free path: <6>[ 233.637531] nfs3_proc_create+0x1b4/0x2c4 <6>[ 233.642092] nfs_do_create+0xa8/0x178 <6>[ 233.646249] nfs_atomic_open_v23+0x84/0xd4 <6>[ 233.650909] path_openat+0xb18/0x1198 <6>[ 233.655060] do_filp_open+0x98/0x134 <6>[ 233.659209] do_sys_openat2+0xbc/0xe4 <6>[ 233.663364] sys_openat+0x98/0xd4 <6>[ 233.667215] ret_fast_syscall+0x0/0x1c <1>[ 233.671465] Register r10 information: non-paged memory <1>[ 233.676924] Register r11 information: non-paged memory <1>[ 233.682280] Register r12 information: NULL pointer <0>[ 233.687435] Process cat (pid: 4099, stack limit = 0xf2568000) <0>[ 233.693392] Stack: (0xf2569e28 to 0xf256a000) <0>[ 233.698050] 9e20: c1ea7f3c c1ea2e24 c1e92144 00000010 00000400 00000c00 <0>[ 233.706528] 9e40: ffffffff c05f59f8 00000400 c0317008 c527f010 ef7b28e0 00000400 00000001 <0>[ 233.715003] 9e60: c527f410 c0621704 00000400 c16c554c f2569e84 00000400 c527f000 c527b400 <0>[ 233.723478] 9e80: b6f95000 00000001 c527f010 c0df89f8 00000022 00000000 f2569ebc 00000016 <0>[ 233.731953] 9ea0: c8af5000 00000000 f2569f80 c2688118 f2569f80 c52cfe00 004dfe38 c0df61c8 <0>[ 233.740427] 9ec0: 00000016 c0df65ac c0df6490 c52cd840 b6e38000 00000016 c3824260 c08910e8 <0>[ 233.748903] 9ee0: c52cd840 c089108c f2569f80 b6e38000 c5200040 00000016 c52cfe00 c0628870 <0>[ 233.757377] 9f00: c57a6db8 00000000 00000000 00000000 00000000 00000016 b6e38000 0001ffea <0>[ 233.765850] 9f20: 00000001 00000000 c52cd240 00000000 00000000 00000000 00000000 00000000 <0>[ 233.774324] 9f40: 00000000 00000000 00000000 00000000 00000022 2f44fa4a 00000000 c52cd840 <0>[ 233.782798] 9f60: c52cd840 00000000 00000000 c03002f0 c5200040 00000004 004dfe38 c0628dcc <0>[ 233.791272] 9f80: 00000000 00000000 00000000 2f44fa4a 000000c0 00000016 00000016 7ff00000 <0>[ 233.799745] 9fa0: 00000004 c03000c0 00000016 00000016 00000001 b6e38000 00000016 00000001 <0>[ 233.808220] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 004dfe38 <0>[ 233.816694] 9fe0: 00000004 beaf2788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 233.825159] Call trace: <0>[ 233.825174] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 233.834193] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 233.840881] __check_object_size from do_usercopy_slab_size+0x1f4/0x330 <0>[ 233.847863] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c <0>[ 233.854237] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 233.860004] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 233.865672] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 233.871146] vfs_write from ksys_write+0x78/0xf8 <0>[ 233.876022] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 233.881493] Exception stack(0xf2569fa8 to 0xf2569ff0) <0>[ 233.886850] 9fa0: 00000016 00000016 00000001 b6e38000 00000016 00000001 <0>[ 233.895325] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 004dfe38 <0>[ 233.903794] 9fe0: 00000004 beaf2788 b6efe33b b6e77616 <0>[ 233.909053] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) <4>[ 233.915510] ---[ end trace 0000000000000000 ]--- <6>[ 233.920358] note: cat[4099] exited with irqs disabled # Segmentation fault # [ 233.218366] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_TO # [ 233.223589] lkdtm: attempting good copy_to_user of correct size # [ 233.229650] lkdtm: attempting bad copy_to_user of too large size # [ 233.236437] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-1k' (offset 16, size 1024)! # [ 233.246641] ------------[ cut here ]------------ # [ 233.251399] kernel BUG at mm/usercopy.c:102! # [ 233.255960] Internal error: Oops - BUG: 0 [#18] SMP ARM # [ 233.261431] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 233.299559] CPU: 1 UID: 0 PID: 4099 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 233.309169] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 233.314424] Hardware name: STM32 (Device Tree Support) # [ 233.319874] PC is at usercopy_abort+0x98/0x9c # [ 233.324444] LR is at usercopy_abort+0x98/0x9c # [ 233.329099] pc : [] lr : [] psr: 60080013 # [ 233.335657] sp : f2569e28 ip : 00000000 fp : 00000200 # [ 233.341109] r10: b6f95010 r9 : c527f010 r8 : c527f010 # [ 233.346662] r7 : 00000001 r6 : 00000400 r5 : 00000400 r4 : 00000010 # [ 233.353424] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 00000067 # [ 233.360286] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 233.367758] Control: 10c5387d Table: c57a406a DAC: 00000051 # [ 233.373712] Register r0 information: non-paged memory # [ 233.379076] Register r1 information: NULL pointer # [ 233.384031] Register r2 information: NULL pointer # [ 233.388984] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 233.402767] copy_process+0x1f4/0x1f64 # [ 233.407025] kernel_clone+0xac/0x388 # [ 233.411081] sys_clone+0x78/0x9c # [ 233.414835] ret_fast_syscall+0x0/0x1c # [ 233.419186] Free path: # [ 233.421916] rcu_core+0x2dc/0xb14 # [ 233.425670] handle_softirqs+0x15c/0x430 # [ 233.430128] irq_exit+0xac/0xd4 # [ 233.433879] call_with_stack+0x18/0x20 # [ 233.438138] __irq_svc+0x9c/0xb8 # [ 233.441886] mmioset+0x4c/0xac # [ 233.445439] unwind_frame+0x34/0x92c # [ 233.449596] arch_stack_walk+0x84/0x100 # [ 233.453948] stack_trace_save+0x50/0x78 # [ 233.458307] set_track_prepare+0x40/0x74 # [ 233.462765] free_to_partial_list+0x390/0x58c # [ 233.467626] kmem_cache_free+0x1a8/0x3c0 # [ 233.472085] unlink_anon_vmas+0x170/0x250 # [ 233.476641] free_pgtables+0xb4/0x27c # [ 233.480896] exit_mmap+0x190/0x424 # [ 233.484753] mmput+0x50/0x114 # [ 233.488305] Register r4 information: zero-size pointer # [ 233.493663] Register r5 information: non-paged memory # [ 233.499019] Register r6 information: non-paged memory # [ 233.504373] Register r7 information: non-paged memory # [ 233.509728] Register r8 information: slab kmalloc-1k start c527ec00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 233.524205] do_usercopy_slab_size+0x30/0x330 # [ 233.529080] lkdtm_do_action+0x24/0x4c # [ 233.533346] direct_entry+0x11c/0x140 # [ 233.537509] full_proxy_write+0x5c/0x8c # [ 233.541971] vfs_write+0xbc/0x3cc # [ 233.545733] ksys_write+0x78/0xf8 # [ 233.549597] ret_fast_syscall+0x0/0x1c # [ 233.553856] Free path: # [ 233.556590] nfs3_proc_create+0x1b4/0x2c4 # [ 233.561156] nfs_do_create+0xa8/0x178 # [ 233.565321] nfs_atomic_open_v23+0x84/0xd4 # [ 233.569989] path_openat+0xb18/0x1198 # [ 233.574144] do_filp_open+0x98/0x134 # [ 233.578295] do_sys_openat2+0xbc/0xe4 # [ 233.582451] sys_openat+0x98/0xd4 # [ 233.586303] ret_fast_syscall+0x0/0x1c # [ 233.590552] Register r9 information: slab kmalloc-1k start c527ec00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 233.605128] do_usercopy_slab_size+0x30/0x330 # [ 233.609989] lkdtm_do_action+0x24/0x4c # [ 233.614240] direct_entry+0x11c/0x140 # [ 233.618490] full_proxy_write+0x5c/0x8c # [ 233.622840] vfs_write+0xbc/0x3cc # [ 233.626696] ksys_write+0x78/0xf8 # [ 233.630551] ret_fast_syscall+0x0/0x1c # [ 233.634801] Free path: # [ 233.637531] nfs3_proc_create+0x1b4/0x2c4 # [ 233.642092] nfs_do_create+0xa8/0x178 # [ 233.646249] nfs_atomic_open_v23+0x84/0xd4 # [ 233.650909] path_openat+0xb18/0x1198 # [ 233.655060] do_filp_open+0x98/0x134 # [ 233.659209] do_sys_openat2+0xbc/0xe4 # [ 233.663364] sys_openat+0x98/0xd4 # [ 233.667215] ret_fast_syscall+0x0/0x1c # [ 233.671465] Register r10 information: non-paged memory # [ 233.676924] Register r11 information: non-paged memory # [ 233.682280] Register r12 information: NULL pointer # [ 233.687435] Process cat (pid: 4099, stack limit = 0xf2568000) # [ 233.693392] Stack: (0xf2569e28 to 0xf256a000) # [ 233.698050] 9e20: c1ea7f3c c1ea2e24 c1e92144 00000010 00000400 00000c00 # [ 233.706528] 9e40: ffffffff c05f59f8 00000400 c0317008 c527f010 ef7b28e0 00000400 00000001 # [ 233.715003] 9e60: c527f410 c0621704 00000400 c16c554c f2569e84 00000400 c527f000 c527b400 # [ 233.723478] 9e80: b6f95000 00000001 c527f010 c0df89f8 00000022 00000000 f2569ebc 00000016 # [ 233.731953] 9ea0: c8af5000 00000000 f2569f80 c2688118 f2569f80 c52cfe00 004dfe38 c0df61c8 # [ 233.740427] 9ec0: 00000016 c0df65ac c0df6490 c52cd840 b6e38000 00000016 c3824260 c08910e8 # [ 233.748903] 9ee0: c52cd840 c089108c f2569f80 b6e38000 c5200040 00000016 c52cfe00 c0628870 # [ 233.757377] 9f00: c57a6db8 00000000 00000000 00000000 00000000 00000016 b6e38000 0001ffea # [ 233.765850] 9f20: 00000001 00000000 c52cd240 00000000 00000000 00000000 00000000 00000000 # [ 233.774324] 9f40: 00000000 00000000 00000000 00000000 00000022 2f44fa4a 00000000 c52cd840 # [ 233.782798] 9f60: c52cd840 00000000 00000000 c03002f0 c5200040 00000004 004dfe38 c0628dcc # [ 233.791272] 9f80: 00000000 00000000 00000000 2f44fa4a 000000c0 00000016 00000016 7ff00000 # [ 233.799745] 9fa0: 00000004 c03000c0 00000016 00000016 00000001 b6e38000 00000016 00000001 # [ 233.808220] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 004dfe38 # [ 233.816694] 9fe0: 00000004 beaf2788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 233.825159] Call trace: # [ 233.825174] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 233.834193] __check_heap_object from __check_object_size+0x294/0x310 # [ 233.840881] __check_object_size from do_usercopy_slab_size+0x1f4/0x330 # [ 233.847863] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c # [ 233.854237] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 233.860004] direct_entry from full_proxy_write+0x5c/0x8c # [ 233.865672] full_proxy_write from vfs_write+0xbc/0x3cc # [ 233.871146] vfs_write from ksys_write+0x78/0xf8 # [ 233.876022] ksys_write from ret_fast_syscall+0x0/0x1c # [ 233.881493] Exception stack(0xf2569fa8 to 0xf2569ff0) # [ 233.886850] 9fa0: 00000016 00000016 00000001 b6e38000 00000016 00000001 # [ 233.895325] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 004dfe38 # [ 233.903794] 9fe0: 00000004 beaf2788 b6efe33b b6e77616 # [ 233.909053] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) # [ 233.915510] ---[ end trace 0000000000000000 ]--- # [ 233.920358] note: cat[4099] exited with irqs disabled # USERCOPY_SLAB_SIZE_TO: saw 'call trace:': ok ok 69 selftests: lkdtm: USERCOPY_SLAB_SIZE_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_SIZE_FROM.sh <6>[ 235.825111] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_FROM <6>[ 235.830559] lkdtm: attempting good copy_from_user of correct size <6>[ 235.836751] lkdtm: attempting bad copy_from_user of too large size <0>[ 235.843139] usercopy: Kernel memory overwrite attempt detected to SLUB object 'kmalloc-1k' (offset 16, size 1024)! <4>[ 235.853852] ------------[ cut here ]------------ <2>[ 235.858630] kernel BUG at mm/usercopy.c:102! <0>[ 235.863196] Internal error: Oops - BUG: 0 [#19] SMP ARM <4>[ 235.868667] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 235.906791] CPU: 1 UID: 0 PID: 4186 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 235.916394] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 235.921644] Hardware name: STM32 (Device Tree Support) <4>[ 235.926993] PC is at usercopy_abort+0x98/0x9c <4>[ 235.931665] LR is at usercopy_abort+0x98/0x9c <4>[ 235.936319] pc : [] lr : [] psr: 60080013 <4>[ 235.942876] sp : f25bde28 ip : 00000000 fp : 00000200 <4>[ 235.948329] r10: b6f07010 r9 : c527a810 r8 : c527a810 <4>[ 235.953881] r7 : 00000000 r6 : 00000400 r5 : 00000400 r4 : 00000010 <4>[ 235.960639] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 00000066 <4>[ 235.967499] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 235.974866] Control: 10c5387d Table: c8c4c06a DAC: 00000051 <1>[ 235.980919] Register r0 information: non-paged memory <1>[ 235.986286] Register r1 information: NULL pointer <1>[ 235.991241] Register r2 information: NULL pointer <1>[ 235.996194] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 236.009976] copy_process+0x1f4/0x1f64 <6>[ 236.014234] kernel_clone+0xac/0x388 <6>[ 236.018290] sys_clone+0x78/0x9c <6>[ 236.022043] ret_fast_syscall+0x0/0x1c <4>[ 236.026395] Free path: <6>[ 236.029026] rcu_core+0x2dc/0xb14 <6>[ 236.032881] handle_softirqs+0x15c/0x430 <6>[ 236.037339] irq_exit+0xac/0xd4 <6>[ 236.040989] call_with_stack+0x18/0x20 <6>[ 236.045346] __irq_svc+0x9c/0xb8 <6>[ 236.049093] __pte_offset_map_lock+0x0/0xdc <6>[ 236.053749] page_vma_mapped_walk+0x2ac/0x3e4 <6>[ 236.058702] page_vma_mkclean_one.constprop.0+0x30/0x100 <6>[ 236.064564] page_mkclean_one+0xa0/0xd4 <6>[ 236.068916] rmap_walk_file+0xd8/0x1ec <6>[ 236.073168] folio_mkclean+0xd0/0xec <6>[ 236.077318] folio_clear_dirty_for_io+0x60/0x15c <6>[ 236.082474] writeback_iter+0x154/0x3b4 <6>[ 236.086824] write_cache_pages+0x50/0xa8 <6>[ 236.091273] nfs_writepages+0x114/0x294 <6>[ 236.095636] do_writepages+0x7c/0x250 <1>[ 236.099886] Register r4 information: zero-size pointer <1>[ 236.105244] Register r5 information: non-paged memory <1>[ 236.110599] Register r6 information: non-paged memory <1>[ 236.115954] Register r7 information: NULL pointer <1>[ 236.120905] Register r8 information: slab kmalloc-1k start c527a400 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 236.135376] do_usercopy_slab_size+0x30/0x330 <6>[ 236.140333] lkdtm_do_action+0x24/0x4c <6>[ 236.144582] direct_entry+0x11c/0x140 <6>[ 236.148731] full_proxy_write+0x5c/0x8c <6>[ 236.153182] vfs_write+0xbc/0x3cc <6>[ 236.156940] ksys_write+0x78/0xf8 <6>[ 236.160795] ret_fast_syscall+0x0/0x1c <4>[ 236.165145] Free path: <6>[ 236.167776] nfs3_proc_create+0x1b4/0x2c4 <6>[ 236.172342] nfs_do_create+0xa8/0x178 <6>[ 236.176601] nfs_atomic_open_v23+0x84/0xd4 <6>[ 236.181163] path_openat+0xb18/0x1198 <6>[ 236.185417] do_filp_open+0x98/0x134 <6>[ 236.189467] do_sys_openat2+0xbc/0xe4 <6>[ 236.193722] sys_openat+0x98/0xd4 <6>[ 236.197574] ret_fast_syscall+0x0/0x1c <1>[ 236.201823] Register r9 information: slab kmalloc-1k start c527a400 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 236.216291] do_usercopy_slab_size+0x30/0x330 <6>[ 236.221248] lkdtm_do_action+0x24/0x4c <6>[ 236.225497] direct_entry+0x11c/0x140 <6>[ 236.229747] full_proxy_write+0x5c/0x8c <6>[ 236.234096] vfs_write+0xbc/0x3cc <6>[ 236.237951] ksys_write+0x78/0xf8 <6>[ 236.241806] ret_fast_syscall+0x0/0x1c <4>[ 236.246055] Free path: <6>[ 236.248785] nfs3_proc_create+0x1b4/0x2c4 <6>[ 236.253244] nfs_do_create+0xa8/0x178 <6>[ 236.257500] nfs_atomic_open_v23+0x84/0xd4 <6>[ 236.262162] path_openat+0xb18/0x1198 <6>[ 236.266325] do_filp_open+0x98/0x134 <6>[ 236.270386] do_sys_openat2+0xbc/0xe4 <6>[ 236.274658] sys_openat+0x98/0xd4 <6>[ 236.278423] ret_fast_syscall+0x0/0x1c <1>[ 236.282791] Register r10 information: non-paged memory <1>[ 236.288165] Register r11 information: non-paged memory <1>[ 236.293538] Register r12 information: NULL pointer <0>[ 236.298705] Process cat (pid: 4186, stack limit = 0xf25bc000) <0>[ 236.304671] Stack: (0xf25bde28 to 0xf25be000) <0>[ 236.309329] de20: c1ea7f3c c1ea2e24 c1e92144 00000010 00000400 00000c00 <0>[ 236.317805] de40: ffffffff c05f59f8 00000400 c0317008 c527a810 ef7b28e0 00000400 00000000 <0>[ 236.326280] de60: c527ac10 c0621704 00000400 c16c554c f25bde84 00000400 c527a800 c5278400 <0>[ 236.334754] de80: b6f07000 00000000 c527a810 c0df8ae4 00000022 00000000 f25bdebc 00000018 <0>[ 236.343231] dea0: c547a000 00000000 f25bdf80 c2688120 f25bdf80 c52cfe00 004efe38 c0df61c8 <0>[ 236.351706] dec0: 00000018 c0df65ac c0df6490 c5443040 b6da8000 00000018 c3824260 c08910e8 <0>[ 236.360182] dee0: c5443040 c089108c f25bdf80 b6da8000 c5200040 00000018 c52cfe00 c0628870 <0>[ 236.368656] df00: c8c4edb0 00000000 00000000 00000000 00000000 00000018 b6da8000 0001ffe8 <0>[ 236.377129] df20: 00000001 00000000 c5443240 00000000 00000000 00000000 00000000 00000000 <0>[ 236.385604] df40: 00000000 00000000 00000000 00000000 00000022 c99a7718 00000000 c5443040 <0>[ 236.394081] df60: c5443040 00000000 00000000 c03002f0 c5200040 00000004 004efe38 c0628dcc <0>[ 236.402557] df80: 00000000 00000000 00000000 c99a7718 000000c0 00000018 00000018 7ff00000 <0>[ 236.411031] dfa0: 00000004 c03000c0 00000018 00000018 00000001 b6da8000 00000018 00000001 <0>[ 236.419505] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6da8000 00020000 004efe38 <0>[ 236.427979] dfe0: 00000004 beb9a788 b6e6e33b b6de7616 60080030 00000001 00000000 00000000 <0>[ 236.436445] Call trace: <0>[ 236.436459] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 236.445480] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 236.452167] __check_object_size from do_usercopy_slab_size+0x2e0/0x330 <0>[ 236.459049] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c <0>[ 236.465422] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 236.471190] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 236.476958] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 236.482433] vfs_write from ksys_write+0x78/0xf8 <0>[ 236.487309] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 236.492781] Exception stack(0xf25bdfa8 to 0xf25bdff0) <0>[ 236.498038] dfa0: 00000018 00000018 00000001 b6da8000 00000018 00000001 <0>[ 236.506513] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6da8000 00020000 004efe38 <0>[ 236.514983] dfe0: 00000004 beb9a788 b6e6e33b b6de7616 <0>[ 236.520342] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) <4>[ 236.526700] ---[ end trace 0000000000000000 ]--- <6>[ 236.531649] note: cat[4186] exited with irqs disabled # Segmentation fault # [ 235.825111] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_FROM # [ 235.830559] lkdtm: attempting good copy_from_user of correct size # [ 235.836751] lkdtm: attempting bad copy_from_user of too large size # [ 235.843139] usercopy: Kernel memory overwrite attempt detected to SLUB object 'kmalloc-1k' (offset 16, size 1024)! # [ 235.853852] ------------[ cut here ]------------ # [ 235.858630] kernel BUG at mm/usercopy.c:102! # [ 235.863196] Internal error: Oops - BUG: 0 [#19] SMP ARM # [ 235.868667] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 235.906791] CPU: 1 UID: 0 PID: 4186 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 235.916394] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 235.921644] Hardware name: STM32 (Device Tree Support) # [ 235.926993] PC is at usercopy_abort+0x98/0x9c # [ 235.931665] LR is at usercopy_abort+0x98/0x9c # [ 235.936319] pc : [] lr : [] psr: 60080013 # [ 235.942876] sp : f25bde28 ip : 00000000 fp : 00000200 # [ 235.948329] r10: b6f07010 r9 : c527a810 r8 : c527a810 # [ 235.953881] r7 : 00000000 r6 : 00000400 r5 : 00000400 r4 : 00000010 # [ 235.960639] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 00000066 # [ 235.967499] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 235.974866] Control: 10c5387d Table: c8c4c06a DAC: 00000051 # [ 235.980919] Register r0 information: non-paged memory # [ 235.986286] Register r1 information: NULL pointer # [ 235.991241] Register r2 information: NULL pointer # [ 235.996194] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 236.009976] copy_process+0x1f4/0x1f64 # [ 236.014234] kernel_clone+0xac/0x388 # [ 236.018290] sys_clone+0x78/0x9c # [ 236.022043] ret_fast_syscall+0x0/0x1c # [ 236.026395] Free path: # [ 236.029026] rcu_core+0x2dc/0xb14 # [ 236.032881] handle_softirqs+0x15c/0x430 # [ 236.037339] irq_exit+0xac/0xd4 # [ 236.040989] call_with_stack+0x18/0x20 # [ 236.045346] __irq_svc+0x9c/0xb8 # [ 236.049093] __pte_offset_map_lock+0x0/0xdc # [ 236.053749] page_vma_mapped_walk+0x2ac/0x3e4 # [ 236.058702] page_vma_mkclean_one.constprop.0+0x30/0x100 # [ 236.064564] page_mkclean_one+0xa0/0xd4 # [ 236.068916] rmap_walk_file+0xd8/0x1ec # [ 236.073168] folio_mkclean+0xd0/0xec # [ 236.077318] folio_clear_dirty_for_io+0x60/0x15c # [ 236.082474] writeback_iter+0x154/0x3b4 # [ 236.086824] write_cache_pages+0x50/0xa8 # [ 236.091273] nfs_writepages+0x114/0x294 # [ 236.095636] do_writepages+0x7c/0x250 # [ 236.099886] Register r4 information: zero-size pointer # [ 236.105244] Register r5 information: non-paged memory # [ 236.110599] Register r6 information: non-paged memory # [ 236.115954] Register r7 information: NULL pointer # [ 236.120905] Register r8 information: slab kmalloc-1k start c527a400 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 236.135376] do_usercopy_slab_size+0x30/0x330 # [ 236.140333] lkdtm_do_action+0x24/0x4c # [ 236.144582] direct_entry+0x11c/0x140 # [ 236.148731] full_proxy_write+0x5c/0x8c # [ 236.153182] vfs_write+0xbc/0x3cc # [ 236.156940] ksys_write+0x78/0xf8 # [ 236.160795] ret_fast_syscall+0x0/0x1c # [ 236.165145] Free path: # [ 236.167776] nfs3_proc_create+0x1b4/0x2c4 # [ 236.172342] nfs_do_create+0xa8/0x178 # [ 236.176601] nfs_atomic_open_v23+0x84/0xd4 # [ 236.181163] path_openat+0xb18/0x1198 # [ 236.185417] do_filp_open+0x98/0x134 # [ 236.189467] do_sys_openat2+0xbc/0xe4 # [ 236.193722] sys_openat+0x98/0xd4 # [ 236.197574] ret_fast_syscall+0x0/0x1c # [ 236.201823] Register r9 information: slab kmalloc-1k start c527a400 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 236.216291] do_usercopy_slab_size+0x30/0x330 # [ 236.221248] lkdtm_do_action+0x24/0x4c # [ 236.225497] direct_entry+0x11c/0x140 # [ 236.229747] full_proxy_write+0x5c/0x8c # [ 236.234096] vfs_write+0xbc/0x3cc # [ 236.237951] ksys_write+0x78/0xf8 # [ 236.241806] ret_fast_syscall+0x0/0x1c # [ 236.246055] Free path: # [ 236.248785] nfs3_proc_create+0x1b4/0x2c4 # [ 236.253244] nfs_do_create+0xa8/0x178 # [ 236.257500] nfs_atomic_open_v23+0x84/0xd4 # [ 236.262162] path_openat+0xb18/0x1198 # [ 236.266325] do_filp_open+0x98/0x134 # [ 236.270386] do_sys_openat2+0xbc/0xe4 # [ 236.274658] sys_openat+0x98/0xd4 # [ 236.278423] ret_fast_syscall+0x0/0x1c # [ 236.282791] Register r10 information: non-paged memory # [ 236.288165] Register r11 information: non-paged memory # [ 236.293538] Register r12 information: NULL pointer # [ 236.298705] Process cat (pid: 4186, stack limit = 0xf25bc000) # [ 236.304671] Stack: (0xf25bde28 to 0xf25be000) # [ 236.309329] de20: c1ea7f3c c1ea2e24 c1e92144 00000010 00000400 00000c00 # [ 236.317805] de40: ffffffff c05f59f8 00000400 c0317008 c527a810 ef7b28e0 00000400 00000000 # [ 236.326280] de60: c527ac10 c0621704 00000400 c16c554c f25bde84 00000400 c527a800 c5278400 # [ 236.334754] de80: b6f07000 00000000 c527a810 c0df8ae4 00000022 00000000 f25bdebc 00000018 # [ 236.343231] dea0: c547a000 00000000 f25bdf80 c2688120 f25bdf80 c52cfe00 004efe38 c0df61c8 # [ 236.351706] dec0: 00000018 c0df65ac c0df6490 c5443040 b6da8000 00000018 c3824260 c08910e8 # [ 236.360182] dee0: c5443040 c089108c f25bdf80 b6da8000 c5200040 00000018 c52cfe00 c0628870 # [ 236.368656] df00: c8c4edb0 00000000 00000000 00000000 00000000 00000018 b6da8000 0001ffe8 # [ 236.377129] df20: 00000001 00000000 c5443240 00000000 00000000 00000000 00000000 00000000 # [ 236.385604] df40: 00000000 00000000 00000000 00000000 00000022 c99a7718 00000000 c5443040 # [ 236.394081] df60: c5443040 00000000 00000000 c03002f0 c5200040 00000004 004efe38 c0628dcc # [ 236.402557] df80: 00000000 00000000 00000000 c99a7718 000000c0 00000018 00000018 7ff00000 # [ 236.411031] dfa0: 00000004 c03000c0 00000018 00000018 00000001 b6da8000 00000018 00000001 # [ 236.419505] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6da8000 00020000 004efe38 # [ 236.427979] dfe0: 00000004 beb9a788 b6e6e33b b6de7616 60080030 00000001 00000000 00000000 # [ 236.436445] Call trace: # [ 236.436459] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 236.445480] __check_heap_object from __check_object_size+0x294/0x310 # [ 236.452167] __check_object_size from do_usercopy_slab_size+0x2e0/0x330 # [ 236.459049] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c # [ 236.465422] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 236.471190] direct_entry from full_proxy_write+0x5c/0x8c # [ 236.476958] full_proxy_write from vfs_write+0xbc/0x3cc # [ 236.482433] vfs_write from ksys_write+0x78/0xf8 # [ 236.487309] ksys_write from ret_fast_syscall+0x0/0x1c # [ 236.492781] Exception stack(0xf25bdfa8 to 0xf25bdff0) # [ 236.498038] dfa0: 00000018 00000018 00000001 b6da8000 00000018 00000001 # [ 236.506513] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6da8000 00020000 004efe38 # [ 236.514983] dfe0: 00000004 beb9a788 b6e6e33b b6de7616 # [ 236.520342] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) # [ 236.526700] ---[ end trace 0000000000000000 ]--- # [ 236.531649] note: cat[4186] exited with irqs disabled # USERCOPY_SLAB_SIZE_FROM: saw 'call trace:': ok ok 70 selftests: lkdtm: USERCOPY_SLAB_SIZE_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_WHITELIST_TO.sh <6>[ 238.585439] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_TO <6>[ 238.591179] lkdtm: attempting good copy_to_user inside whitelist <6>[ 238.597396] lkdtm: attempting bad copy_to_user outside whitelist <0>[ 238.603469] usercopy: Kernel memory exposure attempt detected from SLUB object 'lkdtm-usercopy' (offset 255, size 64)! <4>[ 238.614462] ------------[ cut here ]------------ <2>[ 238.619337] kernel BUG at mm/usercopy.c:102! <0>[ 238.623801] Internal error: Oops - BUG: 0 [#20] SMP ARM <4>[ 238.629372] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 238.667491] CPU: 1 UID: 0 PID: 4273 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 238.677094] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 238.682243] Hardware name: STM32 (Device Tree Support) <4>[ 238.687694] PC is at usercopy_abort+0x98/0x9c <4>[ 238.692367] LR is at usercopy_abort+0x98/0x9c <4>[ 238.696924] pc : [] lr : [] psr: 60080013 <4>[ 238.703483] sp : f262de28 ip : 00000000 fp : 0050fe38 <4>[ 238.709034] r10: c2688040 r9 : 00000040 r8 : c8a38107 <4>[ 238.714485] r7 : 00000001 r6 : 00000040 r5 : 00000040 r4 : 000000ff <4>[ 238.721343] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 0000006a <4>[ 238.728203] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 238.735569] Control: 10c5387d Table: c57a406a DAC: 00000051 <1>[ 238.741621] Register r0 information: non-paged memory <1>[ 238.746983] Register r1 information: NULL pointer <1>[ 238.751938] Register r2 information: NULL pointer <1>[ 238.756890] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 238.770668] copy_process+0x1f4/0x1f64 <6>[ 238.774924] kernel_clone+0xac/0x388 <6>[ 238.778979] sys_clone+0x78/0x9c <6>[ 238.782733] ret_fast_syscall+0x0/0x1c <4>[ 238.787084] Free path: <6>[ 238.789714] rcu_core+0x2dc/0xb14 <6>[ 238.793570] handle_softirqs+0x15c/0x430 <6>[ 238.798032] irq_exit+0xac/0xd4 <6>[ 238.801784] call_with_stack+0x18/0x20 <6>[ 238.806042] __irq_svc+0x9c/0xb8 <6>[ 238.809790] memblock_overlaps_region+0x4/0x70 <6>[ 238.814750] pfn_valid+0x38/0x40 <6>[ 238.818498] __sync_icache_dcache+0x38/0xbc <6>[ 238.823255] set_ptes+0x6c/0x70 <6>[ 238.826905] filemap_map_pages+0x1ec/0x5c8 <6>[ 238.831563] handle_mm_fault+0x918/0x1198 <6>[ 238.836122] do_page_fault+0x1ac/0x470 <6>[ 238.840373] do_PrefetchAbort+0x40/0xa0 <6>[ 238.844723] ret_from_exception+0x0/0x1c <1>[ 238.849175] Register r4 information: non-paged memory <1>[ 238.854534] Register r5 information: non-paged memory <1>[ 238.859889] Register r6 information: non-paged memory <1>[ 238.865144] Register r7 information: non-paged memory <1>[ 238.870499] Register r8 information: slab lkdtm-usercopy start c8a38000 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 238.885573] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 238.890933] lkdtm_do_action+0x24/0x4c <6>[ 238.895182] direct_entry+0x11c/0x140 <6>[ 238.899433] full_proxy_write+0x5c/0x8c <6>[ 238.903783] vfs_write+0xbc/0x3cc <6>[ 238.907640] ksys_write+0x78/0xf8 <6>[ 238.911495] ret_fast_syscall+0x0/0x1c <1>[ 238.915745] Register r9 information: non-paged memory <1>[ 238.921101] Register r10 information: non-slab/vmalloc memory <1>[ 238.927164] Register r11 information: non-paged memory <1>[ 238.932519] Register r12 information: NULL pointer <0>[ 238.937572] Process cat (pid: 4273, stack limit = 0xf262c000) <0>[ 238.943628] Stack: (0xf262de28 to 0xf262e000) <0>[ 238.948284] de20: c1ea7f3c c1f9f75c c1e92144 000000ff 00000040 00000440 <0>[ 238.956761] de40: ffffffff c05f59f8 00000040 c0317008 c8a38107 ef82ffe0 00000040 00000001 <0>[ 238.965237] de60: c8a38147 c0621704 b6ee9000 c16c554c f262de84 b6ee9000 c8a38008 c28033a8 <0>[ 238.973711] de80: c8a38107 00000100 00000040 c0df8710 00000022 00000000 f262debc 0000001b <0>[ 238.982186] dea0: c55d9000 00000000 f262df80 c2688128 f262df80 c52cfe00 0050fe38 c0df61c8 <0>[ 238.990661] dec0: 0000001b c0df65ac c0df6490 c5443a40 b6d88000 0000001b c3824260 c08910e8 <0>[ 238.999135] dee0: c5443a40 c089108c f262df80 b6d88000 c5200040 0000001b c52cfe00 c0628870 <0>[ 239.007609] df00: c57a6db0 00000000 00000000 00000000 00000000 0000001b b6d88000 0001ffe5 <0>[ 239.016087] df20: 00000001 00000000 c5443140 00000000 00000000 00000000 00000000 00000000 <0>[ 239.024575] df40: 00000000 00000000 00000000 00000000 00000022 bc2697d5 00000000 c5443a40 <0>[ 239.033062] df60: c5443a40 00000000 00000000 c03002f0 c5200040 00000004 0050fe38 c0628dcc <0>[ 239.041548] df80: 00000000 00000000 00000000 bc2697d5 000000c0 0000001b 0000001b 7ff00000 <0>[ 239.050035] dfa0: 00000004 c03000c0 0000001b 0000001b 00000001 b6d88000 0000001b 00000001 <0>[ 239.058516] dfc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6d88000 00020000 0050fe38 <0>[ 239.066891] dfe0: 00000004 bea96788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 <0>[ 239.075358] Call trace: <0>[ 239.075374] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 239.084396] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 239.091184] __check_object_size from do_usercopy_slab_whitelist+0x250/0x324 <0>[ 239.098473] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c <0>[ 239.105252] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 239.111022] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 239.116791] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 239.122265] vfs_write from ksys_write+0x78/0xf8 <0>[ 239.127141] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 239.132514] Exception stack(0xf262dfa8 to 0xf262dff0) <0>[ 239.137871] dfa0: 0000001b 0000001b 00000001 b6d88000 0000001b 00000001 <0>[ 239.146347] dfc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6d88000 00020000 0050fe38 <0>[ 239.154817] dfe0: 00000004 bea96788 b6e4e33b b6dc7616 <0>[ 239.160175] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) <4>[ 239.166533] ---[ end trace 0000000000000000 ]--- <6>[ 239.171481] note: cat[4273] exited with irqs disabled # Segmentation fault # [ 238.585439] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_TO # [ 238.591179] lkdtm: attempting good copy_to_user inside whitelist # [ 238.597396] lkdtm: attempting bad copy_to_user outside whitelist # [ 238.603469] usercopy: Kernel memory exposure attempt detected from SLUB object 'lkdtm-usercopy' (offset 255, size 64)! # [ 238.614462] ------------[ cut here ]------------ # [ 238.619337] kernel BUG at mm/usercopy.c:102! # [ 238.623801] Internal error: Oops - BUG: 0 [#20] SMP ARM # [ 238.629372] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 238.667491] CPU: 1 UID: 0 PID: 4273 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 238.677094] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 238.682243] Hardware name: STM32 (Device Tree Support) # [ 238.687694] PC is at usercopy_abort+0x98/0x9c # [ 238.692367] LR is at usercopy_abort+0x98/0x9c # [ 238.696924] pc : [] lr : [] psr: 60080013 # [ 238.703483] sp : f262de28 ip : 00000000 fp : 0050fe38 # [ 238.709034] r10: c2688040 r9 : 00000040 r8 : c8a38107 # [ 238.714485] r7 : 00000001 r6 : 00000040 r5 : 00000040 r4 : 000000ff # [ 238.721343] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 0000006a # [ 238.728203] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 238.735569] Control: 10c5387d Table: c57a406a DAC: 00000051 # [ 238.741621] Register r0 information: non-paged memory # [ 238.746983] Register r1 information: NULL pointer # [ 238.751938] Register r2 information: NULL pointer # [ 238.756890] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 238.770668] copy_process+0x1f4/0x1f64 # [ 238.774924] kernel_clone+0xac/0x388 # [ 238.778979] sys_clone+0x78/0x9c # [ 238.782733] ret_fast_syscall+0x0/0x1c # [ 238.787084] Free path: # [ 238.789714] rcu_core+0x2dc/0xb14 # [ 238.793570] handle_softirqs+0x15c/0x430 # [ 238.798032] irq_exit+0xac/0xd4 # [ 238.801784] call_with_stack+0x18/0x20 # [ 238.806042] __irq_svc+0x9c/0xb8 # [ 238.809790] memblock_overlaps_region+0x4/0x70 # [ 238.814750] pfn_valid+0x38/0x40 # [ 238.818498] __sync_icache_dcache+0x38/0xbc # [ 238.823255] set_ptes+0x6c/0x70 # [ 238.826905] filemap_map_pages+0x1ec/0x5c8 # [ 238.831563] handle_mm_fault+0x918/0x1198 # [ 238.836122] do_page_fault+0x1ac/0x470 # [ 238.840373] do_PrefetchAbort+0x40/0xa0 # [ 238.844723] ret_from_exception+0x0/0x1c # [ 238.849175] Register r4 information: non-paged memory # [ 238.854534] Register r5 information: non-paged memory # [ 238.859889] Register r6 information: non-paged memory # [ 238.865144] Register r7 information: non-paged memory # [ 238.870499] Register r8 information: slab lkdtm-usercopy start c8a38000 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 238.885573] do_usercopy_slab_whitelist+0x38/0x324 # [ 238.890933] lkdtm_do_action+0x24/0x4c # [ 238.895182] direct_entry+0x11c/0x140 # [ 238.899433] full_proxy_write+0x5c/0x8c # [ 238.903783] vfs_write+0xbc/0x3cc # [ 238.907640] ksys_write+0x78/0xf8 # [ 238.911495] ret_fast_syscall+0x0/0x1c # [ 238.915745] Register r9 information: non-paged memory # [ 238.921101] Register r10 information: non-slab/vmalloc memory # [ 238.927164] Register r11 information: non-paged memory # [ 238.932519] Register r12 information: NULL pointer # [ 238.937572] Process cat (pid: 4273, stack limit = 0xf262c000) # [ 238.943628] Stack: (0xf262de28 to 0xf262e000) # [ 238.948284] de20: c1ea7f3c c1f9f75c c1e92144 000000ff 00000040 00000440 # [ 238.956761] de40: ffffffff c05f59f8 00000040 c0317008 c8a38107 ef82ffe0 00000040 00000001 # [ 238.965237] de60: c8a38147 c0621704 b6ee9000 c16c554c f262de84 b6ee9000 c8a38008 c28033a8 # [ 238.973711] de80: c8a38107 00000100 00000040 c0df8710 00000022 00000000 f262debc 0000001b # [ 238.982186] dea0: c55d9000 00000000 f262df80 c2688128 f262df80 c52cfe00 0050fe38 c0df61c8 # [ 238.990661] dec0: 0000001b c0df65ac c0df6490 c5443a40 b6d88000 0000001b c3824260 c08910e8 # [ 238.999135] dee0: c5443a40 c089108c f262df80 b6d88000 c5200040 0000001b c52cfe00 c0628870 # [ 239.007609] df00: c57a6db0 00000000 00000000 00000000 00000000 0000001b b6d88000 0001ffe5 # [ 239.016087] df20: 00000001 00000000 c5443140 00000000 00000000 00000000 00000000 00000000 # [ 239.024575] df40: 00000000 00000000 00000000 00000000 00000022 bc2697d5 00000000 c5443a40 # [ 239.033062] df60: c5443a40 00000000 00000000 c03002f0 c5200040 00000004 0050fe38 c0628dcc # [ 239.041548] df80: 00000000 00000000 00000000 bc2697d5 000000c0 0000001b 0000001b 7ff00000 # [ 239.050035] dfa0: 00000004 c03000c0 0000001b 0000001b 00000001 b6d88000 0000001b 00000001 # [ 239.058516] dfc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6d88000 00020000 0050fe38 # [ 239.066891] dfe0: 00000004 bea96788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 # [ 239.075358] Call trace: # [ 239.075374] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 239.084396] __check_heap_object from __check_object_size+0x294/0x310 # [ 239.091184] __check_object_size from do_usercopy_slab_whitelist+0x250/0x324 # [ 239.098473] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c # [ 239.105252] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 239.111022] direct_entry from full_proxy_write+0x5c/0x8c # [ 239.116791] full_proxy_write from vfs_write+0xbc/0x3cc # [ 239.122265] vfs_write from ksys_write+0x78/0xf8 # [ 239.127141] ksys_write from ret_fast_syscall+0x0/0x1c # [ 239.132514] Exception stack(0xf262dfa8 to 0xf262dff0) # [ 239.137871] dfa0: 0000001b 0000001b 00000001 b6d88000 0000001b 00000001 # [ 239.146347] dfc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6d88000 00020000 0050fe38 # [ 239.154817] dfe0: 00000004 bea96788 b6e4e33b b6dc7616 # [ 239.160175] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) # [ 239.166533] ---[ end trace 0000000000000000 ]--- # [ 239.171481] note: cat[4273] exited with irqs disabled # USERCOPY_SLAB_WHITELIST_TO: saw 'call trace:': ok ok 71 selftests: lkdtm: USERCOPY_SLAB_WHITELIST_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_WHITELIST_FROM.sh <6>[ 241.158031] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_FROM <6>[ 241.163914] lkdtm: attempting good copy_from_user inside whitelist <6>[ 241.170142] lkdtm: attempting bad copy_from_user outside whitelist <0>[ 241.176636] usercopy: Kernel memory overwrite attempt detected to SLUB object 'lkdtm-usercopy' (offset 255, size 64)! <4>[ 241.187533] ------------[ cut here ]------------ <2>[ 241.192295] kernel BUG at mm/usercopy.c:102! <0>[ 241.196852] Internal error: Oops - BUG: 0 [#21] SMP ARM <4>[ 241.202414] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 241.240419] CPU: 1 UID: 0 PID: 4360 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 241.250114] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 241.255261] Hardware name: STM32 (Device Tree Support) <4>[ 241.260709] PC is at usercopy_abort+0x98/0x9c <4>[ 241.265380] LR is at usercopy_abort+0x98/0x9c <4>[ 241.269934] pc : [] lr : [] psr: 60080013 <4>[ 241.276492] sp : f26a9e28 ip : 00000000 fp : c8a38548 <4>[ 241.282043] r10: 00000000 r9 : 00000040 r8 : c8a38547 <4>[ 241.287493] r7 : 00000000 r6 : 00000040 r5 : 00000040 r4 : 000000ff <4>[ 241.294352] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 00000069 <4>[ 241.301214] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 241.308579] Control: 10c5387d Table: c891406a DAC: 00000051 <1>[ 241.314631] Register r0 information: non-paged memory <1>[ 241.319993] Register r1 information: NULL pointer <1>[ 241.324946] Register r2 information: NULL pointer <1>[ 241.329899] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 241.343676] copy_process+0x1f4/0x1f64 <6>[ 241.347933] kernel_clone+0xac/0x388 <6>[ 241.351988] sys_clone+0x78/0x9c <6>[ 241.355741] ret_fast_syscall+0x0/0x1c <4>[ 241.360092] Free path: <6>[ 241.362723] rcu_core+0x2dc/0xb14 <6>[ 241.366577] handle_softirqs+0x15c/0x430 <6>[ 241.371035] irq_exit+0xac/0xd4 <6>[ 241.374685] call_with_stack+0x18/0x20 <6>[ 241.379043] __irq_svc+0x9c/0xb8 <6>[ 241.382791] default_idle_call+0x20/0xc0 <6>[ 241.387246] do_idle+0x25c/0x2f4 <6>[ 241.390997] cpu_startup_entry+0x30/0x34 <6>[ 241.395450] secondary_start_kernel+0x138/0x158 <6>[ 241.400511] __enable_mmu+0x0/0x20 <1>[ 241.404461] Register r4 information: non-paged memory <1>[ 241.409717] Register r5 information: non-paged memory <1>[ 241.415073] Register r6 information: non-paged memory <1>[ 241.420427] Register r7 information: NULL pointer <1>[ 241.425380] Register r8 information: slab lkdtm-usercopy start c8a38440 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 241.440553] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 241.445812] lkdtm_do_action+0x24/0x4c <6>[ 241.450162] direct_entry+0x11c/0x140 <6>[ 241.454310] full_proxy_write+0x5c/0x8c <6>[ 241.458662] vfs_write+0xbc/0x3cc <6>[ 241.462520] ksys_write+0x78/0xf8 <6>[ 241.466374] ret_fast_syscall+0x0/0x1c <1>[ 241.470623] Register r9 information: non-paged memory <1>[ 241.475979] Register r10 information: NULL pointer <1>[ 241.481033] Register r11 information: slab lkdtm-usercopy start c8a38440 data offset 8 pointer offset 256 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 241.496201] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 241.501560] lkdtm_do_action+0x24/0x4c <6>[ 241.505809] direct_entry+0x11c/0x140 <6>[ 241.510058] full_proxy_write+0x5c/0x8c <6>[ 241.514411] vfs_write+0xbc/0x3cc <6>[ 241.518281] ksys_write+0x78/0xf8 <6>[ 241.522150] ret_fast_syscall+0x0/0x1c <1>[ 241.526418] Register r12 information: NULL pointer <0>[ 241.531490] Process cat (pid: 4360, stack limit = 0xf26a8000) <0>[ 241.537466] Stack: (0xf26a9e28 to 0xf26aa000) <0>[ 241.542135] 9e20: c1ea7f3c c1f9f75c c1e92144 000000ff 00000040 00000440 <0>[ 241.550621] 9e40: ffffffff c05f59f8 00000040 c0317008 c8a38547 ef82ffe0 00000040 00000000 <0>[ 241.559107] 9e60: c8a38587 c0621704 b6f40000 c16c554c f26a9e84 b6f40000 c8a38448 c28033a8 <0>[ 241.567588] 9e80: c8a38547 00000100 00000040 c0df869c 00000022 00000000 f26a9ebc 0000001d <0>[ 241.576066] 9ea0: c8c7f000 00000000 f26a9f80 c2688130 f26a9f80 c52cfe00 004dfe38 c0df61c8 <0>[ 241.584542] 9ec0: 0000001d c0df65ac c0df6490 c5443840 b6dd8000 0000001d c3824260 c08910e8 <0>[ 241.593018] 9ee0: c5443840 c089108c f26a9f80 b6dd8000 c5200040 0000001d c52cfe00 c0628870 <0>[ 241.601494] 9f00: c8916db0 00000000 00000000 00000000 00000000 0000001d b6dd8000 0001ffe3 <0>[ 241.609970] 9f20: 00000001 00000000 c5443640 00000000 00000000 00000000 00000000 00000000 <0>[ 241.618448] 9f40: 00000000 00000000 00000000 00000000 00000022 f1fd16a9 00000000 c5443840 <0>[ 241.626922] 9f60: c5443840 00000000 00000000 c03002f0 c5200040 00000004 004dfe38 c0628dcc <0>[ 241.635397] 9f80: 00000000 00000000 00000000 f1fd16a9 000000c0 0000001d 0000001d 7ff00000 <0>[ 241.643871] 9fa0: 00000004 c03000c0 0000001d 0000001d 00000001 b6dd8000 0000001d 00000001 <0>[ 241.652345] 9fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 <0>[ 241.660819] 9fe0: 00000004 bedf2788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 241.669284] Call trace: <0>[ 241.669299] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 241.678219] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 241.685007] __check_object_size from do_usercopy_slab_whitelist+0x1dc/0x324 <0>[ 241.692292] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c <0>[ 241.699168] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 241.704935] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 241.710604] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 241.716079] vfs_write from ksys_write+0x78/0xf8 <0>[ 241.720955] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 241.726427] Exception stack(0xf26a9fa8 to 0xf26a9ff0) <0>[ 241.731685] 9fa0: 0000001d 0000001d 00000001 b6dd8000 0000001d 00000001 <0>[ 241.740160] 9fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 <0>[ 241.748731] 9fe0: 00000004 bedf2788 b6e9e33b b6e17616 <0>[ 241.753990] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) <4>[ 241.760348] ---[ end trace 0000000000000000 ]--- <6>[ 241.765298] note: cat[4360] exited with irqs disabled # Segmentation fault # [ 241.158031] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_FROM # [ 241.163914] lkdtm: attempting good copy_from_user inside whitelist # [ 241.170142] lkdtm: attempting bad copy_from_user outside whitelist # [ 241.176636] usercopy: Kernel memory overwrite attempt detected to SLUB object 'lkdtm-usercopy' (offset 255, size 64)! # [ 241.187533] ------------[ cut here ]------------ # [ 241.192295] kernel BUG at mm/usercopy.c:102! # [ 241.196852] Internal error: Oops - BUG: 0 [#21] SMP ARM # [ 241.202414] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 241.240419] CPU: 1 UID: 0 PID: 4360 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 241.250114] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 241.255261] Hardware name: STM32 (Device Tree Support) # [ 241.260709] PC is at usercopy_abort+0x98/0x9c # [ 241.265380] LR is at usercopy_abort+0x98/0x9c # [ 241.269934] pc : [] lr : [] psr: 60080013 # [ 241.276492] sp : f26a9e28 ip : 00000000 fp : c8a38548 # [ 241.282043] r10: 00000000 r9 : 00000040 r8 : c8a38547 # [ 241.287493] r7 : 00000000 r6 : 00000040 r5 : 00000040 r4 : 000000ff # [ 241.294352] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : 00000069 # [ 241.301214] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 241.308579] Control: 10c5387d Table: c891406a DAC: 00000051 # [ 241.314631] Register r0 information: non-paged memory # [ 241.319993] Register r1 information: NULL pointer # [ 241.324946] Register r2 information: NULL pointer # [ 241.329899] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 241.343676] copy_process+0x1f4/0x1f64 # [ 241.347933] kernel_clone+0xac/0x388 # [ 241.351988] sys_clone+0x78/0x9c # [ 241.355741] ret_fast_syscall+0x0/0x1c # [ 241.360092] Free path: # [ 241.362723] rcu_core+0x2dc/0xb14 # [ 241.366577] handle_softirqs+0x15c/0x430 # [ 241.371035] irq_exit+0xac/0xd4 # [ 241.374685] call_with_stack+0x18/0x20 # [ 241.379043] __irq_svc+0x9c/0xb8 # [ 241.382791] default_idle_call+0x20/0xc0 # [ 241.387246] do_idle+0x25c/0x2f4 # [ 241.390997] cpu_startup_entry+0x30/0x34 # [ 241.395450] secondary_start_kernel+0x138/0x158 # [ 241.400511] __enable_mmu+0x0/0x20 # [ 241.404461] Register r4 information: non-paged memory # [ 241.409717] Register r5 information: non-paged memory # [ 241.415073] Register r6 information: non-paged memory # [ 241.420427] Register r7 information: NULL pointer # [ 241.425380] Register r8 information: slab lkdtm-usercopy start c8a38440 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 241.440553] do_usercopy_slab_whitelist+0x38/0x324 # [ 241.445812] lkdtm_do_action+0x24/0x4c # [ 241.450162] direct_entry+0x11c/0x140 # [ 241.454310] full_proxy_write+0x5c/0x8c # [ 241.458662] vfs_write+0xbc/0x3cc # [ 241.462520] ksys_write+0x78/0xf8 # [ 241.466374] ret_fast_syscall+0x0/0x1c # [ 241.470623] Register r9 information: non-paged memory # [ 241.475979] Register r10 information: NULL pointer # [ 241.481033] Register r11 information: slab lkdtm-usercopy start c8a38440 data offset 8 pointer offset 256 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 241.496201] do_usercopy_slab_whitelist+0x38/0x324 # [ 241.501560] lkdtm_do_action+0x24/0x4c # [ 241.505809] direct_entry+0x11c/0x140 # [ 241.510058] full_proxy_write+0x5c/0x8c # [ 241.514411] vfs_write+0xbc/0x3cc # [ 241.518281] ksys_write+0x78/0xf8 # [ 241.522150] ret_fast_syscall+0x0/0x1c # [ 241.526418] Register r12 information: NULL pointer # [ 241.531490] Process cat (pid: 4360, stack limit = 0xf26a8000) # [ 241.537466] Stack: (0xf26a9e28 to 0xf26aa000) # [ 241.542135] 9e20: c1ea7f3c c1f9f75c c1e92144 000000ff 00000040 00000440 # [ 241.550621] 9e40: ffffffff c05f59f8 00000040 c0317008 c8a38547 ef82ffe0 00000040 00000000 # [ 241.559107] 9e60: c8a38587 c0621704 b6f40000 c16c554c f26a9e84 b6f40000 c8a38448 c28033a8 # [ 241.567588] 9e80: c8a38547 00000100 00000040 c0df869c 00000022 00000000 f26a9ebc 0000001d # [ 241.576066] 9ea0: c8c7f000 00000000 f26a9f80 c2688130 f26a9f80 c52cfe00 004dfe38 c0df61c8 # [ 241.584542] 9ec0: 0000001d c0df65ac c0df6490 c5443840 b6dd8000 0000001d c3824260 c08910e8 # [ 241.593018] 9ee0: c5443840 c089108c f26a9f80 b6dd8000 c5200040 0000001d c52cfe00 c0628870 # [ 241.601494] 9f00: c8916db0 00000000 00000000 00000000 00000000 0000001d b6dd8000 0001ffe3 # [ 241.609970] 9f20: 00000001 00000000 c5443640 00000000 00000000 00000000 00000000 00000000 # [ 241.618448] 9f40: 00000000 00000000 00000000 00000000 00000022 f1fd16a9 00000000 c5443840 # [ 241.626922] 9f60: c5443840 00000000 00000000 c03002f0 c5200040 00000004 004dfe38 c0628dcc # [ 241.635397] 9f80: 00000000 00000000 00000000 f1fd16a9 000000c0 0000001d 0000001d 7ff00000 # [ 241.643871] 9fa0: 00000004 c03000c0 0000001d 0000001d 00000001 b6dd8000 0000001d 00000001 # [ 241.652345] 9fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 # [ 241.660819] 9fe0: 00000004 bedf2788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 241.669284] Call trace: # [ 241.669299] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 241.678219] __check_heap_object from __check_object_size+0x294/0x310 # [ 241.685007] __check_object_size from do_usercopy_slab_whitelist+0x1dc/0x324 # [ 241.692292] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c # [ 241.699168] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 241.704935] direct_entry from full_proxy_write+0x5c/0x8c # [ 241.710604] full_proxy_write from vfs_write+0xbc/0x3cc # [ 241.716079] vfs_write from ksys_write+0x78/0xf8 # [ 241.720955] ksys_write from ret_fast_syscall+0x0/0x1c # [ 241.726427] Exception stack(0xf26a9fa8 to 0xf26a9ff0) # [ 241.731685] 9fa0: 0000001d 0000001d 00000001 b6dd8000 0000001d 00000001 # [ 241.740160] 9fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 # [ 241.748731] 9fe0: 00000004 bedf2788 b6e9e33b b6e17616 # [ 241.753990] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) # [ 241.760348] ---[ end trace 0000000000000000 ]--- # [ 241.765298] note: cat[4360] exited with irqs disabled # USERCOPY_SLAB_WHITELIST_FROM: saw 'call trace:': ok ok 72 selftests: lkdtm: USERCOPY_SLAB_WHITELIST_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_FRAME_TO.sh <6>[ 243.715888] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_TO <6>[ 243.721101] lkdtm: good_stack: f2669e74-f2669e94 <6>[ 243.725944] lkdtm: bad_stack : f2669dec-f2669e0c <6>[ 243.731937] lkdtm: attempting good copy_to_user of local stack <6>[ 243.737127] lkdtm: attempting bad copy_to_user of distant stack <0>[ 243.743242] usercopy: Kernel memory exposure attempt detected from process stack (offset 84, size 32)! <4>[ 243.752871] ------------[ cut here ]------------ <2>[ 243.757651] kernel BUG at mm/usercopy.c:102! <0>[ 243.762114] Internal error: Oops - BUG: 0 [#22] SMP ARM <4>[ 243.767684] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 243.805809] CPU: 1 UID: 0 PID: 4447 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 243.815408] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 243.820657] Hardware name: STM32 (Device Tree Support) <4>[ 243.826007] PC is at usercopy_abort+0x98/0x9c <4>[ 243.830681] LR is at usercopy_abort+0x98/0x9c <4>[ 243.835336] pc : [] lr : [] psr: 60080013 <4>[ 243.841894] sp : f2669e20 ip : 00000000 fp : f0f0f0f1 <4>[ 243.847345] r10: c19711ac r9 : c5205040 r8 : f2669e0c <4>[ 243.852896] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : 00000054 <4>[ 243.859655] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000005a <4>[ 243.866516] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 243.873882] Control: 10c5387d Table: c8bc806a DAC: 00000051 <1>[ 243.879935] Register r0 information: non-paged memory <1>[ 243.885298] Register r1 information: NULL pointer <1>[ 243.890252] Register r2 information: NULL pointer <1>[ 243.895205] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 243.908984] copy_process+0x1f4/0x1f64 <6>[ 243.913241] kernel_clone+0xac/0x388 <6>[ 243.917397] sys_clone+0x78/0x9c <6>[ 243.921149] ret_fast_syscall+0x0/0x1c <4>[ 243.925401] Free path: <6>[ 243.928131] rcu_core+0x2dc/0xb14 <6>[ 243.931984] handle_softirqs+0x15c/0x430 <6>[ 243.936442] irq_exit+0xac/0xd4 <6>[ 243.940093] call_with_stack+0x18/0x20 <6>[ 243.944350] __irq_svc+0x9c/0xb8 <6>[ 243.948098] copy_page+0x60/0x70 <1>[ 243.951848] Register r4 information: non-paged memory <1>[ 243.957205] Register r5 information: non-paged memory <1>[ 243.962560] Register r6 information: non-paged memory <1>[ 243.967915] Register r7 information: non-paged memory <1>[ 243.973169] Register r8 information: 2-page vmalloc region starting at 0xf2668000 allocated at kernel_clone+0xac/0x388 <1>[ 243.984179] Register r9 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 243.997944] copy_process+0x1f4/0x1f64 <6>[ 244.002200] kernel_clone+0xac/0x388 <6>[ 244.006355] sys_clone+0x78/0x9c <6>[ 244.010107] ret_fast_syscall+0x0/0x1c <4>[ 244.014360] Free path: <6>[ 244.017101] rcu_core+0x2dc/0xb14 <6>[ 244.020869] handle_softirqs+0x15c/0x430 <6>[ 244.025339] irq_exit+0xac/0xd4 <6>[ 244.029004] call_with_stack+0x18/0x20 <6>[ 244.033274] __irq_svc+0x9c/0xb8 <6>[ 244.037037] copy_page+0x60/0x70 <1>[ 244.040802] Register r10 information: non-slab/vmalloc memory <1>[ 244.046877] Register r11 information: 0-page vmalloc region starting at 0xf0f03000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 244.059206] Register r12 information: NULL pointer <0>[ 244.064274] Process cat (pid: 4447, stack limit = 0xf2668000) <0>[ 244.070234] Stack: (0xf2669e20 to 0xf266a000) <0>[ 244.074895] 9e20: c1e89f20 c1e89f20 c1e89f20 00000054 00000020 c03ca1b0 f2669e5c c06215d4 <0>[ 244.083371] 9e40: 00000020 c16c554c f2669e5c 00000020 b6efe000 f2669dec 00000001 00000001 <0>[ 244.091848] 9e60: c5205040 c0df8f90 00000022 00000000 f2669dec 73696854 20736920 65742061 <0>[ 244.100326] 9e80: 0a2e7473 69685400 73692073 74206120 2e747365 bb4a5853 f2669ebc 00000018 <0>[ 244.108802] 9ea0: c8af1000 00000000 f2669f80 c2688138 f2669f80 c52cfe00 0050fe38 c0df61c8 <0>[ 244.117277] 9ec0: 00000018 c0df65ac c0df6490 c5443740 b6d98000 00000018 c3824260 c08910e8 <0>[ 244.125753] 9ee0: c5443740 c089108c f2669f80 b6d98000 c5205040 00000018 c52cfe00 c0628870 <0>[ 244.134227] 9f00: c8bcadb0 00000000 00000000 00000000 00000000 00000018 b6d98000 0001ffe8 <0>[ 244.142701] 9f20: 00000001 00000000 c5443b40 00000000 00000000 00000000 00000000 00000000 <0>[ 244.151175] 9f40: 00000000 00000000 00000000 00000000 00000022 bb4a5853 00000000 c5443740 <0>[ 244.159650] 9f60: c5443740 00000000 00000000 c03002f0 c5205040 00000004 0050fe38 c0628dcc <0>[ 244.168126] 9f80: 00000000 00000000 00000000 bb4a5853 000000c0 00000018 00000018 7ff00000 <0>[ 244.176603] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6d98000 00000018 00000001 <0>[ 244.185079] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6d98000 00020000 0050fe38 <0>[ 244.193553] 9fe0: 00000004 bee07788 b6e5e33b b6dd7616 60080030 00000001 00000000 00000000 <0>[ 244.202019] Call trace: <0>[ 244.202033] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 244.211145] __check_object_size from do_usercopy_stack+0x358/0x380 <0>[ 244.217731] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 244.223703] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 244.229470] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 244.235241] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 244.240717] vfs_write from ksys_write+0x78/0xf8 <0>[ 244.245593] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 244.250965] Exception stack(0xf2669fa8 to 0xf2669ff0) <0>[ 244.256325] 9fa0: 00000018 00000018 00000001 b6d98000 00000018 00000001 <0>[ 244.264800] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6d98000 00020000 0050fe38 <0>[ 244.273271] 9fe0: 00000004 bee07788 b6e5e33b b6dd7616 <0>[ 244.278630] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) <4>[ 244.284989] ---[ end trace 0000000000000000 ]--- <6>[ 244.289937] note: cat[4447] exited with irqs disabled # Segmentation fault # [ 243.715888] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_TO # [ 243.721101] lkdtm: good_stack: f2669e74-f2669e94 # [ 243.725944] lkdtm: bad_stack : f2669dec-f2669e0c # [ 243.731937] lkdtm: attempting good copy_to_user of local stack # [ 243.737127] lkdtm: attempting bad copy_to_user of distant stack # [ 243.743242] usercopy: Kernel memory exposure attempt detected from process stack (offset 84, size 32)! # [ 243.752871] ------------[ cut here ]------------ # [ 243.757651] kernel BUG at mm/usercopy.c:102! # [ 243.762114] Internal error: Oops - BUG: 0 [#22] SMP ARM # [ 243.767684] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 243.805809] CPU: 1 UID: 0 PID: 4447 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 243.815408] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 243.820657] Hardware name: STM32 (Device Tree Support) # [ 243.826007] PC is at usercopy_abort+0x98/0x9c # [ 243.830681] LR is at usercopy_abort+0x98/0x9c # [ 243.835336] pc : [] lr : [] psr: 60080013 # [ 243.841894] sp : f2669e20 ip : 00000000 fp : f0f0f0f1 # [ 243.847345] r10: c19711ac r9 : c5205040 r8 : f2669e0c # [ 243.852896] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : 00000054 # [ 243.859655] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000005a # [ 243.866516] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 243.873882] Control: 10c5387d Table: c8bc806a DAC: 00000051 # [ 243.879935] Register r0 information: non-paged memory # [ 243.885298] Register r1 information: NULL pointer # [ 243.890252] Register r2 information: NULL pointer # [ 243.895205] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 243.908984] copy_process+0x1f4/0x1f64 # [ 243.913241] kernel_clone+0xac/0x388 # [ 243.917397] sys_clone+0x78/0x9c # [ 243.921149] ret_fast_syscall+0x0/0x1c # [ 243.925401] Free path: # [ 243.928131] rcu_core+0x2dc/0xb14 # [ 243.931984] handle_softirqs+0x15c/0x430 # [ 243.936442] irq_exit+0xac/0xd4 # [ 243.940093] call_with_stack+0x18/0x20 # [ 243.944350] __irq_svc+0x9c/0xb8 # [ 243.948098] copy_page+0x60/0x70 # [ 243.951848] Register r4 information: non-paged memory # [ 243.957205] Register r5 information: non-paged memory # [ 243.962560] Register r6 information: non-paged memory # [ 243.967915] Register r7 information: non-paged memory # [ 243.973169] Register r8 information: 2-page vmalloc region starting at 0xf2668000 allocated at kernel_clone+0xac/0x388 # [ 243.984179] Register r9 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 243.997944] copy_process+0x1f4/0x1f64 # [ 244.002200] kernel_clone+0xac/0x388 # [ 244.006355] sys_clone+0x78/0x9c # [ 244.010107] ret_fast_syscall+0x0/0x1c # [ 244.014360] Free path: # [ 244.017101] rcu_core+0x2dc/0xb14 # [ 244.020869] handle_softirqs+0x15c/0x430 # [ 244.025339] irq_exit+0xac/0xd4 # [ 244.029004] call_with_stack+0x18/0x20 # [ 244.033274] __irq_svc+0x9c/0xb8 # [ 244.037037] copy_page+0x60/0x70 # [ 244.040802] Register r10 information: non-slab/vmalloc memory # [ 244.046877] Register r11 information: 0-page vmalloc region starting at 0xf0f03000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 244.059206] Register r12 information: NULL pointer # [ 244.064274] Process cat (pid: 4447, stack limit = 0xf2668000) # [ 244.070234] Stack: (0xf2669e20 to 0xf266a000) # [ 244.074895] 9e20: c1e89f20 c1e89f20 c1e89f20 00000054 00000020 c03ca1b0 f2669e5c c06215d4 # [ 244.083371] 9e40: 00000020 c16c554c f2669e5c 00000020 b6efe000 f2669dec 00000001 00000001 # [ 244.091848] 9e60: c5205040 c0df8f90 00000022 00000000 f2669dec 73696854 20736920 65742061 # [ 244.100326] 9e80: 0a2e7473 69685400 73692073 74206120 2e747365 bb4a5853 f2669ebc 00000018 # [ 244.108802] 9ea0: c8af1000 00000000 f2669f80 c2688138 f2669f80 c52cfe00 0050fe38 c0df61c8 # [ 244.117277] 9ec0: 00000018 c0df65ac c0df6490 c5443740 b6d98000 00000018 c3824260 c08910e8 # [ 244.125753] 9ee0: c5443740 c089108c f2669f80 b6d98000 c5205040 00000018 c52cfe00 c0628870 # [ 244.134227] 9f00: c8bcadb0 00000000 00000000 00000000 00000000 00000018 b6d98000 0001ffe8 # [ 244.142701] 9f20: 00000001 00000000 c5443b40 00000000 00000000 00000000 00000000 00000000 # [ 244.151175] 9f40: 00000000 00000000 00000000 00000000 00000022 bb4a5853 00000000 c5443740 # [ 244.159650] 9f60: c5443740 00000000 00000000 c03002f0 c5205040 00000004 0050fe38 c0628dcc # [ 244.168126] 9f80: 00000000 00000000 00000000 bb4a5853 000000c0 00000018 00000018 7ff00000 # [ 244.176603] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6d98000 00000018 00000001 # [ 244.185079] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6d98000 00020000 0050fe38 # [ 244.193553] 9fe0: 00000004 bee07788 b6e5e33b b6dd7616 60080030 00000001 00000000 00000000 # [ 244.202019] Call trace: # [ 244.202033] usercopy_abort from __check_object_size+0x164/0x310 # [ 244.211145] __check_object_size from do_usercopy_stack+0x358/0x380 # [ 244.217731] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 244.223703] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 244.229470] direct_entry from full_proxy_write+0x5c/0x8c # [ 244.235241] full_proxy_write from vfs_write+0xbc/0x3cc # [ 244.240717] vfs_write from ksys_write+0x78/0xf8 # [ 244.245593] ksys_write from ret_fast_syscall+0x0/0x1c # [ 244.250965] Exception stack(0xf2669fa8 to 0xf2669ff0) # [ 244.256325] 9fa0: 00000018 00000018 00000001 b6d98000 00000018 00000001 # [ 244.264800] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6d98000 00020000 0050fe38 # [ 244.273271] 9fe0: 00000004 bee07788 b6e5e33b b6dd7616 # [ 244.278630] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) # [ 244.284989] ---[ end trace 0000000000000000 ]--- # [ 244.289937] note: cat[4447] exited with irqs disabled # USERCOPY_STACK_FRAME_TO: saw 'call trace:': ok ok 73 selftests: lkdtm: USERCOPY_STACK_FRAME_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_FRAME_FROM.sh <6>[ 246.306080] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_FROM <6>[ 246.312038] lkdtm: good_stack: f2799e74-f2799e94 <6>[ 246.316293] lkdtm: bad_stack : f2799dec-f2799e0c <6>[ 246.321438] lkdtm: attempting good copy_from_user of local stack <6>[ 246.327521] lkdtm: attempting bad copy_from_user of distant stack <0>[ 246.333898] usercopy: Kernel memory overwrite attempt detected to process stack (offset 84, size 32)! <4>[ 246.345438] ------------[ cut here ]------------ <2>[ 246.348920] kernel BUG at mm/usercopy.c:102! <0>[ 246.353480] Internal error: Oops - BUG: 0 [#23] SMP ARM <4>[ 246.359041] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 246.397148] CPU: 0 UID: 0 PID: 4533 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 246.406742] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 246.411990] Hardware name: STM32 (Device Tree Support) <4>[ 246.417337] PC is at usercopy_abort+0x98/0x9c <4>[ 246.422008] LR is at usercopy_abort+0x98/0x9c <4>[ 246.426662] pc : [] lr : [] psr: 60080013 <4>[ 246.433220] sp : f2799e20 ip : 00000000 fp : f0f0f0f1 <4>[ 246.438670] r10: c19711ac r9 : c5204640 r8 : f2799e0c <4>[ 246.444220] r7 : 00000000 r6 : 00000020 r5 : 00000020 r4 : 00000054 <4>[ 246.450979] r3 : c5204640 r2 : 00000000 r1 : 00000000 r0 : 00000059 <4>[ 246.457840] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 246.465305] Control: 10c5387d Table: c89d806a DAC: 00000051 <1>[ 246.471257] Register r0 information: non-paged memory <1>[ 246.476619] Register r1 information: NULL pointer <1>[ 246.481572] Register r2 information: NULL pointer <1>[ 246.486625] Register r3 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 246.500302] copy_process+0x1f4/0x1f64 <6>[ 246.504559] kernel_clone+0xac/0x388 <6>[ 246.508715] sys_clone+0x78/0x9c <6>[ 246.512467] ret_fast_syscall+0x0/0x1c <4>[ 246.516718] Free path: <6>[ 246.519448] rcu_core+0x2dc/0xb14 <6>[ 246.523301] handle_softirqs+0x15c/0x430 <6>[ 246.527759] run_ksoftirqd+0x48/0x60 <6>[ 246.531813] smpboot_thread_fn+0xc0/0x15c <6>[ 246.536366] kthread+0xe8/0x104 <6>[ 246.540114] ret_from_fork+0x14/0x28 <1>[ 246.544162] Register r4 information: non-paged memory <1>[ 246.549517] Register r5 information: non-paged memory <1>[ 246.554873] Register r6 information: non-paged memory <1>[ 246.560128] Register r7 information: NULL pointer <1>[ 246.565182] Register r8 information: 2-page vmalloc region starting at 0xf2798000 allocated at kernel_clone+0xac/0x388 <1>[ 246.576193] Register r9 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 246.589858] copy_process+0x1f4/0x1f64 <6>[ 246.594215] kernel_clone+0xac/0x388 <6>[ 246.598269] sys_clone+0x78/0x9c <6>[ 246.602022] ret_fast_syscall+0x0/0x1c <4>[ 246.606272] Free path: <6>[ 246.609002] rcu_core+0x2dc/0xb14 <6>[ 246.612853] handle_softirqs+0x15c/0x430 <6>[ 246.617308] run_ksoftirqd+0x48/0x60 <6>[ 246.621461] smpboot_thread_fn+0xc0/0x15c <6>[ 246.626013] kthread+0xe8/0x104 <6>[ 246.629659] ret_from_fork+0x14/0x28 <1>[ 246.633707] Register r10 information: non-slab/vmalloc memory <1>[ 246.639770] Register r11 information: 0-page vmalloc region starting at 0xf0f03000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 246.652082] Register r12 information: NULL pointer <0>[ 246.657136] Process cat (pid: 4533, stack limit = 0xf2798000) <0>[ 246.663192] Stack: (0xf2799e20 to 0xf279a000) <0>[ 246.667850] 9e20: c1e89f20 c1e89f20 c1e89f20 00000054 00000020 c03ca1b0 f2799e5c c06215d4 <0>[ 246.676325] 9e40: 00000020 c16c554c f2799e5c 00000020 b6f15000 f2799dec 00000001 00000000 <0>[ 246.684799] 9e60: c5204640 c0df8f64 00000022 00000000 f2799dec 00000000 00000000 00000000 <0>[ 246.693274] 9e80: 00000000 00000000 00000000 00000000 00000000 55dca280 f2799ebc 0000001a <0>[ 246.701748] 9ea0: c8922000 00000000 f2799f80 c2688140 f2799f80 c52cfcc0 0046fe38 c0df61c8 <0>[ 246.710223] 9ec0: 0000001a c0df65ac c0df6490 c5443040 b6db8000 0000001a c3824260 c08910e8 <0>[ 246.718698] 9ee0: c5443040 c089108c f2799f80 b6db8000 c5204640 0000001a c52cfcc0 c0628870 <0>[ 246.727173] 9f00: c89dadb0 00000000 00000000 00000000 00000000 0000001a b6db8000 0001ffe6 <0>[ 246.735646] 9f20: 00000001 00000000 c5443c40 00000000 00000000 00000000 00000000 00000000 <0>[ 246.744119] 9f40: 00000000 00000000 00000000 00000000 00000022 55dca280 00000000 c5443040 <0>[ 246.752593] 9f60: c5443040 00000000 00000000 c03002f0 c5204640 00000004 0046fe38 c0628dcc <0>[ 246.761068] 9f80: 00000000 00000000 00000000 55dca280 000000c0 0000001a 0000001a 7ff00000 <0>[ 246.769543] 9fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6db8000 0000001a 00000001 <0>[ 246.778019] 9fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6db8000 00020000 0046fe38 <0>[ 246.786494] 9fe0: 00000004 bec61788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 <0>[ 246.794959] Call trace: <0>[ 246.794978] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 246.804088] __check_object_size from do_usercopy_stack+0x32c/0x380 <0>[ 246.810672] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 246.816644] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 246.822413] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 246.828082] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 246.833658] vfs_write from ksys_write+0x78/0xf8 <0>[ 246.838534] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 246.843905] Exception stack(0xf2799fa8 to 0xf2799ff0) <0>[ 246.849263] 9fa0: 0000001a 0000001a 00000001 b6db8000 0000001a 00000001 <0>[ 246.857738] 9fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6db8000 00020000 0046fe38 <0>[ 246.866208] 9fe0: 00000004 bec61788 b6e7e33b b6df7616 <0>[ 246.871568] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) <4>[ 246.877925] ---[ end trace 0000000000000000 ]--- <6>[ 246.882772] note: cat[4533] exited with irqs disabled # Segmentation fault # [ 246.306080] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_FROM # [ 246.312038] lkdtm: good_stack: f2799e74-f2799e94 # [ 246.316293] lkdtm: bad_stack : f2799dec-f2799e0c # [ 246.321438] lkdtm: attempting good copy_from_user of local stack # [ 246.327521] lkdtm: attempting bad copy_from_user of distant stack # [ 246.333898] usercopy: Kernel memory overwrite attempt detected to process stack (offset 84, size 32)! # [ 246.345438] ------------[ cut here ]------------ # [ 246.348920] kernel BUG at mm/usercopy.c:102! # [ 246.353480] Internal error: Oops - BUG: 0 [#23] SMP ARM # [ 246.359041] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 246.397148] CPU: 0 UID: 0 PID: 4533 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 246.406742] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 246.411990] Hardware name: STM32 (Device Tree Support) # [ 246.417337] PC is at usercopy_abort+0x98/0x9c # [ 246.422008] LR is at usercopy_abort+0x98/0x9c # [ 246.426662] pc : [] lr : [] psr: 60080013 # [ 246.433220] sp : f2799e20 ip : 00000000 fp : f0f0f0f1 # [ 246.438670] r10: c19711ac r9 : c5204640 r8 : f2799e0c # [ 246.444220] r7 : 00000000 r6 : 00000020 r5 : 00000020 r4 : 00000054 # [ 246.450979] r3 : c5204640 r2 : 00000000 r1 : 00000000 r0 : 00000059 # [ 246.457840] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 246.465305] Control: 10c5387d Table: c89d806a DAC: 00000051 # [ 246.471257] Register r0 information: non-paged memory # [ 246.476619] Register r1 information: NULL pointer # [ 246.481572] Register r2 information: NULL pointer # [ 246.486625] Register r3 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 246.500302] copy_process+0x1f4/0x1f64 # [ 246.504559] kernel_clone+0xac/0x388 # [ 246.508715] sys_clone+0x78/0x9c # [ 246.512467] ret_fast_syscall+0x0/0x1c # [ 246.516718] Free path: # [ 246.519448] rcu_core+0x2dc/0xb14 # [ 246.523301] handle_softirqs+0x15c/0x430 # [ 246.527759] run_ksoftirqd+0x48/0x60 # [ 246.531813] smpboot_thread_fn+0xc0/0x15c # [ 246.536366] kthread+0xe8/0x104 # [ 246.540114] ret_from_fork+0x14/0x28 # [ 246.544162] Register r4 information: non-paged memory # [ 246.549517] Register r5 information: non-paged memory # [ 246.554873] Register r6 information: non-paged memory # [ 246.560128] Register r7 information: NULL pointer # [ 246.565182] Register r8 information: 2-page vmalloc region starting at 0xf2798000 allocated at kernel_clone+0xac/0x388 # [ 246.576193] Register r9 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 246.589858] copy_process+0x1f4/0x1f64 # [ 246.594215] kernel_clone+0xac/0x388 # [ 246.598269] sys_clone+0x78/0x9c # [ 246.602022] ret_fast_syscall+0x0/0x1c # [ 246.606272] Free path: # [ 246.609002] rcu_core+0x2dc/0xb14 # [ 246.612853] handle_softirqs+0x15c/0x430 # [ 246.617308] run_ksoftirqd+0x48/0x60 # [ 246.621461] smpboot_thread_fn+0xc0/0x15c # [ 246.626013] kthread+0xe8/0x104 # [ 246.629659] ret_from_fork+0x14/0x28 # [ 246.633707] Register r10 information: non-slab/vmalloc memory # [ 246.639770] Register r11 information: 0-page vmalloc region starting at 0xf0f03000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 246.652082] Register r12 information: NULL pointer # [ 246.657136] Process cat (pid: 4533, stack limit = 0xf2798000) # [ 246.663192] Stack: (0xf2799e20 to 0xf279a000) # [ 246.667850] 9e20: c1e89f20 c1e89f20 c1e89f20 00000054 00000020 c03ca1b0 f2799e5c c06215d4 # [ 246.676325] 9e40: 00000020 c16c554c f2799e5c 00000020 b6f15000 f2799dec 00000001 00000000 # [ 246.684799] 9e60: c5204640 c0df8f64 00000022 00000000 f2799dec 00000000 00000000 00000000 # [ 246.693274] 9e80: 00000000 00000000 00000000 00000000 00000000 55dca280 f2799ebc 0000001a # [ 246.701748] 9ea0: c8922000 00000000 f2799f80 c2688140 f2799f80 c52cfcc0 0046fe38 c0df61c8 # [ 246.710223] 9ec0: 0000001a c0df65ac c0df6490 c5443040 b6db8000 0000001a c3824260 c08910e8 # [ 246.718698] 9ee0: c5443040 c089108c f2799f80 b6db8000 c5204640 0000001a c52cfcc0 c0628870 # [ 246.727173] 9f00: c89dadb0 00000000 00000000 00000000 00000000 0000001a b6db8000 0001ffe6 # [ 246.735646] 9f20: 00000001 00000000 c5443c40 00000000 00000000 00000000 00000000 00000000 # [ 246.744119] 9f40: 00000000 00000000 00000000 00000000 00000022 55dca280 00000000 c5443040 # [ 246.752593] 9f60: c5443040 00000000 00000000 c03002f0 c5204640 00000004 0046fe38 c0628dcc # [ 246.761068] 9f80: 00000000 00000000 00000000 55dca280 000000c0 0000001a 0000001a 7ff00000 # [ 246.769543] 9fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6db8000 0000001a 00000001 # [ 246.778019] 9fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6db8000 00020000 0046fe38 # [ 246.786494] 9fe0: 00000004 bec61788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 # [ 246.794959] Call trace: # [ 246.794978] usercopy_abort from __check_object_size+0x164/0x310 # [ 246.804088] __check_object_size from do_usercopy_stack+0x32c/0x380 # [ 246.810672] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 246.816644] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 246.822413] direct_entry from full_proxy_write+0x5c/0x8c # [ 246.828082] full_proxy_write from vfs_write+0xbc/0x3cc # [ 246.833658] vfs_write from ksys_write+0x78/0xf8 # [ 246.838534] ksys_write from ret_fast_syscall+0x0/0x1c # [ 246.843905] Exception stack(0xf2799fa8 to 0xf2799ff0) # [ 246.849263] 9fa0: 0000001a 0000001a 00000001 b6db8000 0000001a 00000001 # [ 246.857738] 9fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6db8000 00020000 0046fe38 # [ 246.866208] 9fe0: 00000004 bec61788 b6e7e33b b6df7616 # [ 246.871568] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) # [ 246.877925] ---[ end trace 0000000000000000 ]--- # [ 246.882772] note: cat[4533] exited with irqs disabled # USERCOPY_STACK_FRAME_FROM: saw 'call trace:': ok ok 74 selftests: lkdtm: USERCOPY_STACK_FRAME_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_BEYOND.sh <6>[ 248.826969] lkdtm: Performing direct entry USERCOPY_STACK_BEYOND <6>[ 248.832020] lkdtm: good_stack: f282de74-f282de94 <6>[ 248.837258] lkdtm: bad_stack : f282dffc-f282e01c <6>[ 248.842017] lkdtm: attempting good copy_to_user of local stack <6>[ 248.847999] lkdtm: attempting bad copy_to_user of distant stack <0>[ 248.854079] usercopy: Kernel memory exposure attempt detected from process stack (offset 4294966852, size 32)! <4>[ 248.864395] ------------[ cut here ]------------ <2>[ 248.869175] kernel BUG at mm/usercopy.c:102! <0>[ 248.873738] Internal error: Oops - BUG: 0 [#24] SMP ARM <4>[ 248.879309] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 248.917330] CPU: 1 UID: 0 PID: 4619 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 248.926929] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 248.932178] Hardware name: STM32 (Device Tree Support) <4>[ 248.937628] PC is at usercopy_abort+0x98/0x9c <4>[ 248.942200] LR is at usercopy_abort+0x98/0x9c <4>[ 248.946859] pc : [] lr : [] psr: 60080013 <4>[ 248.953418] sp : f282de20 ip : 00000000 fp : f0f0f0f1 <4>[ 248.958969] r10: c19711ac r9 : c5205040 r8 : f282e01c <4>[ 248.964421] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : fffffe44 <4>[ 248.971280] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 00000062 <4>[ 248.978041] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 248.985509] Control: 10c5387d Table: c8e5806a DAC: 00000051 <1>[ 248.991560] Register r0 information: non-paged memory <1>[ 248.996822] Register r1 information: NULL pointer <1>[ 249.001876] Register r2 information: NULL pointer <1>[ 249.006829] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 249.020507] copy_process+0x1f4/0x1f64 <6>[ 249.024765] kernel_clone+0xac/0x388 <6>[ 249.028921] sys_clone+0x78/0x9c <6>[ 249.032674] ret_fast_syscall+0x0/0x1c <4>[ 249.036924] Free path: <6>[ 249.039655] rcu_core+0x2dc/0xb14 <6>[ 249.043508] handle_softirqs+0x15c/0x430 <6>[ 249.047966] irq_exit+0xac/0xd4 <6>[ 249.051616] call_with_stack+0x18/0x20 <6>[ 249.055872] __irq_svc+0x9c/0xb8 <6>[ 249.059720] schedule+0x28/0x150 <6>[ 249.063474] futex_wait_queue+0x80/0x9c <6>[ 249.067833] __futex_wait+0xa0/0x10c <6>[ 249.071888] futex_wait+0x7c/0xf8 <6>[ 249.075740] do_futex+0xd8/0x18c <6>[ 249.079491] sys_futex_time32+0x90/0x16c <6>[ 249.083947] __sys_trace_return+0x0/0x10 <1>[ 249.088398] Register r4 information: non-paged memory <1>[ 249.093754] Register r5 information: non-paged memory <1>[ 249.099110] Register r6 information: non-paged memory <1>[ 249.104364] Register r7 information: non-paged memory <1>[ 249.109718] Register r8 information: vmalloc memory <1>[ 249.114874] Register r9 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 249.128640] copy_process+0x1f4/0x1f64 <6>[ 249.132904] kernel_clone+0xac/0x388 <6>[ 249.136963] sys_clone+0x78/0x9c <6>[ 249.140716] ret_fast_syscall+0x0/0x1c <4>[ 249.145067] Free path: <6>[ 249.147697] rcu_core+0x2dc/0xb14 <6>[ 249.151548] handle_softirqs+0x15c/0x430 <6>[ 249.156006] irq_exit+0xac/0xd4 <6>[ 249.159756] call_with_stack+0x18/0x20 <6>[ 249.164011] __irq_svc+0x9c/0xb8 <6>[ 249.167758] schedule+0x28/0x150 <6>[ 249.171510] futex_wait_queue+0x80/0x9c <6>[ 249.175869] __futex_wait+0xa0/0x10c <6>[ 249.180024] futex_wait+0x7c/0xf8 <6>[ 249.183777] do_futex+0xd8/0x18c <6>[ 249.187630] sys_futex_time32+0x90/0x16c <6>[ 249.192088] __sys_trace_return+0x0/0x10 <1>[ 249.196542] Register r10 information: non-slab/vmalloc memory <1>[ 249.202508] Register r11 information: 0-page vmalloc region starting at 0xf0f03000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 249.214825] Register r12 information: NULL pointer <0>[ 249.219881] Process cat (pid: 4619, stack limit = 0xf282c000) <0>[ 249.225938] Stack: (0xf282de20 to 0xf282e000) <0>[ 249.230596] de20: c1e89f20 c1e89f20 c1e89f20 fffffe44 00000020 c03ca1b0 f282de5c c06215d4 <0>[ 249.239071] de40: 00000020 c16c554c f282de5c 00000020 b6f96000 f282dffc 00000000 00000001 <0>[ 249.247545] de60: c5205040 c0df8f90 00000022 00000000 f282dffc 73696854 20736920 65742061 <0>[ 249.256021] de80: 0a2e7473 69685400 73692073 74206120 2e747365 7a785f12 f282debc 00000016 <0>[ 249.264501] dea0: c8d41000 00000000 f282df80 c2688148 f282df80 c52cfcc0 004efe38 c0df61c8 <0>[ 249.272988] dec0: 00000016 c0df65ac c0df6490 c5443040 b6e38000 00000016 c3824260 c08910e8 <0>[ 249.281476] dee0: c5443040 c089108c f282df80 b6e38000 c5205040 00000016 c52cfcc0 c0628870 <0>[ 249.289962] df00: c8e5adb8 00000000 00000000 00000000 00000000 00000016 b6e38000 0001ffea <0>[ 249.298448] df20: 00000001 00000000 c5443c40 00000000 00000000 00000000 00000000 00000000 <0>[ 249.306929] df40: 00000000 00000000 00000000 00000000 00000022 7a785f12 00000000 c5443040 <0>[ 249.315412] df60: c5443040 00000000 00000000 c03002f0 c5205040 00000004 004efe38 c0628dcc <0>[ 249.323894] df80: 00000000 00000000 00000000 7a785f12 000000c0 00000016 00000016 7ff00000 <0>[ 249.332274] dfa0: 00000004 c03000c0 00000016 00000016 00000001 b6e38000 00000016 00000001 <0>[ 249.340751] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 <0>[ 249.349227] dfe0: 00000004 be90d788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 249.357693] Call trace: <0>[ 249.357709] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 249.366828] __check_object_size from do_usercopy_stack+0x358/0x380 <0>[ 249.373415] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 249.379388] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 249.385157] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 249.390827] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 249.396403] vfs_write from ksys_write+0x78/0xf8 <0>[ 249.401280] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 249.406652] Exception stack(0xf282dfa8 to 0xf282dff0) <0>[ 249.412010] dfa0: 00000016 00000016 00000001 b6e38000 00000016 00000001 <0>[ 249.420484] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 <0>[ 249.428954] dfe0: 00000004 be90d788 b6efe33b b6e77616 <0>[ 249.434313] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) <4>[ 249.440670] ---[ end trace 0000000000000000 ]--- <6>[ 249.445519] note: cat[4619] exited with irqs disabled # Segmentation fault # [ 248.826969] lkdtm: Performing direct entry USERCOPY_STACK_BEYOND # [ 248.832020] lkdtm: good_stack: f282de74-f282de94 # [ 248.837258] lkdtm: bad_stack : f282dffc-f282e01c # [ 248.842017] lkdtm: attempting good copy_to_user of local stack # [ 248.847999] lkdtm: attempting bad copy_to_user of distant stack # [ 248.854079] usercopy: Kernel memory exposure attempt detected from process stack (offset 4294966852, size 32)! # [ 248.864395] ------------[ cut here ]------------ # [ 248.869175] kernel BUG at mm/usercopy.c:102! # [ 248.873738] Internal error: Oops - BUG: 0 [#24] SMP ARM # [ 248.879309] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 248.917330] CPU: 1 UID: 0 PID: 4619 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 248.926929] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 248.932178] Hardware name: STM32 (Device Tree Support) # [ 248.937628] PC is at usercopy_abort+0x98/0x9c # [ 248.942200] LR is at usercopy_abort+0x98/0x9c # [ 248.946859] pc : [] lr : [] psr: 60080013 # [ 248.953418] sp : f282de20 ip : 00000000 fp : f0f0f0f1 # [ 248.958969] r10: c19711ac r9 : c5205040 r8 : f282e01c # [ 248.964421] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : fffffe44 # [ 248.971280] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 00000062 # [ 248.978041] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 248.985509] Control: 10c5387d Table: c8e5806a DAC: 00000051 # [ 248.991560] Register r0 information: non-paged memory # [ 248.996822] Register r1 information: NULL pointer # [ 249.001876] Register r2 information: NULL pointer # [ 249.006829] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 249.020507] copy_process+0x1f4/0x1f64 # [ 249.024765] kernel_clone+0xac/0x388 # [ 249.028921] sys_clone+0x78/0x9c # [ 249.032674] ret_fast_syscall+0x0/0x1c # [ 249.036924] Free path: # [ 249.039655] rcu_core+0x2dc/0xb14 # [ 249.043508] handle_softirqs+0x15c/0x430 # [ 249.047966] irq_exit+0xac/0xd4 # [ 249.051616] call_with_stack+0x18/0x20 # [ 249.055872] __irq_svc+0x9c/0xb8 # [ 249.059720] schedule+0x28/0x150 # [ 249.063474] futex_wait_queue+0x80/0x9c # [ 249.067833] __futex_wait+0xa0/0x10c # [ 249.071888] futex_wait+0x7c/0xf8 # [ 249.075740] do_futex+0xd8/0x18c # [ 249.079491] sys_futex_time32+0x90/0x16c # [ 249.083947] __sys_trace_return+0x0/0x10 # [ 249.088398] Register r4 information: non-paged memory # [ 249.093754] Register r5 information: non-paged memory # [ 249.099110] Register r6 information: non-paged memory # [ 249.104364] Register r7 information: non-paged memory # [ 249.109718] Register r8 information: vmalloc memory # [ 249.114874] Register r9 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 249.128640] copy_process+0x1f4/0x1f64 # [ 249.132904] kernel_clone+0xac/0x388 # [ 249.136963] sys_clone+0x78/0x9c # [ 249.140716] ret_fast_syscall+0x0/0x1c # [ 249.145067] Free path: # [ 249.147697] rcu_core+0x2dc/0xb14 # [ 249.151548] handle_softirqs+0x15c/0x430 # [ 249.156006] irq_exit+0xac/0xd4 # [ 249.159756] call_with_stack+0x18/0x20 # [ 249.164011] __irq_svc+0x9c/0xb8 # [ 249.167758] schedule+0x28/0x150 # [ 249.171510] futex_wait_queue+0x80/0x9c # [ 249.175869] __futex_wait+0xa0/0x10c # [ 249.180024] futex_wait+0x7c/0xf8 # [ 249.183777] do_futex+0xd8/0x18c # [ 249.187630] sys_futex_time32+0x90/0x16c # [ 249.192088] __sys_trace_return+0x0/0x10 # [ 249.196542] Register r10 information: non-slab/vmalloc memory # [ 249.202508] Register r11 information: 0-page vmalloc region starting at 0xf0f03000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 249.214825] Register r12 information: NULL pointer # [ 249.219881] Process cat (pid: 4619, stack limit = 0xf282c000) # [ 249.225938] Stack: (0xf282de20 to 0xf282e000) # [ 249.230596] de20: c1e89f20 c1e89f20 c1e89f20 fffffe44 00000020 c03ca1b0 f282de5c c06215d4 # [ 249.239071] de40: 00000020 c16c554c f282de5c 00000020 b6f96000 f282dffc 00000000 00000001 # [ 249.247545] de60: c5205040 c0df8f90 00000022 00000000 f282dffc 73696854 20736920 65742061 # [ 249.256021] de80: 0a2e7473 69685400 73692073 74206120 2e747365 7a785f12 f282debc 00000016 # [ 249.264501] dea0: c8d41000 00000000 f282df80 c2688148 f282df80 c52cfcc0 004efe38 c0df61c8 # [ 249.272988] dec0: 00000016 c0df65ac c0df6490 c5443040 b6e38000 00000016 c3824260 c08910e8 # [ 249.281476] dee0: c5443040 c089108c f282df80 b6e38000 c5205040 00000016 c52cfcc0 c0628870 # [ 249.289962] df00: c8e5adb8 00000000 00000000 00000000 00000000 00000016 b6e38000 0001ffea # [ 249.298448] df20: 00000001 00000000 c5443c40 00000000 00000000 00000000 00000000 00000000 # [ 249.306929] df40: 00000000 00000000 00000000 00000000 00000022 7a785f12 00000000 c5443040 # [ 249.315412] df60: c5443040 00000000 00000000 c03002f0 c5205040 00000004 004efe38 c0628dcc # [ 249.323894] df80: 00000000 00000000 00000000 7a785f12 000000c0 00000016 00000016 7ff00000 # [ 249.332274] dfa0: 00000004 c03000c0 00000016 00000016 00000001 b6e38000 00000016 00000001 # [ 249.340751] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 # [ 249.349227] dfe0: 00000004 be90d788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 249.357693] Call trace: # [ 249.357709] usercopy_abort from __check_object_size+0x164/0x310 # [ 249.366828] __check_object_size from do_usercopy_stack+0x358/0x380 # [ 249.373415] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 249.379388] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 249.385157] direct_entry from full_proxy_write+0x5c/0x8c # [ 249.390827] full_proxy_write from vfs_write+0xbc/0x3cc # [ 249.396403] vfs_write from ksys_write+0x78/0xf8 # [ 249.401280] ksys_write from ret_fast_syscall+0x0/0x1c # [ 249.406652] Exception stack(0xf282dfa8 to 0xf282dff0) # [ 249.412010] dfa0: 00000016 00000016 00000001 b6e38000 00000016 00000001 # [ 249.420484] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 # [ 249.428954] dfe0: 00000004 be90d788 b6efe33b b6e77616 # [ 249.434313] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) # [ 249.440670] ---[ end trace 0000000000000000 ]--- # [ 249.445519] note: cat[4619] exited with irqs disabled # USERCOPY_STACK_BEYOND: saw 'call trace:': ok ok 75 selftests: lkdtm: USERCOPY_STACK_BEYOND.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_KERNEL.sh <6>[ 251.398450] lkdtm: Performing direct entry USERCOPY_KERNEL <6>[ 251.403112] lkdtm: attempting good copy_to_user from kernel rodata: c19711ac <6>[ 251.410934] lkdtm: attempting bad copy_to_user from kernel text: c059d520 <0>[ 251.417351] usercopy: Kernel memory exposure attempt detected from kernel text (offset 2741536, size 4096)! <4>[ 251.427458] ------------[ cut here ]------------ <2>[ 251.432235] kernel BUG at mm/usercopy.c:102! <0>[ 251.436796] Internal error: Oops - BUG: 0 [#25] SMP ARM <4>[ 251.442265] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 251.480390] CPU: 1 UID: 0 PID: 4705 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 251.489992] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 251.495243] Hardware name: STM32 (Device Tree Support) <4>[ 251.500593] PC is at usercopy_abort+0x98/0x9c <4>[ 251.505266] LR is at usercopy_abort+0x98/0x9c <4>[ 251.509921] pc : [] lr : [] psr: 60080013 <4>[ 251.516479] sp : f28a5e60 ip : 00000000 fp : 0050fe38 <4>[ 251.521932] r10: c52cfcc0 r9 : f28a5f80 r8 : c059e520 <4>[ 251.527483] r7 : 00000001 r6 : 00001000 r5 : 00001000 r4 : 0029d520 <4>[ 251.534242] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000005f <4>[ 251.541103] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 251.548570] Control: 10c5387d Table: c57f006a DAC: 00000051 <1>[ 251.554522] Register r0 information: non-paged memory <1>[ 251.559886] Register r1 information: NULL pointer <1>[ 251.564840] Register r2 information: NULL pointer <1>[ 251.569893] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 251.583571] copy_process+0x1f4/0x1f64 <6>[ 251.587829] kernel_clone+0xac/0x388 <6>[ 251.591986] sys_clone+0x78/0x9c <6>[ 251.595743] ret_fast_syscall+0x0/0x1c <4>[ 251.599999] Free path: <6>[ 251.602729] rcu_core+0x2dc/0xb14 <6>[ 251.606584] handle_softirqs+0x15c/0x430 <6>[ 251.611043] irq_exit+0xac/0xd4 <6>[ 251.614694] call_with_stack+0x18/0x20 <6>[ 251.618951] __irq_svc+0x9c/0xb8 <6>[ 251.622699] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 251.628057] ___slab_alloc+0x778/0xd7c <6>[ 251.632319] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 251.637482] vm_area_dup+0x24/0x104 <6>[ 251.641537] copy_process+0x1968/0x1f64 <6>[ 251.645893] kernel_clone+0xac/0x388 <6>[ 251.649948] sys_clone+0x78/0x9c <6>[ 251.653701] ret_fast_syscall+0x0/0x1c <1>[ 251.658051] Register r4 information: non-paged memory <1>[ 251.663310] Register r5 information: non-paged memory <1>[ 251.668670] Register r6 information: non-paged memory <1>[ 251.674026] Register r7 information: non-paged memory <1>[ 251.679382] Register r8 information: non-slab/vmalloc memory <1>[ 251.685244] Register r9 information: 2-page vmalloc region starting at 0xf28a4000 allocated at kernel_clone+0xac/0x388 <1>[ 251.696257] Register r10 information: slab kmalloc-192 start c52cfc80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 251.710224] full_proxy_open+0x124/0x24c <6>[ 251.714676] do_dentry_open+0x144/0x4dc <6>[ 251.719033] vfs_open+0x2c/0xec <6>[ 251.722684] path_openat+0x748/0x1198 <6>[ 251.726836] do_filp_open+0x98/0x134 <6>[ 251.730987] do_sys_openat2+0xbc/0xe4 <6>[ 251.735141] sys_openat+0x98/0xd4 <6>[ 251.738993] ret_fast_syscall+0x0/0x1c <4>[ 251.743343] Free path: <6>[ 251.745973] nfs_pgio_header_free+0x34/0x48 <6>[ 251.750733] nfs_write_completion+0x60/0x240 <6>[ 251.755485] rpc_free_task+0x34/0x54 <6>[ 251.759640] rpc_async_release+0x24/0x40 <6>[ 251.764096] process_one_work+0x1b8/0x450 <6>[ 251.768666] worker_thread+0x1d4/0x3c4 <6>[ 251.772933] kthread+0xe8/0x104 <6>[ 251.776597] ret_from_fork+0x14/0x28 <1>[ 251.780659] Register r11 information: non-paged memory <1>[ 251.786134] Register r12 information: NULL pointer <0>[ 251.791204] Process cat (pid: 4705, stack limit = 0xf28a4000) <0>[ 251.797172] Stack: (0xf28a5e60 to 0xf28a6000) <0>[ 251.801838] 5e60: c1e89f20 c1e89f20 c1e89f20 0029d520 00001000 c0317008 c059d520 c0621764 <0>[ 251.810323] 5e80: 00001000 c16c554c f28a5e9c b6fd3000 00001000 00000011 f28a5f80 c2688160 <0>[ 251.818805] 5ea0: f28a5f80 c0df81d0 00000022 00000000 00000010 c8bff000 00000000 c0df61c8 <0>[ 251.827282] 5ec0: 00000010 c0df65ac c0df6490 c853e040 b6e74000 00000010 c3824260 c08910e8 <0>[ 251.835758] 5ee0: c853e040 c089108c f28a5f80 b6e74000 c5205040 00000010 c52cfcc0 c0628870 <0>[ 251.844233] 5f00: c57f2db8 00000000 00000000 00000000 00000000 00000010 b6e74000 0001fff0 <0>[ 251.852708] 5f20: 00000001 00000000 c853e540 00000000 00000000 00000000 00000000 00000000 <0>[ 251.861185] 5f40: 00000000 00000000 00000000 00000000 00000022 48af8a22 00000000 c853e040 <0>[ 251.869659] 5f60: c853e040 00000000 00000000 c03002f0 c5205040 00000004 0050fe38 c0628dcc <0>[ 251.878135] 5f80: 00000000 00000000 00000000 48af8a22 000000c0 00000010 00000010 7ff00000 <0>[ 251.886609] 5fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e74000 00000010 00000001 <0>[ 251.895084] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e74000 00020000 0050fe38 <0>[ 251.903557] 5fe0: 00000004 befd7788 b6f3a33b b6eb3616 60080030 00000001 00000000 00000000 <0>[ 251.912022] Call trace: <0>[ 251.912037] usercopy_abort from __check_object_size+0x2f4/0x310 <0>[ 251.921152] __check_object_size from lkdtm_USERCOPY_KERNEL+0x15c/0x1f8 <0>[ 251.928037] lkdtm_USERCOPY_KERNEL from lkdtm_do_action+0x24/0x4c <0>[ 251.934411] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 251.940179] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 251.945851] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 251.951333] vfs_write from ksys_write+0x78/0xf8 <0>[ 251.956211] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 251.961684] Exception stack(0xf28a5fa8 to 0xf28a5ff0) <0>[ 251.967043] 5fa0: 00000010 00000010 00000001 b6e74000 00000010 00000001 <0>[ 251.975519] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e74000 00020000 0050fe38 <0>[ 251.983989] 5fe0: 00000004 befd7788 b6f3a33b b6eb3616 <0>[ 251.989249] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) <4>[ 251.995708] ---[ end trace 0000000000000000 ]--- <6>[ 252.000558] note: cat[4705] exited with irqs disabled # Segmentation fault # [ 251.398450] lkdtm: Performing direct entry USERCOPY_KERNEL # [ 251.403112] lkdtm: attempting good copy_to_user from kernel rodata: c19711ac # [ 251.410934] lkdtm: attempting bad copy_to_user from kernel text: c059d520 # [ 251.417351] usercopy: Kernel memory exposure attempt detected from kernel text (offset 2741536, size 4096)! # [ 251.427458] ------------[ cut here ]------------ # [ 251.432235] kernel BUG at mm/usercopy.c:102! # [ 251.436796] Internal error: Oops - BUG: 0 [#25] SMP ARM # [ 251.442265] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 251.480390] CPU: 1 UID: 0 PID: 4705 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 251.489992] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 251.495243] Hardware name: STM32 (Device Tree Support) # [ 251.500593] PC is at usercopy_abort+0x98/0x9c # [ 251.505266] LR is at usercopy_abort+0x98/0x9c # [ 251.509921] pc : [] lr : [] psr: 60080013 # [ 251.516479] sp : f28a5e60 ip : 00000000 fp : 0050fe38 # [ 251.521932] r10: c52cfcc0 r9 : f28a5f80 r8 : c059e520 # [ 251.527483] r7 : 00000001 r6 : 00001000 r5 : 00001000 r4 : 0029d520 # [ 251.534242] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : 0000005f # [ 251.541103] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 251.548570] Control: 10c5387d Table: c57f006a DAC: 00000051 # [ 251.554522] Register r0 information: non-paged memory # [ 251.559886] Register r1 information: NULL pointer # [ 251.564840] Register r2 information: NULL pointer # [ 251.569893] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 251.583571] copy_process+0x1f4/0x1f64 # [ 251.587829] kernel_clone+0xac/0x388 # [ 251.591986] sys_clone+0x78/0x9c # [ 251.595743] ret_fast_syscall+0x0/0x1c # [ 251.599999] Free path: # [ 251.602729] rcu_core+0x2dc/0xb14 # [ 251.606584] handle_softirqs+0x15c/0x430 # [ 251.611043] irq_exit+0xac/0xd4 # [ 251.614694] call_with_stack+0x18/0x20 # [ 251.618951] __irq_svc+0x9c/0xb8 # [ 251.622699] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 251.628057] ___slab_alloc+0x778/0xd7c # [ 251.632319] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 251.637482] vm_area_dup+0x24/0x104 # [ 251.641537] copy_process+0x1968/0x1f64 # [ 251.645893] kernel_clone+0xac/0x388 # [ 251.649948] sys_clone+0x78/0x9c # [ 251.653701] ret_fast_syscall+0x0/0x1c # [ 251.658051] Register r4 information: non-paged memory # [ 251.663310] Register r5 information: non-paged memory # [ 251.668670] Register r6 information: non-paged memory # [ 251.674026] Register r7 information: non-paged memory # [ 251.679382] Register r8 information: non-slab/vmalloc memory # [ 251.685244] Register r9 information: 2-page vmalloc region starting at 0xf28a4000 allocated at kernel_clone+0xac/0x388 # [ 251.696257] Register r10 information: slab kmalloc-192 start c52cfc80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 251.710224] full_proxy_open+0x124/0x24c # [ 251.714676] do_dentry_open+0x144/0x4dc # [ 251.719033] vfs_open+0x2c/0xec # [ 251.722684] path_openat+0x748/0x1198 # [ 251.726836] do_filp_open+0x98/0x134 # [ 251.730987] do_sys_openat2+0xbc/0xe4 # [ 251.735141] sys_openat+0x98/0xd4 # [ 251.738993] ret_fast_syscall+0x0/0x1c # [ 251.743343] Free path: # [ 251.745973] nfs_pgio_header_free+0x34/0x48 # [ 251.750733] nfs_write_completion+0x60/0x240 # [ 251.755485] rpc_free_task+0x34/0x54 # [ 251.759640] rpc_async_release+0x24/0x40 # [ 251.764096] process_one_work+0x1b8/0x450 # [ 251.768666] worker_thread+0x1d4/0x3c4 # [ 251.772933] kthread+0xe8/0x104 # [ 251.776597] ret_from_fork+0x14/0x28 # [ 251.780659] Register r11 information: non-paged memory # [ 251.786134] Register r12 information: NULL pointer # [ 251.791204] Process cat (pid: 4705, stack limit = 0xf28a4000) # [ 251.797172] Stack: (0xf28a5e60 to 0xf28a6000) # [ 251.801838] 5e60: c1e89f20 c1e89f20 c1e89f20 0029d520 00001000 c0317008 c059d520 c0621764 # [ 251.810323] 5e80: 00001000 c16c554c f28a5e9c b6fd3000 00001000 00000011 f28a5f80 c2688160 # [ 251.818805] 5ea0: f28a5f80 c0df81d0 00000022 00000000 00000010 c8bff000 00000000 c0df61c8 # [ 251.827282] 5ec0: 00000010 c0df65ac c0df6490 c853e040 b6e74000 00000010 c3824260 c08910e8 # [ 251.835758] 5ee0: c853e040 c089108c f28a5f80 b6e74000 c5205040 00000010 c52cfcc0 c0628870 # [ 251.844233] 5f00: c57f2db8 00000000 00000000 00000000 00000000 00000010 b6e74000 0001fff0 # [ 251.852708] 5f20: 00000001 00000000 c853e540 00000000 00000000 00000000 00000000 00000000 # [ 251.861185] 5f40: 00000000 00000000 00000000 00000000 00000022 48af8a22 00000000 c853e040 # [ 251.869659] 5f60: c853e040 00000000 00000000 c03002f0 c5205040 00000004 0050fe38 c0628dcc # [ 251.878135] 5f80: 00000000 00000000 00000000 48af8a22 000000c0 00000010 00000010 7ff00000 # [ 251.886609] 5fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e74000 00000010 00000001 # [ 251.895084] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e74000 00020000 0050fe38 # [ 251.903557] 5fe0: 00000004 befd7788 b6f3a33b b6eb3616 60080030 00000001 00000000 00000000 # [ 251.912022] Call trace: # [ 251.912037] usercopy_abort from __check_object_size+0x2f4/0x310 # [ 251.921152] __check_object_size from lkdtm_USERCOPY_KERNEL+0x15c/0x1f8 # [ 251.928037] lkdtm_USERCOPY_KERNEL from lkdtm_do_action+0x24/0x4c # [ 251.934411] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 251.940179] direct_entry from full_proxy_write+0x5c/0x8c # [ 251.945851] full_proxy_write from vfs_write+0xbc/0x3cc # [ 251.951333] vfs_write from ksys_write+0x78/0xf8 # [ 251.956211] ksys_write from ret_fast_syscall+0x0/0x1c # [ 251.961684] Exception stack(0xf28a5fa8 to 0xf28a5ff0) # [ 251.967043] 5fa0: 00000010 00000010 00000001 b6e74000 00000010 00000001 # [ 251.975519] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e74000 00020000 0050fe38 # [ 251.983989] 5fe0: 00000004 befd7788 b6f3a33b b6eb3616 # [ 251.989249] Code: e98d4001 e3070f40 e34c01ea ebfff35d (e7f001f2) # [ 251.995708] ---[ end trace 0000000000000000 ]--- # [ 252.000558] note: cat[4705] exited with irqs disabled # USERCOPY_KERNEL: saw 'call trace:': ok ok 76 selftests: lkdtm: USERCOPY_KERNEL.sh # timeout set to 45 # selftests: lkdtm: STACKLEAK_ERASING.sh <6>[ 253.958444] lkdtm: Performing direct entry STACKLEAK_ERASING <3>[ 253.963685] lkdtm: XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n) # [ 253.958444] lkdtm: Performing direct entry STACKLEAK_ERASING # [ 253.963685] lkdtm: XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n) # STACKLEAK_ERASING: saw 'XFAIL': [SKIP] ok 77 selftests: lkdtm: STACKLEAK_ERASING.sh # SKIP # timeout set to 45 # selftests: lkdtm: CFI_FORWARD_PROTO.sh <6>[ 255.416922] lkdtm: Performing direct entry CFI_FORWARD_PROTO <6>[ 255.421663] lkdtm: Calling matched prototype ... <6>[ 255.426482] lkdtm: Calling mismatched prototype ... <3>[ 255.431997] lkdtm: FAIL: survived mismatched prototype function call! <4>[ 255.438349] lkdtm: This is probably expected, since this kernel (6.12.0-rc1-next-20241004 armv7l) was built *without* CONFIG_CFI_CLANG=y # [ 255.416922] lkdtm: Performing direct entry CFI_FORWARD_PROTO # [ 255.421663] lkdtm: Calling matched prototype ... # [ 255.426482] lkdtm: Calling mismatched prototype ... # [ 255.431997] lkdtm: FAIL: survived mismatched prototype function call! # [ 255.438349] lkdtm: This is probably expected, since this kernel (6.12.0-rc1-next-20241004 armv7l) was built *without* CONFIG_CFI_CLANG=y # CFI_FORWARD_PROTO: missing 'call trace:': [FAIL] not ok 78 selftests: lkdtm: CFI_FORWARD_PROTO.sh # exit=1 # timeout set to 45 # selftests: lkdtm: CFI_BACKWARD.sh <6>[ 256.953088] lkdtm: Performing direct entry CFI_BACKWARD <6>[ 256.957332] lkdtm: Attempting unchecked stack return address redirection ... <4>[ 256.964680] lkdtm: Eek: return address mismatch! 0000000d != c16d55d8 <3>[ 256.971364] lkdtm: FAIL: stack return address manipulation failed! # [ 256.953088] lkdtm: Performing direct entry CFI_BACKWARD # [ 256.957332] lkdtm: Attempting unchecked stack return address redirection ... # [ 256.964680] lkdtm: Eek: return address mismatch! 0000000d != c16d55d8 # [ 256.971364] lkdtm: FAIL: stack return address manipulation failed! # CFI_BACKWARD: missing 'call trace:|ok: control flow unchanged': [FAIL] not ok 79 selftests: lkdtm: CFI_BACKWARD.sh # exit=1 # timeout set to 45 # selftests: lkdtm: FORTIFY_STRSCPY.sh <6>[ 258.492058] lkdtm: Performing direct entry FORTIFY_STRSCPY <4>[ 258.496633] ------------[ cut here ]------------ <4>[ 258.501459] WARNING: CPU: 1 PID: 4927 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 258.510626] strnlen: detected buffer overflow: 6 byte read of buffer size 5 <4>[ 258.517470] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 258.555626] CPU: 1 UID: 0 PID: 4927 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 258.565139] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 258.570388] Hardware name: STM32 (Device Tree Support) <4>[ 258.575738] Call trace: <4>[ 258.575754] unwind_backtrace from show_stack+0x18/0x1c <4>[ 258.584060] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 258.589429] dump_stack_lvl from __warn+0x84/0x134 <4>[ 258.594507] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 258.599887] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 258.605976] __fortify_report from __fortify_panic+0x8/0xc <4>[ 258.611757] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <4>[ 258.618343] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c <4>[ 258.624722] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 258.630491] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 258.636161] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 258.641637] vfs_write from ksys_write+0x78/0xf8 <4>[ 258.646514] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 258.651986] Exception stack(0xf2a01fa8 to 0xf2a01ff0) <4>[ 258.657247] 1fa0: 00000010 00000010 00000001 b6e54000 00000010 00000001 <4>[ 258.665723] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 <4>[ 258.674194] 1fe0: 00000004 becac788 b6f1a33b b6e93616 <4>[ 258.679639] ---[ end trace 0000000000000000 ]--- <4>[ 258.684506] ------------[ cut here ]------------ <2>[ 258.689372] kernel BUG at lib/string_helpers.c:1040! <0>[ 258.694532] Internal error: Oops - BUG: 0 [#26] SMP ARM <4>[ 258.700104] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 258.738225] CPU: 1 UID: 0 PID: 4927 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 258.747836] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 258.752994] Hardware name: STM32 (Device Tree Support) <4>[ 258.758454] PC is at __fortify_panic+0x8/0xc <4>[ 258.762939] LR is at __fortify_report+0x8c/0xd4 <4>[ 258.767821] pc : [] lr : [] psr: 60080013 <4>[ 258.774291] sp : f2a01e88 ip : 00000000 fp : 0041fe38 <4>[ 258.779853] r10: c5649540 r9 : f2a01f80 r8 : c26881d4 <4>[ 258.785313] r7 : f2a01f80 r6 : 00000000 r5 : 00000000 r4 : c53e1580 <4>[ 258.792181] r3 : c8c81e40 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 <4>[ 258.798952] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 258.806425] Control: 10c5387d Table: c881c06a DAC: 00000051 <1>[ 258.812380] Register r0 information: non-slab/vmalloc memory <1>[ 258.818352] Register r1 information: NULL pointer <1>[ 258.823309] Register r2 information: NULL pointer <1>[ 258.828363] Register r3 information: slab task_struct start c8c81e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 258.842048] copy_process+0x1f4/0x1f64 <6>[ 258.846306] kernel_clone+0xac/0x388 <6>[ 258.850463] sys_clone+0x78/0x9c <6>[ 258.854217] ret_fast_syscall+0x0/0x1c <4>[ 258.858469] Free path: <6>[ 258.861199] rcu_core+0x2dc/0xb14 <6>[ 258.865052] handle_softirqs+0x15c/0x430 <6>[ 258.869510] irq_exit+0xac/0xd4 <6>[ 258.873160] call_with_stack+0x18/0x20 <6>[ 258.877416] __irq_svc+0x9c/0xb8 <6>[ 258.881164] rpc_make_runnable+0x34/0x94 <6>[ 258.885622] rpc_execute+0x84/0x14c <6>[ 258.889676] rpc_run_task+0x170/0x1b8 <6>[ 258.893831] rpc_call_sync+0x60/0x10c <6>[ 258.898085] nfs3_rpc_wrapper+0x30/0x70 <6>[ 258.902443] nfs3_proc_getattr+0x60/0x88 <6>[ 258.906901] __nfs_revalidate_inode+0xc0/0x29c <6>[ 258.911863] nfs_lookup_verify_inode+0x94/0xbc <6>[ 258.916829] nfs_do_lookup_revalidate+0x1a8/0x2a4 <6>[ 258.922096] __nfs_lookup_revalidate+0x9c/0x138 <6>[ 258.927159] lookup_fast+0x124/0x138 <1>[ 258.931212] Register r4 information: slab kmalloc-64 start c53e1540 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STRSCPY+0x60/0x2fc <6>[ 258.945289] kstrdup+0x38/0x5c <6>[ 258.948841] lkdtm_FORTIFY_STRSCPY+0x60/0x2fc <6>[ 258.953798] lkdtm_do_action+0x24/0x4c <6>[ 258.958048] direct_entry+0x11c/0x140 <6>[ 258.962298] full_proxy_write+0x5c/0x8c <6>[ 258.966649] vfs_write+0xbc/0x3cc <6>[ 258.970506] ksys_write+0x78/0xf8 <6>[ 258.974361] ret_fast_syscall+0x0/0x1c <4>[ 258.978611] Free path: <6>[ 258.981341] load_elf_binary+0xf14/0x1374 <6>[ 258.985799] bprm_execve+0x20c/0x5a4 <6>[ 258.989954] do_execveat_common+0x15c/0x1b4 <6>[ 258.994713] sys_execve+0x38/0x40 <6>[ 258.998565] ret_fast_syscall+0x0/0x1c <1>[ 259.002814] Register r5 information: NULL pointer <1>[ 259.007771] Register r6 information: NULL pointer <1>[ 259.012724] Register r7 information: 2-page vmalloc region starting at 0xf2a00000 allocated at kernel_clone+0xac/0x388 <1>[ 259.023737] Register r8 information: non-slab/vmalloc memory <1>[ 259.029699] Register r9 information: 2-page vmalloc region starting at 0xf2a00000 allocated at kernel_clone+0xac/0x388 <1>[ 259.040708] Register r10 information: slab kmalloc-192 start c5649500 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 259.054569] full_proxy_open+0x124/0x24c <6>[ 259.059019] do_dentry_open+0x144/0x4dc <6>[ 259.063474] vfs_open+0x2c/0xec <6>[ 259.067125] path_openat+0x748/0x1198 <6>[ 259.071277] do_filp_open+0x98/0x134 <6>[ 259.075426] do_sys_openat2+0xbc/0xe4 <6>[ 259.079581] sys_openat+0x98/0xd4 <6>[ 259.083433] ret_fast_syscall+0x0/0x1c <4>[ 259.087682] Free path: <6>[ 259.090413] nfs_pgio_header_free+0x34/0x48 <6>[ 259.095172] nfs_write_completion+0x60/0x240 <6>[ 259.099924] rpc_free_task+0x34/0x54 <6>[ 259.104079] rpc_async_release+0x24/0x40 <6>[ 259.108532] process_one_work+0x1b8/0x450 <6>[ 259.113088] worker_thread+0x1d4/0x3c4 <6>[ 259.117340] kthread+0xe8/0x104 <6>[ 259.120988] ret_from_fork+0x14/0x28 <1>[ 259.125137] Register r11 information: non-paged memory <1>[ 259.130493] Register r12 information: NULL pointer <0>[ 259.135547] Process cat (pid: 4927, stack limit = 0xf2a00000) <0>[ 259.141604] Stack: (0xf2a01e88 to 0xf2a02000) <0>[ 259.146260] 1e80: c53e1580 c0df92d4 0041fe38 683ca1b0 6f6c6c65 00000021 <0>[ 259.154734] 1ea0: 6f6f6600 00000000 00000000 1914eeb1 f2a01f80 00000010 c8a28000 c0df61c8 <0>[ 259.163208] 1ec0: 00000010 c0df65ac c0df6490 c5443540 b6e54000 00000010 c3824260 c08910e8 <0>[ 259.171684] 1ee0: c5443540 c089108c f2a01f80 b6e54000 c8c81e40 00000010 c5649540 c0628870 <0>[ 259.180159] 1f00: c881edb8 00000000 00000000 00000000 00000000 00000010 b6e54000 0001fff0 <0>[ 259.188632] 1f20: 00000001 00000000 c5443c40 00000000 00000000 00000000 00000000 00000000 <0>[ 259.197106] 1f40: 00000000 00000000 00000000 00000000 00000022 1914eeb1 00000000 c5443540 <0>[ 259.205580] 1f60: c5443540 00000000 00000000 c03002f0 c8c81e40 00000004 0041fe38 c0628dcc <0>[ 259.214055] 1f80: 00000000 00000000 00000000 1914eeb1 000000c0 00000010 00000010 7ff00000 <0>[ 259.222528] 1fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e54000 00000010 00000001 <0>[ 259.231003] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 <0>[ 259.239477] 1fe0: 00000004 becac788 b6f1a33b b6e93616 60080030 00000001 00000000 00000000 <0>[ 259.247941] Call trace: <0>[ 259.247957] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <0>[ 259.257272] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c <0>[ 259.263650] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 259.269419] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 259.275089] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 259.280670] vfs_write from ksys_write+0x78/0xf8 <0>[ 259.285549] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 259.290923] Exception stack(0xf2a01fa8 to 0xf2a01ff0) <0>[ 259.296286] 1fa0: 00000010 00000010 00000001 b6e54000 00000010 00000001 <0>[ 259.304764] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 <0>[ 259.313237] 1fe0: 00000004 becac788 b6f1a33b b6e93616 <0>[ 259.318498] Code: e8bd47f0 eac9890b e92d4010 ebca234d (e7f001f2) <4>[ 259.324957] ---[ end trace 0000000000000000 ]--- <6>[ 259.329806] note: cat[4927] exited with irqs disabled # Segmentation fault # [ 258.492058] lkdtm: Performing direct entry FORTIFY_STRSCPY # [ 258.496633] ------------[ cut here ]------------ # [ 258.501459] WARNING: CPU: 1 PID: 4927 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 258.510626] strnlen: detected buffer overflow: 6 byte read of buffer size 5 # [ 258.517470] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 258.555626] CPU: 1 UID: 0 PID: 4927 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 258.565139] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 258.570388] Hardware name: STM32 (Device Tree Support) # [ 258.575738] Call trace: # [ 258.575754] unwind_backtrace from show_stack+0x18/0x1c # [ 258.584060] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 258.589429] dump_stack_lvl from __warn+0x84/0x134 # [ 258.594507] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 258.599887] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 258.605976] __fortify_report from __fortify_panic+0x8/0xc # [ 258.611757] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 258.618343] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c # [ 258.624722] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 258.630491] direct_entry from full_proxy_write+0x5c/0x8c # [ 258.636161] full_proxy_write from vfs_write+0xbc/0x3cc # [ 258.641637] vfs_write from ksys_write+0x78/0xf8 # [ 258.646514] ksys_write from ret_fast_syscall+0x0/0x1c # [ 258.651986] Exception stack(0xf2a01fa8 to 0xf2a01ff0) # [ 258.657247] 1fa0: 00000010 00000010 00000001 b6e54000 00000010 00000001 # [ 258.665723] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 # [ 258.674194] 1fe0: 00000004 becac788 b6f1a33b b6e93616 # [ 258.679639] ---[ end trace 0000000000000000 ]--- # [ 258.684506] ------------[ cut here ]------------ # [ 258.689372] kernel BUG at lib/string_helpers.c:1040! # [ 258.694532] Internal error: Oops - BUG: 0 [#26] SMP ARM # [ 258.700104] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 258.738225] CPU: 1 UID: 0 PID: 4927 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 258.747836] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 258.752994] Hardware name: STM32 (Device Tree Support) # [ 258.758454] PC is at __fortify_panic+0x8/0xc # [ 258.762939] LR is at __fortify_report+0x8c/0xd4 # [ 258.767821] pc : [] lr : [] psr: 60080013 # [ 258.774291] sp : f2a01e88 ip : 00000000 fp : 0041fe38 # [ 258.779853] r10: c5649540 r9 : f2a01f80 r8 : c26881d4 # [ 258.785313] r7 : f2a01f80 r6 : 00000000 r5 : 00000000 r4 : c53e1580 # [ 258.792181] r3 : c8c81e40 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 # [ 258.798952] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 258.806425] Control: 10c5387d Table: c881c06a DAC: 00000051 # [ 258.812380] Register r0 information: non-slab/vmalloc memory # [ 258.818352] Register r1 information: NULL pointer # [ 258.823309] Register r2 information: NULL pointer # [ 258.828363] Register r3 information: slab task_struct start c8c81e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 258.842048] copy_process+0x1f4/0x1f64 # [ 258.846306] kernel_clone+0xac/0x388 # [ 258.850463] sys_clone+0x78/0x9c # [ 258.854217] ret_fast_syscall+0x0/0x1c # [ 258.858469] Free path: # [ 258.861199] rcu_core+0x2dc/0xb14 # [ 258.865052] handle_softirqs+0x15c/0x430 # [ 258.869510] irq_exit+0xac/0xd4 # [ 258.873160] call_with_stack+0x18/0x20 # [ 258.877416] __irq_svc+0x9c/0xb8 # [ 258.881164] rpc_make_runnable+0x34/0x94 # [ 258.885622] rpc_execute+0x84/0x14c # [ 258.889676] rpc_run_task+0x170/0x1b8 # [ 258.893831] rpc_call_sync+0x60/0x10c # [ 258.898085] nfs3_rpc_wrapper+0x30/0x70 # [ 258.902443] nfs3_proc_getattr+0x60/0x88 # [ 258.906901] __nfs_revalidate_inode+0xc0/0x29c # [ 258.911863] nfs_lookup_verify_inode+0x94/0xbc # [ 258.916829] nfs_do_lookup_revalidate+0x1a8/0x2a4 # [ 258.922096] __nfs_lookup_revalidate+0x9c/0x138 # [ 258.927159] lookup_fast+0x124/0x138 # [ 258.931212] Register r4 information: slab kmalloc-64 start c53e1540 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STRSCPY+0x60/0x2fc # [ 258.945289] kstrdup+0x38/0x5c # [ 258.948841] lkdtm_FORTIFY_STRSCPY+0x60/0x2fc # [ 258.953798] lkdtm_do_action+0x24/0x4c # [ 258.958048] direct_entry+0x11c/0x140 # [ 258.962298] full_proxy_write+0x5c/0x8c # [ 258.966649] vfs_write+0xbc/0x3cc # [ 258.970506] ksys_write+0x78/0xf8 # [ 258.974361] ret_fast_syscall+0x0/0x1c # [ 258.978611] Free path: # [ 258.981341] load_elf_binary+0xf14/0x1374 # [ 258.985799] bprm_execve+0x20c/0x5a4 # [ 258.989954] do_execveat_common+0x15c/0x1b4 # [ 258.994713] sys_execve+0x38/0x40 # [ 258.998565] ret_fast_syscall+0x0/0x1c # [ 259.002814] Register r5 information: NULL pointer # [ 259.007771] Register r6 information: NULL pointer # [ 259.012724] Register r7 information: 2-page vmalloc region starting at 0xf2a00000 allocated at kernel_clone+0xac/0x388 # [ 259.023737] Register r8 information: non-slab/vmalloc memory # [ 259.029699] Register r9 information: 2-page vmalloc region starting at 0xf2a00000 allocated at kernel_clone+0xac/0x388 # [ 259.040708] Register r10 information: slab kmalloc-192 start c5649500 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 259.054569] full_proxy_open+0x124/0x24c # [ 259.059019] do_dentry_open+0x144/0x4dc # [ 259.063474] vfs_open+0x2c/0xec # [ 259.067125] path_openat+0x748/0x1198 # [ 259.071277] do_filp_open+0x98/0x134 # [ 259.075426] do_sys_openat2+0xbc/0xe4 # [ 259.079581] sys_openat+0x98/0xd4 # [ 259.083433] ret_fast_syscall+0x0/0x1c # [ 259.087682] Free path: # [ 259.090413] nfs_pgio_header_free+0x34/0x48 # [ 259.095172] nfs_write_completion+0x60/0x240 # [ 259.099924] rpc_free_task+0x34/0x54 # [ 259.104079] rpc_async_release+0x24/0x40 # [ 259.108532] process_one_work+0x1b8/0x450 # [ 259.113088] worker_thread+0x1d4/0x3c4 # [ 259.117340] kthread+0xe8/0x104 # [ 259.120988] ret_from_fork+0x14/0x28 # [ 259.125137] Register r11 information: non-paged memory # [ 259.130493] Register r12 information: NULL pointer # [ 259.135547] Process cat (pid: 4927, stack limit = 0xf2a00000) # [ 259.141604] Stack: (0xf2a01e88 to 0xf2a02000) # [ 259.146260] 1e80: c53e1580 c0df92d4 0041fe38 683ca1b0 6f6c6c65 00000021 # [ 259.154734] 1ea0: 6f6f6600 00000000 00000000 1914eeb1 f2a01f80 00000010 c8a28000 c0df61c8 # [ 259.163208] 1ec0: 00000010 c0df65ac c0df6490 c5443540 b6e54000 00000010 c3824260 c08910e8 # [ 259.171684] 1ee0: c5443540 c089108c f2a01f80 b6e54000 c8c81e40 00000010 c5649540 c0628870 # [ 259.180159] 1f00: c881edb8 00000000 00000000 00000000 00000000 00000010 b6e54000 0001fff0 # [ 259.188632] 1f20: 00000001 00000000 c5443c40 00000000 00000000 00000000 00000000 00000000 # [ 259.197106] 1f40: 00000000 00000000 00000000 00000000 00000022 1914eeb1 00000000 c5443540 # [ 259.205580] 1f60: c5443540 00000000 00000000 c03002f0 c8c81e40 00000004 0041fe38 c0628dcc # [ 259.214055] 1f80: 00000000 00000000 00000000 1914eeb1 000000c0 00000010 00000010 7ff00000 # [ 259.222528] 1fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e54000 00000010 00000001 # [ 259.231003] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 # [ 259.239477] 1fe0: 00000004 becac788 b6f1a33b b6e93616 60080030 00000001 00000000 00000000 # [ 259.247941] Call trace: # [ 259.247957] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 259.257272] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c # [ 259.263650] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 259.269419] direct_entry from full_proxy_write+0x5c/0x8c # [ 259.275089] full_proxy_write from vfs_write+0xbc/0x3cc # [ 259.280670] vfs_write from ksys_write+0x78/0xf8 # [ 259.285549] ksys_write from ret_fast_syscall+0x0/0x1c # [ 259.290923] Exception stack(0xf2a01fa8 to 0xf2a01ff0) # [ 259.296286] 1fa0: 00000010 00000010 00000001 b6e54000 00000010 00000001 # [ 259.304764] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e54000 00020000 0041fe38 # [ 259.313237] 1fe0: 00000004 becac788 b6f1a33b b6e93616 # [ 259.318498] Code: e8bd47f0 eac9890b e92d4010 ebca234d (e7f001f2) # [ 259.324957] ---[ end trace 0000000000000000 ]--- # [ 259.329806] note: cat[4927] exited with irqs disabled # FORTIFY_STRSCPY: saw 'detected buffer overflow': ok ok 80 selftests: lkdtm: FORTIFY_STRSCPY.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_STR_OBJECT.sh <6>[ 261.443386] lkdtm: Performing direct entry FORTIFY_STR_OBJECT <6>[ 261.448190] lkdtm: trying to strcmp() past the end of a struct <4>[ 261.454244] ------------[ cut here ]------------ <4>[ 261.459127] WARNING: CPU: 0 PID: 5013 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 261.467901] strncpy: detected buffer overflow: 20 byte write of buffer size 10 <4>[ 261.475837] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 261.513792] CPU: 0 UID: 0 PID: 5013 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 261.523106] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 261.528357] Hardware name: STM32 (Device Tree Support) <4>[ 261.533707] Call trace: <4>[ 261.533722] unwind_backtrace from show_stack+0x18/0x1c <4>[ 261.542029] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 261.547400] dump_stack_lvl from __warn+0x84/0x134 <4>[ 261.552477] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 261.557858] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 261.563946] __fortify_report from __fortify_panic+0x8/0xc <4>[ 261.569727] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 <4>[ 261.576413] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c <4>[ 261.582994] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 261.588760] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 261.594529] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 261.600005] vfs_write from ksys_write+0x78/0xf8 <4>[ 261.604880] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 261.610252] Exception stack(0xf2a81fa8 to 0xf2a81ff0) <4>[ 261.615612] 1fa0: 00000013 00000013 00000001 b6d98000 00000013 00000001 <4>[ 261.624087] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6d98000 00020000 0044fe38 <4>[ 261.632557] 1fe0: 00000004 bee02788 b6e5e33b b6dd7616 <4>[ 261.638307] ---[ end trace 0000000000000000 ]--- <4>[ 261.642908] ------------[ cut here ]------------ <2>[ 261.647676] kernel BUG at lib/string_helpers.c:1040! <0>[ 261.652933] Internal error: Oops - BUG: 0 [#27] SMP ARM <4>[ 261.658405] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 261.696524] CPU: 0 UID: 0 PID: 5013 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 261.706129] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 261.711379] Hardware name: STM32 (Device Tree Support) <4>[ 261.716828] PC is at __fortify_panic+0x8/0xc <4>[ 261.721302] LR is at __fortify_report+0x8c/0xd4 <4>[ 261.726168] pc : [] lr : [] psr: 60080013 <4>[ 261.732725] sp : f2a81e78 ip : 00000000 fp : 0044fe38 <4>[ 261.738176] r10: c5649540 r9 : f2a81f80 r8 : c26881b4 <4>[ 261.743727] r7 : f2a81f80 r6 : 00000000 r5 : c8b72000 r4 : 00000013 <4>[ 261.750486] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : ef6a3484 <4>[ 261.757347] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 261.764814] Control: 10c5387d Table: c88c006a DAC: 00000051 <1>[ 261.770768] Register r0 information: non-slab/vmalloc memory <1>[ 261.776737] Register r1 information: NULL pointer <1>[ 261.781691] Register r2 information: NULL pointer <1>[ 261.786743] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 261.800418] copy_process+0x1f4/0x1f64 <6>[ 261.804675] kernel_clone+0xac/0x388 <6>[ 261.808830] sys_clone+0x78/0x9c <6>[ 261.812582] ret_fast_syscall+0x0/0x1c <4>[ 261.816834] Free path: <6>[ 261.819564] rcu_core+0x2dc/0xb14 <6>[ 261.823417] handle_softirqs+0x15c/0x430 <6>[ 261.827876] run_ksoftirqd+0x48/0x60 <6>[ 261.831931] smpboot_thread_fn+0xc0/0x15c <6>[ 261.836485] kthread+0xe8/0x104 <6>[ 261.840235] ret_from_fork+0x14/0x28 <1>[ 261.844285] Register r4 information: non-paged memory <1>[ 261.849642] Register r5 information: non-slab/vmalloc memory <1>[ 261.855604] Register r6 information: NULL pointer <1>[ 261.860556] Register r7 information: 2-page vmalloc region starting at 0xf2a80000 allocated at kernel_clone+0xac/0x388 <1>[ 261.871566] Register r8 information: non-slab/vmalloc memory <1>[ 261.877526] Register r9 information: 2-page vmalloc region starting at 0xf2a80000 allocated at kernel_clone+0xac/0x388 <1>[ 261.888532] Register r10 information: slab kmalloc-192 start c5649500 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 261.902393] full_proxy_open+0x124/0x24c <6>[ 261.906843] do_dentry_open+0x144/0x4dc <6>[ 261.911199] vfs_open+0x2c/0xec <6>[ 261.914849] path_openat+0x748/0x1198 <6>[ 261.919101] do_filp_open+0x98/0x134 <6>[ 261.923151] do_sys_openat2+0xbc/0xe4 <6>[ 261.927408] sys_openat+0x98/0xd4 <6>[ 261.931262] ret_fast_syscall+0x0/0x1c <4>[ 261.935512] Free path: <6>[ 261.938242] nfs_pgio_header_free+0x34/0x48 <6>[ 261.942902] nfs_write_completion+0x60/0x240 <6>[ 261.947754] rpc_free_task+0x34/0x54 <6>[ 261.951810] rpc_async_release+0x24/0x40 <6>[ 261.956263] process_one_work+0x1b8/0x450 <6>[ 261.960819] worker_thread+0x1d4/0x3c4 <6>[ 261.965171] kthread+0xe8/0x104 <6>[ 261.968818] ret_from_fork+0x14/0x28 <1>[ 261.972866] Register r11 information: non-paged memory <1>[ 261.978323] Register r12 information: NULL pointer <0>[ 261.983378] Process cat (pid: 5013, stack limit = 0xf2a80000) <0>[ 261.989434] Stack: (0xf2a81e78 to 0xf2a82000) <0>[ 261.994085] 1e60: 00000013 c16d57f0 <0>[ 262.002557] 1e80: 00000014 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 262.011031] 1ea0: 00000000 00000000 00000000 00000000 00000000 0b2985fc c1f9c948 c0df61c8 <0>[ 262.019505] 1ec0: 00000013 c0df65ac c0df6490 c5443740 b6d98000 00000013 c3824260 c08910e8 <0>[ 262.027980] 1ee0: c5443740 c089108c f2a81f80 b6d98000 c5200040 00000013 c5649540 c0628870 <0>[ 262.036455] 1f00: c88c2db0 00000000 00000000 00000000 00000000 00000013 b6d98000 0001ffed <0>[ 262.044928] 1f20: 00000001 00000000 c5443440 00000000 00000000 00000000 00000000 00000000 <0>[ 262.053402] 1f40: 00000000 00000000 00000000 00000000 00000022 0b2985fc 00000000 c5443740 <0>[ 262.061876] 1f60: c5443740 00000000 00000000 c03002f0 c5200040 00000004 0044fe38 c0628dcc <0>[ 262.070351] 1f80: 00000000 00000000 00000000 0b2985fc 000000c0 00000013 00000013 7ff00000 <0>[ 262.078825] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6d98000 00000013 00000001 <0>[ 262.087300] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6d98000 00020000 0044fe38 <0>[ 262.095774] 1fe0: 00000004 bee02788 b6e5e33b b6dd7616 60080030 00000001 00000000 00000000 <0>[ 262.104239] Call trace: <0>[ 262.104254] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 <0>[ 262.113669] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c <0>[ 262.120352] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 262.126119] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 262.131786] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 262.137261] vfs_write from ksys_write+0x78/0xf8 <0>[ 262.142137] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 262.147607] Exception stack(0xf2a81fa8 to 0xf2a81ff0) <0>[ 262.152864] 1fa0: 00000013 00000013 00000001 b6d98000 00000013 00000001 <0>[ 262.161339] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6d98000 00020000 0044fe38 <0>[ 262.169808] 1fe0: 00000004 bee02788 b6e5e33b b6dd7616 <0>[ 262.175167] Code: e8bd47f0 eac9890b e92d4010 ebca234d (e7f001f2) <4>[ 262.181524] ---[ end trace 0000000000000000 ]--- <6>[ 262.186471] note: cat[5013] exited with irqs disabled # Segmentation fault # [ 261.443386] lkdtm: Performing direct entry FORTIFY_STR_OBJECT # [ 261.448190] lkdtm: trying to strcmp() past the end of a struct # [ 261.454244] ------------[ cut here ]------------ # [ 261.459127] WARNING: CPU: 0 PID: 5013 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 261.467901] strncpy: detected buffer overflow: 20 byte write of buffer size 10 # [ 261.475837] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 261.513792] CPU: 0 UID: 0 PID: 5013 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 261.523106] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 261.528357] Hardware name: STM32 (Device Tree Support) # [ 261.533707] Call trace: # [ 261.533722] unwind_backtrace from show_stack+0x18/0x1c # [ 261.542029] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 261.547400] dump_stack_lvl from __warn+0x84/0x134 # [ 261.552477] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 261.557858] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 261.563946] __fortify_report from __fortify_panic+0x8/0xc # [ 261.569727] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 # [ 261.576413] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c # [ 261.582994] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 261.588760] direct_entry from full_proxy_write+0x5c/0x8c # [ 261.594529] full_proxy_write from vfs_write+0xbc/0x3cc # [ 261.600005] vfs_write from ksys_write+0x78/0xf8 # [ 261.604880] ksys_write from ret_fast_syscall+0x0/0x1c # [ 261.610252] Exception stack(0xf2a81fa8 to 0xf2a81ff0) # [ 261.615612] 1fa0: 00000013 00000013 00000001 b6d98000 00000013 00000001 # [ 261.624087] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6d98000 00020000 0044fe38 # [ 261.632557] 1fe0: 00000004 bee02788 b6e5e33b b6dd7616 # [ 261.638307] ---[ end trace 0000000000000000 ]--- # [ 261.642908] ------------[ cut here ]------------ # [ 261.647676] kernel BUG at lib/string_helpers.c:1040! # [ 261.652933] Internal error: Oops - BUG: 0 [#27] SMP ARM # [ 261.658405] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 261.696524] CPU: 0 UID: 0 PID: 5013 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 261.706129] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 261.711379] Hardware name: STM32 (Device Tree Support) # [ 261.716828] PC is at __fortify_panic+0x8/0xc # [ 261.721302] LR is at __fortify_report+0x8c/0xd4 # [ 261.726168] pc : [] lr : [] psr: 60080013 # [ 261.732725] sp : f2a81e78 ip : 00000000 fp : 0044fe38 # [ 261.738176] r10: c5649540 r9 : f2a81f80 r8 : c26881b4 # [ 261.743727] r7 : f2a81f80 r6 : 00000000 r5 : c8b72000 r4 : 00000013 # [ 261.750486] r3 : c5200040 r2 : 00000000 r1 : 00000000 r0 : ef6a3484 # [ 261.757347] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 261.764814] Control: 10c5387d Table: c88c006a DAC: 00000051 # [ 261.770768] Register r0 information: non-slab/vmalloc memory # [ 261.776737] Register r1 information: NULL pointer # [ 261.781691] Register r2 information: NULL pointer # [ 261.786743] Register r3 information: slab task_struct start c5200000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 261.800418] copy_process+0x1f4/0x1f64 # [ 261.804675] kernel_clone+0xac/0x388 # [ 261.808830] sys_clone+0x78/0x9c # [ 261.812582] ret_fast_syscall+0x0/0x1c # [ 261.816834] Free path: # [ 261.819564] rcu_core+0x2dc/0xb14 # [ 261.823417] handle_softirqs+0x15c/0x430 # [ 261.827876] run_ksoftirqd+0x48/0x60 # [ 261.831931] smpboot_thread_fn+0xc0/0x15c # [ 261.836485] kthread+0xe8/0x104 # [ 261.840235] ret_from_fork+0x14/0x28 # [ 261.844285] Register r4 information: non-paged memory # [ 261.849642] Register r5 information: non-slab/vmalloc memory # [ 261.855604] Register r6 information: NULL pointer # [ 261.860556] Register r7 information: 2-page vmalloc region starting at 0xf2a80000 allocated at kernel_clone+0xac/0x388 # [ 261.871566] Register r8 information: non-slab/vmalloc memory # [ 261.877526] Register r9 information: 2-page vmalloc region starting at 0xf2a80000 allocated at kernel_clone+0xac/0x388 # [ 261.888532] Register r10 information: slab kmalloc-192 start c5649500 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 261.902393] full_proxy_open+0x124/0x24c # [ 261.906843] do_dentry_open+0x144/0x4dc # [ 261.911199] vfs_open+0x2c/0xec # [ 261.914849] path_openat+0x748/0x1198 # [ 261.919101] do_filp_open+0x98/0x134 # [ 261.923151] do_sys_openat2+0xbc/0xe4 # [ 261.927408] sys_openat+0x98/0xd4 # [ 261.931262] ret_fast_syscall+0x0/0x1c # [ 261.935512] Free path: # [ 261.938242] nfs_pgio_header_free+0x34/0x48 # [ 261.942902] nfs_write_completion+0x60/0x240 # [ 261.947754] rpc_free_task+0x34/0x54 # [ 261.951810] rpc_async_release+0x24/0x40 # [ 261.956263] process_one_work+0x1b8/0x450 # [ 261.960819] worker_thread+0x1d4/0x3c4 # [ 261.965171] kthread+0xe8/0x104 # [ 261.968818] ret_from_fork+0x14/0x28 # [ 261.972866] Register r11 information: non-paged memory # [ 261.978323] Register r12 information: NULL pointer # [ 261.983378] Process cat (pid: 5013, stack limit = 0xf2a80000) # [ 261.989434] Stack: (0xf2a81e78 to 0xf2a82000) # [ 261.994085] 1e60: 00000013 c16d57f0 # [ 262.002557] 1e80: 00000014 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 262.011031] 1ea0: 00000000 00000000 00000000 00000000 00000000 0b2985fc c1f9c948 c0df61c8 # [ 262.019505] 1ec0: 00000013 c0df65ac c0df6490 c5443740 b6d98000 00000013 c3824260 c08910e8 # [ 262.027980] 1ee0: c5443740 c089108c f2a81f80 b6d98000 c5200040 00000013 c5649540 c0628870 # [ 262.036455] 1f00: c88c2db0 00000000 00000000 00000000 00000000 00000013 b6d98000 0001ffed # [ 262.044928] 1f20: 00000001 00000000 c5443440 00000000 00000000 00000000 00000000 00000000 # [ 262.053402] 1f40: 00000000 00000000 00000000 00000000 00000022 0b2985fc 00000000 c5443740 # [ 262.061876] 1f60: c5443740 00000000 00000000 c03002f0 c5200040 00000004 0044fe38 c0628dcc # [ 262.070351] 1f80: 00000000 00000000 00000000 0b2985fc 000000c0 00000013 00000013 7ff00000 # [ 262.078825] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6d98000 00000013 00000001 # [ 262.087300] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6d98000 00020000 0044fe38 # [ 262.095774] 1fe0: 00000004 bee02788 b6e5e33b b6dd7616 60080030 00000001 00000000 00000000 # [ 262.104239] Call trace: # [ 262.104254] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 # [ 262.113669] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c # [ 262.120352] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 262.126119] direct_entry from full_proxy_write+0x5c/0x8c # [ 262.131786] full_proxy_write from vfs_write+0xbc/0x3cc # [ 262.137261] vfs_write from ksys_write+0x78/0xf8 # [ 262.142137] ksys_write from ret_fast_syscall+0x0/0x1c # [ 262.147607] Exception stack(0xf2a81fa8 to 0xf2a81ff0) # [ 262.152864] 1fa0: 00000013 00000013 00000001 b6d98000 00000013 00000001 # [ 262.161339] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6d98000 00020000 0044fe38 # [ 262.169808] 1fe0: 00000004 bee02788 b6e5e33b b6dd7616 # [ 262.175167] Code: e8bd47f0 eac9890b e92d4010 ebca234d (e7f001f2) # [ 262.181524] ---[ end trace 0000000000000000 ]--- # [ 262.186471] note: cat[5013] exited with irqs disabled # FORTIFY_STR_OBJECT: saw 'detected buffer overflow': ok ok 81 selftests: lkdtm: FORTIFY_STR_OBJECT.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_STR_MEMBER.sh <6>[ 264.297535] lkdtm: Performing direct entry FORTIFY_STR_MEMBER <6>[ 264.302381] lkdtm: trying to strncpy() past the end of a struct member... <4>[ 264.309323] ------------[ cut here ]------------ <4>[ 264.314733] WARNING: CPU: 0 PID: 5100 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 264.323160] strncpy: detected buffer overflow: 15 byte write of buffer size 10 <4>[ 264.330576] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 264.368917] CPU: 0 UID: 0 PID: 5100 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 264.378229] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 264.383483] Hardware name: STM32 (Device Tree Support) <4>[ 264.388833] Call trace: <4>[ 264.388847] unwind_backtrace from show_stack+0x18/0x1c <4>[ 264.397154] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 264.402525] dump_stack_lvl from __warn+0x84/0x134 <4>[ 264.407601] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 264.412981] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 264.419070] __fortify_report from __fortify_panic+0x8/0xc <4>[ 264.424851] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 <4>[ 264.431737] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c <4>[ 264.438312] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 264.444079] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 264.449746] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 264.455321] vfs_write from ksys_write+0x78/0xf8 <4>[ 264.460197] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 264.465568] Exception stack(0xf2af9fa8 to 0xf2af9ff0) <4>[ 264.470928] 9fa0: 00000013 00000013 00000001 b6e58000 00000013 00000001 <4>[ 264.479402] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 0042fe38 <4>[ 264.487872] 9fe0: 00000004 be9f6788 b6f1e33b b6e97616 <4>[ 264.493535] ---[ end trace 0000000000000000 ]--- <4>[ 264.498260] ------------[ cut here ]------------ <2>[ 264.503029] kernel BUG at lib/string_helpers.c:1040! <0>[ 264.508189] Internal error: Oops - BUG: 0 [#28] SMP ARM <4>[ 264.513761] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 264.551877] CPU: 0 UID: 0 PID: 5100 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 264.561483] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 264.566631] Hardware name: STM32 (Device Tree Support) <4>[ 264.572080] PC is at __fortify_panic+0x8/0xc <4>[ 264.576656] LR is at __fortify_report+0x8c/0xd4 <4>[ 264.581421] pc : [] lr : [] psr: 60080013 <4>[ 264.587980] sp : f2af9e88 ip : 00000000 fp : 0042fe38 <4>[ 264.593532] r10: c56497c0 r9 : f2af9f80 r8 : c26881bc <4>[ 264.598983] r7 : f2af9f80 r6 : c8aed1c0 r5 : 00000014 r4 : 0000000f <4>[ 264.605844] r3 : c5204640 r2 : 00000000 r1 : 00000000 r0 : ef6a3484 <4>[ 264.612605] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 264.620071] Control: 10c5387d Table: c8e1006a DAC: 00000051 <1>[ 264.626123] Register r0 information: non-slab/vmalloc memory <1>[ 264.631993] Register r1 information: NULL pointer <1>[ 264.637050] Register r2 information: NULL pointer <1>[ 264.642003] Register r3 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 264.655679] copy_process+0x1f4/0x1f64 <6>[ 264.660037] kernel_clone+0xac/0x388 <6>[ 264.664093] sys_clone+0x78/0x9c <6>[ 264.667847] ret_fast_syscall+0x0/0x1c <4>[ 264.672100] Free path: <6>[ 264.674831] rcu_core+0x2dc/0xb14 <6>[ 264.678684] handle_softirqs+0x15c/0x430 <6>[ 264.683143] irq_exit+0xac/0xd4 <6>[ 264.686795] call_with_stack+0x18/0x20 <6>[ 264.691052] __irq_svc+0x9c/0xb8 <6>[ 264.694900] default_idle_call+0x20/0xc0 <6>[ 264.699356] do_idle+0x25c/0x2f4 <6>[ 264.703108] cpu_startup_entry+0x30/0x34 <6>[ 264.707562] secondary_start_kernel+0x138/0x158 <6>[ 264.712622] __enable_mmu+0x0/0x20 <1>[ 264.716574] Register r4 information: non-paged memory <1>[ 264.721830] Register r5 information: non-paged memory <1>[ 264.727185] Register r6 information: slab kmalloc-64 start c8aed180 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 <6>[ 264.741555] lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 <6>[ 264.746715] lkdtm_do_action+0x24/0x4c <6>[ 264.750965] direct_entry+0x11c/0x140 <6>[ 264.755116] full_proxy_write+0x5c/0x8c <6>[ 264.759468] vfs_write+0xbc/0x3cc <6>[ 264.763332] ksys_write+0x78/0xf8 <6>[ 264.767196] ret_fast_syscall+0x0/0x1c <4>[ 264.771454] Free path: <6>[ 264.774188] rcu_core+0x2dc/0xb14 <6>[ 264.778043] handle_softirqs+0x15c/0x430 <6>[ 264.782503] irq_exit+0xac/0xd4 <6>[ 264.786157] call_with_stack+0x18/0x20 <6>[ 264.790415] __irq_svc+0x9c/0xb8 <6>[ 264.794163] obj_cgroup_charge+0x1d0/0x254 <6>[ 264.798815] __memcg_slab_post_alloc_hook+0xd0/0x360 <6>[ 264.804373] kmem_cache_alloc_noprof+0x36c/0x3a8 <6>[ 264.809540] __anon_vma_prepare+0x38/0x1c8 <6>[ 264.814099] __vmf_anon_prepare+0x7c/0xf8 <6>[ 264.818657] handle_mm_fault+0xa70/0x1198 <6>[ 264.823214] do_page_fault+0x1ac/0x470 <6>[ 264.827466] do_DataAbort+0x44/0xb8 <6>[ 264.831516] __dabt_usr+0x58/0x60 <1>[ 264.835365] Register r7 information: 2-page vmalloc region starting at 0xf2af8000 allocated at kernel_clone+0xac/0x388 <1>[ 264.846379] Register r8 information: non-slab/vmalloc memory <1>[ 264.852343] Register r9 information: 2-page vmalloc region starting at 0xf2af8000 allocated at kernel_clone+0xac/0x388 <1>[ 264.863351] Register r10 information: slab kmalloc-192 start c5649780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 264.877215] full_proxy_open+0x124/0x24c <6>[ 264.881667] do_dentry_open+0x144/0x4dc <6>[ 264.886026] vfs_open+0x2c/0xec <6>[ 264.889678] path_openat+0x748/0x1198 <6>[ 264.893930] do_filp_open+0x98/0x134 <6>[ 264.897981] do_sys_openat2+0xbc/0xe4 <6>[ 264.902236] sys_openat+0x98/0xd4 <6>[ 264.906089] ret_fast_syscall+0x0/0x1c <4>[ 264.910339] Free path: <6>[ 264.913070] nfs_pgio_header_free+0x34/0x48 <6>[ 264.917731] nfs_write_completion+0x60/0x240 <6>[ 264.922586] rpc_free_task+0x34/0x54 <6>[ 264.926644] rpc_async_release+0x24/0x40 <6>[ 264.931100] process_one_work+0x1b8/0x450 <6>[ 264.935657] worker_thread+0x1d4/0x3c4 <6>[ 264.939910] kthread+0xe8/0x104 <6>[ 264.943659] ret_from_fork+0x14/0x28 <1>[ 264.947709] Register r11 information: non-paged memory <1>[ 264.953168] Register r12 information: NULL pointer <0>[ 264.958223] Process cat (pid: 5100, stack limit = 0xf2af8000) <0>[ 264.964280] Stack: (0xf2af9e88 to 0xf2afa000) <0>[ 264.968835] 9e80: 0000000f c0df9444 0042fe38 0000000f 00000000 00000000 <0>[ 264.977311] 9ea0: 00000000 00000000 00000000 d70e1ff0 00000013 c8a54000 00000000 c0df61c8 <0>[ 264.985887] 9ec0: 00000013 c0df65ac c0df6490 c5443140 b6e58000 00000013 c3824260 c08910e8 <0>[ 264.994363] 9ee0: c5443140 c089108c f2af9f80 b6e58000 c5204640 00000013 c56497c0 c0628870 <0>[ 265.002837] 9f00: c8e12db8 00000000 00000000 00000000 00000000 00000013 b6e58000 0001ffed <0>[ 265.011310] 9f20: 00000001 00000000 c5443d40 00000000 00000000 00000000 00000000 00000000 <0>[ 265.019784] 9f40: 00000000 00000000 00000000 00000000 00000022 d70e1ff0 00000000 c5443140 <0>[ 265.028259] 9f60: c5443140 00000000 00000000 c03002f0 c5204640 00000004 0042fe38 c0628dcc <0>[ 265.036733] 9f80: 00000000 00000000 00000000 d70e1ff0 000000c0 00000013 00000013 7ff00000 <0>[ 265.045207] 9fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e58000 00000013 00000001 <0>[ 265.053681] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 0042fe38 <0>[ 265.062156] 9fe0: 00000004 be9f6788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 <0>[ 265.070623] Call trace: <0>[ 265.070639] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 <0>[ 265.080155] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c <0>[ 265.086832] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 265.092601] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 265.098270] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 265.103745] vfs_write from ksys_write+0x78/0xf8 <0>[ 265.108723] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 265.114094] Exception stack(0xf2af9fa8 to 0xf2af9ff0) <0>[ 265.119452] 9fa0: 00000013 00000013 00000001 b6e58000 00000013 00000001 <0>[ 265.127928] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 0042fe38 <0>[ 265.136398] 9fe0: 00000004 be9f6788 b6f1e33b b6e97616 <0>[ 265.141758] Code: e8bd47f0 eac9890b e92d4010 ebca234d (e7f001f2) <4>[ 265.148115] ---[ end trace 0000000000000000 ]--- <6>[ 265.152964] note: cat[5100] exited with irqs disabled # Segmentation fault # [ 264.297535] lkdtm: Performing direct entry FORTIFY_STR_MEMBER # [ 264.302381] lkdtm: trying to strncpy() past the end of a struct member... # [ 264.309323] ------------[ cut here ]------------ # [ 264.314733] WARNING: CPU: 0 PID: 5100 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 264.323160] strncpy: detected buffer overflow: 15 byte write of buffer size 10 # [ 264.330576] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 264.368917] CPU: 0 UID: 0 PID: 5100 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 264.378229] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 264.383483] Hardware name: STM32 (Device Tree Support) # [ 264.388833] Call trace: # [ 264.388847] unwind_backtrace from show_stack+0x18/0x1c # [ 264.397154] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 264.402525] dump_stack_lvl from __warn+0x84/0x134 # [ 264.407601] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 264.412981] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 264.419070] __fortify_report from __fortify_panic+0x8/0xc # [ 264.424851] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 # [ 264.431737] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c # [ 264.438312] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 264.444079] direct_entry from full_proxy_write+0x5c/0x8c # [ 264.449746] full_proxy_write from vfs_write+0xbc/0x3cc # [ 264.455321] vfs_write from ksys_write+0x78/0xf8 # [ 264.460197] ksys_write from ret_fast_syscall+0x0/0x1c # [ 264.465568] Exception stack(0xf2af9fa8 to 0xf2af9ff0) # [ 264.470928] 9fa0: 00000013 00000013 00000001 b6e58000 00000013 00000001 # [ 264.479402] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 0042fe38 # [ 264.487872] 9fe0: 00000004 be9f6788 b6f1e33b b6e97616 # [ 264.493535] ---[ end trace 0000000000000000 ]--- # [ 264.498260] ------------[ cut here ]------------ # [ 264.503029] kernel BUG at lib/string_helpers.c:1040! # [ 264.508189] Internal error: Oops - BUG: 0 [#28] SMP ARM # [ 264.513761] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 264.551877] CPU: 0 UID: 0 PID: 5100 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 264.561483] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 264.566631] Hardware name: STM32 (Device Tree Support) # [ 264.572080] PC is at __fortify_panic+0x8/0xc # [ 264.576656] LR is at __fortify_report+0x8c/0xd4 # [ 264.581421] pc : [] lr : [] psr: 60080013 # [ 264.587980] sp : f2af9e88 ip : 00000000 fp : 0042fe38 # [ 264.593532] r10: c56497c0 r9 : f2af9f80 r8 : c26881bc # [ 264.598983] r7 : f2af9f80 r6 : c8aed1c0 r5 : 00000014 r4 : 0000000f # [ 264.605844] r3 : c5204640 r2 : 00000000 r1 : 00000000 r0 : ef6a3484 # [ 264.612605] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 264.620071] Control: 10c5387d Table: c8e1006a DAC: 00000051 # [ 264.626123] Register r0 information: non-slab/vmalloc memory # [ 264.631993] Register r1 information: NULL pointer # [ 264.637050] Register r2 information: NULL pointer # [ 264.642003] Register r3 information: slab task_struct start c5204600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 264.655679] copy_process+0x1f4/0x1f64 # [ 264.660037] kernel_clone+0xac/0x388 # [ 264.664093] sys_clone+0x78/0x9c # [ 264.667847] ret_fast_syscall+0x0/0x1c # [ 264.672100] Free path: # [ 264.674831] rcu_core+0x2dc/0xb14 # [ 264.678684] handle_softirqs+0x15c/0x430 # [ 264.683143] irq_exit+0xac/0xd4 # [ 264.686795] call_with_stack+0x18/0x20 # [ 264.691052] __irq_svc+0x9c/0xb8 # [ 264.694900] default_idle_call+0x20/0xc0 # [ 264.699356] do_idle+0x25c/0x2f4 # [ 264.703108] cpu_startup_entry+0x30/0x34 # [ 264.707562] secondary_start_kernel+0x138/0x158 # [ 264.712622] __enable_mmu+0x0/0x20 # [ 264.716574] Register r4 information: non-paged memory # [ 264.721830] Register r5 information: non-paged memory # [ 264.727185] Register r6 information: slab kmalloc-64 start c8aed180 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 # [ 264.741555] lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 # [ 264.746715] lkdtm_do_action+0x24/0x4c # [ 264.750965] direct_entry+0x11c/0x140 # [ 264.755116] full_proxy_write+0x5c/0x8c # [ 264.759468] vfs_write+0xbc/0x3cc # [ 264.763332] ksys_write+0x78/0xf8 # [ 264.767196] ret_fast_syscall+0x0/0x1c # [ 264.771454] Free path: # [ 264.774188] rcu_core+0x2dc/0xb14 # [ 264.778043] handle_softirqs+0x15c/0x430 # [ 264.782503] irq_exit+0xac/0xd4 # [ 264.786157] call_with_stack+0x18/0x20 # [ 264.790415] __irq_svc+0x9c/0xb8 # [ 264.794163] obj_cgroup_charge+0x1d0/0x254 # [ 264.798815] __memcg_slab_post_alloc_hook+0xd0/0x360 # [ 264.804373] kmem_cache_alloc_noprof+0x36c/0x3a8 # [ 264.809540] __anon_vma_prepare+0x38/0x1c8 # [ 264.814099] __vmf_anon_prepare+0x7c/0xf8 # [ 264.818657] handle_mm_fault+0xa70/0x1198 # [ 264.823214] do_page_fault+0x1ac/0x470 # [ 264.827466] do_DataAbort+0x44/0xb8 # [ 264.831516] __dabt_usr+0x58/0x60 # [ 264.835365] Register r7 information: 2-page vmalloc region starting at 0xf2af8000 allocated at kernel_clone+0xac/0x388 # [ 264.846379] Register r8 information: non-slab/vmalloc memory # [ 264.852343] Register r9 information: 2-page vmalloc region starting at 0xf2af8000 allocated at kernel_clone+0xac/0x388 # [ 264.863351] Register r10 information: slab kmalloc-192 start c5649780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 264.877215] full_proxy_open+0x124/0x24c # [ 264.881667] do_dentry_open+0x144/0x4dc # [ 264.886026] vfs_open+0x2c/0xec # [ 264.889678] path_openat+0x748/0x1198 # [ 264.893930] do_filp_open+0x98/0x134 # [ 264.897981] do_sys_openat2+0xbc/0xe4 # [ 264.902236] sys_openat+0x98/0xd4 # [ 264.906089] ret_fast_syscall+0x0/0x1c # [ 264.910339] Free path: # [ 264.913070] nfs_pgio_header_free+0x34/0x48 # [ 264.917731] nfs_write_completion+0x60/0x240 # [ 264.922586] rpc_free_task+0x34/0x54 # [ 264.926644] rpc_async_release+0x24/0x40 # [ 264.931100] process_one_work+0x1b8/0x450 # [ 264.935657] worker_thread+0x1d4/0x3c4 # [ 264.939910] kthread+0xe8/0x104 # [ 264.943659] ret_from_fork+0x14/0x28 # [ 264.947709] Register r11 information: non-paged memory # [ 264.953168] Register r12 information: NULL pointer # [ 264.958223] Process cat (pid: 5100, stack limit = 0xf2af8000) # [ 264.964280] Stack: (0xf2af9e88 to 0xf2afa000) # [ 264.968835] 9e80: 0000000f c0df9444 0042fe38 0000000f 00000000 00000000 # [ 264.977311] 9ea0: 00000000 00000000 00000000 d70e1ff0 00000013 c8a54000 00000000 c0df61c8 # [ 264.985887] 9ec0: 00000013 c0df65ac c0df6490 c5443140 b6e58000 00000013 c3824260 c08910e8 # [ 264.994363] 9ee0: c5443140 c089108c f2af9f80 b6e58000 c5204640 00000013 c56497c0 c0628870 # [ 265.002837] 9f00: c8e12db8 00000000 00000000 00000000 00000000 00000013 b6e58000 0001ffed # [ 265.011310] 9f20: 00000001 00000000 c5443d40 00000000 00000000 00000000 00000000 00000000 # [ 265.019784] 9f40: 00000000 00000000 00000000 00000000 00000022 d70e1ff0 00000000 c5443140 # [ 265.028259] 9f60: c5443140 00000000 00000000 c03002f0 c5204640 00000004 0042fe38 c0628dcc # [ 265.036733] 9f80: 00000000 00000000 00000000 d70e1ff0 000000c0 00000013 00000013 7ff00000 # [ 265.045207] 9fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e58000 00000013 00000001 # [ 265.053681] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 0042fe38 # [ 265.062156] 9fe0: 00000004 be9f6788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 # [ 265.070623] Call trace: # [ 265.070639] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 # [ 265.080155] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c # [ 265.086832] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 265.092601] direct_entry from full_proxy_write+0x5c/0x8c # [ 265.098270] full_proxy_write from vfs_write+0xbc/0x3cc # [ 265.103745] vfs_write from ksys_write+0x78/0xf8 # [ 265.108723] ksys_write from ret_fast_syscall+0x0/0x1c # [ 265.114094] Exception stack(0xf2af9fa8 to 0xf2af9ff0) # [ 265.119452] 9fa0: 00000013 00000013 00000001 b6e58000 00000013 00000001 # [ 265.127928] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 0042fe38 # [ 265.136398] 9fe0: 00000004 be9f6788 b6f1e33b b6e97616 # [ 265.141758] Code: e8bd47f0 eac9890b e92d4010 ebca234d (e7f001f2) # [ 265.148115] ---[ end trace 0000000000000000 ]--- # [ 265.152964] note: cat[5100] exited with irqs disabled # FORTIFY_STR_MEMBER: saw 'detected buffer overflow': ok ok 82 selftests: lkdtm: FORTIFY_STR_MEMBER.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_MEM_OBJECT.sh <6>[ 267.262361] lkdtm: Performing direct entry FORTIFY_MEM_OBJECT <6>[ 267.267159] lkdtm: trying to memcpy() past the end of a struct <6>[ 267.273650] lkdtm: 0: 16 <6>[ 267.276003] lkdtm: 1: 16 <6>[ 267.278860] lkdtm: s: 20 <4>[ 267.281581] ------------[ cut here ]------------ <4>[ 267.286510] WARNING: CPU: 1 PID: 5186 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 267.295301] memcpy: detected buffer overflow: 20 byte write of buffer size 16 <4>[ 267.302766] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 267.341049] CPU: 1 UID: 0 PID: 5186 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 267.350366] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 267.355619] Hardware name: STM32 (Device Tree Support) <4>[ 267.361069] Call trace: <4>[ 267.361086] unwind_backtrace from show_stack+0x18/0x1c <4>[ 267.369392] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 267.374664] dump_stack_lvl from __warn+0x84/0x134 <4>[ 267.379742] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 267.385123] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 267.391314] __fortify_report from __fortify_panic+0x8/0xc <4>[ 267.397096] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c <4>[ 267.403784] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c <4>[ 267.410466] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 267.416234] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 267.421903] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 267.427382] vfs_write from ksys_write+0x78/0xf8 <4>[ 267.432259] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 267.437632] Exception stack(0xf2b81fa8 to 0xf2b81ff0) <4>[ 267.442993] 1fa0: 00000013 00000013 00000001 b6e58000 00000013 00000001 <4>[ 267.451469] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 004efe38 <4>[ 267.459939] 1fe0: 00000004 bedfa788 b6f1e33b b6e97616 <4>[ 267.465432] ---[ end trace 0000000000000000 ]--- <4>[ 267.470294] ------------[ cut here ]------------ <2>[ 267.475060] kernel BUG at lib/string_helpers.c:1040! <0>[ 267.480321] Internal error: Oops - BUG: 0 [#29] SMP ARM <4>[ 267.485793] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 267.523906] CPU: 1 UID: 0 PID: 5186 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 267.533519] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 267.538779] Hardware name: STM32 (Device Tree Support) <4>[ 267.544239] PC is at __fortify_panic+0x8/0xc <4>[ 267.548731] LR is at __fortify_report+0x8c/0xd4 <4>[ 267.553514] pc : [] lr : [] psr: 60080013 <4>[ 267.560088] sp : f2b81e48 ip : 00000000 fp : 004efe38 <4>[ 267.565651] r10: c56497c0 r9 : f2b81f80 r8 : c26881c4 <4>[ 267.571111] r7 : f2b81f80 r6 : 00000000 r5 : c8bce000 r4 : c28033b8 <4>[ 267.577882] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 <4>[ 267.584753] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 267.592123] Control: 10c5387d Table: c8afc06a DAC: 00000051 <1>[ 267.598176] Register r0 information: non-slab/vmalloc memory <1>[ 267.604150] Register r1 information: NULL pointer <1>[ 267.609108] Register r2 information: NULL pointer <1>[ 267.614061] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 <6>[ 267.627845] copy_process+0x1f4/0x1f64 <6>[ 267.632108] kernel_clone+0xac/0x388 <6>[ 267.636166] sys_clone+0x78/0x9c <6>[ 267.639919] ret_fast_syscall+0x0/0x1c <4>[ 267.644272] Free path: <6>[ 267.647003] rcu_core+0x2dc/0xb14 <6>[ 267.650759] handle_softirqs+0x15c/0x430 <6>[ 267.655217] irq_exit+0xac/0xd4 <6>[ 267.658969] call_with_stack+0x18/0x20 <6>[ 267.663226] __irq_svc+0x9c/0xb8 <6>[ 267.666974] search_index+0x80/0xd8 <6>[ 267.671032] unwind_frame+0x94/0x92c <6>[ 267.675089] arch_stack_walk+0x84/0x100 <6>[ 267.679442] stack_trace_save+0x50/0x78 <6>[ 267.683803] set_track_prepare+0x40/0x74 <6>[ 267.688262] ___slab_alloc+0xd28/0xd7c <6>[ 267.692520] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 267.697683] vm_area_dup+0x44/0x104 <6>[ 267.701739] copy_process+0x1968/0x1f64 <6>[ 267.706096] kernel_clone+0xac/0x388 <6>[ 267.710252] sys_clone+0x78/0x9c <1>[ 267.714007] Register r4 information: non-slab/vmalloc memory <1>[ 267.719874] Register r5 information: non-slab/vmalloc memory <1>[ 267.725838] Register r6 information: NULL pointer <1>[ 267.730795] Register r7 information: 2-page vmalloc region starting at 0xf2b80000 allocated at kernel_clone+0xac/0x388 <1>[ 267.741808] Register r8 information: non-slab/vmalloc memory <1>[ 267.747772] Register r9 information: 2-page vmalloc region starting at 0xf2b80000 allocated at kernel_clone+0xac/0x388 <1>[ 267.758779] Register r10 information: slab kmalloc-192 start c5649780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 267.772649] full_proxy_open+0x124/0x24c <6>[ 267.777112] do_dentry_open+0x144/0x4dc <6>[ 267.781474] vfs_open+0x2c/0xec <6>[ 267.785229] path_openat+0x748/0x1198 <6>[ 267.789384] do_filp_open+0x98/0x134 <6>[ 267.793438] do_sys_openat2+0xbc/0xe4 <6>[ 267.797696] sys_openat+0x98/0xd4 <6>[ 267.801550] ret_fast_syscall+0x0/0x1c <4>[ 267.805803] Free path: <6>[ 267.808535] nfs_pgio_header_free+0x34/0x48 <6>[ 267.813196] nfs_write_completion+0x60/0x240 <6>[ 267.818052] rpc_free_task+0x34/0x54 <6>[ 267.822112] rpc_async_release+0x24/0x40 <6>[ 267.826567] process_one_work+0x1b8/0x450 <6>[ 267.831124] worker_thread+0x1d4/0x3c4 <6>[ 267.835377] kthread+0xe8/0x104 <6>[ 267.839128] ret_from_fork+0x14/0x28 <1>[ 267.843178] Register r11 information: non-paged memory <1>[ 267.848640] Register r12 information: NULL pointer <0>[ 267.853696] Process cat (pid: 5186, stack limit = 0xf2b80000) <0>[ 267.859755] Stack: (0xf2b81e48 to 0xf2b82000) <0>[ 267.864311] 1e40: c28033b8 c16d5738 00000014 00000000 00000000 00000000 <0>[ 267.872785] 1e60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 267.881259] 1e80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 267.889734] 1ea0: 00000000 00000000 00000000 00000000 00000000 6dd69532 00000013 c0df61c8 <0>[ 267.898210] 1ec0: 00000013 c0df65ac c0df6490 c5443d40 b6e58000 00000013 c3824260 c08910e8 <0>[ 267.906686] 1ee0: c5443d40 c089108c f2b81f80 b6e58000 c5205040 00000013 c56497c0 c0628870 <0>[ 267.915161] 1f00: c8afedb8 00000000 00000000 00000000 00000000 00000013 b6e58000 0001ffed <0>[ 267.923634] 1f20: 00000001 00000000 c5443040 00000000 00000000 00000000 00000000 00000000 <0>[ 267.932108] 1f40: 00000000 00000000 00000000 00000000 00000022 6dd69532 00000000 c5443d40 <0>[ 267.940588] 1f60: c5443d40 00000000 00000000 c03002f0 c5205040 00000004 004efe38 c0628dcc <0>[ 267.949073] 1f80: 00000000 00000000 00000000 6dd69532 000000c0 00000013 00000013 7ff00000 <0>[ 267.957552] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e58000 00000013 00000001 <0>[ 267.966030] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 004efe38 <0>[ 267.974506] 1fe0: 00000004 bedfa788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 <0>[ 267.982973] Call trace: <0>[ 267.982989] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c <0>[ 267.992515] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c <0>[ 267.999100] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 268.004869] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 268.010540] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 268.016119] vfs_write from ksys_write+0x78/0xf8 <0>[ 268.020999] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 268.026375] Exception stack(0xf2b81fa8 to 0xf2b81ff0) <0>[ 268.031739] 1fa0: 00000013 00000013 00000001 b6e58000 00000013 00000001 <0>[ 268.040218] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 004efe38 <0>[ 268.048691] 1fe0: 00000004 bedfa788 b6f1e33b b6e97616 <0>[ 268.054053] Code: e8bd47f0 eac9890b e92d4010 ebca234d (e7f001f2) <4>[ 268.060411] ---[ end trace 0000000000000000 ]--- <6>[ 268.065261] note: cat[5186] exited with irqs disabled # Segmentation fault # [ 267.262361] lkdtm: Performing direct entry FORTIFY_MEM_OBJECT # [ 267.267159] lkdtm: trying to memcpy() past the end of a struct # [ 267.273650] lkdtm: 0: 16 # [ 267.276003] lkdtm: 1: 16 # [ 267.278860] lkdtm: s: 20 # [ 267.281581] ------------[ cut here ]------------ # [ 267.286510] WARNING: CPU: 1 PID: 5186 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 267.295301] memcpy: detected buffer overflow: 20 byte write of buffer size 16 # [ 267.302766] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 267.341049] CPU: 1 UID: 0 PID: 5186 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 267.350366] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 267.355619] Hardware name: STM32 (Device Tree Support) # [ 267.361069] Call trace: # [ 267.361086] unwind_backtrace from show_stack+0x18/0x1c # [ 267.369392] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 267.374664] dump_stack_lvl from __warn+0x84/0x134 # [ 267.379742] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 267.385123] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 267.391314] __fortify_report from __fortify_panic+0x8/0xc # [ 267.397096] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c # [ 267.403784] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c # [ 267.410466] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 267.416234] direct_entry from full_proxy_write+0x5c/0x8c # [ 267.421903] full_proxy_write from vfs_write+0xbc/0x3cc # [ 267.427382] vfs_write from ksys_write+0x78/0xf8 # [ 267.432259] ksys_write from ret_fast_syscall+0x0/0x1c # [ 267.437632] Exception stack(0xf2b81fa8 to 0xf2b81ff0) # [ 267.442993] 1fa0: 00000013 00000013 00000001 b6e58000 00000013 00000001 # [ 267.451469] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 004efe38 # [ 267.459939] 1fe0: 00000004 bedfa788 b6f1e33b b6e97616 # [ 267.465432] ---[ end trace 0000000000000000 ]--- # [ 267.470294] ------------[ cut here ]------------ # [ 267.475060] kernel BUG at lib/string_helpers.c:1040! # [ 267.480321] Internal error: Oops - BUG: 0 [#29] SMP ARM # [ 267.485793] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 267.523906] CPU: 1 UID: 0 PID: 5186 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 267.533519] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 267.538779] Hardware name: STM32 (Device Tree Support) # [ 267.544239] PC is at __fortify_panic+0x8/0xc # [ 267.548731] LR is at __fortify_report+0x8c/0xd4 # [ 267.553514] pc : [] lr : [] psr: 60080013 # [ 267.560088] sp : f2b81e48 ip : 00000000 fp : 004efe38 # [ 267.565651] r10: c56497c0 r9 : f2b81f80 r8 : c26881c4 # [ 267.571111] r7 : f2b81f80 r6 : 00000000 r5 : c8bce000 r4 : c28033b8 # [ 267.577882] r3 : c5205040 r2 : 00000000 r1 : 00000000 r0 : ef6b7484 # [ 267.584753] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 267.592123] Control: 10c5387d Table: c8afc06a DAC: 00000051 # [ 267.598176] Register r0 information: non-slab/vmalloc memory # [ 267.604150] Register r1 information: NULL pointer # [ 267.609108] Register r2 information: NULL pointer # [ 267.614061] Register r3 information: slab task_struct start c5205000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f64 # [ 267.627845] copy_process+0x1f4/0x1f64 # [ 267.632108] kernel_clone+0xac/0x388 # [ 267.636166] sys_clone+0x78/0x9c # [ 267.639919] ret_fast_syscall+0x0/0x1c # [ 267.644272] Free path: # [ 267.647003] rcu_core+0x2dc/0xb14 # [ 267.650759] handle_softirqs+0x15c/0x430 # [ 267.655217] irq_exit+0xac/0xd4 # [ 267.658969] call_with_stack+0x18/0x20 # [ 267.663226] __irq_svc+0x9c/0xb8 # [ 267.666974] search_index+0x80/0xd8 # [ 267.671032] unwind_frame+0x94/0x92c # [ 267.675089] arch_stack_walk+0x84/0x100 # [ 267.679442] stack_trace_save+0x50/0x78 # [ 267.683803] set_track_prepare+0x40/0x74 # [ 267.688262] ___slab_alloc+0xd28/0xd7c # [ 267.692520] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 267.697683] vm_area_dup+0x44/0x104 # [ 267.701739] copy_process+0x1968/0x1f64 # [ 267.706096] kernel_clone+0xac/0x388 # [ 267.710252] sys_clone+0x78/0x9c # [ 267.714007] Register r4 information: non-slab/vmalloc memory # [ 267.719874] Register r5 information: non-slab/vmalloc memory # [ 267.725838] Register r6 information: NULL pointer # [ 267.730795] Register r7 information: 2-page vmalloc region starting at 0xf2b80000 allocated at kernel_clone+0xac/0x388 # [ 267.741808] Register r8 information: non-slab/vmalloc memory # [ 267.747772] Register r9 information: 2-page vmalloc region starting at 0xf2b80000 allocated at kernel_clone+0xac/0x388 # [ 267.758779] Register r10 information: slab kmalloc-192 start c5649780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 267.772649] full_proxy_open+0x124/0x24c # [ 267.777112] do_dentry_open+0x144/0x4dc # [ 267.781474] vfs_open+0x2c/0xec # [ 267.785229] path_openat+0x748/0x1198 # [ 267.789384] do_filp_open+0x98/0x134 # [ 267.793438] do_sys_openat2+0xbc/0xe4 # [ 267.797696] sys_openat+0x98/0xd4 # [ 267.801550] ret_fast_syscall+0x0/0x1c # [ 267.805803] Free path: # [ 267.808535] nfs_pgio_header_free+0x34/0x48 # [ 267.813196] nfs_write_completion+0x60/0x240 # [ 267.818052] rpc_free_task+0x34/0x54 # [ 267.822112] rpc_async_release+0x24/0x40 # [ 267.826567] process_one_work+0x1b8/0x450 # [ 267.831124] worker_thread+0x1d4/0x3c4 # [ 267.835377] kthread+0xe8/0x104 # [ 267.839128] ret_from_fork+0x14/0x28 # [ 267.843178] Register r11 information: non-paged memory # [ 267.848640] Register r12 information: NULL pointer # [ 267.853696] Process cat (pid: 5186, stack limit = 0xf2b80000) # [ 267.859755] Stack: (0xf2b81e48 to 0xf2b82000) # [ 267.864311] 1e40: c28033b8 c16d5738 00000014 00000000 00000000 00000000 # [ 267.872785] 1e60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 267.881259] 1e80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 267.889734] 1ea0: 00000000 00000000 00000000 00000000 00000000 6dd69532 00000013 c0df61c8 # [ 267.898210] 1ec0: 00000013 c0df65ac c0df6490 c5443d40 b6e58000 00000013 c3824260 c08910e8 # [ 267.906686] 1ee0: c5443d40 c089108c f2b81f80 b6e58000 c5205040 00000013 c56497c0 c0628870 # [ 267.915161] 1f00: c8afedb8 00000000 00000000 00000000 00000000 00000013 b6e58000 0001ffed # [ 267.923634] 1f20: 00000001 00000000 c5443040 00000000 00000000 00000000 00000000 00000000 # [ 267.932108] 1f40: 00000000 00000000 00000000 00000000 00000022 6dd69532 00000000 c5443d40 # [ 267.940588] 1f60: c5443d40 00000000 00000000 c03002f0 c5205040 00000004 004efe38 c0628dcc # [ 267.949073] 1f80: 00000000 00000000 00000000 6dd69532 000000c0 00000013 00000013 7ff00000 # [ 267.957552] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e58000 00000013 00000001 # [ 267.966030] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 004efe38 # [ 267.974506] 1fe0: 00000004 bedfa788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 # [ 267.982973] Call trace: # [ 267.982989] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c # [ 267.992515] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c # [ 267.999100] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 268.004869] direct_entry from full_proxy_write+0x5c/0x8c # [ 268.010540] full_proxy_write from vfs_write+0xbc/0x3cc # [ 268.016119] vfs_write from ksys_write+0x78/0xf8 # [ 268.020999] ksys_write from ret_fast_syscall+0x0/0x1c # [ 268.026375] Exception stack(0xf2b81fa8 to 0xf2b81ff0) # [ 268.031739] 1fa0: 00000013 00000013 00000001 b6e58000 00000013 00000001 # [ 268.040218] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e58000 00020000 004efe38 # [ 268.048691] 1fe0: 00000004 bedfa788 b6f1e33b b6e97616 # [ 268.054053] Code: e8bd47f0 eac9890b e92d4010 ebca234d (e7f001f2) # [ 268.060411] ---[ end trace 0000000000000000 ]--- # [ 268.065261] note: cat[5186] exited with irqs disabled # FORTIFY_MEM_OBJECT: saw 'detected buffer overflow': ok ok 83 selftests: lkdtm: FORTIFY_MEM_OBJECT.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_MEM_MEMBER.sh <6>[ 270.239079] lkdtm: Performing direct entry FORTIFY_MEM_MEMBER <6>[ 270.243942] lkdtm: trying to memcpy() past the end of a struct member... <4>[ 270.250899] ------------[ cut here ]------------ <4>[ 270.255750] WARNING: CPU: 1 PID: 5274 at drivers/misc/lkdtm/fortify.c:122 lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 <4>[ 270.266039] memcpy: detected field-spanning write (size 15) of single field "target.a" at drivers/misc/lkdtm/fortify.c:122 (size 10) <4>[ 270.278237] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector <4>[ 270.316509] CPU: 1 UID: 0 PID: 5274 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 <4>[ 270.325923] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 270.331079] Hardware name: STM32 (Device Tree Support) <4>[ 270.336531] Call trace: <4>[ 270.336546] unwind_backtrace from show_stack+0x18/0x1c <4>[ 270.344855] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 270.350128] dump_stack_lvl from __warn+0x84/0x134 <4>[ 270.355207] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 270.360689] warn_slowpath_fmt from lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 <4>[ 270.367681] lkdtm_FORTIFY_MEM_MEMBER from lkdtm_do_action+0x24/0x4c <4>[ 270.374260] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 270.380027] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 270.385697] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 270.391278] vfs_write from ksys_write+0x78/0xf8 <4>[ 270.396166] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 270.401544] Exception stack(0xf2c19fa8 to 0xf2c19ff0) <4>[ 270.406906] 9fa0: 00000013 00000013 00000001 b6d88000 00000013 00000001 <4>[ 270.415383] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 <4>[ 270.423854] 9fe0: 00000004 beff9788 b6e4e33b b6dc7616 <4>[ 270.429316] ---[ end trace 0000000000000000 ]--- <3>[ 270.434246] lkdtm: FAIL: fortify did not block a memcpy() struct member write overflow! <3>[ 270.442415] lkdtm: Unexpected! This kernel (6.12.0-rc1-next-20241004 armv7l) was built with CONFIG_FORTIFY_SOURCE=y # [ 270.239079] lkdtm: Performing direct entry FORTIFY_MEM_MEMBER # [ 270.243942] lkdtm: trying to memcpy() past the end of a struct member... # [ 270.250899] ------------[ cut here ]------------ # [ 270.255750] WARNING: CPU: 1 PID: 5274 at drivers/misc/lkdtm/fortify.c:122 lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 # [ 270.266039] memcpy: detected field-spanning write (size 15) of single field "target.a" at drivers/misc/lkdtm/fortify.c:122 (size 10) # [ 270.278237] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd brcmfmac soundcore brcmutil adv7511 cfg80211 hci_uart stm32_adc_core btbcm bluetooth ecdh_generic ecc snd_soc_stm32_sai stm_drm etnaviv gpu_sched drm_dma_helper stm32_crc32 nvmem_stm32_romem stm32_ipcc display_connector # [ 270.316509] CPU: 1 UID: 0 PID: 5274 Comm: cat Tainted: G B D W 6.12.0-rc1-next-20241004 #1 # [ 270.325923] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 270.331079] Hardware name: STM32 (Device Tree Support) # [ 270.336531] Call trace: # [ 270.336546] unwind_backtrace from show_stack+0x18/0x1c # [ 270.344855] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 270.350128] dump_stack_lvl from __warn+0x84/0x134 # [ 270.355207] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 270.360689] warn_slowpath_fmt from lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 # [ 270.367681] lkdtm_FORTIFY_MEM_MEMBER from lkdtm_do_action+0x24/0x4c # [ 270.374260] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 270.380027] direct_entry from full_proxy_write+0x5c/0x8c # [ 270.385697] full_proxy_write from vfs_write+0xbc/0x3cc # [ 270.391278] vfs_write from ksys_write+0x78/0xf8 # [ 270.396166] ksys_write from ret_fast_syscall+0x0/0x1c # [ 270.401544] Exception stack(0xf2c19fa8 to 0xf2c19ff0) # [ 270.406906] 9fa0: 00000013 00000013 00000001 b6d88000 00000013 00000001 # [ 270.415383] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6d88000 00020000 004dfe38 # [ 270.423854] 9fe0: 00000004 beff9788 b6e4e33b b6dc7616 # [ 270.429316] ---[ end trace 0000000000000000 ]--- # [ 270.434246] lkdtm: FAIL: fortify did not block a memcpy() struct member write overflow! # [ 270.442415] lkdtm: Unexpected! This kernel (6.12.0-rc1-next-20241004 armv7l) was built with CONFIG_FORTIFY_SOURCE=y # FORTIFY_MEM_MEMBER: saw 'detected field-spanning write': ok ok 84 selftests: lkdtm: FORTIFY_MEM_MEMBER.sh # timeout set to 45 # selftests: lkdtm: PPC_SLB_MULTIHIT.sh # Skipped: test 'PPC_SLB_MULTIHIT' missing in /sys/kernel/debug/provoke-crash/DIRECT! ok 85 selftests: lkdtm: PPC_SLB_MULTIHIT.sh # SKIP # timeout set to 45 # selftests: lkdtm: stack-entropy.sh <6>[ 271.824956] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.829231] lkdtm: Starting stack offset tracking for pid 5319 <6>[ 271.835275] lkdtm: Stack offset: 0 <6>[ 271.842836] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.847017] lkdtm: Stack offset: 0 <6>[ 271.861941] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.866304] lkdtm: Stack offset: 0 <6>[ 271.881572] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.885902] lkdtm: Stack offset: 0 <6>[ 271.896078] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.900603] lkdtm: Stack offset: 0 <6>[ 271.910049] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.914290] lkdtm: Stack offset: 0 <6>[ 271.920599] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.924780] lkdtm: Stack offset: 0 <6>[ 271.930633] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.935136] lkdtm: Stack offset: 0 <6>[ 271.940799] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.945017] lkdtm: Stack offset: 0 <6>[ 271.950949] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.955106] lkdtm: Stack offset: 0 <6>[ 271.960901] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.965078] lkdtm: Stack offset: 0 <6>[ 271.970819] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.974962] lkdtm: Stack offset: 0 <6>[ 271.981095] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.985428] lkdtm: Stack offset: 0 <6>[ 271.990997] lkdtm: Performing direct entry REPORT_STACK <6>[ 271.995140] lkdtm: Stack offset: 0 <6>[ 272.000985] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.005151] lkdtm: Stack offset: 0 <6>[ 272.010768] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.014945] lkdtm: Stack offset: 0 <6>[ 272.020533] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.024655] lkdtm: Stack offset: 0 <6>[ 272.030259] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.034392] lkdtm: Stack offset: 0 <6>[ 272.039898] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.044033] lkdtm: Stack offset: 0 <6>[ 272.049551] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.053677] lkdtm: Stack offset: 0 <6>[ 272.059135] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.063295] lkdtm: Stack offset: 0 <6>[ 272.068741] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.072874] lkdtm: Stack offset: 0 <6>[ 272.078523] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.082649] lkdtm: Stack offset: 0 <6>[ 272.088131] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.092288] lkdtm: Stack offset: 0 <6>[ 272.102495] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.108804] lkdtm: Stack offset: 0 <6>[ 272.116649] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.124615] lkdtm: Stack offset: 0 <6>[ 272.129191] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.136315] lkdtm: Stack offset: 0 <6>[ 272.139648] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.144275] lkdtm: Stack offset: 0 <6>[ 272.148496] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.153354] lkdtm: Stack offset: 0 <6>[ 272.157929] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.162529] lkdtm: Stack offset: 0 <6>[ 272.167073] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.171913] lkdtm: Stack offset: 0 <6>[ 272.175964] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.181018] lkdtm: Stack offset: 0 <6>[ 272.185108] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.190079] lkdtm: Stack offset: 0 <6>[ 272.194339] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.199234] lkdtm: Stack offset: 0 <6>[ 272.203445] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.208629] lkdtm: Stack offset: 0 <6>[ 272.212685] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.217709] lkdtm: Stack offset: 0 <6>[ 272.221802] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.226796] lkdtm: Stack offset: 0 <6>[ 272.230998] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.235985] lkdtm: Stack offset: 0 <6>[ 272.240164] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.245109] lkdtm: Stack offset: 0 <6>[ 272.249329] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.254286] lkdtm: Stack offset: 0 <6>[ 272.258508] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.263476] lkdtm: Stack offset: 0 <6>[ 272.267675] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.272676] lkdtm: Stack offset: 0 <6>[ 272.276827] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.283367] lkdtm: Stack offset: 0 <6>[ 272.292072] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.300368] lkdtm: Stack offset: 0 <6>[ 272.305080] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.309754] lkdtm: Stack offset: 0 <6>[ 272.313883] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.318535] lkdtm: Stack offset: 0 <6>[ 272.322820] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.327960] lkdtm: Stack offset: 0 <6>[ 272.331879] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.336932] lkdtm: Stack offset: 0 <6>[ 272.341548] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.346054] lkdtm: Stack offset: 0 <6>[ 272.350741] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.355227] lkdtm: Stack offset: 0 <6>[ 272.359852] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.364327] lkdtm: Stack offset: 0 <6>[ 272.368935] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.373511] lkdtm: Stack offset: 0 <6>[ 272.378060] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.382738] lkdtm: Stack offset: 0 <6>[ 272.387398] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.391860] lkdtm: Stack offset: 0 <6>[ 272.396577] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.401026] lkdtm: Stack offset: 0 <6>[ 272.405750] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.410227] lkdtm: Stack offset: 0 <6>[ 272.414845] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.419417] lkdtm: Stack offset: 0 <6>[ 272.423970] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.429140] lkdtm: Stack offset: 0 <6>[ 272.436802] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.444593] lkdtm: Stack offset: 0 <6>[ 272.449099] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.453492] lkdtm: Stack offset: 0 <6>[ 272.457926] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.462893] lkdtm: Stack offset: 0 <6>[ 272.467157] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.471658] lkdtm: Stack offset: 0 <6>[ 272.476900] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.481136] lkdtm: Stack offset: 0 <6>[ 272.485847] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.490315] lkdtm: Stack offset: 0 <6>[ 272.494914] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.499511] lkdtm: Stack offset: 0 <6>[ 272.504092] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.508672] lkdtm: Stack offset: 0 <6>[ 272.513173] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.518013] lkdtm: Stack offset: 0 <6>[ 272.522555] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.527137] lkdtm: Stack offset: 0 <6>[ 272.531907] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.536465] lkdtm: Stack offset: 0 <6>[ 272.540893] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.545491] lkdtm: Stack offset: 0 <6>[ 272.549998] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.554551] lkdtm: Stack offset: 0 <6>[ 272.559118] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.563775] lkdtm: Stack offset: 0 <6>[ 272.568172] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.572840] lkdtm: Stack offset: 0 <6>[ 272.577518] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.581964] lkdtm: Stack offset: 0 <6>[ 272.586703] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.591168] lkdtm: Stack offset: 0 <6>[ 272.595853] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.600410] lkdtm: Stack offset: 0 <6>[ 272.604929] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.609638] lkdtm: Stack offset: 0 <6>[ 272.614098] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.618779] lkdtm: Stack offset: 0 <6>[ 272.623493] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.627973] lkdtm: Stack offset: 0 <6>[ 272.632682] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.637038] lkdtm: Stack offset: 0 <6>[ 272.641765] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.646256] lkdtm: Stack offset: 0 <6>[ 272.650837] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.655489] lkdtm: Stack offset: 0 <6>[ 272.660099] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.664573] lkdtm: Stack offset: 0 <6>[ 272.669307] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.673761] lkdtm: Stack offset: 0 <6>[ 272.678035] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.683032] lkdtm: Stack offset: 0 <6>[ 272.687296] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.692162] lkdtm: Stack offset: 0 <6>[ 272.696381] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.701346] lkdtm: Stack offset: 0 <6>[ 272.705545] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.710514] lkdtm: Stack offset: 0 <6>[ 272.714953] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.719613] lkdtm: Stack offset: 0 <6>[ 272.723860] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.728847] lkdtm: Stack offset: 0 <6>[ 272.736567] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.740759] lkdtm: Stack offset: 0 <6>[ 272.747464] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.754645] lkdtm: Stack offset: 0 <6>[ 272.765124] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.772909] lkdtm: Stack offset: 0 <6>[ 272.776640] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.780948] lkdtm: Stack offset: 0 <6>[ 272.785059] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.790430] lkdtm: Stack offset: 0 <6>[ 272.794347] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.799231] lkdtm: Stack offset: 0 <6>[ 272.803484] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.808655] lkdtm: Stack offset: 0 <6>[ 272.812798] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.817579] lkdtm: Stack offset: 0 <6>[ 272.821797] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.826830] lkdtm: Stack offset: 0 <6>[ 272.831343] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.835912] lkdtm: Stack offset: 0 <6>[ 272.840086] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.845072] lkdtm: Stack offset: 0 <6>[ 272.849530] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.854285] lkdtm: Stack offset: 0 <6>[ 272.858638] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.863443] lkdtm: Stack offset: 0 <6>[ 272.867664] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.872644] lkdtm: Stack offset: 0 <6>[ 272.876803] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.881800] lkdtm: Stack offset: 0 <6>[ 272.885975] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.890957] lkdtm: Stack offset: 0 <6>[ 272.895120] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.900111] lkdtm: Stack offset: 0 <6>[ 272.904369] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.909318] lkdtm: Stack offset: 0 <6>[ 272.913463] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.918440] lkdtm: Stack offset: 0 <6>[ 272.922759] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.927680] lkdtm: Stack offset: 0 <6>[ 272.932052] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.936843] lkdtm: Stack offset: 0 <6>[ 272.941033] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.946021] lkdtm: Stack offset: 0 <6>[ 272.950287] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.955140] lkdtm: Stack offset: 0 <6>[ 272.959355] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.964311] lkdtm: Stack offset: 0 <6>[ 272.968634] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.973503] lkdtm: Stack offset: 0 <6>[ 272.977703] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.982749] lkdtm: Stack offset: 0 <6>[ 272.987020] lkdtm: Performing direct entry REPORT_STACK <6>[ 272.991906] lkdtm: Stack offset: 0 <6>[ 272.996080] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.001076] lkdtm: Stack offset: 0 <6>[ 273.005341] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.010188] lkdtm: Stack offset: 0 <6>[ 273.014473] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.019323] lkdtm: Stack offset: 0 <6>[ 273.023561] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.028743] lkdtm: Stack offset: 0 <6>[ 273.032762] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.037740] lkdtm: Stack offset: 0 <6>[ 273.041897] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.046984] lkdtm: Stack offset: 0 <6>[ 273.051182] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.056043] lkdtm: Stack offset: 0 <6>[ 273.060373] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.066552] lkdtm: Stack offset: 0 <6>[ 273.069837] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.074446] lkdtm: Stack offset: 0 <6>[ 273.088880] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.096563] lkdtm: Stack offset: 0 <6>[ 273.103659] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.111064] lkdtm: Stack offset: 0 <6>[ 273.115816] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.120002] lkdtm: Stack offset: 0 <6>[ 273.124697] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.129159] lkdtm: Stack offset: 0 <6>[ 273.134093] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.138362] lkdtm: Stack offset: 0 <6>[ 273.142676] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.147893] lkdtm: Stack offset: 0 <6>[ 273.151993] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.156811] lkdtm: Stack offset: 0 <6>[ 273.160907] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.165888] lkdtm: Stack offset: 0 <6>[ 273.170063] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.175037] lkdtm: Stack offset: 0 <6>[ 273.179396] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.184248] lkdtm: Stack offset: 0 <6>[ 273.188642] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.193393] lkdtm: Stack offset: 0 <6>[ 273.197716] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.202600] lkdtm: Stack offset: 0 <6>[ 273.206778] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.211810] lkdtm: Stack offset: 0 <6>[ 273.215971] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.220966] lkdtm: Stack offset: 0 <6>[ 273.225149] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.230078] lkdtm: Stack offset: 0 <6>[ 273.234403] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.239283] lkdtm: Stack offset: 0 <6>[ 273.243495] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.248461] lkdtm: Stack offset: 0 <6>[ 273.252660] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.257637] lkdtm: Stack offset: 0 <6>[ 273.261788] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.266917] lkdtm: Stack offset: 0 <6>[ 273.270981] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.276004] lkdtm: Stack offset: 0 <6>[ 273.280163] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.285188] lkdtm: Stack offset: 0 <6>[ 273.289394] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.294343] lkdtm: Stack offset: 0 <6>[ 273.298500] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.303476] lkdtm: Stack offset: 0 <6>[ 273.307757] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.312751] lkdtm: Stack offset: 0 <6>[ 273.316933] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.321834] lkdtm: Stack offset: 0 <6>[ 273.326014] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.331001] lkdtm: Stack offset: 0 <6>[ 273.335356] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.340251] lkdtm: Stack offset: 0 <6>[ 273.344717] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.349398] lkdtm: Stack offset: 0 <6>[ 273.353615] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.358585] lkdtm: Stack offset: 0 <6>[ 273.362755] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.367748] lkdtm: Stack offset: 0 <6>[ 273.371928] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.376916] lkdtm: Stack offset: 0 <6>[ 273.381085] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.386069] lkdtm: Stack offset: 0 <6>[ 273.390340] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.395181] lkdtm: Stack offset: 0 <6>[ 273.399463] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.404434] lkdtm: Stack offset: 0 <6>[ 273.408581] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.413829] lkdtm: Stack offset: 0 <6>[ 273.419754] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.425773] lkdtm: Stack offset: 0 <6>[ 273.428890] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.436542] lkdtm: Stack offset: 0 <6>[ 273.442084] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.451731] lkdtm: Stack offset: 0 <6>[ 273.455950] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.460290] lkdtm: Stack offset: 0 <6>[ 273.464482] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.469343] lkdtm: Stack offset: 0 <6>[ 273.473496] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.478540] lkdtm: Stack offset: 0 <6>[ 273.483087] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.488045] lkdtm: Stack offset: 0 <6>[ 273.492019] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.496929] lkdtm: Stack offset: 0 <6>[ 273.501132] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.505996] lkdtm: Stack offset: 0 <6>[ 273.510359] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.515190] lkdtm: Stack offset: 0 <6>[ 273.519460] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.524397] lkdtm: Stack offset: 0 <6>[ 273.528802] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.533759] lkdtm: Stack offset: 0 <6>[ 273.537772] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.542767] lkdtm: Stack offset: 0 <6>[ 273.547419] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.551905] lkdtm: Stack offset: 0 <6>[ 273.556038] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.561155] lkdtm: Stack offset: 0 <6>[ 273.565480] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.570252] lkdtm: Stack offset: 0 <6>[ 273.579318] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.583612] lkdtm: Stack offset: 0 <6>[ 273.596149] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.602926] lkdtm: Stack offset: 0 <6>[ 273.606735] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.610964] lkdtm: Stack offset: 0 <6>[ 273.615584] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.620190] lkdtm: Stack offset: 0 <6>[ 273.624408] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.629266] lkdtm: Stack offset: 0 <6>[ 273.633529] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.638488] lkdtm: Stack offset: 0 <6>[ 273.642687] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.647639] lkdtm: Stack offset: 0 <6>[ 273.651797] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.657071] lkdtm: Stack offset: 0 <6>[ 273.661051] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.666172] lkdtm: Stack offset: 0 <6>[ 273.670285] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.675121] lkdtm: Stack offset: 0 <6>[ 273.679426] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.684373] lkdtm: Stack offset: 0 <6>[ 273.688607] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.693520] lkdtm: Stack offset: 0 <6>[ 273.697730] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.702702] lkdtm: Stack offset: 0 <6>[ 273.706860] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.711853] lkdtm: Stack offset: 0 <6>[ 273.716033] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.721015] lkdtm: Stack offset: 0 <6>[ 273.725376] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.730236] lkdtm: Stack offset: 0 <6>[ 273.734402] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.739370] lkdtm: Stack offset: 0 <6>[ 273.743584] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.750463] lkdtm: Stack offset: 0 <6>[ 273.755163] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.759539] lkdtm: Stack offset: 0 <6>[ 273.773635] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.777897] lkdtm: Stack offset: 0 <6>[ 273.782814] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.786975] lkdtm: Stack offset: 0 <6>[ 273.792041] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.796287] lkdtm: Stack offset: 0 <6>[ 273.801553] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.805735] lkdtm: Stack offset: 0 <6>[ 273.810549] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.814905] lkdtm: Stack offset: 0 <6>[ 273.819686] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.824145] lkdtm: Stack offset: 0 <6>[ 273.828809] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.833278] lkdtm: Stack offset: 0 <6>[ 273.837927] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.842685] lkdtm: Stack offset: 0 <6>[ 273.847100] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.851820] lkdtm: Stack offset: 0 <6>[ 273.856489] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.860858] lkdtm: Stack offset: 0 <6>[ 273.865569] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.870014] lkdtm: Stack offset: 0 <6>[ 273.874682] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.879134] lkdtm: Stack offset: 0 <6>[ 273.883848] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.888346] lkdtm: Stack offset: 0 <6>[ 273.892929] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.897494] lkdtm: Stack offset: 0 <6>[ 273.902060] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.906769] lkdtm: Stack offset: 0 <6>[ 273.911176] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.915826] lkdtm: Stack offset: 0 <6>[ 273.920653] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.925007] lkdtm: Stack offset: 0 <6>[ 273.929740] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.934227] lkdtm: Stack offset: 0 <6>[ 273.938837] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.943409] lkdtm: Stack offset: 0 <6>[ 273.947962] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.952582] lkdtm: Stack offset: 0 <6>[ 273.957527] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.961670] lkdtm: Stack offset: 0 <6>[ 273.966455] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.970911] lkdtm: Stack offset: 0 <6>[ 273.975577] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.980035] lkdtm: Stack offset: 0 <6>[ 273.984379] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.989258] lkdtm: Stack offset: 0 <6>[ 273.993476] lkdtm: Performing direct entry REPORT_STACK <6>[ 273.998443] lkdtm: Stack offset: 0 <6>[ 274.002636] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.007648] lkdtm: Stack offset: 0 <6>[ 274.011815] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.016806] lkdtm: Stack offset: 0 <6>[ 274.020982] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.025963] lkdtm: Stack offset: 0 <6>[ 274.030128] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.035109] lkdtm: Stack offset: 0 <6>[ 274.039470] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.044320] lkdtm: Stack offset: 0 <6>[ 274.048496] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.053469] lkdtm: Stack offset: 0 <6>[ 274.057678] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.064733] lkdtm: Stack offset: 0 <6>[ 274.071128] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.078384] lkdtm: Stack offset: 0 <6>[ 274.096663] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.105701] lkdtm: Stack offset: 0 <6>[ 274.109794] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.114232] lkdtm: Stack offset: 0 <6>[ 274.118659] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.123161] lkdtm: Stack offset: 0 <6>[ 274.127418] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.132721] lkdtm: Stack offset: 0 <6>[ 274.138024] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.142266] lkdtm: Stack offset: 0 <6>[ 274.146922] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.151404] lkdtm: Stack offset: 0 <6>[ 274.156032] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.160614] lkdtm: Stack offset: 0 <6>[ 274.165185] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.169791] lkdtm: Stack offset: 0 <6>[ 274.174517] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.178966] lkdtm: Stack offset: 0 <6>[ 274.183637] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.188103] lkdtm: Stack offset: 0 <6>[ 274.192939] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.197444] lkdtm: Stack offset: 0 <6>[ 274.201940] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.206557] lkdtm: Stack offset: 0 <6>[ 274.211442] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.215594] lkdtm: Stack offset: 0 <6>[ 274.220293] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.224847] lkdtm: Stack offset: 0 <6>[ 274.229538] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.234011] lkdtm: Stack offset: 0 <6>[ 274.238701] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.243158] lkdtm: Stack offset: 0 <6>[ 274.247797] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.252365] lkdtm: Stack offset: 0 <6>[ 274.256939] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.261516] lkdtm: Stack offset: 0 <6>[ 274.266071] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.270757] lkdtm: Stack offset: 0 <6>[ 274.275426] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.279879] lkdtm: Stack offset: 0 <6>[ 274.284592] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.289042] lkdtm: Stack offset: 0 <6>[ 274.293698] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.298300] lkdtm: Stack offset: 0 <6>[ 274.302883] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.307356] lkdtm: Stack offset: 0 <6>[ 274.312123] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.316595] lkdtm: Stack offset: 0 <6>[ 274.321119] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.325844] lkdtm: Stack offset: 0 <6>[ 274.330395] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.334934] lkdtm: Stack offset: 0 <6>[ 274.339580] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.344039] lkdtm: Stack offset: 0 <6>[ 274.348802] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.353274] lkdtm: Stack offset: 0 <6>[ 274.357835] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.362424] lkdtm: Stack offset: 0 <6>[ 274.367011] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.371592] lkdtm: Stack offset: 0 <6>[ 274.376187] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.380744] lkdtm: Stack offset: 0 <6>[ 274.385539] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.389982] lkdtm: Stack offset: 0 <6>[ 274.394655] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.399114] lkdtm: Stack offset: 0 <6>[ 274.403772] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.408343] lkdtm: Stack offset: 0 <6>[ 274.413068] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.417443] lkdtm: Stack offset: 0 <6>[ 274.422440] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.426763] lkdtm: Stack offset: 0 <6>[ 274.431964] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.436190] lkdtm: Stack offset: 0 <6>[ 274.441037] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.445324] lkdtm: Stack offset: 0 <6>[ 274.450152] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.454492] lkdtm: Stack offset: 0 <6>[ 274.459835] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.464054] lkdtm: Stack offset: 0 <6>[ 274.472044] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.476471] lkdtm: Stack offset: 0 <6>[ 274.481079] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.485787] lkdtm: Stack offset: 0 <6>[ 274.491848] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.496069] lkdtm: Stack offset: 0 <6>[ 274.500910] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.505335] lkdtm: Stack offset: 0 <6>[ 274.509899] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.514457] lkdtm: Stack offset: 0 <6>[ 274.518889] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.523628] lkdtm: Stack offset: 0 <6>[ 274.528601] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.532789] lkdtm: Stack offset: 0 <6>[ 274.537626] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.542004] lkdtm: Stack offset: 0 <6>[ 274.546690] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.551161] lkdtm: Stack offset: 0 <6>[ 274.555829] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.560300] lkdtm: Stack offset: 0 <6>[ 274.564985] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.569554] lkdtm: Stack offset: 0 <6>[ 274.574141] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.578709] lkdtm: Stack offset: 0 <6>[ 274.583455] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.587798] lkdtm: Stack offset: 0 <6>[ 274.594057] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.598257] lkdtm: Stack offset: 0 <6>[ 274.602829] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.607400] lkdtm: Stack offset: 0 <6>[ 274.612038] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.616652] lkdtm: Stack offset: 0 <6>[ 274.621302] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.625795] lkdtm: Stack offset: 0 <6>[ 274.630482] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.634918] lkdtm: Stack offset: 0 <6>[ 274.639680] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.644137] lkdtm: Stack offset: 0 <6>[ 274.648792] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.653365] lkdtm: Stack offset: 0 <6>[ 274.657926] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.662497] lkdtm: Stack offset: 0 <6>[ 274.667069] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.671654] lkdtm: Stack offset: 0 <6>[ 274.676182] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.680827] lkdtm: Stack offset: 0 <6>[ 274.685558] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.690023] lkdtm: Stack offset: 0 <6>[ 274.694691] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.699153] lkdtm: Stack offset: 0 <6>[ 274.703864] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.708341] lkdtm: Stack offset: 0 <6>[ 274.713000] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.717570] lkdtm: Stack offset: 0 <6>[ 274.722115] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.726728] lkdtm: Stack offset: 0 <6>[ 274.731319] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.735891] lkdtm: Stack offset: 0 <6>[ 274.740535] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.745089] lkdtm: Stack offset: 0 <6>[ 274.749759] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.754248] lkdtm: Stack offset: 0 <6>[ 274.758833] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.763397] lkdtm: Stack offset: 0 <6>[ 274.767974] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.772549] lkdtm: Stack offset: 0 <6>[ 274.777295] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.781754] lkdtm: Stack offset: 0 <6>[ 274.786536] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.790917] lkdtm: Stack offset: 0 <6>[ 274.795779] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.800174] lkdtm: Stack offset: 0 <6>[ 274.804940] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.809335] lkdtm: Stack offset: 0 <6>[ 274.814188] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.818416] lkdtm: Stack offset: 0 <6>[ 274.824726] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.828919] lkdtm: Stack offset: 0 <6>[ 274.833752] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.838253] lkdtm: Stack offset: 0 <6>[ 274.842913] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.847450] lkdtm: Stack offset: 0 <6>[ 274.852111] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.856503] lkdtm: Stack offset: 0 <6>[ 274.861294] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.865665] lkdtm: Stack offset: 0 <6>[ 274.870511] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.874894] lkdtm: Stack offset: 0 <6>[ 274.879757] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.884048] lkdtm: Stack offset: 0 <6>[ 274.888864] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.893148] lkdtm: Stack offset: 0 <6>[ 274.898023] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.902405] lkdtm: Stack offset: 0 <6>[ 274.907076] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.911642] lkdtm: Stack offset: 0 <6>[ 274.916191] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.920676] lkdtm: Stack offset: 0 <6>[ 274.925476] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.929822] lkdtm: Stack offset: 0 <6>[ 274.934588] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.939287] lkdtm: Stack offset: 0 <6>[ 274.943800] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.948298] lkdtm: Stack offset: 0 <6>[ 274.952919] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.957395] lkdtm: Stack offset: 0 <6>[ 274.961985] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.966563] lkdtm: Stack offset: 0 <6>[ 274.971166] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.975746] lkdtm: Stack offset: 0 <6>[ 274.980438] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.984883] lkdtm: Stack offset: 0 <6>[ 274.989655] lkdtm: Performing direct entry REPORT_STACK <6>[ 274.994113] lkdtm: Stack offset: 0 <6>[ 274.998780] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.003249] lkdtm: Stack offset: 0 <6>[ 275.007915] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.012487] lkdtm: Stack offset: 0 <6>[ 275.017056] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.021632] lkdtm: Stack offset: 0 <6>[ 275.026156] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.030806] lkdtm: Stack offset: 0 <6>[ 275.035489] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.039962] lkdtm: Stack offset: 0 <6>[ 275.044630] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.049085] lkdtm: Stack offset: 0 <6>[ 275.053837] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.058310] lkdtm: Stack offset: 0 <6>[ 275.062866] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.067535] lkdtm: Stack offset: 0 <6>[ 275.072092] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.076675] lkdtm: Stack offset: 0 <6>[ 275.081182] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.085823] lkdtm: Stack offset: 0 <6>[ 275.090530] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.095029] lkdtm: Stack offset: 0 <6>[ 275.099720] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.104307] lkdtm: Stack offset: 0 <6>[ 275.108890] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.113372] lkdtm: Stack offset: 0 <6>[ 275.117944] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.122510] lkdtm: Stack offset: 0 <6>[ 275.127105] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.131685] lkdtm: Stack offset: 0 <6>[ 275.136475] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.140848] lkdtm: Stack offset: 0 <6>[ 275.145647] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.149994] lkdtm: Stack offset: 0 <6>[ 275.154723] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.159228] lkdtm: Stack offset: 0 <6>[ 275.163923] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.168455] lkdtm: Stack offset: 0 <6>[ 275.173153] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.177585] lkdtm: Stack offset: 0 <6>[ 275.182459] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.186729] lkdtm: Stack offset: 0 <6>[ 275.191593] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.195981] lkdtm: Stack offset: 0 <6>[ 275.200727] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.205112] lkdtm: Stack offset: 0 <6>[ 275.209934] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.214319] lkdtm: Stack offset: 0 <6>[ 275.219085] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.223470] lkdtm: Stack offset: 0 <6>[ 275.228301] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.232693] lkdtm: Stack offset: 0 <6>[ 275.237572] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.241775] lkdtm: Stack offset: 0 <6>[ 275.246689] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.250988] lkdtm: Stack offset: 0 <6>[ 275.255808] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.260230] lkdtm: Stack offset: 0 <6>[ 275.265724] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.269910] lkdtm: Stack offset: 0 <6>[ 275.274840] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.279122] lkdtm: Stack offset: 0 <6>[ 275.283903] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.288361] lkdtm: Stack offset: 0 <6>[ 275.292973] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.297469] lkdtm: Stack offset: 0 <6>[ 275.302066] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.306629] lkdtm: Stack offset: 0 <6>[ 275.311419] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.315780] lkdtm: Stack offset: 0 <6>[ 275.320596] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.324945] lkdtm: Stack offset: 0 <6>[ 275.329697] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.334162] lkdtm: Stack offset: 0 <6>[ 275.338816] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.343615] lkdtm: Stack offset: 0 <6>[ 275.348013] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.352623] lkdtm: Stack offset: 0 <6>[ 275.357113] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.361725] lkdtm: Stack offset: 0 <6>[ 275.366396] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.370856] lkdtm: Stack offset: 0 <6>[ 275.375562] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.380009] lkdtm: Stack offset: 0 <6>[ 275.384732] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.389219] lkdtm: Stack offset: 0 <6>[ 275.393833] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.398420] lkdtm: Stack offset: 0 <6>[ 275.402966] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.407536] lkdtm: Stack offset: 0 <6>[ 275.412148] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.416748] lkdtm: Stack offset: 0 <6>[ 275.421436] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.425902] lkdtm: Stack offset: 0 <6>[ 275.430572] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.435043] lkdtm: Stack offset: 0 <6>[ 275.439786] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.444271] lkdtm: Stack offset: 0 <6>[ 275.448825] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.453401] lkdtm: Stack offset: 0 <6>[ 275.458057] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.462629] lkdtm: Stack offset: 0 <6>[ 275.467131] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.471842] lkdtm: Stack offset: 0 <6>[ 275.476514] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.481012] lkdtm: Stack offset: 0 <6>[ 275.485716] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.490096] lkdtm: Stack offset: 0 <6>[ 275.494849] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.499322] lkdtm: Stack offset: 0 <6>[ 275.503876] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.508461] lkdtm: Stack offset: 0 <6>[ 275.513031] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.517606] lkdtm: Stack offset: 0 <6>[ 275.522404] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.526759] lkdtm: Stack offset: 0 <6>[ 275.531562] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.536009] lkdtm: Stack offset: 0 <6>[ 275.540666] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.545121] lkdtm: Stack offset: 0 <6>[ 275.549838] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.554342] lkdtm: Stack offset: 0 <6>[ 275.558892] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.563584] lkdtm: Stack offset: 0 <6>[ 275.568261] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.572729] lkdtm: Stack offset: 0 <6>[ 275.577544] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.581831] lkdtm: Stack offset: 0 <6>[ 275.586671] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.591072] lkdtm: Stack offset: 0 <6>[ 275.595814] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.600237] lkdtm: Stack offset: 0 <6>[ 275.605011] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.609381] lkdtm: Stack offset: 0 <6>[ 275.614098] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.618692] lkdtm: Stack offset: 0 <6>[ 275.623619] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.627815] lkdtm: Stack offset: 0 <6>[ 275.632690] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.637081] lkdtm: Stack offset: 0 <6>[ 275.641898] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.646220] lkdtm: Stack offset: 0 <6>[ 275.652999] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.657272] lkdtm: Stack offset: 0 <6>[ 275.662055] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.666439] lkdtm: Stack offset: 0 <6>[ 275.671165] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.675597] lkdtm: Stack offset: 0 <6>[ 275.680685] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.684878] lkdtm: Stack offset: 0 <6>[ 275.689641] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.694091] lkdtm: Stack offset: 0 <6>[ 275.698813] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.703283] lkdtm: Stack offset: 0 <6>[ 275.707895] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.712498] lkdtm: Stack offset: 0 <6>[ 275.717082] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.721571] lkdtm: Stack offset: 0 <6>[ 275.726168] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.730744] lkdtm: Stack offset: 0 <6>[ 275.735767] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.740060] lkdtm: Stack offset: 0 <6>[ 275.744670] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.749127] lkdtm: Stack offset: 0 <6>[ 275.753836] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.758309] lkdtm: Stack offset: 0 <6>[ 275.762875] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.767548] lkdtm: Stack offset: 0 <6>[ 275.772118] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.776723] lkdtm: Stack offset: 0 <6>[ 275.781387] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.785849] lkdtm: Stack offset: 0 <6>[ 275.790514] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.794965] lkdtm: Stack offset: 0 <6>[ 275.799177] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.804187] lkdtm: Stack offset: 0 <6>[ 275.808484] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.813329] lkdtm: Stack offset: 0 <6>[ 275.817609] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.822595] lkdtm: Stack offset: 0 <6>[ 275.826771] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.831778] lkdtm: Stack offset: 0 <6>[ 275.835938] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.840960] lkdtm: Stack offset: 0 <6>[ 275.845037] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.850133] lkdtm: Stack offset: 0 <6>[ 275.854407] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.859252] lkdtm: Stack offset: 0 <6>[ 275.863394] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.868365] lkdtm: Stack offset: 0 <6>[ 275.872674] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.877558] lkdtm: Stack offset: 0 <6>[ 275.881804] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.886838] lkdtm: Stack offset: 0 <6>[ 275.890950] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.895970] lkdtm: Stack offset: 0 <6>[ 275.900158] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.905106] lkdtm: Stack offset: 0 <6>[ 275.909325] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.914286] lkdtm: Stack offset: 0 <6>[ 275.918498] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.923468] lkdtm: Stack offset: 0 <6>[ 275.927657] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.932641] lkdtm: Stack offset: 0 <6>[ 275.936959] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.941836] lkdtm: Stack offset: 0 <6>[ 275.946020] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.951004] lkdtm: Stack offset: 0 <6>[ 275.955312] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.960184] lkdtm: Stack offset: 0 <6>[ 275.964511] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.969396] lkdtm: Stack offset: 0 <6>[ 275.975963] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.980174] lkdtm: Stack offset: 0 <6>[ 275.984539] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.989323] lkdtm: Stack offset: 0 <6>[ 275.993742] lkdtm: Performing direct entry REPORT_STACK <6>[ 275.998512] lkdtm: Stack offset: 0 <6>[ 276.004443] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.008627] lkdtm: Stack offset: 0 <6>[ 276.015307] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.019483] lkdtm: Stack offset: 0 <6>[ 276.024031] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.028744] lkdtm: Stack offset: 0 <6>[ 276.032977] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.038000] lkdtm: Stack offset: 0 <6>[ 276.042675] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.047161] lkdtm: Stack offset: 0 <6>[ 276.051893] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.056616] lkdtm: Stack offset: 0 <6>[ 276.060989] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.065387] lkdtm: Stack offset: 0 <6>[ 276.070337] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.074593] lkdtm: Stack offset: 0 <6>[ 276.079326] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.083785] lkdtm: Stack offset: 0 <6>[ 276.088484] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.092955] lkdtm: Stack offset: 0 <6>[ 276.097679] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.102133] lkdtm: Stack offset: 0 <6>[ 276.106764] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.111249] lkdtm: Stack offset: 0 <6>[ 276.115882] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.120452] lkdtm: Stack offset: 0 <6>[ 276.125154] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.129659] lkdtm: Stack offset: 0 <6>[ 276.134447] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.138800] lkdtm: Stack offset: 0 <6>[ 276.143493] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.147955] lkdtm: Stack offset: 0 <6>[ 276.152648] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.157104] lkdtm: Stack offset: 0 <6>[ 276.161818] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.166284] lkdtm: Stack offset: 0 <6>[ 276.170992] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.175472] lkdtm: Stack offset: 0 <6>[ 276.180094] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.184709] lkdtm: Stack offset: 0 <6>[ 276.188902] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.193891] lkdtm: Stack offset: 0 <6>[ 276.198084] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.203066] lkdtm: Stack offset: 0 <6>[ 276.207321] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.212163] lkdtm: Stack offset: 0 <6>[ 276.216422] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.221392] lkdtm: Stack offset: 0 <6>[ 276.225597] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.230564] lkdtm: Stack offset: 0 <6>[ 276.234746] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.239721] lkdtm: Stack offset: 0 <6>[ 276.243886] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.248902] lkdtm: Stack offset: 0 <6>[ 276.253063] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.258098] lkdtm: Stack offset: 0 <6>[ 276.262728] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.267223] lkdtm: Stack offset: 0 <6>[ 276.271556] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.276428] lkdtm: Stack offset: 0 <6>[ 276.280667] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.285545] lkdtm: Stack offset: 0 <6>[ 276.289789] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.294763] lkdtm: Stack offset: 0 <6>[ 276.298944] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.303933] lkdtm: Stack offset: 0 <6>[ 276.308105] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.313087] lkdtm: Stack offset: 0 <6>[ 276.317451] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.322295] lkdtm: Stack offset: 0 <6>[ 276.326466] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.331442] lkdtm: Stack offset: 0 <6>[ 276.335729] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.340607] lkdtm: Stack offset: 0 <6>[ 276.344904] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.349790] lkdtm: Stack offset: 0 <6>[ 276.354063] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.358980] lkdtm: Stack offset: 0 <6>[ 276.363333] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.368234] lkdtm: Stack offset: 0 <6>[ 276.372460] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.377341] lkdtm: Stack offset: 0 <6>[ 276.381679] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.386570] lkdtm: Stack offset: 0 <6>[ 276.392277] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.396478] lkdtm: Stack offset: 0 <6>[ 276.401404] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.405733] lkdtm: Stack offset: 0 <6>[ 276.410646] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.414870] lkdtm: Stack offset: 0 <6>[ 276.419768] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.424189] lkdtm: Stack offset: 0 <6>[ 276.429458] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.433693] lkdtm: Stack offset: 0 <6>[ 276.441497] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.445835] lkdtm: Stack offset: 0 <6>[ 276.450658] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.455109] lkdtm: Stack offset: 0 <6>[ 276.459829] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.464106] lkdtm: Stack offset: 0 <6>[ 276.468790] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.473277] lkdtm: Stack offset: 0 <6>[ 276.477881] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.482453] lkdtm: Stack offset: 0 <6>[ 276.487056] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.491635] lkdtm: Stack offset: 0 <6>[ 276.496146] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.500852] lkdtm: Stack offset: 0 <6>[ 276.505451] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.510106] lkdtm: Stack offset: 0 <6>[ 276.514704] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.519265] lkdtm: Stack offset: 0 <6>[ 276.523853] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.528324] lkdtm: Stack offset: 0 <6>[ 276.532897] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.537467] lkdtm: Stack offset: 0 <6>[ 276.542022] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.546700] lkdtm: Stack offset: 0 <6>[ 276.551307] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.555757] lkdtm: Stack offset: 0 <6>[ 276.560045] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.565051] lkdtm: Stack offset: 0 <6>[ 276.569318] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.574165] lkdtm: Stack offset: 0 <6>[ 276.578525] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.583405] lkdtm: Stack offset: 0 <6>[ 276.587567] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.592566] lkdtm: Stack offset: 0 <6>[ 276.596759] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.601750] lkdtm: Stack offset: 0 <6>[ 276.605931] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.610908] lkdtm: Stack offset: 0 <6>[ 276.615097] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.620096] lkdtm: Stack offset: 0 <6>[ 276.624361] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.629219] lkdtm: Stack offset: 0 <6>[ 276.633382] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.638387] lkdtm: Stack offset: 0 <6>[ 276.642612] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.647668] lkdtm: Stack offset: 0 <6>[ 276.651839] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.656728] lkdtm: Stack offset: 0 <6>[ 276.661006] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.666010] lkdtm: Stack offset: 0 <6>[ 276.670091] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.675076] lkdtm: Stack offset: 0 <6>[ 276.679444] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.684292] lkdtm: Stack offset: 0 <6>[ 276.688439] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.693413] lkdtm: Stack offset: 0 <6>[ 276.697717] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.702590] lkdtm: Stack offset: 0 <6>[ 276.706841] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.711839] lkdtm: Stack offset: 0 <6>[ 276.716025] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.721010] lkdtm: Stack offset: 0 <6>[ 276.725302] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.730180] lkdtm: Stack offset: 0 <6>[ 276.734519] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.739293] lkdtm: Stack offset: 0 <6>[ 276.743683] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.748572] lkdtm: Stack offset: 0 <6>[ 276.752861] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.757755] lkdtm: Stack offset: 0 <6>[ 276.761912] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.766947] lkdtm: Stack offset: 0 <6>[ 276.771108] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.776269] lkdtm: Stack offset: 0 <6>[ 276.782010] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.786266] lkdtm: Stack offset: 0 <6>[ 276.790607] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.795390] lkdtm: Stack offset: 0 <6>[ 276.799721] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.804784] lkdtm: Stack offset: 0 <6>[ 276.808991] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.813796] lkdtm: Stack offset: 0 <6>[ 276.818820] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.823035] lkdtm: Stack offset: 0 <6>[ 276.827880] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.832299] lkdtm: Stack offset: 0 <6>[ 276.836988] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.841486] lkdtm: Stack offset: 0 <6>[ 276.846159] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.850563] lkdtm: Stack offset: 0 <6>[ 276.855131] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.859729] lkdtm: Stack offset: 0 <6>[ 276.864498] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.868865] lkdtm: Stack offset: 0 <6>[ 276.873727] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.878108] lkdtm: Stack offset: 0 <6>[ 276.882781] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.887270] lkdtm: Stack offset: 0 <6>[ 276.891872] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.896488] lkdtm: Stack offset: 0 <6>[ 276.901108] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.905578] lkdtm: Stack offset: 0 <6>[ 276.910545] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.914805] lkdtm: Stack offset: 0 <6>[ 276.919520] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.923973] lkdtm: Stack offset: 0 <6>[ 276.928665] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.933129] lkdtm: Stack offset: 0 <6>[ 276.937828] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.942302] lkdtm: Stack offset: 0 <6>[ 276.946958] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.951529] lkdtm: Stack offset: 0 <6>[ 276.956090] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.960669] lkdtm: Stack offset: 0 <6>[ 276.965179] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.969826] lkdtm: Stack offset: 0 <6>[ 276.974008] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.979030] lkdtm: Stack offset: 0 <6>[ 276.983257] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.988236] lkdtm: Stack offset: 0 <6>[ 276.992443] lkdtm: Performing direct entry REPORT_STACK <6>[ 276.997411] lkdtm: Stack offset: 0 <6>[ 277.001631] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.006606] lkdtm: Stack offset: 0 <6>[ 277.010773] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.015761] lkdtm: Stack offset: 0 <6>[ 277.019938] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.024921] lkdtm: Stack offset: 0 <6>[ 277.029085] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.034067] lkdtm: Stack offset: 0 <6>[ 277.038449] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.043220] lkdtm: Stack offset: 0 <6>[ 277.047481] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.052454] lkdtm: Stack offset: 0 <6>[ 277.056694] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.061672] lkdtm: Stack offset: 0 <6>[ 277.065845] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.070843] lkdtm: Stack offset: 0 <6>[ 277.075028] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.080011] lkdtm: Stack offset: 0 <6>[ 277.084174] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.089141] lkdtm: Stack offset: 0 <6>[ 277.093363] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.098325] lkdtm: Stack offset: 0 <6>[ 277.102539] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.107511] lkdtm: Stack offset: 0 <6>[ 277.111713] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.116686] lkdtm: Stack offset: 0 <6>[ 277.120936] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.125830] lkdtm: Stack offset: 0 <6>[ 277.137186] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.141623] lkdtm: Stack offset: 0 <6>[ 277.150574] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.154764] lkdtm: Stack offset: 0 <6>[ 277.159734] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.164543] lkdtm: Stack offset: 0 <6>[ 277.168819] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.173246] lkdtm: Stack offset: 0 <6>[ 277.177949] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.182337] lkdtm: Stack offset: 0 <6>[ 277.187109] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.191519] lkdtm: Stack offset: 0 <6>[ 277.196587] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.200775] lkdtm: Stack offset: 0 <6>[ 277.205728] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.210019] lkdtm: Stack offset: 0 <6>[ 277.214827] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.219226] lkdtm: Stack offset: 0 <6>[ 277.223886] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.228402] lkdtm: Stack offset: 0 <6>[ 277.233032] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.237523] lkdtm: Stack offset: 0 <6>[ 277.242107] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.246676] lkdtm: Stack offset: 0 <6>[ 277.251502] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.255871] lkdtm: Stack offset: 0 <6>[ 277.260594] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.265277] lkdtm: Stack offset: 0 <6>[ 277.269755] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.274374] lkdtm: Stack offset: 0 <6>[ 277.279369] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.283513] lkdtm: Stack offset: 0 <6>[ 277.288151] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.292806] lkdtm: Stack offset: 0 <6>[ 277.297002] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.301998] lkdtm: Stack offset: 0 <6>[ 277.306183] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.311139] lkdtm: Stack offset: 0 <6>[ 277.315444] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.320323] lkdtm: Stack offset: 0 <6>[ 277.324672] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.329475] lkdtm: Stack offset: 0 <6>[ 277.333778] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.338654] lkdtm: Stack offset: 0 <6>[ 277.342916] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.347813] lkdtm: Stack offset: 0 <6>[ 277.352074] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.357244] lkdtm: Stack offset: 0 <6>[ 277.361822] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.366260] lkdtm: Stack offset: 0 <6>[ 277.370950] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.375326] lkdtm: Stack offset: 0 <6>[ 277.380087] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.384584] lkdtm: Stack offset: 0 <6>[ 277.389442] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.393724] lkdtm: Stack offset: 0 <6>[ 277.398437] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.402906] lkdtm: Stack offset: 0 <6>[ 277.407631] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.412080] lkdtm: Stack offset: 0 <6>[ 277.416728] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.421219] lkdtm: Stack offset: 0 <6>[ 277.425850] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.430626] lkdtm: Stack offset: 0 <6>[ 277.435033] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.439754] lkdtm: Stack offset: 0 <6>[ 277.444141] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.448710] lkdtm: Stack offset: 0 <6>[ 277.453536] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.457881] lkdtm: Stack offset: 0 <6>[ 277.462649] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.467109] lkdtm: Stack offset: 0 <6>[ 277.471758] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.476244] lkdtm: Stack offset: 0 <6>[ 277.480877] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.485436] lkdtm: Stack offset: 0 <6>[ 277.490111] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.494607] lkdtm: Stack offset: 0 <6>[ 277.499513] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.503820] lkdtm: Stack offset: 0 <6>[ 277.508677] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.512969] lkdtm: Stack offset: 0 <6>[ 277.517887] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.522187] lkdtm: Stack offset: 0 <6>[ 277.527997] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.532247] lkdtm: Stack offset: 0 <6>[ 277.536999] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.541444] lkdtm: Stack offset: 0 <6>[ 277.546138] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.550701] lkdtm: Stack offset: 0 <6>[ 277.555139] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.559776] lkdtm: Stack offset: 0 <6>[ 277.564487] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.568959] lkdtm: Stack offset: 0 <6>[ 277.573686] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.578044] lkdtm: Stack offset: 0 <6>[ 277.582773] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.587253] lkdtm: Stack offset: 0 <6>[ 277.591933] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.596620] lkdtm: Stack offset: 0 <6>[ 277.601105] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.605816] lkdtm: Stack offset: 0 <6>[ 277.610341] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.614811] lkdtm: Stack offset: 0 <6>[ 277.619466] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.623919] lkdtm: Stack offset: 0 <6>[ 277.628686] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.633154] lkdtm: Stack offset: 0 <6>[ 277.637898] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.642368] lkdtm: Stack offset: 0 <6>[ 277.646964] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.651539] lkdtm: Stack offset: 0 <6>[ 277.656101] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.660717] lkdtm: Stack offset: 0 <6>[ 277.664925] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.669904] lkdtm: Stack offset: 0 <6>[ 277.674065] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.679063] lkdtm: Stack offset: 0 <6>[ 277.683325] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.688160] lkdtm: Stack offset: 0 <6>[ 277.692423] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.697397] lkdtm: Stack offset: 0 <6>[ 277.701603] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.706575] lkdtm: Stack offset: 0 <6>[ 277.710774] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.715771] lkdtm: Stack offset: 0 <6>[ 277.719959] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.724937] lkdtm: Stack offset: 0 <6>[ 277.729111] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.734096] lkdtm: Stack offset: 0 <6>[ 277.738350] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.743306] lkdtm: Stack offset: 0 <6>[ 277.747543] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.752457] lkdtm: Stack offset: 0 <6>[ 277.756673] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.761651] lkdtm: Stack offset: 0 <6>[ 277.765810] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.770803] lkdtm: Stack offset: 0 <6>[ 277.774984] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.779963] lkdtm: Stack offset: 0 <6>[ 277.784137] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.789120] lkdtm: Stack offset: 0 <6>[ 277.793388] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.798331] lkdtm: Stack offset: 0 <6>[ 277.802486] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.807494] lkdtm: Stack offset: 0 <6>[ 277.811705] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.816686] lkdtm: Stack offset: 0 <6>[ 277.820915] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.825796] lkdtm: Stack offset: 0 <6>[ 277.830127] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.835019] lkdtm: Stack offset: 0 <6>[ 277.839326] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.844234] lkdtm: Stack offset: 0 <6>[ 277.848551] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.853337] lkdtm: Stack offset: 0 <6>[ 277.857648] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.862556] lkdtm: Stack offset: 0 <6>[ 277.866864] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.871864] lkdtm: Stack offset: 0 <6>[ 277.876546] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.880932] lkdtm: Stack offset: 0 <6>[ 277.885821] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.890130] lkdtm: Stack offset: 0 <6>[ 277.894884] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.899301] lkdtm: Stack offset: 0 <6>[ 277.904062] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.908456] lkdtm: Stack offset: 0 <6>[ 277.913158] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.917581] lkdtm: Stack offset: 0 <6>[ 277.922483] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.926746] lkdtm: Stack offset: 0 <6>[ 277.931457] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.935938] lkdtm: Stack offset: 0 <6>[ 277.940660] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.945120] lkdtm: Stack offset: 0 <6>[ 277.949783] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.954473] lkdtm: Stack offset: 0 <6>[ 277.958876] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.963596] lkdtm: Stack offset: 0 <6>[ 277.968097] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.972675] lkdtm: Stack offset: 0 <6>[ 277.977189] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.981831] lkdtm: Stack offset: 0 <6>[ 277.986045] lkdtm: Performing direct entry REPORT_STACK <6>[ 277.991054] lkdtm: Stack offset: 0 <6>[ 277.995344] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.000110] lkdtm: Stack offset: 0 <6>[ 278.004372] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.009338] lkdtm: Stack offset: 0 <6>[ 278.013553] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.018535] lkdtm: Stack offset: 0 <6>[ 278.022752] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.027730] lkdtm: Stack offset: 0 <6>[ 278.031907] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.036908] lkdtm: Stack offset: 0 <6>[ 278.041093] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.046074] lkdtm: Stack offset: 0 <6>[ 278.050325] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.055160] lkdtm: Stack offset: 0 <6>[ 278.059419] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.064413] lkdtm: Stack offset: 0 <6>[ 278.068626] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.073608] lkdtm: Stack offset: 0 <6>[ 278.077780] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.082775] lkdtm: Stack offset: 0 <6>[ 278.086960] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.091939] lkdtm: Stack offset: 0 <6>[ 278.096103] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.101085] lkdtm: Stack offset: 0 <6>[ 278.105340] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.110344] lkdtm: Stack offset: 0 <6>[ 278.114590] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.119494] lkdtm: Stack offset: 0 <6>[ 278.123716] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.128643] lkdtm: Stack offset: 0 <6>[ 278.132806] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.137796] lkdtm: Stack offset: 0 <6>[ 278.141982] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.146962] lkdtm: Stack offset: 0 <6>[ 278.151137] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.156119] lkdtm: Stack offset: 0 <6>[ 278.160508] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.165259] lkdtm: Stack offset: 0 <6>[ 278.169538] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.174542] lkdtm: Stack offset: 0 <6>[ 278.178813] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.183704] lkdtm: Stack offset: 0 <6>[ 278.187942] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.192938] lkdtm: Stack offset: 0 <6>[ 278.200890] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.205127] lkdtm: Stack offset: 0 <6>[ 278.209580] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.214298] lkdtm: Stack offset: 0 <6>[ 278.218654] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.223569] lkdtm: Stack offset: 0 <6>[ 278.228275] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.232669] lkdtm: Stack offset: 0 <6>[ 278.237095] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.241870] lkdtm: Stack offset: 0 <6>[ 278.246311] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.251056] lkdtm: Stack offset: 0 <6>[ 278.255379] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.260167] lkdtm: Stack offset: 0 <6>[ 278.264564] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.269398] lkdtm: Stack offset: 0 <6>[ 278.273872] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.278585] lkdtm: Stack offset: 0 <6>[ 278.282891] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.287728] lkdtm: Stack offset: 0 <6>[ 278.291942] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.296823] lkdtm: Stack offset: 0 <6>[ 278.301046] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.306086] lkdtm: Stack offset: 0 <6>[ 278.310752] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.315250] lkdtm: Stack offset: 0 <6>[ 278.319525] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.324373] lkdtm: Stack offset: 0 <6>[ 278.328533] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.333489] lkdtm: Stack offset: 0 <6>[ 278.337789] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.342768] lkdtm: Stack offset: 0 <6>[ 278.346942] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.351963] lkdtm: Stack offset: 0 <6>[ 278.356030] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.361108] lkdtm: Stack offset: 0 <6>[ 278.365363] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.370240] lkdtm: Stack offset: 0 <6>[ 278.374482] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.379439] lkdtm: Stack offset: 0 <6>[ 278.383692] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.388534] lkdtm: Stack offset: 0 <6>[ 278.392791] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.397761] lkdtm: Stack offset: 0 <6>[ 278.401910] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.406989] lkdtm: Stack offset: 0 <6>[ 278.411163] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.416080] lkdtm: Stack offset: 0 <6>[ 278.420349] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.425320] lkdtm: Stack offset: 0 <6>[ 278.429531] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.434403] lkdtm: Stack offset: 0 <6>[ 278.438711] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.443590] lkdtm: Stack offset: 0 <6>[ 278.447872] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.452875] lkdtm: Stack offset: 0 <6>[ 278.457001] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.461988] lkdtm: Stack offset: 0 <6>[ 278.466154] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.471090] lkdtm: Stack offset: 0 <6>[ 278.475418] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.480284] lkdtm: Stack offset: 0 <6>[ 278.484593] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.489529] lkdtm: Stack offset: 0 <6>[ 278.493792] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.498657] lkdtm: Stack offset: 0 <6>[ 278.502813] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.507916] lkdtm: Stack offset: 0 <6>[ 278.512121] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.517007] lkdtm: Stack offset: 0 <6>[ 278.521171] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.526227] lkdtm: Stack offset: 0 <6>[ 278.530465] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.535329] lkdtm: Stack offset: 0 <6>[ 278.539699] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.544599] lkdtm: Stack offset: 0 <6>[ 278.548778] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.553776] lkdtm: Stack offset: 0 <6>[ 278.557987] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.562921] lkdtm: Stack offset: 0 <6>[ 278.567168] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.572005] lkdtm: Stack offset: 0 <6>[ 278.583297] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.587509] lkdtm: Stack offset: 0 <6>[ 278.591915] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.596740] lkdtm: Stack offset: 0 <6>[ 278.601095] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.605960] lkdtm: Stack offset: 0 <6>[ 278.611419] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.615623] lkdtm: Stack offset: 0 <6>[ 278.619995] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.624837] lkdtm: Stack offset: 0 <6>[ 278.629164] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.634057] lkdtm: Stack offset: 0 <6>[ 278.638463] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.643368] lkdtm: Stack offset: 0 <6>[ 278.647702] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.652433] lkdtm: Stack offset: 0 <6>[ 278.656727] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.661528] lkdtm: Stack offset: 0 <6>[ 278.665927] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.670746] lkdtm: Stack offset: 0 <6>[ 278.675607] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.679910] lkdtm: Stack offset: 0 <6>[ 278.690920] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.695096] lkdtm: Stack offset: 0 <6>[ 278.703972] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.708138] lkdtm: Stack offset: 0 <6>[ 278.712832] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.717405] lkdtm: Stack offset: 0 <6>[ 278.721619] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.726689] lkdtm: Stack offset: 0 <6>[ 278.730798] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.735859] lkdtm: Stack offset: 0 <6>[ 278.739925] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.744919] lkdtm: Stack offset: 0 <6>[ 278.749102] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.754085] lkdtm: Stack offset: 0 <6>[ 278.758351] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.763232] lkdtm: Stack offset: 0 <6>[ 278.767476] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.772422] lkdtm: Stack offset: 0 <6>[ 278.776581] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.781547] lkdtm: Stack offset: 0 <6>[ 278.785803] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.790795] lkdtm: Stack offset: 0 <6>[ 278.794971] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.799981] lkdtm: Stack offset: 0 <6>[ 278.804157] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.809097] lkdtm: Stack offset: 0 <6>[ 278.813321] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.818281] lkdtm: Stack offset: 0 <6>[ 278.822495] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.827465] lkdtm: Stack offset: 0 <6>[ 278.831675] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.836650] lkdtm: Stack offset: 0 <6>[ 278.840798] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.845792] lkdtm: Stack offset: 0 <6>[ 278.849968] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.854946] lkdtm: Stack offset: 0 <6>[ 278.859309] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.864258] lkdtm: Stack offset: 0 <6>[ 278.868426] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.873297] lkdtm: Stack offset: 0 <6>[ 278.877535] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.882494] lkdtm: Stack offset: 0 <6>[ 278.886705] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.891677] lkdtm: Stack offset: 0 <6>[ 278.895819] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.900897] lkdtm: Stack offset: 0 <6>[ 278.905073] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.910062] lkdtm: Stack offset: 0 <6>[ 278.914352] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.919215] lkdtm: Stack offset: 0 <6>[ 278.923362] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.928354] lkdtm: Stack offset: 0 <6>[ 278.932565] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.937536] lkdtm: Stack offset: 0 <6>[ 278.941721] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.947498] lkdtm: Stack offset: 0 <6>[ 278.951453] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.957347] lkdtm: Stack offset: 0 <6>[ 278.968985] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.978030] lkdtm: Stack offset: 0 <6>[ 278.986147] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.990442] lkdtm: Stack offset: 0 <6>[ 278.995138] lkdtm: Performing direct entry REPORT_STACK <6>[ 278.999623] lkdtm: Stack offset: 0 <6>[ 279.004644] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.008871] lkdtm: Stack offset: 0 <6>[ 279.013620] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.018014] lkdtm: Stack offset: 0 <6>[ 279.022305] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.027187] lkdtm: Stack offset: 0 <6>[ 279.031468] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.036317] lkdtm: Stack offset: 0 <6>[ 279.040618] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.045590] lkdtm: Stack offset: 0 <6>[ 279.049771] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.054959] lkdtm: Stack offset: 0 <6>[ 279.058940] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.064088] lkdtm: Stack offset: 0 <6>[ 279.068050] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.073173] lkdtm: Stack offset: 0 <6>[ 279.077373] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.082227] lkdtm: Stack offset: 0 <6>[ 279.086498] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.091496] lkdtm: Stack offset: 0 <6>[ 279.095699] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.100573] lkdtm: Stack offset: 0 <6>[ 279.104828] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.109818] lkdtm: Stack offset: 0 <6>[ 279.114003] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.118991] lkdtm: Stack offset: 0 <6>[ 279.123164] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.128099] lkdtm: Stack offset: 0 <6>[ 279.132422] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.137287] lkdtm: Stack offset: 0 <6>[ 279.141504] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.146475] lkdtm: Stack offset: 0 <6>[ 279.150697] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.155691] lkdtm: Stack offset: 0 <6>[ 279.159851] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.164848] lkdtm: Stack offset: 0 <6>[ 279.169128] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.174026] lkdtm: Stack offset: 0 <6>[ 279.178287] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.183138] lkdtm: Stack offset: 0 <6>[ 279.187463] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.192329] lkdtm: Stack offset: 0 <6>[ 279.196532] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.201578] lkdtm: Stack offset: 0 <6>[ 279.205837] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.210732] lkdtm: Stack offset: 0 <6>[ 279.214944] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.219862] lkdtm: Stack offset: 0 <6>[ 279.224033] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.229023] lkdtm: Stack offset: 0 <6>[ 279.233190] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.238247] lkdtm: Stack offset: 0 <6>[ 279.242473] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.247340] lkdtm: Stack offset: 0 <6>[ 279.251641] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.256513] lkdtm: Stack offset: 0 <6>[ 279.260777] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.265766] lkdtm: Stack offset: 0 <6>[ 279.271410] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.275579] lkdtm: Stack offset: 0 <6>[ 279.285520] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.295049] lkdtm: Stack offset: 0 <6>[ 279.302835] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.307121] lkdtm: Stack offset: 0 <6>[ 279.314410] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.318574] lkdtm: Stack offset: 0 <6>[ 279.323389] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.328309] lkdtm: Stack offset: 0 <6>[ 279.332440] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.337069] lkdtm: Stack offset: 0 <6>[ 279.341155] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.346528] lkdtm: Stack offset: 0 <6>[ 279.350598] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.355382] lkdtm: Stack offset: 0 <6>[ 279.359685] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.364460] lkdtm: Stack offset: 0 <6>[ 279.369095] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.373691] lkdtm: Stack offset: 0 <6>[ 279.377908] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.382900] lkdtm: Stack offset: 0 <6>[ 279.387071] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.392290] lkdtm: Stack offset: 0 <6>[ 279.396384] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.401292] lkdtm: Stack offset: 0 <6>[ 279.405382] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.410352] lkdtm: Stack offset: 0 <6>[ 279.414563] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.419536] lkdtm: Stack offset: 0 <6>[ 279.423737] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.428711] lkdtm: Stack offset: 0 <6>[ 279.432862] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.437966] lkdtm: Stack offset: 0 <6>[ 279.442169] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.447003] lkdtm: Stack offset: 0 <6>[ 279.451320] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.456275] lkdtm: Stack offset: 0 <6>[ 279.460497] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.465466] lkdtm: Stack offset: 0 <6>[ 279.469662] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.474637] lkdtm: Stack offset: 0 <6>[ 279.478792] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.483782] lkdtm: Stack offset: 0 <6>[ 279.487962] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.492949] lkdtm: Stack offset: 0 <6>[ 279.497124] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.502104] lkdtm: Stack offset: 0 <6>[ 279.506406] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.511253] lkdtm: Stack offset: 0 <6>[ 279.515503] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.520524] lkdtm: Stack offset: 0 <6>[ 279.524798] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.529704] lkdtm: Stack offset: 0 <6>[ 279.533863] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.538860] lkdtm: Stack offset: 0 <6>[ 279.543072] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.547963] lkdtm: Stack offset: 0 <6>[ 279.552319] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.557157] lkdtm: Stack offset: 0 <6>[ 279.561537] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.566305] lkdtm: Stack offset: 0 <6>[ 279.570638] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.575515] lkdtm: Stack offset: 0 <6>[ 279.579697] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.584669] lkdtm: Stack offset: 0 <6>[ 279.588823] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.593910] lkdtm: Stack offset: 0 <6>[ 279.598092] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.603082] lkdtm: Stack offset: 0 <6>[ 279.609740] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.614326] lkdtm: Stack offset: 0 <6>[ 279.625787] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.629992] lkdtm: Stack offset: 0 <6>[ 279.646802] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.655861] lkdtm: Stack offset: 0 <6>[ 279.660005] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.664585] lkdtm: Stack offset: 0 <6>[ 279.668902] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.673399] lkdtm: Stack offset: 0 <6>[ 279.678647] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.682824] lkdtm: Stack offset: 0 <6>[ 279.687656] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.692008] lkdtm: Stack offset: 0 <6>[ 279.696748] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.701255] lkdtm: Stack offset: 0 <6>[ 279.705857] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.710437] lkdtm: Stack offset: 0 <6>[ 279.714993] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.719752] lkdtm: Stack offset: 0 <6>[ 279.724143] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.728852] lkdtm: Stack offset: 0 <6>[ 279.733471] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.737917] lkdtm: Stack offset: 0 <6>[ 279.742593] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.747054] lkdtm: Stack offset: 0 <6>[ 279.751814] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.756280] lkdtm: Stack offset: 0 <6>[ 279.760872] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.765464] lkdtm: Stack offset: 0 <6>[ 279.770035] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.774611] lkdtm: Stack offset: 0 <6>[ 279.779120] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.783833] lkdtm: Stack offset: 0 <6>[ 279.788029] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.793008] lkdtm: Stack offset: 0 <6>[ 279.797176] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.802114] lkdtm: Stack offset: 0 <6>[ 279.806441] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.811303] lkdtm: Stack offset: 0 <6>[ 279.815537] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.820508] lkdtm: Stack offset: 0 <6>[ 279.824694] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.829690] lkdtm: Stack offset: 0 <6>[ 279.833846] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.838865] lkdtm: Stack offset: 0 <6>[ 279.843028] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.848023] lkdtm: Stack offset: 0 <6>[ 279.852290] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.857149] lkdtm: Stack offset: 0 <6>[ 279.861464] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.866324] lkdtm: Stack offset: 0 <6>[ 279.870635] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.875512] lkdtm: Stack offset: 0 <6>[ 279.879789] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.884781] lkdtm: Stack offset: 0 <6>[ 279.888962] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.893970] lkdtm: Stack offset: 0 <6>[ 279.898046] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.903074] lkdtm: Stack offset: 0 <6>[ 279.907547] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.912223] lkdtm: Stack offset: 0 <6>[ 279.916432] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.921400] lkdtm: Stack offset: 0 <6>[ 279.925620] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.930592] lkdtm: Stack offset: 0 <6>[ 279.934760] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.940458] lkdtm: Stack offset: 0 <6>[ 279.946391] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.950559] lkdtm: Stack offset: 0 <6>[ 279.955971] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.962336] lkdtm: Stack offset: 0 <6>[ 279.974019] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.978249] lkdtm: Stack offset: 0 <6>[ 279.982600] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.987863] lkdtm: Stack offset: 0 <6>[ 279.991801] lkdtm: Performing direct entry REPORT_STACK <6>[ 279.996905] lkdtm: Stack offset: 0 <6>[ 280.000894] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.005800] lkdtm: Stack offset: 0 <6>[ 280.010008] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.014987] lkdtm: Stack offset: 0 <6>[ 280.019171] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.024093] lkdtm: Stack offset: 0 <6>[ 280.028322] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.033268] lkdtm: Stack offset: 0 <6>[ 280.037707] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.042608] lkdtm: Stack offset: 0 <6>[ 280.046717] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.051572] lkdtm: Stack offset: 0 <6>[ 280.055836] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.060835] lkdtm: Stack offset: 0 <6>[ 280.065013] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.070003] lkdtm: Stack offset: 0 <6>[ 280.074164] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.079073] lkdtm: Stack offset: 0 <6>[ 280.083404] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.088344] lkdtm: Stack offset: 0 <6>[ 280.092542] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.097488] lkdtm: Stack offset: 0 <6>[ 280.101684] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.106644] lkdtm: Stack offset: 0 <6>[ 280.110808] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.115905] lkdtm: Stack offset: 0 <6>[ 280.120083] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.125115] lkdtm: Stack offset: 0 <6>[ 280.129188] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.134252] lkdtm: Stack offset: 0 <6>[ 280.138478] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.143348] lkdtm: Stack offset: 0 <6>[ 280.147551] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.152523] lkdtm: Stack offset: 0 <6>[ 280.156711] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.161863] lkdtm: Stack offset: 0 <6>[ 280.165940] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.171111] lkdtm: Stack offset: 0 <6>[ 280.175130] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.180125] lkdtm: Stack offset: 0 <6>[ 280.184404] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.189291] lkdtm: Stack offset: 0 <6>[ 280.193476] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.198479] lkdtm: Stack offset: 0 <6>[ 280.202705] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.207604] lkdtm: Stack offset: 0 <6>[ 280.211783] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.216775] lkdtm: Stack offset: 0 <6>[ 280.220960] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.225991] lkdtm: Stack offset: 0 <6>[ 280.230179] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.235129] lkdtm: Stack offset: 0 <6>[ 280.239358] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.244319] lkdtm: Stack offset: 0 <6>[ 280.248532] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.255561] lkdtm: Stack offset: 0 <6>[ 280.261158] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.266813] lkdtm: Stack offset: 0 <6>[ 280.274706] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.283079] lkdtm: Stack offset: 0 <6>[ 280.289277] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.294032] lkdtm: Stack offset: 0 <6>[ 280.299979] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.304532] lkdtm: Stack offset: 0 <6>[ 280.308579] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.313343] lkdtm: Stack offset: 0 <6>[ 280.317700] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.322939] lkdtm: Stack offset: 0 <6>[ 280.326975] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.331925] lkdtm: Stack offset: 0 <6>[ 280.335961] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.340941] lkdtm: Stack offset: 0 <6>[ 280.345118] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.350085] lkdtm: Stack offset: 0 <6>[ 280.354705] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.359282] lkdtm: Stack offset: 0 <6>[ 280.363678] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.368592] lkdtm: Stack offset: 0 <6>[ 280.372726] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.377607] lkdtm: Stack offset: 0 <6>[ 280.381782] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.386810] lkdtm: Stack offset: 0 <6>[ 280.390980] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.395979] lkdtm: Stack offset: 0 <6>[ 280.400155] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.405093] lkdtm: Stack offset: 0 <6>[ 280.409423] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.414286] lkdtm: Stack offset: 0 <6>[ 280.418498] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.423469] lkdtm: Stack offset: 0 <6>[ 280.427679] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.432649] lkdtm: Stack offset: 0 <6>[ 280.436798] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.441897] lkdtm: Stack offset: 0 <6>[ 280.446166] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.451030] lkdtm: Stack offset: 0 <6>[ 280.455261] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.460110] lkdtm: Stack offset: 0 <6>[ 280.464424] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.469293] lkdtm: Stack offset: 0 <6>[ 280.473605] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.478474] lkdtm: Stack offset: 0 <6>[ 280.482750] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.487720] lkdtm: Stack offset: 0 <6>[ 280.491868] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.496873] lkdtm: Stack offset: 0 <6>[ 280.501059] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.506087] lkdtm: Stack offset: 0 <6>[ 280.510380] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.515264] lkdtm: Stack offset: 0 <6>[ 280.519439] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.524413] lkdtm: Stack offset: 0 <6>[ 280.528621] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.533592] lkdtm: Stack offset: 0 <6>[ 280.537758] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.542748] lkdtm: Stack offset: 0 <6>[ 280.546918] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.551904] lkdtm: Stack offset: 0 <6>[ 280.556079] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.561060] lkdtm: Stack offset: 0 <6>[ 280.565430] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.570277] lkdtm: Stack offset: 0 <6>[ 280.574425] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.579419] lkdtm: Stack offset: 0 <6>[ 280.583643] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.590517] lkdtm: Stack offset: 0 <6>[ 280.604734] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.609855] lkdtm: Stack offset: 0 <6>[ 280.622557] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.629091] lkdtm: Stack offset: 0 <6>[ 280.632984] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.637245] lkdtm: Stack offset: 0 <6>[ 280.642122] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.646443] lkdtm: Stack offset: 0 <6>[ 280.650696] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.655918] lkdtm: Stack offset: 0 <6>[ 280.659992] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.664791] lkdtm: Stack offset: 0 <6>[ 280.668985] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.673885] lkdtm: Stack offset: 0 <6>[ 280.678090] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.683078] lkdtm: Stack offset: 0 <6>[ 280.687382] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.692244] lkdtm: Stack offset: 0 <6>[ 280.696610] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.701385] lkdtm: Stack offset: 0 <6>[ 280.705820] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.710633] lkdtm: Stack offset: 0 <6>[ 280.714834] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.719817] lkdtm: Stack offset: 0 <6>[ 280.723988] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.728972] lkdtm: Stack offset: 0 <6>[ 280.733146] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.738156] lkdtm: Stack offset: 0 <6>[ 280.742435] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.747285] lkdtm: Stack offset: 0 <6>[ 280.751436] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.756507] lkdtm: Stack offset: 0 <6>[ 280.760722] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.765699] lkdtm: Stack offset: 0 <6>[ 280.769851] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.774869] lkdtm: Stack offset: 0 <6>[ 280.779041] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.784036] lkdtm: Stack offset: 0 <6>[ 280.788307] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.793147] lkdtm: Stack offset: 0 <6>[ 280.797422] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.802392] lkdtm: Stack offset: 0 <6>[ 280.806615] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.811486] lkdtm: Stack offset: 0 <6>[ 280.815785] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.820688] lkdtm: Stack offset: 0 <6>[ 280.824870] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.829849] lkdtm: Stack offset: 0 <6>[ 280.834127] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.839051] lkdtm: Stack offset: 0 <6>[ 280.843329] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.848220] lkdtm: Stack offset: 0 <6>[ 280.852378] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.857350] lkdtm: Stack offset: 0 <6>[ 280.861669] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.866542] lkdtm: Stack offset: 0 <6>[ 280.870791] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.875789] lkdtm: Stack offset: 0 <6>[ 280.879965] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.884944] lkdtm: Stack offset: 0 <6>[ 280.889112] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.894097] lkdtm: Stack offset: 0 <6>[ 280.898354] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.903340] lkdtm: Stack offset: 0 <6>[ 280.907499] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.912472] lkdtm: Stack offset: 0 <6>[ 280.916675] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.922406] lkdtm: Stack offset: 0 <6>[ 280.928263] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.932446] lkdtm: Stack offset: 0 <6>[ 280.937400] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.943745] lkdtm: Stack offset: 0 <6>[ 280.952754] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.959430] lkdtm: Stack offset: 0 <6>[ 280.963127] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.967419] lkdtm: Stack offset: 0 <6>[ 280.971729] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.976874] lkdtm: Stack offset: 0 <6>[ 280.983534] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.988109] lkdtm: Stack offset: 0 <6>[ 280.992179] lkdtm: Performing direct entry REPORT_STACK <6>[ 280.996921] lkdtm: Stack offset: 0 <6>[ 281.001165] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.006087] lkdtm: Stack offset: 0 <6>[ 281.010345] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.015312] lkdtm: Stack offset: 0 <6>[ 281.019555] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.024424] lkdtm: Stack offset: 0 <6>[ 281.028937] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.033759] lkdtm: Stack offset: 0 <6>[ 281.037838] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.042831] lkdtm: Stack offset: 0 <6>[ 281.047019] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.052003] lkdtm: Stack offset: 0 <6>[ 281.056167] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.061102] lkdtm: Stack offset: 0 <6>[ 281.065418] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.070280] lkdtm: Stack offset: 0 <6>[ 281.074592] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.079467] lkdtm: Stack offset: 0 <6>[ 281.083740] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.088720] lkdtm: Stack offset: 0 <6>[ 281.092868] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.097884] lkdtm: Stack offset: 0 <6>[ 281.102044] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.107040] lkdtm: Stack offset: 0 <6>[ 281.111309] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.116353] lkdtm: Stack offset: 0 <6>[ 281.120480] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.125356] lkdtm: Stack offset: 0 <6>[ 281.129669] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.134556] lkdtm: Stack offset: 0 <6>[ 281.138748] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.143727] lkdtm: Stack offset: 0 <6>[ 281.147886] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.152978] lkdtm: Stack offset: 0 <6>[ 281.157161] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.162119] lkdtm: Stack offset: 0 <6>[ 281.166360] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.171226] lkdtm: Stack offset: 0 <6>[ 281.175656] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.180430] lkdtm: Stack offset: 0 <6>[ 281.184645] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.189624] lkdtm: Stack offset: 0 <6>[ 281.193806] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.198799] lkdtm: Stack offset: 0 <6>[ 281.202986] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.207968] lkdtm: Stack offset: 0 <6>[ 281.212132] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.217113] lkdtm: Stack offset: 0 <6>[ 281.221478] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.226357] lkdtm: Stack offset: 0 <6>[ 281.230521] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.235495] lkdtm: Stack offset: 0 <6>[ 281.239695] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.244675] lkdtm: Stack offset: 0 <6>[ 281.248832] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.254525] lkdtm: Stack offset: 0 <6>[ 281.258823] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.265183] lkdtm: Stack offset: 0 <6>[ 281.271680] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.280882] lkdtm: Stack offset: 0 <6>[ 281.289959] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.294150] lkdtm: Stack offset: 0 <6>[ 281.300554] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.304932] lkdtm: Stack offset: 0 <6>[ 281.309001] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.314372] lkdtm: Stack offset: 0 <6>[ 281.321036] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.325605] lkdtm: Stack offset: 0 <6>[ 281.329740] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.334464] lkdtm: Stack offset: 0 <6>[ 281.338751] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.343586] lkdtm: Stack offset: 0 <6>[ 281.347804] lkdtm: Performing direct entry REPORT_STACK <6>[ 281.352791] lkdtm: Stack offset: 0 # Bits of stack entropy: 1 # Stack entropy is low! Booted without 'randomize_kstack_offset=y'? not ok 86 selftests: lkdtm: stack-entropy.sh # exit=1 lkdtm_PANIC_sh skip lkdtm_PANIC_STOP_IRQOFF_sh skip lkdtm_BUG_sh pass lkdtm_WARNING_sh pass lkdtm_WARNING_MESSAGE_sh pass lkdtm_EXCEPTION_sh pass lkdtm_LOOP_sh skip lkdtm_EXHAUST_STACK_sh skip lkdtm_CORRUPT_STACK_sh skip lkdtm_CORRUPT_STACK_STRONG_sh skip lkdtm_ARRAY_BOUNDS_sh pass lkdtm_CORRUPT_LIST_ADD_sh pass lkdtm_CORRUPT_LIST_DEL_sh pass lkdtm_STACK_GUARD_PAGE_LEADING_sh pass lkdtm_STACK_GUARD_PAGE_TRAILING_sh pass lkdtm_REPORT_STACK_CANARY_sh pass lkdtm_UNSET_SMEP_sh skip lkdtm_DOUBLE_FAULT_sh skip lkdtm_CORRUPT_PAC_sh skip lkdtm_UNALIGNED_LOAD_STORE_WRITE_sh skip lkdtm_SLAB_LINEAR_OVERFLOW_sh pass lkdtm_VMALLOC_LINEAR_OVERFLOW_sh pass lkdtm_WRITE_AFTER_FREE_sh skip lkdtm_READ_AFTER_FREE_sh pass lkdtm_WRITE_BUDDY_AFTER_FREE_sh skip lkdtm_READ_BUDDY_AFTER_FREE_sh pass lkdtm_SLAB_INIT_ON_ALLOC_sh pass lkdtm_BUDDY_INIT_ON_ALLOC_sh pass lkdtm_SLAB_FREE_DOUBLE_sh pass lkdtm_SLAB_FREE_CROSS_sh pass lkdtm_SLAB_FREE_PAGE_sh pass lkdtm_SOFTLOCKUP_sh skip lkdtm_HARDLOCKUP_sh skip lkdtm_SMP_CALL_LOCKUP_sh skip lkdtm_SPINLOCKUP_sh skip lkdtm_HUNG_TASK_sh skip lkdtm_EXEC_DATA_sh pass lkdtm_EXEC_STACK_sh pass lkdtm_EXEC_KMALLOC_sh pass lkdtm_EXEC_VMALLOC_sh pass lkdtm_EXEC_RODATA_sh pass lkdtm_EXEC_USERSPACE_sh pass lkdtm_EXEC_NULL_sh pass lkdtm_ACCESS_USERSPACE_sh pass lkdtm_ACCESS_NULL_sh pass lkdtm_WRITE_RO_sh pass lkdtm_WRITE_RO_AFTER_INIT_sh pass lkdtm_WRITE_KERN_sh pass lkdtm_WRITE_OPD_sh skip lkdtm_REFCOUNT_INC_OVERFLOW_sh pass lkdtm_REFCOUNT_ADD_OVERFLOW_sh pass lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW_sh pass lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW_sh pass lkdtm_REFCOUNT_DEC_ZERO_sh pass lkdtm_REFCOUNT_DEC_NEGATIVE_sh pass lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE_sh pass lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE_sh pass lkdtm_REFCOUNT_INC_ZERO_sh pass lkdtm_REFCOUNT_ADD_ZERO_sh pass lkdtm_REFCOUNT_INC_SATURATED_sh pass lkdtm_REFCOUNT_DEC_SATURATED_sh pass lkdtm_REFCOUNT_ADD_SATURATED_sh pass lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED_sh pass lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED_sh pass lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED_sh pass lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED_sh pass lkdtm_REFCOUNT_TIMING_sh skip lkdtm_ATOMIC_TIMING_sh skip lkdtm_USERCOPY_SLAB_SIZE_TO_sh pass lkdtm_USERCOPY_SLAB_SIZE_FROM_sh pass lkdtm_USERCOPY_SLAB_WHITELIST_TO_sh pass lkdtm_USERCOPY_SLAB_WHITELIST_FROM_sh pass lkdtm_USERCOPY_STACK_FRAME_TO_sh pass lkdtm_USERCOPY_STACK_FRAME_FROM_sh pass lkdtm_USERCOPY_STACK_BEYOND_sh pass lkdtm_USERCOPY_KERNEL_sh pass lkdtm_STACKLEAK_ERASING_sh skip lkdtm_CFI_FORWARD_PROTO_sh fail lkdtm_CFI_BACKWARD_sh fail lkdtm_FORTIFY_STRSCPY_sh pass lkdtm_FORTIFY_STR_OBJECT_sh pass lkdtm_FORTIFY_STR_MEMBER_sh pass lkdtm_FORTIFY_MEM_OBJECT_sh pass lkdtm_FORTIFY_MEM_MEMBER_sh pass lkdtm_PPC_SLB_MULTIHIT_sh skip lkdtm_stack-entropy_sh fail + ../../utils/send-to-lava.sh ./output/result.txt + set +x / #