Trying 192.168.56.4... Connected to moya.mayfield.sirena.org.uk. Escape character is '^]'. ser2net port telnet,3000 device serialdev, /dev/serial/by-path/pci-0000:00:14.0-usb-0:3.4:1.0-port0, 115200n81, local=false [,115200N81] (Debian GNU/Linux) U-Boot SPL 2023.07.02-dh-stm32mp1-dhcor-avenger96-20230727.02 (Jul 11 2023 - 15:20:44 +0000) Model: Arrow Electronics STM32MP15xx Avenger96 board Code: SoM:rev=0,ddr3=3 Board:rev=1 RAM: DDR3L 32bits 2x4Gb 533MHz WDT: Started watchdog@5a002000 with servicing every 1000ms (32s timeout) Trying to boot from MMC1 image entry point: 0xc0100000 U-Boot 2023.07.02-dh-stm32mp1-dhcor-avenger96-20230727.02 (Jul 11 2023 - 15:20:44 +0000) CPU: STM32MP157AAC Rev.B Model: Arrow Electronics STM32MP15xx Avenger96 board Board: stm32mp1 in basic mode (arrow,stm32mp15xx-avenger96) DRAM: 1 GiB Clocks: - MPU : 650 MHz - MCU : 208.878 MHz - AXI : 266.500 MHz - PER : 24 MHz - DDR : 533 MHz Core: 285 devices, 34 uclasses, devicetree: separate WDT: Started watchdog@5a002000 with servicing every 1000ms (32s timeout) MMC: STM32 SD/MMC: 2, STM32 SD/MMC: 0, STM32 SD/MMC: 1 Loading Environment from SPIFlash... SF: Detected w25q16dw with page size 256 Bytes, erase size 4 KiB, total 2 MiB OK In: serial Out: serial Err: serial Net: eth0: ethernet@5800a000 Hit any key to stop autoboot: 3  0 STM32MP> setenv autoload no setenv autoload no STM32MP> setenv initrd_high 0xffffffff setenv initrd_high 0xffffffff STM32MP> setenv fdt_high 0xffffffff setenv fdt_high 0xffffffff STM32MP> dhcp dhcp ethernet@5800a000 Waiting for PHY auto negotiation to complete............... done BOOTP broadcast 1 BOOTP broadcast 2 BOOTP broadcast 3 BOOTP broadcast 4 BOOTP broadcast 5 *** Unhandled DHCP Option in OFFER/ACK: 42 *** Unhandled DHCP Option in OFFER/ACK: 42 DHCP client bound to address 192.168.56.202 (3885 ms) STM32MP> setenv serverip 192.168.56.193 setenv serverip 192.168.56.193 STM32MP> tftp 0xc2000000 838329/tftp-deploy-yp20gwbc/kernel/uImage tftp 0xc2000000 838329/tftp-deploy-yp20gwbc/kernel/uImage Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.202 Filename '838329/tftp-deploy-yp20gwbc/kernel/uImage'. Load address: 0xc2000000 Loading: *################################################## 15.4 MiB 11.7 MiB/s done Bytes transferred = 16114240 (f5e240 hex) STM32MP> tftp 0xc4400000 838329/tftp-deploy-yp20gwbc/ramdisk/ramdisk.cpio.gz.uboot tftp 0xc4400000 838329/tftp-deploy-yp20gwbc/ramdisk/ramdisk.cpio.gz.uboot Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.202 Filename '838329/tftp-deploy-yp20gwbc/ramdisk/ramdisk.cpio.gz.uboot'. Load address: 0xc4400000 Loading: *################################################## 20.8 MiB 11.2 MiB/s done Bytes transferred = 21813751 (14cd9f7 hex) STM32MP> setenv initrd_size ${filesize} setenv initrd_size ${filesize} STM32MP> tftp 0xc4000000 838329/tftp-deploy-yp20gwbc/dtb/stm32mp157a-dhcor-avenger96.dtb tftp 0xc4000000 838329/tftp-deploy-yp20gwbc/dtb/stm32mp157a-dhcor-avenger96.dtb Using ethernet@5800a000 device TFTP from server 192.168.56.193; our IP address is 192.168.56.202 Filename '838329/tftp-deploy-yp20gwbc/dtb/stm32mp157a-dhcor-avenger96.dtb'. Load address: 0xc4000000 Loading: *################################################## 51.6 KiB 8.4 MiB/s done Bytes transferred = 52850 (ce72 hex) STM32MP> setenv bootargs 'console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/838329/extract-nfsrootfs-q4erw7_p,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp' setenv bootargs 'console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/838329/extract-nfsrootfs-q4erw7_p,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp' STM32MP> bootm 0xc2000000 0xc4400000 0xc4000000 bootm 0xc2000000 0xc4400000 0xc4000000 ## Booting kernel from Legacy Image at c2000000 ... Image Name: Created: 2024-10-11 8:29:02 UTC Image Type: ARM Linux Kernel Image (uncompressed) Data Size: 16114176 Bytes = 15.4 MiB Load Address: c2000000 Entry Point: c2000000 Verifying Checksum ... OK ## Loading init Ramdisk from Legacy Image at c4400000 ... Image Name: Created: 2024-10-11 8:29:06 UTC Image Type: ARM Linux RAMDisk Image (uncompressed) Data Size: 21813687 Bytes = 20.8 MiB Load Address: 00000000 Entry Point: 00000000 Verifying Checksum ... OK ## Flattened Device Tree blob at c4000000 Booting using the fdt blob at 0xc4000000 Working FDT set to c4000000 Loading Kernel Image Using Device Tree in place at c4000000, end c400fe71 Working FDT set to c4000000 Starting kernel ... [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 6.12.0-rc2-next-20241011 (KernelCI@build-j341390-arm-gcc-12-multi-v7-defconfig-kselftest-zmlhw) (arm-linux-gnueabihf-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP Fri Oct 11 07:49:31 UTC 2024 [ 0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c5387d [ 0.000000] CPU: div instructions available: patching division code [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache [ 0.000000] OF: fdt: Machine model: Arrow Electronics STM32MP157A Avenger96 board [ 0.000000] earlycon: stm32 at MMIO 0x40010000 (options '115200n8') [ 0.000000] printk: legacy bootconsole [stm32] enabled [ 0.000000] Memory policy: Data cache writealloc [ 0.000000] efi: UEFI not found. [ 0.000000] Reserved memory: created DMA memory pool at 0x10000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node mcuram2@10000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10000000..0x1003ffff (256 KiB) nomap non-reusable mcuram2@10000000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10040000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0vring0@10040000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10040000..0x10040fff (4 KiB) nomap non-reusable vdev0vring0@10040000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10041000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0vring1@10041000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10041000..0x10041fff (4 KiB) nomap non-reusable vdev0vring1@10041000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10042000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0buffer@10042000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10042000..0x10045fff (16 KiB) nomap non-reusable vdev0buffer@10042000 [ 0.000000] Reserved memory: created DMA memory pool at 0x30000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node mcuram@30000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x30000000..0x3003ffff (256 KiB) nomap non-reusable mcuram@30000000 [ 0.000000] Reserved memory: created DMA memory pool at 0x38000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node retram@38000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x38000000..0x3800ffff (64 KiB) nomap non-reusable retram@38000000 [ 0.000000] cma: Reserved 64 MiB at 0xfb800000 on node -1 [ 0.000000] Zone ranges: [ 0.000000] DMA [mem 0x00000000c0000000-0x00000000efffffff] [ 0.000000] Normal empty [ 0.000000] HighMem [mem 0x00000000f0000000-0x00000000ffffefff] [ 0.000000] Movable zone start for each node [ 0.000000] Early memory node ranges [ 0.000000] node 0: [mem 0x00000000c0000000-0x00000000ffffefff] [ 0.000000] Initmem setup node 0 [mem 0x00000000c0000000-0x00000000ffffefff] [ 0.000000] psci: probing for conduit method from DT. [ 0.000000] psci: PSCIv1.0 detected in firmware. [ 0.000000] psci: Using standard PSCI v0.2 function IDs [ 0.000000] psci: Trusted OS migration not required [ 0.000000] psci: SMC Calling Convention v1.0 [ 0.000000] percpu: Embedded 19 pages/cpu s48908 r8192 d20724 u77824 [ 0.000000] Kernel command line: console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.56.193:/var/lib/lava/dispatcher/tmp/838329/extract-nfsrootfs-q4erw7_p,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp <6>[ 0.000000] Dentry cache hash table entries: 131072 (order: 7, 524288 bytes, linear) <6>[ 0.000000] Inode-cache hash table entries: 65536 (order: 6, 262144 bytes, linear) <6>[ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 262143 <6>[ 0.000000] allocated 1056764 bytes of page_ext <6>[ 0.000000] mem auto-init: stack:all(zero), heap alloc:on, heap free:on <6>[ 0.000000] mem auto-init: clearing system memory may take some time... <6>[ 0.000000] stackdepot: allocating hash table via alloc_large_system_hash <6>[ 0.000000] stackdepot hash table entries: 65536 (order: 7, 524288 bytes, linear) <4>[ 0.000000] ********************************************************** <4>[ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** This system shows unhashed kernel memory addresses ** <4>[ 0.000000] ** via the console, logs, and other interfaces. This ** <4>[ 0.000000] ** might reduce the security of your system. ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** If you see this message and you are not debugging ** <4>[ 0.000000] ** the kernel, report this immediately to your system ** <4>[ 0.000000] ** administrator! ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** <4>[ 0.000000] ********************************************************** <6>[ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1 <6>[ 0.000000] ftrace: allocating 70526 entries in 207 pages <6>[ 0.000000] ftrace: allocated 207 pages with 6 groups <6>[ 0.000000] trace event string verifier disabled <6>[ 0.000000] rcu: Hierarchical RCU implementation. <6>[ 0.000000] rcu: RCU event tracing is enabled. <6>[ 0.000000] rcu: RCU restricting CPUs from NR_CPUS=16 to nr_cpu_ids=2. <6>[ 0.000000] Rude variant of Tasks RCU enabled. <6>[ 0.000000] Tracing variant of Tasks RCU enabled. <6>[ 0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. <6>[ 0.000000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2 <6>[ 0.000000] RCU Tasks Rude: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. <6>[ 0.000000] RCU Tasks Trace: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. <6>[ 0.000000] NR_IRQS: 16, nr_irqs: 16, preallocated irqs: 16 <6>[ 0.000000] rcu: srcu_init: Setting srcu_struct sizes based on contention. <6>[ 0.000000] arch_timer: cp15 timer(s) running at 24.00MHz (virt). <6>[ 0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x588fe9dc0, max_idle_ns: 440795202592 ns <6>[ 0.000003] sched_clock: 56 bits at 24MHz, resolution 41ns, wraps every 4398046511097ns <6>[ 0.008287] Switching to timer-based delay loop, resolution 41ns <6>[ 0.025431] Console: colour dummy device 80x30 <6>[ 0.028878] Calibrating delay loop (skipped), value calculated using timer frequency.. 48.00 BogoMIPS (lpj=24000) <6>[ 0.039307] CPU: Testing write buffer coherency: ok <6>[ 0.044456] pid_max: default: 32768 minimum: 301 <6>[ 0.050529] LSM: initializing lsm=capability,landlock,bpf,ima <6>[ 0.055639] landlock: Up and running. <6>[ 0.059396] LSM support for eBPF active <6>[ 0.064496] Mount-cache hash table entries: 2048 (order: 1, 8192 bytes, linear) <6>[ 0.070982] Mountpoint-cache hash table entries: 2048 (order: 1, 8192 bytes, linear) <6>[ 0.086876] CPU0: update cpu_capacity 1024 <6>[ 0.089877] CPU0: thread -1, cpu 0, socket 0, mpidr 80000000 <6>[ 0.103884] Setting up static identity map for 0xc0300000 - 0xc03000ac <6>[ 0.113012] rcu: Hierarchical SRCU implementation. <6>[ 0.116678] rcu: Max phase no-delay instances is 400. <6>[ 0.123989] Timer migration: 1 hierarchy levels; 8 children per group; 1 crossnode level <6>[ 0.155908] EFI services will not be available. <6>[ 0.160717] smp: Bringing up secondary CPUs ... <6>[ 0.168310] CPU1: update cpu_capacity 1024 <6>[ 0.168348] CPU1: thread -1, cpu 1, socket 0, mpidr 80000001 <6>[ 0.168688] smp: Brought up 1 node, 2 CPUs <6>[ 0.181939] SMP: Total of 2 processors activated (96.00 BogoMIPS). <6>[ 0.188404] CPU: All CPU(s) started in SVC mode. <6>[ 0.196002] Memory: 906472K/1048572K available (20480K kernel code, 3736K rwdata, 10352K rodata, 2048K init, 510K bss, 71308K reserved, 65536K cma-reserved, 196604K highmem) <6>[ 0.213294] devtmpfs: initialized <6>[ 0.442796] VFP support v0.3: implementor 41 architecture 2 part 30 variant 7 rev 5 <6>[ 0.451443] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns <6>[ 0.460089] futex hash table entries: 512 (order: 3, 32768 bytes, linear) <6>[ 0.531346] pinctrl core: initialized pinctrl subsystem <6>[ 0.553170] DMI not present or invalid. <6>[ 0.564486] NET: Registered PF_NETLINK/PF_ROUTE protocol family <6>[ 0.581785] DMA: preallocated 256 KiB pool for atomic coherent allocations <6>[ 0.596961] audit: initializing netlink subsys (disabled) <5>[ 0.602484] audit: type=2000 audit(0.415:1): state=initialized audit_enabled=0 res=1 <6>[ 0.618772] thermal_sys: Registered thermal governor 'step_wise' <6>[ 0.619192] cpuidle: using governor menu <6>[ 0.631239] No ATAGs? <6>[ 0.632550] hw-breakpoint: found 5 (+1 reserved) breakpoint and 4 watchpoint registers. <6>[ 0.640655] hw-breakpoint: maximum watchpoint size is 8 bytes. <6>[ 0.668370] Serial: AMBA PL011 UART driver <6>[ 0.769751] platform 5a001000.display-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 0.898149] platform hdmi-out: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 0.918399] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. <6>[ 0.988296] stm32-mdma 58000000.dma-controller: STM32 MDMA driver registered <6>[ 1.008635] iommu: Default domain type: Translated <6>[ 1.012389] iommu: DMA domain TLB invalidation policy: strict mode <5>[ 1.034038] SCSI subsystem initialized <6>[ 1.042431] usbcore: registered new interface driver usbfs <6>[ 1.047279] usbcore: registered new interface driver hub <6>[ 1.052819] usbcore: registered new device driver usb <6>[ 1.065862] pps_core: LinuxPPS API ver. 1 registered <6>[ 1.069701] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <6>[ 1.079374] PTP clock support registered <6>[ 1.084360] EDAC MC: Ver: 3.0.0 <6>[ 1.090906] scmi_core: SCMI protocol bus registered <6>[ 1.111876] NET: Registered PF_ATMPVC protocol family <6>[ 1.115820] NET: Registered PF_ATMSVC protocol family <6>[ 1.123388] nfc: nfc_init: NFC Core ver 0.1 <6>[ 1.127279] NET: Registered PF_NFC protocol family <6>[ 1.132974] vgaarb: loaded <6>[ 1.140131] clocksource: Switched to clocksource arch_sys_counter <6>[ 1.252925] NET: Registered PF_INET protocol family <6>[ 1.257441] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear) <6>[ 1.271744] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear) <6>[ 1.279063] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) <6>[ 1.287263] TCP established hash table entries: 8192 (order: 3, 32768 bytes, linear) <6>[ 1.295211] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear) <6>[ 1.302868] TCP: Hash tables configured (established 8192 bind 8192) <6>[ 1.311185] MPTCP token hash table entries: 1024 (order: 2, 16384 bytes, linear) <6>[ 1.317857] UDP hash table entries: 512 (order: 2, 16384 bytes, linear) <6>[ 1.324488] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear) <6>[ 1.333007] NET: Registered PF_UNIX/PF_LOCAL protocol family <6>[ 1.346401] RPC: Registered named UNIX socket transport module. <6>[ 1.351210] RPC: Registered udp transport module. <6>[ 1.356170] RPC: Registered tcp transport module. <6>[ 1.361144] RPC: Registered tcp-with-tls transport module. <6>[ 1.366904] RPC: Registered tcp NFSv4.1 backchannel transport module. <6>[ 1.373678] NET: Registered PF_XDP protocol family <6>[ 1.378737] PCI: CLS 0 bytes, default 64 <5>[ 1.395772] Initialise system trusted keyrings <6>[ 1.402912] Trying to unpack rootfs image as initramfs... <6>[ 1.409338] workingset: timestamp_bits=14 max_order=18 bucket_order=4 <6>[ 1.504755] squashfs: version 4.0 (2009/01/31) Phillip Lougher <5>[ 1.526413] NFS: Registering the id_resolver key type <5>[ 1.530513] Key type id_resolver registered <5>[ 1.534788] Key type id_legacy registered <6>[ 1.539401] nfs4filelayout_init: NFSv4 File Layout Driver Registering... <6>[ 1.546066] nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering... <6>[ 1.586624] NET: Registered PF_ALG protocol family <5>[ 1.590360] Key type asymmetric registered <5>[ 1.594650] Asymmetric key parser 'x509' registered <6>[ 1.600606] bounce: pool size: 64 pages <6>[ 1.604620] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 243) <6>[ 1.611596] io scheduler mq-deadline registered <6>[ 1.616379] io scheduler kyber registered <6>[ 1.620875] io scheduler bfq registered <4>[ 1.670679] test_firmware: interface ready <6>[ 1.682609] /soc/interrupt-controller@5000d000: bank0 <6>[ 1.686578] /soc/interrupt-controller@5000d000: bank1 <6>[ 1.691871] /soc/interrupt-controller@5000d000: bank2 <6>[ 1.728340] Registering stm32-etzpc firewall controller <6>[ 1.852493] ledtrig-cpu: registered to indicate activity on CPUs <6>[ 3.522865] Serial: 8250/16550 driver, 5 ports, IRQ sharing enabled <6>[ 3.576227] msm_serial: driver initialized <6>[ 3.581268] SuperH (H)SCI(F) driver initialized <6>[ 3.585731] STMicroelectronics ASC driver initialized <6>[ 3.591119] STM32 USART driver initialized <5>[ 3.626413] random: crng init done <6>[ 3.645371] [drm] Initialized vgem 1.0.0 for vgem on minor 0 <6>[ 3.778141] brd: module loaded <6>[ 3.858381] loop: module loaded <6>[ 3.862921] lkdtm: No crash points registered, enable through debugfs <6>[ 4.014362] bgmac_bcma: Broadcom 47xx GBit MAC driver loaded <6>[ 4.024529] e1000e: Intel(R) PRO/1000 Network Driver <6>[ 4.028384] e1000e: Copyright(c) 1999 - 2015 Intel Corporation. <6>[ 4.035139] igb: Intel(R) Gigabit Ethernet Network Driver <6>[ 4.040258] igb: Copyright (c) 2007-2014 Intel Corporation. <6>[ 4.069835] pegasus: Pegasus/Pegasus II USB Ethernet driver <6>[ 4.074827] usbcore: registered new interface driver pegasus <6>[ 4.080732] usbcore: registered new interface driver asix <6>[ 4.086499] usbcore: registered new interface driver ax88179_178a <6>[ 4.092781] usbcore: registered new interface driver cdc_ether <6>[ 4.098919] usbcore: registered new interface driver smsc75xx <6>[ 4.104930] usbcore: registered new interface driver smsc95xx <6>[ 4.110977] usbcore: registered new interface driver net1080 <6>[ 4.116872] usbcore: registered new interface driver cdc_subset <6>[ 4.123141] usbcore: registered new interface driver zaurus <6>[ 4.128898] usbcore: registered new interface driver cdc_ncm <6>[ 4.158624] usbcore: registered new interface driver usb-storage <6>[ 4.203339] stm32_rtc 5c004000.rtc: registered as rtc0 <6>[ 4.207436] stm32_rtc 5c004000.rtc: setting system clock to 2000-01-01T00:00:26 UTC (946684826) <4>[ 4.219283] stm32_rtc 5c004000.rtc: Date/Time must be initialized <6>[ 4.224326] stm32_rtc 5c004000.rtc: registered rev:1.2 <6>[ 4.236504] i2c_dev: i2c /dev entries driver <6>[ 4.294552] stm_thermal 50028000.thermal: stm_thermal_probe: Driver initialized successfully <6>[ 4.350309] sdhci: Secure Digital Host Controller Interface driver <6>[ 4.355390] sdhci: Copyright(c) Pierre Ossman <6>[ 4.369136] Synopsys Designware Multimedia Card Interface Driver <6>[ 4.382796] sdhci-pltfm: SDHCI platform and OF driver helper <6>[ 4.410905] hid: raw HID events driver (C) Jiri Kosina <6>[ 4.419956] usbcore: registered new interface driver usbhid <6>[ 4.424439] usbhid: USB HID core driver <6>[ 4.460163] hw perfevents: enabled with armv7_cortex_a7 PMU driver, 5 (8000000f) counters available <6>[ 4.478969] GACT probability on <6>[ 4.482333] IPv4 over IPsec tunneling driver <6>[ 4.492147] NET: Registered PF_INET6 protocol family <6>[ 4.507172] Segment Routing with IPv6 <6>[ 4.510428] In-situ OAM (IOAM) with IPv6 <6>[ 4.521380] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver <6>[ 4.539999] NET: Registered PF_PACKET protocol family <6>[ 4.544367] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. <5>[ 4.560797] Key type dns_resolver registered <6>[ 4.566296] NET: Registered PF_VSOCK protocol family <6>[ 4.570340] mpls_gso: MPLS GSO support <6>[ 4.576494] ThumbEE CPU extension supported. <5>[ 4.579782] Registering SWP/SWPB emulation handler <4>[ 4.828615] unwind: Index not found bf00334c <4>[ 4.831838] unwind: Index not found bf00334c <4>[ 4.836399] unwind: Index not found bf00334c <4>[ 4.840929] unwind: Index not found bf00334c <4>[ 4.845463] unwind: Index not found bf00334c <4>[ 4.850010] unwind: Index not found bf00334c <4>[ 4.854544] unwind: Index not found bf00334c <4>[ 4.859077] unwind: Index not found bf00334c <4>[ 4.863621] unwind: Index not found bf00334c <4>[ 4.868129] unwind: Index not found bf00334c <4>[ 4.872698] unwind: Index not found bf00334c <4>[ 4.877231] unwind: Index not found bf00334c <4>[ 4.881767] unwind: Index not found bf00334c <4>[ 4.886389] unwind: Index not found bf00334c <4>[ 4.890879] unwind: Index not found bf00334c <4>[ 4.895385] unwind: Index not found bf00334c <4>[ 4.899928] unwind: Index not found bf00334c <4>[ 4.904509] unwind: Index not found bf00334c <4>[ 4.909030] unwind: Index not found bf00334c <4>[ 4.913618] unwind: Index not found bf00334c <4>[ 4.918138] unwind: Index not found bf00334c <4>[ 4.922672] unwind: Index not found bf003410 <4>[ 4.927215] unwind: Index not found bf003410 <4>[ 4.931734] unwind: Index not found bf003410 <4>[ 4.936255] unwind: Index not found bf003410 <4>[ 4.940814] unwind: Index not found bf0035c8 <4>[ 4.945367] unwind: Index not found bf0035c8 <4>[ 4.949873] unwind: Index not found bf0035c8 <4>[ 4.954424] unwind: Index not found bf0035c8 <5>[ 4.959037] Loading compiled-in X.509 certificates <6>[ 5.618680] Freeing initrd memory: 21304K <5>[ 5.707159] Loaded X.509 cert 'Build time autogenerated kernel key: 6f90e426250a64e6c9d45daf28846f260c32f339' <6>[ 5.900108] ima: No TPM chip found, activating TPM-bypass! <6>[ 5.904527] ima: Allocated hash algorithm: sha1 <6>[ 5.909499] ima: No architecture policies found <6>[ 6.182646] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOA bank added <6>[ 6.192851] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOB bank added <6>[ 6.203017] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOC bank added <6>[ 6.213281] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOD bank added <6>[ 6.223480] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOE bank added <6>[ 6.234918] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOF bank added <6>[ 6.247253] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOG bank added <6>[ 6.257602] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOH bank added <6>[ 6.269943] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOI bank added <6>[ 6.275426] stm32mp157-pinctrl soc:pinctrl@50002000: Pinctrl STM32 initialized <6>[ 6.312791] stm32mp157-pinctrl soc:pinctrl@54004000: GPIOZ bank added <6>[ 6.318181] stm32mp157-pinctrl soc:pinctrl@54004000: Pinctrl STM32 initialized <6>[ 6.344734] stm32-dma 48000000.dma-controller: STM32 DMA driver registered <6>[ 6.368185] stm32-dma 48001000.dma-controller: STM32 DMA driver registered <6>[ 6.427767] stm32-usart 4000e000.serial: interrupt mode for rx (no dma) <6>[ 6.433319] stm32-usart 4000e000.serial: interrupt mode for tx (no dma) <6>[ 6.443688] 4000e000.serial: ttySTM2 at MMIO 0x4000e000 (irq = 49, base_baud = 4000000) is a stm32-usart <6>[ 6.455469] serial serial0: tty port ttySTM2 registered <6>[ 6.468660] stm32-usart 40010000.serial: interrupt mode for rx (no dma) <6>[ 6.474182] stm32-usart 40010000.serial: interrupt mode for tx (no dma) <6>[ 6.484008] 40010000.serial: ttySTM0 at MMIO 0x40010000 (irq = 50, base_baud = 4000000) is a stm32-usart <6>[ 6.493949] printk: legacy console [ttySTM0] enabled <6>[ 6.493949] printk: legacy console [ttySTM0] enabled <6>[ 6.503005] printk: legacy bootconsole [stm32] disabled <6>[ 6.503005] printk: legacy bootconsole [stm32] disabled <6>[ 6.531592] stm32-usart 40018000.serial: interrupt mode for rx (no dma) <6>[ 6.537136] stm32-usart 40018000.serial: interrupt mode for tx (no dma) <6>[ 6.546906] 40018000.serial: ttySTM1 at MMIO 0x40018000 (irq = 51, base_baud = 4000000) is a stm32-usart <6>[ 6.616798] stm32-dwmac 5800a000.ethernet: IRQ eth_wake_irq not found <6>[ 6.622364] stm32-dwmac 5800a000.ethernet: IRQ eth_lpi not found <6>[ 6.628559] stm32-dwmac 5800a000.ethernet: IRQ sfty not found <6>[ 6.638626] stm32-dwmac 5800a000.ethernet: User ID: 0x40, Synopsys ID: 0x42 <6>[ 6.644773] stm32-dwmac 5800a000.ethernet: DWMAC4/5 <6>[ 6.649808] stm32-dwmac 5800a000.ethernet: DMA HW capability register supported <6>[ 6.657448] stm32-dwmac 5800a000.ethernet: RX Checksum Offload Engine supported <6>[ 6.664965] stm32-dwmac 5800a000.ethernet: TX Checksum insertion supported <6>[ 6.672174] stm32-dwmac 5800a000.ethernet: Wake-Up On Lan supported <6>[ 6.679329] stm32-dwmac 5800a000.ethernet: TSO supported <6>[ 6.684281] stm32-dwmac 5800a000.ethernet: Enable RX Mitigation via HW Watchdog Timer <6>[ 6.692460] stm32-dwmac 5800a000.ethernet: Enabled L3L4 Flow TC (entries=2) <6>[ 6.699723] stm32-dwmac 5800a000.ethernet: Enabled RFS Flow TC (entries=10) <6>[ 6.706844] stm32-dwmac 5800a000.ethernet: TSO feature enabled <6>[ 6.712955] stm32-dwmac 5800a000.ethernet: Using 32/32 bits DMA host/device width <6>[ 6.834510] stm32f7-i2c 40012000.i2c: STM32F7 I2C-0 bus adapter <6>[ 6.872800] stm32f7-i2c 40013000.i2c: STM32F7 I2C-1 bus adapter <6>[ 6.916936] stpmic1 2-0033: PMIC Chip Version: 0x10 <6>[ 6.929800] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/boost <6>[ 6.941844] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/buck2 <6>[ 6.955024] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/buck4 <6>[ 6.981880] platform hdmi-out: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 6.993346] platform 5a001000.display-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 7.005280] i2c 2-003d: Fixed dependency cycle(s) with /soc/bus@5c007000/sai@4400b000/audio-controller@4400b004 <6>[ 7.014579] i2c 2-003d: Fixed dependency cycle(s) with /hdmi-out <6>[ 7.021845] i2c 2-003d: Fixed dependency cycle(s) with /soc/display-controller@5a001000 <4>[ 7.033903] at24 2-0053: supply vcc not found, using dummy regulator <6>[ 7.043928] at24 2-0053: 256 byte 24c02 EEPROM, writable, 16 bytes/write <6>[ 7.049986] stm32f7-i2c 5c002000.i2c: STM32F7 I2C-2 bus adapter <6>[ 7.072524] mmci-pl18x 48004000.mmc: mmc1: PL180 manf 53 rev2 at 0x48004000 irq 61,0 (pio) <6>[ 7.097935] input: pmic_onkey as /devices/platform/soc/5c007000.bus/5c002000.i2c/i2c-2/2-0033/5c002000.i2c:stpmic@33:onkey/input/input0 <6>[ 7.117566] vdda: Bringing 1800000uV into 2900000-2900000uV <6>[ 7.131360] v2v8: Bringing 1800000uV into 2800000-2800000uV <6>[ 7.171290] v1v8: Bringing 1000000uV into 1800000-1800000uV <6>[ 7.263139] stm32-dwmac 5800a000.ethernet eth0: Register MEM_TYPE_PAGE_POOL RxQ-0 <6>[ 7.273604] mmci-pl18x 58005000.mmc: Got CD GPIO <6>[ 7.274374] mmci-pl18x 58007000.mmc: mmc2: PL180 manf 53 rev2 at 0x58007000 irq 72,0 (pio) <6>[ 7.287920] stm32-usbphyc 5a006000.usbphyc: registered rev:1.0 <6>[ 7.294211] mmci-pl18x 58005000.mmc: mmc0: PL180 manf 53 rev2 at 0x58005000 irq 73,0 (pio) <4>[ 7.300613] dwc2 49000000.usb-otg: supply vusb_d not found, using dummy regulator <4>[ 7.311188] dwc2 49000000.usb-otg: supply vusb_a not found, using dummy regulator <6>[ 7.330148] stm32-dwmac 5800a000.ethernet eth0: PHY [stmmac-0:07] driver [Micrel KSZ9031 Gigabit PHY] (irq=POLL) <6>[ 7.339367] dwmac4: Master AXI performs any burst length <6>[ 7.344918] stm32-dwmac 5800a000.ethernet eth0: No Safety Features support found <6>[ 7.405370] mmc0: new high speed SDXC card at address e624 <6>[ 7.425300] mmcblk0: mmc0:e624 SD64G 59.5 GiB <6>[ 7.461716] dwc2 49000000.usb-otg: EPs: 9, dedicated fifos, 952 entries in SPRAM <6>[ 7.478282] mmc2: new high speed DDR MMC card at address 0001 <6>[ 7.497481] mmcblk2: mmc2:0001 DG4008 7.28 GiB <6>[ 7.557212] stm32-dwmac 5800a000.ethernet eth0: IEEE 1588-2008 Advanced Timestamp supported <6>[ 7.567866] stm32-dwmac 5800a000.ethernet eth0: registered PTP clock <6>[ 7.581643] stm32-dwmac 5800a000.ethernet eth0: configuring for phy/rgmii link mode <6>[ 7.590614] dwc2 49000000.usb-otg: DWC OTG Controller <6>[ 7.594954] dwc2 49000000.usb-otg: new USB bus registered, assigned bus number 1 <6>[ 7.602532] dwc2 49000000.usb-otg: irq 74, io mem 0x49000000 <4>[ 7.615096] GPT:Primary header thinks Alt. header is not at the end of the disk. <4>[ 7.621452] GPT:3204245 != 124735487 <4>[ 7.625261] GPT:Alternate GPT header not at the end of the disk. <6>[ 7.629198] hub 1-0:1.0: USB hub found <4>[ 7.631580] GPT:3204245 != 124735487 <6>[ 7.636119] hub 1-0:1.0: 1 port detected <4>[ 7.639403] GPT: Use GNU Parted to correct GPT errors. <6>[ 7.639598] mmcblk0: p1 p2 p3 p4 <4>[ 7.654027] GPT:Primary header thinks Alt. header is not at the end of the disk. <4>[ 7.660468] GPT:3145727 != 15273599 <4>[ 7.664186] GPT:Alternate GPT header not at the end of the disk. <6>[ 7.664725] ehci-platform 5800d000.usb: EHCI Host Controller <4>[ 7.670485] GPT:3145727 != 15273599 <4>[ 7.670500] GPT: Use GNU Parted to correct GPT errors. <6>[ 7.670693] mmcblk2: p1 p2 p3 p4 <6>[ 7.676667] ehci-platform 5800d000.usb: new USB bus registered, assigned bus number 2 <6>[ 7.708401] mmcblk2boot0: mmc2:0001 DG4008 4.00 MiB <6>[ 7.717301] mmc1: new high speed SDIO card at address 0001 <6>[ 7.755524] mmcblk2boot1: mmc2:0001 DG4008 4.00 MiB <6>[ 7.782094] ehci-platform 5800d000.usb: irq 76, io mem 0x5800d000 <6>[ 7.792580] mmcblk2rpmb: mmc2:0001 DG4008 4.00 MiB, chardev (510:0) <6>[ 7.793212] ehci-platform 5800d000.usb: USB 2.0 started, EHCI 1.00 <6>[ 7.813192] hub 2-0:1.0: USB hub found <6>[ 7.816387] hub 2-0:1.0: 2 ports detected <6>[ 8.060104] usb 2-1: new high-speed USB device number 2 using ehci-platform <6>[ 8.198110] hub 2-1:1.0: USB hub found <6>[ 8.201373] hub 2-1:1.0: 3 ports detected <6>[ 14.749134] stm32-dwmac 5800a000.ethernet eth0: Link is Up - 1Gbps/Full - flow control off <5>[ 14.769116] Sending DHCP requests .., OK <6>[ 18.024175] IP-Config: Got DHCP answer from 192.168.56.254, my address is 192.168.56.202 <6>[ 18.032448] IP-Config: Complete: <6>[ 18.035924] device=eth0, hwaddr=80:1f:12:cc:2a:a4, ipaddr=192.168.56.202, mask=255.255.255.0, gw=192.168.56.254 <6>[ 18.046663] host=192.168.56.202, domain=mayfield.sirena.org.uk, nis-domain=(none) <6>[ 18.054926] bootserver=192.168.56.254, rootserver=192.168.56.193, rootpath= <6>[ 18.054947] nameserver0=192.168.56.254 <6>[ 18.067008] ntpserver0=50.205.244.22, ntpserver1=85.199.214.99 <6>[ 18.080850] clk: Disabling unused clocks <6>[ 18.084668] PM: genpd: Disabling unused power domains <6>[ 18.232137] Freeing unused kernel image (initmem) memory: 2048K <6>[ 18.237997] Run /init as init process Loading, please wait... Starting systemd-udevd version 252.22-1~deb12u1 <6>[ 29.458352] stm32-ipcc 4c001000.mailbox: ipcc rev:1.0 enabled, 6 chans, proc 0 <6>[ 29.728767] stm32-crc32 58009000.crc: Initialized <6>[ 30.145134] i2c 2-003d: Fixed dependency cycle(s) with /soc/bus@5c007000/sai@4400b000/audio-controller@4400b004 <6>[ 30.155653] platform 4400b004.audio-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 30.216882] etnaviv etnaviv: bound 59000000.gpu (ops gpu_ops [etnaviv]) <6>[ 30.222686] etnaviv-gpu 59000000.gpu: model: GC400, revision: 4652 <6>[ 30.282807] [drm] Initialized etnaviv 1.4.0 for etnaviv on minor 2 <6>[ 30.612418] Bluetooth: Core ver 2.22 <6>[ 30.615647] NET: Registered PF_BLUETOOTH protocol family <6>[ 30.620506] Bluetooth: HCI device and connection manager initialized <6>[ 30.627267] Bluetooth: HCI socket layer initialized <6>[ 30.632406] Bluetooth: L2CAP socket layer initialized <6>[ 30.637888] Bluetooth: SCO socket layer initialized <6>[ 30.895280] Bluetooth: HCI UART driver ver 2.3 <6>[ 30.898747] Bluetooth: HCI UART protocol H4 registered <6>[ 30.906400] Bluetooth: HCI UART protocol Broadcom registered <4>[ 30.918974] hci_uart_bcm serial0-0: supply vbat not found, using dummy regulator <4>[ 30.928371] hci_uart_bcm serial0-0: supply vddio not found, using dummy regulator <6>[ 31.189560] stm32-dwmac 5800a000.ethernet end0: renamed from eth0 (while UP) <5>[ 31.302316] cfg80211: Loading compiled-in X.509 certificates for regulatory database <6>[ 31.373937] Bluetooth: hci0: BCM: chip id 107 <6>[ 31.378500] Bluetooth: hci0: BCM: features 0x2f <6>[ 31.402343] Bluetooth: hci0: BCM4345C0 <6>[ 31.405178] Bluetooth: hci0: BCM4345C0 (003.001.025) build 0000 <3>[ 31.418969] Bluetooth: hci0: BCM: firmware Patch file not found, tried: <3>[ 31.424525] Bluetooth: hci0: BCM: 'brcm/BCM4345C0.arrow,stm32mp157a-avenger96.hcd' <3>[ 31.432393] Bluetooth: hci0: BCM: 'brcm/BCM4345C0.hcd' <3>[ 31.437956] Bluetooth: hci0: BCM: 'brcm/BCM.arrow,stm32mp157a-avenger96.hcd' <3>[ 31.445148] Bluetooth: hci0: BCM: 'brcm/BCM.hcd' <5>[ 31.552249] Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' <6>[ 31.553669] [drm] Initialized stm 1.0.0 for 5a001000.display-controller on minor 1 <6>[ 31.578846] stm32-display 5a001000.display-controller: [drm] Cannot find any crtc or sizes <6>[ 31.593453] stm32-display 5a001000.display-controller: [drm] Cannot find any crtc or sizes <5>[ 31.602798] Loaded X.509 cert 'wens: 61c038651aabdcf94bd0ac7ff06c7248db18c600' <4>[ 31.610990] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 <6>[ 31.618714] cfg80211: failed to load regulatory.db <6>[ 31.764439] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6 <4>[ 31.774911] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.arrow,stm32mp157a-avenger96.bin failed with error -2 <4>[ 31.944398] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2 <3>[ 33.000886] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50 <3>[ 33.955259] debugfs: File 'Capture' in directory 'dapm' already present! Begin: Loading essential drivers ... done. Begin: Running /scripts/init-premount ... done. Begin: Mounting root file system ... Begin: Running /scripts/nfs-top ... done. Begin: Running /scripts/nfs-premount ... Waiting up to 60 secs for any ethernet to become available Device /sys/class/net/bond0 found done. Begin: Waiting up to 180 secs for any network device to become available ... done. IP-Config: bond0 hardware address d2:bb:a3:15:88:b7 mtu 1500 DHCP IP-Config: end0 hardware address 80:1f:12:cc:2a:a4 mtu 1500 DHCP /sys/class/net/bonding_masters/flags: Not a directory IP-Config: end0 complete (dhcp from 192.168.56.254): address: 192.168.56.202 broadcast: 192.168.56.255 netmask: 255.255.255.0 gateway: 192.168.56.254 dns0 : 192.168.56.254 dns1 : 0.0.0.0 domain : mayfield.sirena.org.uk rootserver: 192.168.56.254 rootpath: filename : done. Begin: Running /scripts/nfs-bottom ... done. Begin: Running /scripts/init-bottom ... done. <30>[ 37.304567] systemd[1]: System time before build time, advancing clock. <30>[ 37.667571] systemd[1]: systemd 252.22-1~deb12u1 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) <30>[ 37.699720] systemd[1]: Detected architecture arm. Welcome to [1mDebian GNU/Linux 12 (bookworm)[0m! <30>[ 37.740912] systemd[1]: Hostname set to . <30>[ 41.799896] systemd[1]: Queued start job for default target graphical.target. <30>[ 41.853310] systemd[1]: Created slice system-getty.slice - Slice /system/getty. [[0;32m OK [0m] Created slice [0;1;39msystem-getty.slice[0m - Slice /system/getty. <30>[ 41.883280] systemd[1]: Created slice system-modprobe.slice - Slice /system/modprobe. [[0;32m OK [0m] Created slice [0;1;39msystem-modpr…lice[0m - Slice /system/modprobe. <30>[ 41.912016] systemd[1]: Created slice system-serial\x2dgetty.slice - Slice /system/serial-getty. [[0;32m OK [0m] Created slice [0;1;39msystem-seria…[0m - Slice /system/serial-getty. <30>[ 41.940854] systemd[1]: Created slice user.slice - User and Session Slice. [[0;32m OK [0m] Created slice [0;1;39muser.slice[0m - User and Session Slice. <30>[ 41.959247] systemd[1]: Started systemd-ask-password-console.path - Dispatch Password Requests to Console Directory Watch. [[0;32m OK [0m] Started [0;1;39msystemd-ask-passwo…quests to Console Directory Watch. <30>[ 41.981901] systemd[1]: Started systemd-ask-password-wall.path - Forward Password Requests to Wall Directory Watch. [[0;32m OK [0m] Started [0;1;39msystemd-ask-passwo… Requests to Wall Directory Watch. <30>[ 42.002717] systemd[1]: proc-sys-fs-binfmt_misc.automount - Arbitrary Executable File Formats File System Automount Point was skipped because of an unmet condition check (ConditionPathExists=/proc/sys/fs/binfmt_misc). <30>[ 42.021747] systemd[1]: Expecting device dev-ttySTM0.device - /dev/ttySTM0... Expecting device [0;1;39mdev-ttySTM0.device[0m - /dev/ttySTM0... <30>[ 42.037916] systemd[1]: Reached target cryptsetup.target - Local Encrypted Volumes. [[0;32m OK [0m] Reached target [0;1;39mcryptsetup.…get[0m - Local Encrypted Volumes. <30>[ 42.057198] systemd[1]: Reached target integritysetup.target - Local Integrity Protected Volumes. [[0;32m OK [0m] Reached target [0;1;39mintegrityse…Local Integrity Protected Volumes. <30>[ 42.076184] systemd[1]: Reached target paths.target - Path Units. [[0;32m OK [0m] Reached target [0;1;39mpaths.target[0m - Path Units. <30>[ 42.090810] systemd[1]: Reached target remote-fs.target - Remote File Systems. [[0;32m OK [0m] Reached target [0;1;39mremote-fs.target[0m - Remote File Systems. <30>[ 42.107893] systemd[1]: Reached target slices.target - Slice Units. [[0;32m OK [0m] Reached target [0;1;39mslices.target[0m - Slice Units. <30>[ 42.123162] systemd[1]: Reached target swap.target - Swaps. [[0;32m OK [0m] Reached target [0;1;39mswap.target[0m - Swaps. <30>[ 42.138155] systemd[1]: Reached target veritysetup.target - Local Verity Protected Volumes. [[0;32m OK [0m] Reached target [0;1;39mveritysetup… - Local Verity Protected Volumes. <30>[ 42.160214] systemd[1]: Listening on systemd-initctl.socket - initctl Compatibility Named Pipe. [[0;32m OK [0m] Listening on [0;1;39msystemd-initc… initctl Compatibility Named Pipe. <30>[ 42.187140] systemd[1]: Listening on systemd-journald-audit.socket - Journal Audit Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-journ…socket[0m - Journal Audit Socket. <30>[ 42.212616] systemd[1]: Listening on systemd-journald-dev-log.socket - Journal Socket (/dev/log). [[0;32m OK [0m] Listening on [0;1;39msystemd-journ…t[0m - Journal Socket (/dev/log). <30>[ 42.237643] systemd[1]: Listening on systemd-journald.socket - Journal Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-journald.socket[0m - Journal Socket. <30>[ 42.260838] systemd[1]: Listening on systemd-networkd.socket - Network Service Netlink Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-netwo… - Network Service Netlink Socket. <30>[ 42.292678] systemd[1]: Listening on systemd-udevd-control.socket - udev Control Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-udevd….socket[0m - udev Control Socket. <30>[ 42.314614] systemd[1]: Listening on systemd-udevd-kernel.socket - udev Kernel Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-udevd…l.socket[0m - udev Kernel Socket. <30>[ 42.337843] systemd[1]: dev-hugepages.mount - Huge Pages File System was skipped because of an unmet condition check (ConditionPathExists=/sys/kernel/mm/hugepages). <30>[ 42.353413] systemd[1]: dev-mqueue.mount - POSIX Message Queue File System was skipped because of an unmet condition check (ConditionPathExists=/proc/sys/fs/mqueue). <30>[ 42.398184] systemd[1]: Mounting sys-kernel-debug.mount - Kernel Debug File System... Mounting [0;1;39msys-kernel-debug.…[0m - Kernel Debug File System... <30>[ 42.448540] systemd[1]: Mounting sys-kernel-tracing.mount - Kernel Trace File System... Mounting [0;1;39msys-kernel-tracin…[0m - Kernel Trace File System... <30>[ 42.512443] systemd[1]: Starting kmod-static-nodes.service - Create List of Static Device Nodes... Starting [0;1;39mkmod-static-nodes…ate List of Static Device Nodes... <30>[ 42.596631] systemd[1]: Starting modprobe@configfs.service - Load Kernel Module configfs... Starting [0;1;39mmodprobe@configfs…m - Load Kernel Module configfs... <30>[ 42.704534] systemd[1]: Starting modprobe@dm_mod.service - Load Kernel Module dm_mod... Starting [0;1;39mmodprobe@dm_mod.s…[0m - Load Kernel Module dm_mod... <30>[ 42.784991] systemd[1]: Starting modprobe@drm.service - Load Kernel Module drm... Starting [0;1;39mmodprobe@drm.service[0m - Load Kernel Module drm... <30>[ 42.840782] systemd[1]: Starting modprobe@efi_pstore.service - Load Kernel Module efi_pstore... Starting [0;1;39mmodprobe@efi_psto…- Load Kernel Module efi_pstore... <30>[ 42.897990] systemd[1]: Starting modprobe@fuse.service - Load Kernel Module fuse... Starting [0;1;39mmodprobe@fuse.ser…e[0m - Load Kernel Module fuse... <30>[ 42.976511] systemd[1]: Starting modprobe@loop.service - Load Kernel Module loop... Starting [0;1;39mmodprobe@loop.ser…e[0m - Load Kernel Module loop... <30>[ 43.109932] systemd[1]: Starting systemd-journald.service - Journal Service... Starting [0;1;39msystemd-journald.service[0m - Journal Service... <6>[ 43.132327] fuse: init (API version 7.41) <30>[ 43.218471] systemd[1]: Starting systemd-modules-load.service - Load Kernel Modules... Starting [0;1;39msystemd-modules-l…rvice[0m - Load Kernel Modules... <30>[ 43.296460] systemd[1]: Starting systemd-network-generator.service - Generate network units from Kernel command line... Starting [0;1;39msystemd-network-g… units from Kernel command line... <30>[ 43.393472] systemd[1]: Starting systemd-remount-fs.service - Remount Root and Kernel File Systems... Starting [0;1;39msystemd-remount-f…nt Root and Kernel File Systems... <30>[ 43.491730] systemd[1]: Starting systemd-udev-trigger.service - Coldplug All udev Devices... Starting [0;1;39msystemd-udev-trig…[0m - Coldplug All udev Devices... <30>[ 43.693620] systemd[1]: Mounted sys-kernel-debug.mount - Kernel Debug File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-debug.m…nt[0m - Kernel Debug File System. <30>[ 43.737201] systemd[1]: Mounted sys-kernel-tracing.mount - Kernel Trace File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-tracing…nt[0m - Kernel Trace File System. <30>[ 43.782008] systemd[1]: Finished kmod-static-nodes.service - Create List of Static Device Nodes. [[0;32m OK [0m] Finished [0;1;39mkmod-static-nodes…reate List of Static Device Nodes. <30>[ 43.829115] systemd[1]: modprobe@configfs.service: Deactivated successfully. <30>[ 43.853313] systemd[1]: Finished modprobe@configfs.service - Load Kernel Module configfs. [[0;32m OK [0m] Finished [0;1;39mmodprobe@configfs…[0m - Load Kernel Module configfs. <30>[ 43.920653] systemd[1]: modprobe@dm_mod.service: Deactivated successfully. <30>[ 43.942908] systemd[1]: Finished modprobe@dm_mod.service - Load Kernel Module dm_mod. [[0;32m OK [0m] Finished [0;1;39mmodprobe@dm_mod.s…e[0m - Load Kernel Module dm_mod. <30>[ 43.998338] systemd[1]: modprobe@drm.service: Deactivated successfully. <30>[ 44.019917] systemd[1]: Finished modprobe@drm.service - Load Kernel Module drm. [[0;32m OK [0m] Finished [0;1;39mmodprobe@drm.service[0m - Load Kernel Module drm. <30>[ 44.071507] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. <30>[ 44.093220] systemd[1]: Finished modprobe@efi_pstore.service - Load Kernel Module efi_pstore. [[0;32m OK [0m] Finished [0;1;39mmodprobe@efi_psto…m - Load Kernel Module efi_pstore. <30>[ 44.149102] systemd[1]: modprobe@fuse.service: Deactivated successfully. <30>[ 44.169772] systemd[1]: Finished modprobe@fuse.service - Load Kernel Module fuse. [[0;32m OK [0m] Finished [0;1;39mmodprobe@fuse.service[0m - Load Kernel Module fuse. <30>[ 44.221390] systemd[1]: modprobe@loop.service: Deactivated successfully. <30>[ 44.244353] systemd[1]: Finished modprobe@loop.service - Load Kernel Module loop. [[0;32m OK [0m] Finished [0;1;39mmodprobe@loop.service[0m - Load Kernel Module loop. <30>[ 44.290343] systemd[1]: Finished systemd-modules-load.service - Load Kernel Modules. [[0;32m OK [0m] Finished [0;1;39msystemd-modules-l…service[0m - Load Kernel Modules. <30>[ 44.334890] systemd[1]: Finished systemd-network-generator.service - Generate network units from Kernel command line. [[0;32m OK [0m] Finished [0;1;39msystemd-network-g…rk units from Kernel command line. <30>[ 44.381612] systemd[1]: Finished systemd-remount-fs.service - Remount Root and Kernel File Systems. [[0;32m OK [0m] Finished [0;1;39msystemd-remount-f…ount Root and Kernel File Systems. <30>[ 44.430267] systemd[1]: Reached target network-pre.target - Preparation for Network. [[0;32m OK [0m] Reached target [0;1;39mnetwork-pre…get[0m - Preparation for Network. <30>[ 44.513930] systemd[1]: Mounting sys-fs-fuse-connections.mount - FUSE Control File System... Mounting [0;1;39msys-fs-fuse-conne…[0m - FUSE Control File System... <30>[ 44.618554] systemd[1]: Mounting sys-kernel-config.mount - Kernel Configuration File System... Mounting [0;1;39msys-kernel-config…ernel Configuration File System... <30>[ 44.661499] systemd[1]: systemd-firstboot.service - First Boot Wizard was skipped because of an unmet condition check (ConditionFirstBoot=yes). <30>[ 44.686730] systemd[1]: systemd-pstore.service - Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). <30>[ 44.810834] systemd[1]: Starting systemd-random-seed.service - Load/Save Random Seed... Starting [0;1;39msystemd-random-se…ice[0m - Load/Save Random Seed... <30>[ 44.861372] systemd[1]: systemd-repart.service - Repartition Root Disk was skipped because no trigger condition checks were met. <30>[ 44.952931] systemd[1]: Starting systemd-sysctl.service - Apply Kernel Variables... Starting [0;1;39msystemd-sysctl.se…ce[0m - Apply Kernel Variables... <30>[ 45.067901] systemd[1]: Starting systemd-sysusers.service - Create System Users... Starting [0;1;39msystemd-sysusers.…rvice[0m - Create System Users... <30>[ 45.275254] systemd[1]: Started systemd-journald.service - Journal Service. [[0;32m OK [0m] Started [0;1;39msystemd-journald.service[0m - Journal Service. [[0;32m OK [0m] Mounted [0;1;39msys-fs-fuse-connec…nt[0m - FUSE Control File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-config.… Kernel Configuration File System. Starting [0;1;39msystemd-journal-f…h Journal to Persistent Storage... [[0;32m OK [0m] Finished [0;1;39msystemd-sysctl.service[0m - Apply Kernel Variables. [[0;32m OK [0m] Finished [0;1;39msystemd-sysusers.service[0m - Create System Users. Starting [0;1;39msystemd-tmpfiles-…ate Static Device Nodes in /dev... <46>[ 45.901592] systemd-journald[209]: Received client request to flush runtime journal. [[0;32m OK [0m] Finished [0;1;39msystemd-tmpfiles-…reate Static Device Nodes in /dev. [[0;32m OK [0m] Reached target [0;1;39mlocal-fs-pr…reparation for Local File Systems. [[0;32m OK [0m] Reached target [0;1;39mlocal-fs.target[0m - Local File Systems. Starting [0;1;39msystemd-udevd.ser…ger for Device Events and Files... [[0;32m OK [0m] Finished [0;1;39msystemd-random-se…rvice[0m - Load/Save Random Seed. [[0;32m OK [0m] Started [0;1;39msystemd-udevd.serv…nager for Device Events and Files. Starting [0;1;39msystemd-networkd.…ice[0m - Network Configuration... [[0;32m OK [0m] Finished [0;1;39msystemd-journal-f…ush Journal to Persistent Storage. Starting [0;1;39msystemd-tmpfiles-… Volatile Files and Directories... [[0;32m OK [0m] Started [0;1;39msystemd-networkd.service[0m - Network Configuration. [[0;32m OK [0m] Reached target [0;1;39mnetwork.target[0m - Network. [[0;32m OK [0m] Finished [0;1;39msystemd-tmpfiles-…te Volatile Files and Directories. Starting [0;1;39msystemd-timesyncd… - Network Time Synchronization... Starting [0;1;39msystemd-update-ut…rd System Boot/Shutdown in UTMP... [[0;32m OK [0m] Finished [0;1;39msystemd-update-ut…cord System Boot/Shutdown in UTMP. [[0;32m OK [0m] Started [0;1;39msystemd-timesyncd.…0m - Network Time Synchronization. [[0;32m OK [0m] Reached target [0;1;39mtime-set.target[0m - System Time Set. [[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (13s / no limit) M [K[[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (14s / no limit) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (14s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (15s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (15s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m*[0m] (2 of 2) Job dev-ttySTM0.device/start running (16s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (16s / no limit) M [K[ [0;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (17s / no limit) M [K[ [0;31m*[0;1;31m*[0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (18s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m*[0m] (2 of 2) Job dev-ttySTM0.device/start running (19s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (20s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (21s / 1min 30s) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (21s / no limit) <46>[ 63.745140] systemd-journald[209]: Oldest entry in /var/log/journal/658c871cd7314ccea6115dc5728f8992/system.journal is older than the configured file retention duration (1month), suggesting rotation. <46>[ 63.836352] systemd-journald[209]: /var/log/journal/658c871cd7314ccea6115dc5728f8992/system.journal: Journal header limits reached or header out-of-date, rotating. M [K[[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (22s / no limit) M [K[[0m[0;31m* [0m] (1 of 2) Job systemd-udev-trigger.s…ice/start running (23s / no limit) M [K[[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job dev-ttySTM0.device/start running (24s / 1min 30s) M [K[[0;32m OK [0m] Found device [0;1;39mdev-ttySTM0.device[0m - /dev/ttySTM0. [K[[0;32m OK [0m] Finished [0;1;39msystemd-udev-trig…e[0m - Coldplug All udev Devices. [[0;32m OK [0m] Reached target [0;1;39mbluetooth.target[0m - Bluetooth Support. [[0;32m OK [0m] Reached target [0;1;39musb-gadget.…m - Hardware activated USB gadget. [[0;32m OK [0m] Listening on [0;1;39msystemd-rfkil…l Switch Status /dev/rfkill Watch. Starting [0;1;39mmodprobe@dm_mod.s…[0m - Load Kernel Module dm_mod... Starting [0;1;39mmodprobe@efi_psto…- Load Kernel Module efi_pstore... Starting [0;1;39mmodprobe@loop.ser…e[0m - Load Kernel Module loop... [[0;32m OK [0m] Finished [0;1;39mmodprobe@dm_mod.s…e[0m - Load Kernel Module dm_mod. Starting [0;1;39msystemd-rfkill.se…Load/Save RF Kill Switch Status... [[0;32m OK [0m] Finished [0;1;39mmodprobe@efi_psto…m - Load Kernel Module efi_pstore. [[0;32m OK [0m] Finished [0;1;39mmodprobe@loop.service[0m - Load Kernel Module loop. [[0;32m OK [0m] Reached target [0;1;39msysinit.target[0m - System Initialization. [[0;32m OK [0m] Started [0;1;39mapt-daily.timer[0m - Daily apt download activities. [[0;32m OK [0m] Started [0;1;39mapt-daily-upgrade.… apt upgrade and clean activities. [[0;32m OK [0m] Started [0;1;39mdpkg-db-backup.tim… Daily dpkg database backup timer. [[0;32m OK [0m] Started [0;1;39me2scrub_all.timer…etadata Check for All Filesystems. [[0;32m OK [0m] Started [0;1;39mfstrim.timer[0m - Discard unused blocks once a week. [[0;32m OK [0m] Started [0;1;39msystemd-tmpfiles-c… Cleanup of Temporary Directories. [[0;32m OK [0m] Reached target [0;1;39mtimers.target[0m - Timer Units. [[0;32m OK [0m] Listening on [0;1;39mdbus.socket[…- D-Bus System Message Bus Socket. [[0;32m OK [0m] Reached target [0;1;39msockets.target[0m - Socket Units. [[0;32m OK [0m] Reached target [0;1;39mbasic.target[0m - Basic System. Starting [0;1;39malsa-restore.serv…- Save/Restore Sound Card State... Starting [0;1;39mdbus.service[0m - D-Bus System Message Bus... Starting [0;1;39me2scrub_reap.serv…e ext4 Metadata Check Snapshots... Starting [0;1;39msystemd-logind.se…ice[0m - User Login Management... Starting [0;1;39msystemd-user-sess…vice[0m - Permit User Sessions... [[0;32m OK [0m] Started [0;1;39msystemd-rfkill.ser…- Load/Save RF Kill Switch Status. [[0;32m OK [0m] Started [0;1;39mdbus.service[0m - D-Bus System Message Bus. [[0;32m OK [0m] Finished [0;1;39malsa-restore.serv…m - Save/Restore Sound Card State. [[0;32m OK [0m] Reached target [0;1;39msound.target[0m - Sound Card. [[0;32m OK [0m] Finished [0;1;39msystemd-user-sess…ervice[0m - Permit User Sessions. [[0;32m OK [0m] Started [0;1;39mgetty@tty1.service[0m - Getty on tty1. [[0;32m OK [0m] Started [0;1;39mserial-getty@ttyST…ice[0m - Serial Getty on ttySTM0. [[0;32m OK [0m] Reached target [0;1;39mgetty.target[0m - Login Prompts. Starting [0;1;39msystemd-hostnamed.service[0m - Hostname Service... [[0;32m OK [0m] Started [0;1;39msystemd-logind.service[0m - User Login Management. [[0;32m OK [0m] Finished [0;1;39me2scrub_reap.serv…ine ext4 Metadata Check Snapshots. [[0;32m OK [0m] Reached target [0;1;39mmulti-user.target[0m - Multi-User System. [[0;32m OK [0m] Reached target [0;1;39mgraphical.target[0m - Graphical Interface. Starting [0;1;39msystemd-update-ut… Record Runlevel Change in UTMP... [[0;32m OK [0m] Finished [0;1;39msystemd-update-ut… - Record Runlevel Change in UTMP. [[0;32m OK [0m] Started [0;1;39msystemd-hostnamed.service[0m - Hostname Service. Debian GNU/Linux 12 debian-bookworm-armhf ttySTM0 debian-bookworm-armhf login: root (automatic login) Linux debian-bookworm-armhf 6.12.0-rc2-next-20241011 #1 SMP Fri Oct 11 07:49:31 UTC 2024 armv7l The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. / # / # export NFS_ROOTFS='/var/lib/lava/dispatcher/tmp/838329/extract-nfsrootfs-q4erw7_p' export NFS_ROOTFS='/var/lib/lava/dispatcher/tmp/838329/extract-nfsrootfs-q4erw7_p' / # export NFS_SERVER_IP='192.168.56.193' export NFS_SERVER_IP='192.168.56.193' / # # # / # export SHELL=/bin/bash export SHELL=/bin/bash / # . /lava-838329/environment . /lava-838329/environment / # /lava-838329/bin/lava-test-runner /lava-838329/0 /lava-838329/bin/lava-test-runner /lava-838329/0 + export TESTRUN_ID=0_timesync-off + TESTRUN_ID=0_timesync-off + cd /lava-838329/0/tests/0_timesync-off ++ cat uuid + UUID=838329_1.6.2.4.1 + set +x + systemctl stop systemd-timesyncd + set +x + export TESTRUN_ID=1_kselftest-lkdtm + TESTRUN_ID=1_kselftest-lkdtm + cd /lava-838329/0/tests/1_kselftest-lkdtm ++ cat uuid + UUID=838329_1.6.2.4.5 + set +x + cd ./automated/linux/kselftest/ + ./kselftest.sh -c lkdtm -T '' -t kselftest_armhf.tar.gz -s True -u http://storage.kernelci.org/next/master/next-20241011/arm/multi_v7_defconfig+kselftest/gcc-12/kselftest.tar.xz -L '' -S /dev/null -b stm32mp157a-dhcor-avenger96 -g next -e '' -p /opt/kselftests/mainline/ -n 1 -i 1 -E '' INFO: install_deps skipped --2024-10-11 08:31:11-- http://storage.kernelci.org/next/master/next-20241011/arm/multi_v7_defconfig+kselftest/gcc-12/kselftest.tar.xz Resolving storage.kernelci.org (storage.kernelci.org)... 20.171.243.82 Connecting to storage.kernelci.org (storage.kernelci.org)|20.171.243.82|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 3774748 (3.6M) [application/octet-stream] Saving to: 'kselftest_armhf.tar.gz' kselftest_armhf.tar 0%[ ] 0 --.-KB/s kselftest_armhf.tar 1%[ ] 49.92K 175KB/s kselftest_armhf.tar 5%[> ] 218.67K 383KB/s kselftest_armhf.tar 24%[===> ] 893.67K 1.02MB/s kselftest_armhf.tar 80%[===============> ] 2.92M 2.76MB/s kselftest_armhf.tar 100%[===================>] 3.60M 3.14MB/s in 1.1s 2024-10-11 08:31:13 (3.14 MB/s) - 'kselftest_armhf.tar.gz' saved [3774748/3774748] skiplist: ======================================== ======================================== lkdtm:PANIC.sh lkdtm:PANIC_STOP_IRQOFF.sh lkdtm:BUG.sh lkdtm:WARNING.sh lkdtm:WARNING_MESSAGE.sh lkdtm:EXCEPTION.sh lkdtm:LOOP.sh lkdtm:EXHAUST_STACK.sh lkdtm:CORRUPT_STACK.sh lkdtm:CORRUPT_STACK_STRONG.sh lkdtm:ARRAY_BOUNDS.sh lkdtm:CORRUPT_LIST_ADD.sh lkdtm:CORRUPT_LIST_DEL.sh lkdtm:STACK_GUARD_PAGE_LEADING.sh lkdtm:STACK_GUARD_PAGE_TRAILING.sh lkdtm:REPORT_STACK_CANARY.sh lkdtm:UNSET_SMEP.sh lkdtm:DOUBLE_FAULT.sh lkdtm:CORRUPT_PAC.sh lkdtm:UNALIGNED_LOAD_STORE_WRITE.sh lkdtm:SLAB_LINEAR_OVERFLOW.sh lkdtm:VMALLOC_LINEAR_OVERFLOW.sh lkdtm:WRITE_AFTER_FREE.sh lkdtm:READ_AFTER_FREE.sh lkdtm:WRITE_BUDDY_AFTER_FREE.sh lkdtm:READ_BUDDY_AFTER_FREE.sh lkdtm:SLAB_INIT_ON_ALLOC.sh lkdtm:BUDDY_INIT_ON_ALLOC.sh lkdtm:SLAB_FREE_DOUBLE.sh lkdtm:SLAB_FREE_CROSS.sh lkdtm:SLAB_FREE_PAGE.sh lkdtm:SOFTLOCKUP.sh lkdtm:HARDLOCKUP.sh lkdtm:SMP_CALL_LOCKUP.sh lkdtm:SPINLOCKUP.sh lkdtm:HUNG_TASK.sh lkdtm:EXEC_DATA.sh lkdtm:EXEC_STACK.sh lkdtm:EXEC_KMALLOC.sh lkdtm:EXEC_VMALLOC.sh lkdtm:EXEC_RODATA.sh lkdtm:EXEC_USERSPACE.sh lkdtm:EXEC_NULL.sh lkdtm:ACCESS_USERSPACE.sh lkdtm:ACCESS_NULL.sh lkdtm:WRITE_RO.sh lkdtm:WRITE_RO_AFTER_INIT.sh lkdtm:WRITE_KERN.sh lkdtm:WRITE_OPD.sh lkdtm:REFCOUNT_INC_OVERFLOW.sh lkdtm:REFCOUNT_ADD_OVERFLOW.sh lkdtm:REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_DEC_ZERO.sh lkdtm:REFCOUNT_DEC_NEGATIVE.sh lkdtm:REFCOUNT_DEC_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_SUB_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_INC_ZERO.sh lkdtm:REFCOUNT_ADD_ZERO.sh lkdtm:REFCOUNT_INC_SATURATED.sh lkdtm:REFCOUNT_DEC_SATURATED.sh lkdtm:REFCOUNT_ADD_SATURATED.sh lkdtm:REFCOUNT_INC_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_DEC_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_SUB_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_TIMING.sh lkdtm:ATOMIC_TIMING.sh lkdtm:USERCOPY_SLAB_SIZE_TO.sh lkdtm:USERCOPY_SLAB_SIZE_FROM.sh lkdtm:USERCOPY_SLAB_WHITELIST_TO.sh lkdtm:USERCOPY_SLAB_WHITELIST_FROM.sh lkdtm:USERCOPY_STACK_FRAME_TO.sh lkdtm:USERCOPY_STACK_FRAME_FROM.sh lkdtm:USERCOPY_STACK_BEYOND.sh lkdtm:USERCOPY_KERNEL.sh lkdtm:STACKLEAK_ERASING.sh lkdtm:CFI_FORWARD_PROTO.sh lkdtm:CFI_BACKWARD.sh lkdtm:FORTIFY_STRSCPY.sh lkdtm:FORTIFY_STR_OBJECT.sh lkdtm:FORTIFY_STR_MEMBER.sh lkdtm:FORTIFY_MEM_OBJECT.sh lkdtm:FORTIFY_MEM_MEMBER.sh lkdtm:PPC_SLB_MULTIHIT.sh lkdtm:stack-entropy.sh ============== Tests to run =============== lkdtm:PANIC.sh lkdtm:PANIC_STOP_IRQOFF.sh lkdtm:BUG.sh lkdtm:WARNING.sh lkdtm:WARNING_MESSAGE.sh lkdtm:EXCEPTION.sh lkdtm:LOOP.sh lkdtm:EXHAUST_STACK.sh lkdtm:CORRUPT_STACK.sh lkdtm:CORRUPT_STACK_STRONG.sh lkdtm:ARRAY_BOUNDS.sh lkdtm:CORRUPT_LIST_ADD.sh lkdtm:CORRUPT_LIST_DEL.sh lkdtm:STACK_GUARD_PAGE_LEADING.sh lkdtm:STACK_GUARD_PAGE_TRAILING.sh lkdtm:REPORT_STACK_CANARY.sh lkdtm:UNSET_SMEP.sh lkdtm:DOUBLE_FAULT.sh lkdtm:CORRUPT_PAC.sh lkdtm:UNALIGNED_LOAD_STORE_WRITE.sh lkdtm:SLAB_LINEAR_OVERFLOW.sh lkdtm:VMALLOC_LINEAR_OVERFLOW.sh lkdtm:WRITE_AFTER_FREE.sh lkdtm:READ_AFTER_FREE.sh lkdtm:WRITE_BUDDY_AFTER_FREE.sh lkdtm:READ_BUDDY_AFTER_FREE.sh lkdtm:SLAB_INIT_ON_ALLOC.sh lkdtm:BUDDY_INIT_ON_ALLOC.sh lkdtm:SLAB_FREE_DOUBLE.sh lkdtm:SLAB_FREE_CROSS.sh lkdtm:SLAB_FREE_PAGE.sh lkdtm:SOFTLOCKUP.sh lkdtm:HARDLOCKUP.sh lkdtm:SMP_CALL_LOCKUP.sh lkdtm:SPINLOCKUP.sh lkdtm:HUNG_TASK.sh lkdtm:EXEC_DATA.sh lkdtm:EXEC_STACK.sh lkdtm:EXEC_KMALLOC.sh lkdtm:EXEC_VMALLOC.sh lkdtm:EXEC_RODATA.sh lkdtm:EXEC_USERSPACE.sh lkdtm:EXEC_NULL.sh lkdtm:ACCESS_USERSPACE.sh lkdtm:ACCESS_NULL.sh lkdtm:WRITE_RO.sh lkdtm:WRITE_RO_AFTER_INIT.sh lkdtm:WRITE_KERN.sh lkdtm:WRITE_OPD.sh lkdtm:REFCOUNT_INC_OVERFLOW.sh lkdtm:REFCOUNT_ADD_OVERFLOW.sh lkdtm:REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_DEC_ZERO.sh lkdtm:REFCOUNT_DEC_NEGATIVE.sh lkdtm:REFCOUNT_DEC_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_SUB_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_INC_ZERO.sh lkdtm:REFCOUNT_ADD_ZERO.sh lkdtm:REFCOUNT_INC_SATURATED.sh lkdtm:REFCOUNT_DEC_SATURATED.sh lkdtm:REFCOUNT_ADD_SATURATED.sh lkdtm:REFCOUNT_INC_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_DEC_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_SUB_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_TIMING.sh lkdtm:ATOMIC_TIMING.sh lkdtm:USERCOPY_SLAB_SIZE_TO.sh lkdtm:USERCOPY_SLAB_SIZE_FROM.sh lkdtm:USERCOPY_SLAB_WHITELIST_TO.sh lkdtm:USERCOPY_SLAB_WHITELIST_FROM.sh lkdtm:USERCOPY_STACK_FRAME_TO.sh lkdtm:USERCOPY_STACK_FRAME_FROM.sh lkdtm:USERCOPY_STACK_BEYOND.sh lkdtm:USERCOPY_KERNEL.sh lkdtm:STACKLEAK_ERASING.sh lkdtm:CFI_FORWARD_PROTO.sh lkdtm:CFI_BACKWARD.sh lkdtm:FORTIFY_STRSCPY.sh lkdtm:FORTIFY_STR_OBJECT.sh lkdtm:FORTIFY_STR_MEMBER.sh lkdtm:FORTIFY_MEM_OBJECT.sh lkdtm:FORTIFY_MEM_MEMBER.sh lkdtm:PPC_SLB_MULTIHIT.sh lkdtm:stack-entropy.sh ===========End Tests to run =============== shardfile-lkdtm pass <12>[ 158.899603] kselftest: Running tests in lkdtm TAP version 13 1..86 # timeout set to 45 # selftests: lkdtm: PANIC.sh # Skipping PANIC: crashes entire system ok 1 selftests: lkdtm: PANIC.sh # SKIP # timeout set to 45 # selftests: lkdtm: PANIC_STOP_IRQOFF.sh # Skipping PANIC_STOP_IRQOFF: Crashes entire system ok 2 selftests: lkdtm: PANIC_STOP_IRQOFF.sh # SKIP # timeout set to 45 # selftests: lkdtm: BUG.sh <6>[ 161.466162] lkdtm: Performing direct entry BUG <4>[ 161.469679] ------------[ cut here ]------------ <2>[ 161.474433] kernel BUG at drivers/misc/lkdtm/bugs.c:105! <0>[ 161.479985] Internal error: Oops - BUG: 0 [#1] SMP ARM <4>[ 161.485441] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 161.523549] CPU: 1 UID: 0 PID: 743 Comm: cat Not tainted 6.12.0-rc2-next-20241011 #1 <4>[ 161.531521] Hardware name: STM32 (Device Tree Support) <4>[ 161.536969] PC is at lkdtm_BUG+0x8/0xc <4>[ 161.541030] LR is at lkdtm_do_action+0x24/0x4c <4>[ 161.545683] pc : [] lr : [] psr: a0080013 <4>[ 161.552238] sp : f1251ec0 ip : 00000000 fp : 004cfe38 <4>[ 161.557787] r10: c562da40 r9 : f1251f80 r8 : c2687f9c <4>[ 161.563236] r7 : f1251f80 r6 : 00000000 r5 : c63f3000 r4 : 00000004 <4>[ 161.570094] r3 : c0df9268 r2 : 00000000 r1 : 00000000 r0 : c2687f9c <4>[ 161.576952] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 161.584316] Control: 10c5387d Table: c547c06a DAC: 00000051 <1>[ 161.590366] Register r0 information: non-slab/vmalloc memory <1>[ 161.596328] Register r1 information: NULL pointer <1>[ 161.601280] Register r2 information: NULL pointer <1>[ 161.606231] Register r3 information: non-slab/vmalloc memory <1>[ 161.612188] Register r4 information: non-paged memory <1>[ 161.617541] Register r5 information: non-slab/vmalloc memory <1>[ 161.623498] Register r6 information: NULL pointer <1>[ 161.628448] Register r7 information: 2-page vmalloc region starting at 0xf1250000 allocated at kernel_clone+0xac/0x388 <1>[ 161.639459] Register r8 information: non-slab/vmalloc memory <1>[ 161.645416] Register r9 information: 2-page vmalloc region starting at 0xf1250000 allocated at kernel_clone+0xac/0x388 <1>[ 161.656422] Register r10 information: slab kmalloc-192 start c562da00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 161.670294] full_proxy_open+0x124/0x24c <6>[ 161.674749] do_dentry_open+0x144/0x4dc <6>[ 161.679106] vfs_open+0x2c/0xec <6>[ 161.682857] path_openat+0x748/0x1198 <6>[ 161.687009] do_filp_open+0x98/0x134 <6>[ 161.691159] do_sys_openat2+0xbc/0xe4 <6>[ 161.695313] sys_openat+0x98/0xd4 <6>[ 161.699165] ret_fast_syscall+0x0/0x1c <4>[ 161.703415] Free path: <6>[ 161.706146] nfs_lookup+0xe0/0x318 <6>[ 161.710094] __lookup_slow+0x90/0x138 <6>[ 161.714242] walk_component+0xf4/0x164 <6>[ 161.718592] path_lookupat+0x7c/0x1a4 <6>[ 161.722741] filename_lookup+0xc0/0x190 <6>[ 161.727092] vfs_statx+0x78/0xe8 <6>[ 161.730843] do_statx+0x74/0xb4 <6>[ 161.734593] sys_statx+0x78/0xf4 <6>[ 161.738343] ret_fast_syscall+0x0/0x1c <1>[ 161.742592] Register r11 information: non-paged memory <1>[ 161.748047] Register r12 information: NULL pointer <0>[ 161.753099] Process cat (pid: 743, stack limit = 0xf1250000) <0>[ 161.759054] Stack: (0xf1251ec0 to 0xf1252000) <0>[ 161.763711] 1ec0: 00000004 c0df8b7c c0df8a60 c560ca40 b6e08000 00000004 c3a41d50 c0892960 <0>[ 161.772185] 1ee0: c560ca40 c0892904 f1251f80 b6e08000 c55f1e40 00000004 c562da40 c0629858 <0>[ 161.780658] 1f00: c547edb8 00000000 00000000 00000000 00000000 00000004 b6e08000 0001fffc <0>[ 161.789130] 1f20: 00000001 00000000 c560cf40 00000000 00000000 00000000 00000000 00000000 <0>[ 161.797602] 1f40: 00000000 00000000 00000000 00000000 00000022 36348649 00000000 c560ca40 <0>[ 161.806076] 1f60: c560ca40 00000000 00000000 c03002f0 c55f1e40 00000004 004cfe38 c0629db4 <0>[ 161.814548] 1f80: 00000000 00000000 00000000 36348649 000000c0 00000004 00000004 7ff00000 <0>[ 161.823021] 1fa0: 00000004 c03000c0 00000004 00000004 00000001 b6e08000 00000004 00000001 <0>[ 161.831494] 1fc0: 00000004 00000004 7ff00000 00000004 00000001 b6e08000 00020000 004cfe38 <0>[ 161.839967] 1fe0: 00000004 bebb2788 b6ece33b b6e47616 60080030 00000001 00000000 00000000 <0>[ 161.848431] Call trace: <0>[ 161.848446] lkdtm_BUG from lkdtm_do_action+0x24/0x4c <0>[ 161.856542] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 161.862313] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 161.867982] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 161.873461] vfs_write from ksys_write+0x78/0xf8 <0>[ 161.878431] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 161.883792] Exception stack(0xf1251fa8 to 0xf1251ff0) <0>[ 161.889148] 1fa0: 00000004 00000004 00000001 b6e08000 00000004 00000001 <0>[ 161.897622] 1fc0: 00000004 00000004 7ff00000 00000004 00000001 b6e08000 00020000 004cfe38 <0>[ 161.906091] 1fe0: 00000004 bebb2788 b6ece33b b6e47616 <0>[ 161.911449] Code: c2687f38 c2687f4c e52de004 e28dd004 (e7f001f2) <4>[ 161.917805] ---[ end trace 0000000000000000 ]--- <6>[ 161.922650] note: cat[743] exited with irqs disabled # Segmentation fault # [ 161.466162] lkdtm: Performing direct entry BUG # [ 161.469679] ------------[ cut here ]------------ # [ 161.474433] kernel BUG at drivers/misc/lkdtm/bugs.c:105! # [ 161.479985] Internal error: Oops - BUG: 0 [#1] SMP ARM # [ 161.485441] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 161.523549] CPU: 1 UID: 0 PID: 743 Comm: cat Not tainted 6.12.0-rc2-next-20241011 #1 # [ 161.531521] Hardware name: STM32 (Device Tree Support) # [ 161.536969] PC is at lkdtm_BUG+0x8/0xc # [ 161.541030] LR is at lkdtm_do_action+0x24/0x4c # [ 161.545683] pc : [] lr : [] psr: a0080013 # [ 161.552238] sp : f1251ec0 ip : 00000000 fp : 004cfe38 # [ 161.557787] r10: c562da40 r9 : f1251f80 r8 : c2687f9c # [ 161.563236] r7 : f1251f80 r6 : 00000000 r5 : c63f3000 r4 : 00000004 # [ 161.570094] r3 : c0df9268 r2 : 00000000 r1 : 00000000 r0 : c2687f9c # [ 161.576952] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 161.584316] Control: 10c5387d Table: c547c06a DAC: 00000051 # [ 161.590366] Register r0 information: non-slab/vmalloc memory # [ 161.596328] Register r1 information: NULL pointer # [ 161.601280] Register r2 information: NULL pointer # [ 161.606231] Register r3 information: non-slab/vmalloc memory # [ 161.612188] Register r4 information: non-paged memory # [ 161.617541] Register r5 information: non-slab/vmalloc memory # [ 161.623498] Register r6 information: NULL pointer # [ 161.628448] Register r7 information: 2-page vmalloc region starting at 0xf1250000 allocated at kernel_clone+0xac/0x388 # [ 161.639459] Register r8 information: non-slab/vmalloc memory # [ 161.645416] Register r9 information: 2-page vmalloc region starting at 0xf1250000 allocated at kernel_clone+0xac/0x388 # [ 161.656422] Register r10 information: slab kmalloc-192 start c562da00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 161.670294] full_proxy_open+0x124/0x24c # [ 161.674749] do_dentry_open+0x144/0x4dc # [ 161.679106] vfs_open+0x2c/0xec # [ 161.682857] path_openat+0x748/0x1198 # [ 161.687009] do_filp_open+0x98/0x134 # [ 161.691159] do_sys_openat2+0xbc/0xe4 # [ 161.695313] sys_openat+0x98/0xd4 # [ 161.699165] ret_fast_syscall+0x0/0x1c # [ 161.703415] Free path: # [ 161.706146] nfs_lookup+0xe0/0x318 # [ 161.710094] __lookup_slow+0x90/0x138 # [ 161.714242] walk_component+0xf4/0x164 # [ 161.718592] path_lookupat+0x7c/0x1a4 # [ 161.722741] filename_lookup+0xc0/0x190 # [ 161.727092] vfs_statx+0x78/0xe8 # [ 161.730843] do_statx+0x74/0xb4 # [ 161.734593] sys_statx+0x78/0xf4 # [ 161.738343] ret_fast_syscall+0x0/0x1c # [ 161.742592] Register r11 information: non-paged memory # [ 161.748047] Register r12 information: NULL pointer # [ 161.753099] Process cat (pid: 743, stack limit = 0xf1250000) # [ 161.759054] Stack: (0xf1251ec0 to 0xf1252000) # [ 161.763711] 1ec0: 00000004 c0df8b7c c0df8a60 c560ca40 b6e08000 00000004 c3a41d50 c0892960 # [ 161.772185] 1ee0: c560ca40 c0892904 f1251f80 b6e08000 c55f1e40 00000004 c562da40 c0629858 # [ 161.780658] 1f00: c547edb8 00000000 00000000 00000000 00000000 00000004 b6e08000 0001fffc # [ 161.789130] 1f20: 00000001 00000000 c560cf40 00000000 00000000 00000000 00000000 00000000 # [ 161.797602] 1f40: 00000000 00000000 00000000 00000000 00000022 36348649 00000000 c560ca40 # [ 161.806076] 1f60: c560ca40 00000000 00000000 c03002f0 c55f1e40 00000004 004cfe38 c0629db4 # [ 161.814548] 1f80: 00000000 00000000 00000000 36348649 000000c0 00000004 00000004 7ff00000 # [ 161.823021] 1fa0: 00000004 c03000c0 00000004 00000004 00000001 b6e08000 00000004 00000001 # [ 161.831494] 1fc0: 00000004 00000004 7ff00000 00000004 00000001 b6e08000 00020000 004cfe38 # [ 161.839967] 1fe0: 00000004 bebb2788 b6ece33b b6e47616 60080030 00000001 00000000 00000000 # [ 161.848431] Call trace: # [ 161.848446] lkdtm_BUG from lkdtm_do_action+0x24/0x4c # [ 161.856542] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 161.862313] direct_entry from full_proxy_write+0x5c/0x8c # [ 161.867982] full_proxy_write from vfs_write+0xbc/0x3cc # [ 161.873461] vfs_write from ksys_write+0x78/0xf8 # [ 161.878431] ksys_write from ret_fast_syscall+0x0/0x1c # [ 161.883792] Exception stack(0xf1251fa8 to 0xf1251ff0) # [ 161.889148] 1fa0: 00000004 00000004 00000001 b6e08000 00000004 00000001 # [ 161.897622] 1fc0: 00000004 00000004 7ff00000 00000004 00000001 b6e08000 00020000 004cfe38 # [ 161.906091] 1fe0: 00000004 bebb2788 b6ece33b b6e47616 # [ 161.911449] Code: c2687f38 c2687f4c e52de004 e28dd004 (e7f001f2) # [ 161.917805] ---[ end trace 0000000000000000 ]--- # [ 161.922650] note: cat[743] exited with irqs disabled # BUG: saw 'kernel BUG at': ok ok 3 selftests: lkdtm: BUG.sh # timeout set to 45 # selftests: lkdtm: WARNING.sh <6>[ 163.715187] lkdtm: Performing direct entry WARNING <4>[ 163.718985] ------------[ cut here ]------------ <4>[ 163.723844] WARNING: CPU: 1 PID: 826 at drivers/misc/lkdtm/bugs.c:112 lkdtm_do_action+0x24/0x4c <4>[ 163.732880] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 163.770964] CPU: 1 UID: 0 PID: 826 Comm: cat Tainted: G D 6.12.0-rc2-next-20241011 #1 <4>[ 163.780365] Tainted: [D]=DIE <4>[ 163.783507] Hardware name: STM32 (Device Tree Support) <4>[ 163.788956] Call trace: <4>[ 163.788972] unwind_backtrace from show_stack+0x18/0x1c <4>[ 163.797280] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 163.802554] dump_stack_lvl from __warn+0x84/0x134 <4>[ 163.807635] __warn from warn_slowpath_fmt+0x190/0x198 <4>[ 163.813018] warn_slowpath_fmt from lkdtm_do_action+0x24/0x4c <4>[ 163.819098] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 163.824866] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 163.830536] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 163.836012] vfs_write from ksys_write+0x78/0xf8 <4>[ 163.840980] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 163.846342] Exception stack(0xf12adfa8 to 0xf12adff0) <4>[ 163.851701] dfa0: 00000008 00000008 00000001 b6e78000 00000008 00000001 <4>[ 163.860174] dfc0: 00000008 00000008 7ff00000 00000004 00000001 b6e78000 00020000 0045fe38 <4>[ 163.868643] dfe0: 00000004 be82f788 b6f3e33b b6eb7616 <4>[ 163.874143] ---[ end trace 0000000000000000 ]--- # [ 163.715187] lkdtm: Performing direct entry WARNING # [ 163.718985] ------------[ cut here ]------------ # [ 163.723844] WARNING: CPU: 1 PID: 826 at drivers/misc/lkdtm/bugs.c:112 lkdtm_do_action+0x24/0x4c # [ 163.732880] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 163.770964] CPU: 1 UID: 0 PID: 826 Comm: cat Tainted: G D 6.12.0-rc2-next-20241011 #1 # [ 163.780365] Tainted: [D]=DIE # [ 163.783507] Hardware name: STM32 (Device Tree Support) # [ 163.788956] Call trace: # [ 163.788972] unwind_backtrace from show_stack+0x18/0x1c # [ 163.797280] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 163.802554] dump_stack_lvl from __warn+0x84/0x134 # [ 163.807635] __warn from warn_slowpath_fmt+0x190/0x198 # [ 163.813018] warn_slowpath_fmt from lkdtm_do_action+0x24/0x4c # [ 163.819098] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 163.824866] direct_entry from full_proxy_write+0x5c/0x8c # [ 163.830536] full_proxy_write from vfs_write+0xbc/0x3cc # [ 163.836012] vfs_write from ksys_write+0x78/0xf8 # [ 163.840980] ksys_write from ret_fast_syscall+0x0/0x1c # [ 163.846342] Exception stack(0xf12adfa8 to 0xf12adff0) # [ 163.851701] dfa0: 00000008 00000008 00000001 b6e78000 00000008 00000001 # [ 163.860174] dfc0: 00000008 00000008 7ff00000 00000004 00000001 b6e78000 00020000 0045fe38 # [ 163.868643] dfe0: 00000004 be82f788 b6f3e33b b6eb7616 # [ 163.874143] ---[ end trace 0000000000000000 ]--- # WARNING: saw 'WARNING:': ok ok 4 selftests: lkdtm: WARNING.sh # timeout set to 45 # selftests: lkdtm: WARNING_MESSAGE.sh <6>[ 165.029680] lkdtm: Performing direct entry WARNING_MESSAGE <4>[ 165.034195] ------------[ cut here ]------------ <4>[ 165.039566] WARNING: CPU: 0 PID: 871 at drivers/misc/lkdtm/bugs.c:117 lkdtm_WARNING_MESSAGE+0x44/0x4c <4>[ 165.048718] Warning message trigger count: 2 <4>[ 165.053154] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 165.091460] CPU: 0 UID: 0 PID: 871 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 <4>[ 165.100671] Tainted: [D]=DIE, [W]=WARN <4>[ 165.104712] Hardware name: STM32 (Device Tree Support) <4>[ 165.110061] Call trace: <4>[ 165.110076] unwind_backtrace from show_stack+0x18/0x1c <4>[ 165.118385] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 165.123758] dump_stack_lvl from __warn+0x84/0x134 <4>[ 165.128837] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 165.134218] warn_slowpath_fmt from lkdtm_WARNING_MESSAGE+0x44/0x4c <4>[ 165.140802] lkdtm_WARNING_MESSAGE from lkdtm_do_action+0x24/0x4c <4>[ 165.147175] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 165.152942] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 165.158612] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 165.164089] vfs_write from ksys_write+0x78/0xf8 <4>[ 165.168956] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 165.174418] Exception stack(0xf12f5fa8 to 0xf12f5ff0) <4>[ 165.179777] 5fa0: 00000010 00000010 00000001 b6db8000 00000010 00000001 <4>[ 165.188251] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6db8000 00020000 0047fe38 <4>[ 165.196719] 5fe0: 00000004 bed1d788 b6e7e33b b6df7616 <4>[ 165.202455] ---[ end trace 0000000000000000 ]--- # [ 165.029680] lkdtm: Performing direct entry WARNING_MESSAGE # [ 165.034195] ------------[ cut here ]------------ # [ 165.039566] WARNING: CPU: 0 PID: 871 at drivers/misc/lkdtm/bugs.c:117 lkdtm_WARNING_MESSAGE+0x44/0x4c # [ 165.048718] Warning message trigger count: 2 # [ 165.053154] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 165.091460] CPU: 0 UID: 0 PID: 871 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 # [ 165.100671] Tainted: [D]=DIE, [W]=WARN # [ 165.104712] Hardware name: STM32 (Device Tree Support) # [ 165.110061] Call trace: # [ 165.110076] unwind_backtrace from show_stack+0x18/0x1c # [ 165.118385] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 165.123758] dump_stack_lvl from __warn+0x84/0x134 # [ 165.128837] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 165.134218] warn_slowpath_fmt from lkdtm_WARNING_MESSAGE+0x44/0x4c # [ 165.140802] lkdtm_WARNING_MESSAGE from lkdtm_do_action+0x24/0x4c # [ 165.147175] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 165.152942] direct_entry from full_proxy_write+0x5c/0x8c # [ 165.158612] full_proxy_write from vfs_write+0xbc/0x3cc # [ 165.164089] vfs_write from ksys_write+0x78/0xf8 # [ 165.168956] ksys_write from ret_fast_syscall+0x0/0x1c # [ 165.174418] Exception stack(0xf12f5fa8 to 0xf12f5ff0) # [ 165.179777] 5fa0: 00000010 00000010 00000001 b6db8000 00000010 00000001 # [ 165.188251] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6db8000 00020000 0047fe38 # [ 165.196719] 5fe0: 00000004 bed1d788 b6e7e33b b6df7616 # [ 165.202455] ---[ end trace 0000000000000000 ]--- # WARNING_MESSAGE: saw 'message trigger': ok ok 5 selftests: lkdtm: WARNING_MESSAGE.sh # timeout set to 45 # selftests: lkdtm: EXCEPTION.sh <6>[ 166.298709] lkdtm: Performing direct entry EXCEPTION <1>[ 166.302737] 8<--- cut here --- <1>[ 166.306141] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when write <1>[ 166.315338] [00000000] *pgd=00000000 <0>[ 166.319202] Internal error: Oops: 805 [#2] SMP ARM <4>[ 166.324184] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 166.362317] CPU: 1 UID: 0 PID: 910 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 <4>[ 166.371816] Tainted: [D]=DIE, [W]=WARN <4>[ 166.375759] Hardware name: STM32 (Device Tree Support) <4>[ 166.381209] PC is at lkdtm_EXCEPTION+0xc/0x14 <4>[ 166.385880] LR is at lkdtm_do_action+0x24/0x4c <4>[ 166.390535] pc : [] lr : [] psr: a0080013 <4>[ 166.397091] sp : f1329ec0 ip : 00000000 fp : 004cfe38 <4>[ 166.402640] r10: c5499680 r9 : f1329f80 r8 : c2687fb4 <4>[ 166.408090] r7 : f1329f80 r6 : 00000000 r5 : c548b000 r4 : 0000000a <4>[ 166.414948] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : c2687fb4 <4>[ 166.421807] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 166.429172] Control: 10c5387d Table: c897006a DAC: 00000051 <1>[ 166.435223] Register r0 information: non-slab/vmalloc memory <1>[ 166.441189] Register r1 information: NULL pointer <1>[ 166.446143] Register r2 information: NULL pointer <1>[ 166.451094] Register r3 information: NULL pointer <1>[ 166.456145] Register r4 information: non-paged memory <1>[ 166.461397] Register r5 information: non-slab/vmalloc memory <1>[ 166.467354] Register r6 information: NULL pointer <1>[ 166.472304] Register r7 information: 2-page vmalloc region starting at 0xf1328000 allocated at kernel_clone+0xac/0x388 <1>[ 166.483317] Register r8 information: non-slab/vmalloc memory <1>[ 166.489276] Register r9 information: 2-page vmalloc region starting at 0xf1328000 allocated at kernel_clone+0xac/0x388 <1>[ 166.500281] Register r10 information: slab kmalloc-192 start c5499640 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 166.514244] full_proxy_open+0x124/0x24c <6>[ 166.518695] do_dentry_open+0x144/0x4dc <6>[ 166.523052] vfs_open+0x2c/0xec <6>[ 166.526703] path_openat+0x748/0x1198 <6>[ 166.530854] do_filp_open+0x98/0x134 <6>[ 166.535004] do_sys_openat2+0xbc/0xe4 <6>[ 166.539158] sys_openat+0x98/0xd4 <6>[ 166.543010] ret_fast_syscall+0x0/0x1c <4>[ 166.547362] Free path: <6>[ 166.549995] xdr_free_bvec+0x18/0x24 <6>[ 166.554155] xprt_transmit+0x29c/0x4a0 <6>[ 166.558407] call_transmit+0x80/0x8c <6>[ 166.562566] __rpc_execute+0xc8/0x5d0 <6>[ 166.566729] rpc_async_schedule+0x24/0x40 <6>[ 166.571287] process_one_work+0x1b8/0x450 <6>[ 166.575845] worker_thread+0x1d4/0x3c4 <6>[ 166.580100] kthread+0xe8/0x104 <6>[ 166.583749] ret_from_fork+0x14/0x28 <1>[ 166.587898] Register r11 information: non-paged memory <1>[ 166.593256] Register r12 information: NULL pointer <0>[ 166.598308] Process cat (pid: 910, stack limit = 0xf1328000) <0>[ 166.604265] Stack: (0xf1329ec0 to 0xf132a000) <0>[ 166.608923] 9ec0: 0000000a c0df8b7c c0df8a60 c8625340 b6da8000 0000000a c3a41d50 c0892960 <0>[ 166.617398] 9ee0: c8625340 c0892904 f1329f80 b6da8000 c89e9440 0000000a c5499680 c0629858 <0>[ 166.625873] 9f00: c8972db0 00000000 00000000 00000000 00000000 0000000a b6da8000 0001fff6 <0>[ 166.634354] 9f20: 00000001 00000000 c8625f40 00000000 00000000 00000000 00000000 00000000 <0>[ 166.642838] 9f40: 00000000 00000000 00000000 00000000 00000022 241c2c26 00000000 c8625340 <0>[ 166.651325] 9f60: c8625340 00000000 00000000 c03002f0 c89e9440 00000004 004cfe38 c0629db4 <0>[ 166.659807] 9f80: 00000000 00000000 00000000 241c2c26 000000c0 0000000a 0000000a 7ff00000 <0>[ 166.668287] 9fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6da8000 0000000a 00000001 <0>[ 166.676763] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6da8000 00020000 004cfe38 <0>[ 166.685237] 9fe0: 00000004 beb15788 b6e6e33b b6de7616 60080030 00000001 00000000 00000000 <0>[ 166.693701] Call trace: <0>[ 166.693716] lkdtm_EXCEPTION from lkdtm_do_action+0x24/0x4c <0>[ 166.702323] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 166.708100] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 166.713774] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 166.719254] vfs_write from ksys_write+0x78/0xf8 <0>[ 166.724125] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 166.729594] Exception stack(0xf1329fa8 to 0xf1329ff0) <0>[ 166.734952] 9fa0: 0000000a 0000000a 00000001 b6da8000 0000000a 00000001 <0>[ 166.743425] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6da8000 00020000 004cfe38 <0>[ 166.751895] 9fe0: 00000004 beb15788 b6e6e33b b6de7616 <0>[ 166.757254] Code: eb23b8b4 e52de004 e28dd004 e3a03000 (e5833000) <4>[ 166.763882] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 166.298709] lkdtm: Performing direct entry EXCEPTION # [ 166.302737] 8<--- cut here --- # [ 166.306141] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when write # [ 166.315338] [00000000] *pgd=00000000 # [ 166.319202] Internal error: Oops: 805 [#2] SMP ARM # [ 166.324184] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 166.362317] CPU: 1 UID: 0 PID: 910 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 # [ 166.371816] Tainted: [D]=DIE, [W]=WARN # [ 166.375759] Hardware name: STM32 (Device Tree Support) # [ 166.381209] PC is at lkdtm_EXCEPTION+0xc/0x14 # [ 166.385880] LR is at lkdtm_do_action+0x24/0x4c # [ 166.390535] pc : [] lr : [] psr: a0080013 # [ 166.397091] sp : f1329ec0 ip : 00000000 fp : 004cfe38 # [ 166.402640] r10: c5499680 r9 : f1329f80 r8 : c2687fb4 # [ 166.408090] r7 : f1329f80 r6 : 00000000 r5 : c548b000 r4 : 0000000a # [ 166.414948] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : c2687fb4 # [ 166.421807] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 166.429172] Control: 10c5387d Table: c897006a DAC: 00000051 # [ 166.435223] Register r0 information: non-slab/vmalloc memory # [ 166.441189] Register r1 information: NULL pointer # [ 166.446143] Register r2 information: NULL pointer # [ 166.451094] Register r3 information: NULL pointer # [ 166.456145] Register r4 information: non-paged memory # [ 166.461397] Register r5 information: non-slab/vmalloc memory # [ 166.467354] Register r6 information: NULL pointer # [ 166.472304] Register r7 information: 2-page vmalloc region starting at 0xf1328000 allocated at kernel_clone+0xac/0x388 # [ 166.483317] Register r8 information: non-slab/vmalloc memory # [ 166.489276] Register r9 information: 2-page vmalloc region starting at 0xf1328000 allocated at kernel_clone+0xac/0x388 # [ 166.500281] Register r10 information: slab kmalloc-192 start c5499640 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 166.514244] full_proxy_open+0x124/0x24c # [ 166.518695] do_dentry_open+0x144/0x4dc # [ 166.523052] vfs_open+0x2c/0xec # [ 166.526703] path_openat+0x748/0x1198 # [ 166.530854] do_filp_open+0x98/0x134 # [ 166.535004] do_sys_openat2+0xbc/0xe4 # [ 166.539158] sys_openat+0x98/0xd4 # [ 166.543010] ret_fast_syscall+0x0/0x1c # [ 166.547362] Free path: # [ 166.549995] xdr_free_bvec+0x18/0x24 # [ 166.554155] xprt_transmit+0x29c/0x4a0 # [ 166.558407] call_transmit+0x80/0x8c # [ 166.562566] __rpc_execute+0xc8/0x5d0 # [ 166.566729] rpc_async_schedule+0x24/0x40 # [ 166.571287] process_one_work+0x1b8/0x450 # [ 166.575845] worker_thread+0x1d4/0x3c4 # [ 166.580100] kthread+0xe8/0x104 # [ 166.583749] ret_from_fork+0x14/0x28 # [ 166.587898] Register r11 information: non-paged memory # [ 166.593256] Register r12 information: NULL pointer # [ 166.598308] Process cat (pid: 910, stack limit = 0xf1328000) # [ 166.604265] Stack: (0xf1329ec0 to 0xf132a000) # [ 166.608923] 9ec0: 0000000a c0df8b7c c0df8a60 c8625340 b6da8000 0000000a c3a41d50 c0892960 # [ 166.617398] 9ee0: c8625340 c0892904 f1329f80 b6da8000 c89e9440 0000000a c5499680 c0629858 # [ 166.625873] 9f00: c8972db0 00000000 00000000 00000000 00000000 0000000a b6da8000 0001fff6 # [ 166.634354] 9f20: 00000001 00000000 c8625f40 00000000 00000000 00000000 00000000 00000000 # [ 166.642838] 9f40: 00000000 00000000 00000000 00000000 00000022 241c2c26 00000000 c8625340 # [ 166.651325] 9f60: c8625340 00000000 00000000 c03002f0 c89e9440 00000004 004cfe38 c0629db4 # [ 166.659807] 9f80: 00000000 00000000 00000000 241c2c26 000000c0 0000000a 0000000a 7ff00000 # [ 166.668287] 9fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6da8000 0000000a 00000001 # [ 166.676763] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6da8000 00020000 004cfe38 # [ 166.685237] 9fe0: 00000004 beb15788 b6e6e33b b6de7616 60080030 00000001 00000000 00000000 # [ 166.693701] Call trace: # [ 166.693716] lkdtm_EXCEPTION from lkdtm_do_action+0x24/0x4c # [ 166.702323] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 166.708100] direct_entry from full_proxy_write+0x5c/0x8c # [ 166.713774] full_proxy_write from vfs_write+0xbc/0x3cc # [ 166.719254] vfs_write from ksys_write+0x78/0xf8 # [ 166.724125] ksys_write from ret_fast_syscall+0x0/0x1c # [ 166.729594] Exception stack(0xf1329fa8 to 0xf1329ff0) # [ 166.734952] 9fa0: 0000000a 0000000a 00000001 b6da8000 0000000a 00000001 # [ 166.743425] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6da8000 00020000 004cfe38 # [ 166.751895] 9fe0: 00000004 beb15788 b6e6e33b b6de7616 # [ 166.757254] Code: eb23b8b4 e52de004 e28dd004 e3a03000 (e5833000) # [ 166.763882] ---[ end trace 0000000000000000 ]--- # EXCEPTION: saw 'call trace:': ok ok 6 selftests: lkdtm: EXCEPTION.sh # timeout set to 45 # selftests: lkdtm: LOOP.sh # Skipping LOOP: Hangs the system ok 7 selftests: lkdtm: LOOP.sh # SKIP # timeout set to 45 # selftests: lkdtm: EXHAUST_STACK.sh # Skipping EXHAUST_STACK: Corrupts memory on failure ok 8 selftests: lkdtm: EXHAUST_STACK.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_STACK.sh # Skipping CORRUPT_STACK: Crashes entire system on success ok 9 selftests: lkdtm: CORRUPT_STACK.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_STACK_STRONG.sh # Skipping CORRUPT_STACK_STRONG: Crashes entire system on success ok 10 selftests: lkdtm: CORRUPT_STACK_STRONG.sh # SKIP # timeout set to 45 # selftests: lkdtm: ARRAY_BOUNDS.sh <6>[ 177.393718] lkdtm: Performing direct entry ARRAY_BOUNDS <6>[ 177.397995] lkdtm: Array access within bounds ... <6>[ 177.403494] lkdtm: Array access beyond bounds ... <4>[ 177.408116] ------------[ cut here ]------------ <3>[ 177.412756] UBSAN: array-index-out-of-bounds in ../drivers/misc/lkdtm/bugs.c:406:16 <3>[ 177.420738] index 8 is out of range for type 'char [8]' <4>[ 177.426306] CPU: 0 UID: 0 PID: 1135 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 <4>[ 177.435813] Tainted: [D]=DIE, [W]=WARN <4>[ 177.439758] Hardware name: STM32 (Device Tree Support) <4>[ 177.445207] Call trace: <4>[ 177.445223] unwind_backtrace from show_stack+0x18/0x1c <4>[ 177.453532] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 177.458806] dump_stack_lvl from ubsan_epilogue+0x8/0x34 <4>[ 177.464478] ubsan_epilogue from __ubsan_handle_out_of_bounds+0x88/0x8c <4>[ 177.471354] __ubsan_handle_out_of_bounds from lkdtm_ARRAY_BOUNDS+0x13c/0x198 <4>[ 177.478737] lkdtm_ARRAY_BOUNDS from lkdtm_do_action+0x24/0x4c <4>[ 177.484909] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 177.490678] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 177.496348] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 177.501824] vfs_write from ksys_write+0x78/0xf8 <4>[ 177.506692] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 177.512155] Exception stack(0xf1495fa8 to 0xf1495ff0) <4>[ 177.517513] 5fa0: 0000000d 0000000d 00000001 b6d88000 0000000d 00000001 <4>[ 177.525986] 5fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d88000 00020000 004cfe38 <4>[ 177.534455] 5fe0: 00000004 bea07788 b6e4e33b b6dc7616 <4>[ 177.540131] ---[ end trace ]--- <3>[ 177.543350] lkdtm: FAIL: survived array bounds overflow! <4>[ 177.548922] lkdtm: This is probably expected, since this kernel (6.12.0-rc2-next-20241011 armv7l) was built *without* CONFIG_UBSAN_TRAP=y # [ 177.393718] lkdtm: Performing direct entry ARRAY_BOUNDS # [ 177.397995] lkdtm: Array access within bounds ... # [ 177.403494] lkdtm: Array access beyond bounds ... # [ 177.408116] ------------[ cut here ]------------ # [ 177.412756] UBSAN: array-index-out-of-bounds in ../drivers/misc/lkdtm/bugs.c:406:16 # [ 177.420738] index 8 is out of range for type 'char [8]' # [ 177.426306] CPU: 0 UID: 0 PID: 1135 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 # [ 177.435813] Tainted: [D]=DIE, [W]=WARN # [ 177.439758] Hardware name: STM32 (Device Tree Support) # [ 177.445207] Call trace: # [ 177.445223] unwind_backtrace from show_stack+0x18/0x1c # [ 177.453532] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 177.458806] dump_stack_lvl from ubsan_epilogue+0x8/0x34 # [ 177.464478] ubsan_epilogue from __ubsan_handle_out_of_bounds+0x88/0x8c # [ 177.471354] __ubsan_handle_out_of_bounds from lkdtm_ARRAY_BOUNDS+0x13c/0x198 # [ 177.478737] lkdtm_ARRAY_BOUNDS from lkdtm_do_action+0x24/0x4c # [ 177.484909] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 177.490678] direct_entry from full_proxy_write+0x5c/0x8c # [ 177.496348] full_proxy_write from vfs_write+0xbc/0x3cc # [ 177.501824] vfs_write from ksys_write+0x78/0xf8 # [ 177.506692] ksys_write from ret_fast_syscall+0x0/0x1c # [ 177.512155] Exception stack(0xf1495fa8 to 0xf1495ff0) # [ 177.517513] 5fa0: 0000000d 0000000d 00000001 b6d88000 0000000d 00000001 # [ 177.525986] 5fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d88000 00020000 004cfe38 # [ 177.534455] 5fe0: 00000004 bea07788 b6e4e33b b6dc7616 # [ 177.540131] ---[ end trace ]--- # [ 177.543350] lkdtm: FAIL: survived array bounds overflow! # [ 177.548922] lkdtm: This is probably expected, since this kernel (6.12.0-rc2-next-20241011 armv7l) was built *without* CONFIG_UBSAN_TRAP=y # ARRAY_BOUNDS: saw 'call trace:|UBSAN: array-index-out-of-bounds': ok ok 11 selftests: lkdtm: ARRAY_BOUNDS.sh # timeout set to 45 # selftests: lkdtm: CORRUPT_LIST_ADD.sh <6>[ 179.046266] lkdtm: Performing direct entry CORRUPT_LIST_ADD <6>[ 179.050858] lkdtm: attempting good list addition <6>[ 179.055693] lkdtm: attempting corrupted list addition <4>[ 179.061077] ------------[ cut here ]------------ <4>[ 179.065936] WARNING: CPU: 0 PID: 1179 at lib/list_debug.c:29 __list_add_valid_or_report+0xb0/0x104 <4>[ 179.075226] list_add corruption. next->prev should be prev (f14e5e80), but was 00000000. (next=f14e5e9c). <4>[ 179.085282] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 179.123421] CPU: 0 UID: 0 PID: 1179 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 <4>[ 179.132734] Tainted: [D]=DIE, [W]=WARN <4>[ 179.136680] Hardware name: STM32 (Device Tree Support) <4>[ 179.142130] Call trace: <4>[ 179.142146] unwind_backtrace from show_stack+0x18/0x1c <4>[ 179.150456] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 179.155730] dump_stack_lvl from __warn+0x84/0x134 <4>[ 179.160810] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 179.166291] warn_slowpath_fmt from __list_add_valid_or_report+0xb0/0x104 <4>[ 179.173384] __list_add_valid_or_report from lkdtm_CORRUPT_LIST_ADD+0xa0/0x124 <4>[ 179.180878] lkdtm_CORRUPT_LIST_ADD from lkdtm_do_action+0x24/0x4c <4>[ 179.187362] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 179.193030] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 179.198801] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 179.204279] vfs_write from ksys_write+0x78/0xf8 <4>[ 179.209149] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 179.214613] Exception stack(0xf14e5fa8 to 0xf14e5ff0) <4>[ 179.219871] 5fa0: 00000011 00000011 00000001 b6e44000 00000011 00000001 <4>[ 179.228344] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e44000 00020000 0050fe38 <4>[ 179.236814] 5fe0: 00000004 be8b7788 b6f0a33b b6e83616 <4>[ 179.242633] ---[ end trace 0000000000000000 ]--- <3>[ 179.247199] lkdtm: Overwrite did not happen, but no BUG?! # [ 179.046266] lkdtm: Performing direct entry CORRUPT_LIST_ADD # [ 179.050858] lkdtm: attempting good list addition # [ 179.055693] lkdtm: attempting corrupted list addition # [ 179.061077] ------------[ cut here ]------------ # [ 179.065936] WARNING: CPU: 0 PID: 1179 at lib/list_debug.c:29 __list_add_valid_or_report+0xb0/0x104 # [ 179.075226] list_add corruption. next->prev should be prev (f14e5e80), but was 00000000. (next=f14e5e9c). # [ 179.085282] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 179.123421] CPU: 0 UID: 0 PID: 1179 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 # [ 179.132734] Tainted: [D]=DIE, [W]=WARN # [ 179.136680] Hardware name: STM32 (Device Tree Support) # [ 179.142130] Call trace: # [ 179.142146] unwind_backtrace from show_stack+0x18/0x1c # [ 179.150456] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 179.155730] dump_stack_lvl from __warn+0x84/0x134 # [ 179.160810] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 179.166291] warn_slowpath_fmt from __list_add_valid_or_report+0xb0/0x104 # [ 179.173384] __list_add_valid_or_report from lkdtm_CORRUPT_LIST_ADD+0xa0/0x124 # [ 179.180878] lkdtm_CORRUPT_LIST_ADD from lkdtm_do_action+0x24/0x4c # [ 179.187362] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 179.193030] direct_entry from full_proxy_write+0x5c/0x8c # [ 179.198801] full_proxy_write from vfs_write+0xbc/0x3cc # [ 179.204279] vfs_write from ksys_write+0x78/0xf8 # [ 179.209149] ksys_write from ret_fast_syscall+0x0/0x1c # [ 179.214613] Exception stack(0xf14e5fa8 to 0xf14e5ff0) # [ 179.219871] 5fa0: 00000011 00000011 00000001 b6e44000 00000011 00000001 # [ 179.228344] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e44000 00020000 0050fe38 # [ 179.236814] 5fe0: 00000004 be8b7788 b6f0a33b b6e83616 # [ 179.242633] ---[ end trace 0000000000000000 ]--- # [ 179.247199] lkdtm: Overwrite did not happen, but no BUG?! # CORRUPT_LIST_ADD: saw 'list_add corruption': ok ok 12 selftests: lkdtm: CORRUPT_LIST_ADD.sh # timeout set to 45 # selftests: lkdtm: CORRUPT_LIST_DEL.sh <6>[ 180.481187] lkdtm: Performing direct entry CORRUPT_LIST_DEL <6>[ 180.485780] lkdtm: attempting good list removal <6>[ 180.491105] lkdtm: attempting corrupted list removal <4>[ 180.495788] ------------[ cut here ]------------ <4>[ 180.500746] WARNING: CPU: 1 PID: 1223 at lib/list_debug.c:65 __list_del_entry_valid_or_report+0x140/0x144 <4>[ 180.510544] list_del corruption. next->prev should be f1529ea0, but was 00000000. (next=f1529eac) <4>[ 180.519908] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 180.557962] CPU: 1 UID: 0 PID: 1223 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 <4>[ 180.567375] Tainted: [D]=DIE, [W]=WARN <4>[ 180.571419] Hardware name: STM32 (Device Tree Support) <4>[ 180.576769] Call trace: <4>[ 180.576784] unwind_backtrace from show_stack+0x18/0x1c <4>[ 180.585093] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 180.590468] dump_stack_lvl from __warn+0x84/0x134 <4>[ 180.595547] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 180.600927] warn_slowpath_fmt from __list_del_entry_valid_or_report+0x140/0x144 <4>[ 180.608627] __list_del_entry_valid_or_report from lkdtm_CORRUPT_LIST_DEL+0xd4/0x160 <4>[ 180.616620] lkdtm_CORRUPT_LIST_DEL from lkdtm_do_action+0x24/0x4c <4>[ 180.623094] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 180.628865] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 180.634544] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 180.640026] vfs_write from ksys_write+0x78/0xf8 <4>[ 180.644996] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 180.650359] Exception stack(0xf1529fa8 to 0xf1529ff0) <4>[ 180.655719] 9fa0: 00000011 00000011 00000001 b6e68000 00000011 00000001 <4>[ 180.664193] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e68000 00020000 0046fe38 <4>[ 180.672663] 9fe0: 00000004 bea89788 b6f2e33b b6ea7616 <4>[ 180.678130] ---[ end trace 0000000000000000 ]--- <3>[ 180.682977] lkdtm: Overwrite did not happen, but no BUG?! # [ 180.481187] lkdtm: Performing direct entry CORRUPT_LIST_DEL # [ 180.485780] lkdtm: attempting good list removal # [ 180.491105] lkdtm: attempting corrupted list removal # [ 180.495788] ------------[ cut here ]------------ # [ 180.500746] WARNING: CPU: 1 PID: 1223 at lib/list_debug.c:65 __list_del_entry_valid_or_report+0x140/0x144 # [ 180.510544] list_del corruption. next->prev should be f1529ea0, but was 00000000. (next=f1529eac) # [ 180.519908] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 180.557962] CPU: 1 UID: 0 PID: 1223 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 # [ 180.567375] Tainted: [D]=DIE, [W]=WARN # [ 180.571419] Hardware name: STM32 (Device Tree Support) # [ 180.576769] Call trace: # [ 180.576784] unwind_backtrace from show_stack+0x18/0x1c # [ 180.585093] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 180.590468] dump_stack_lvl from __warn+0x84/0x134 # [ 180.595547] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 180.600927] warn_slowpath_fmt from __list_del_entry_valid_or_report+0x140/0x144 # [ 180.608627] __list_del_entry_valid_or_report from lkdtm_CORRUPT_LIST_DEL+0xd4/0x160 # [ 180.616620] lkdtm_CORRUPT_LIST_DEL from lkdtm_do_action+0x24/0x4c # [ 180.623094] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 180.628865] direct_entry from full_proxy_write+0x5c/0x8c # [ 180.634544] full_proxy_write from vfs_write+0xbc/0x3cc # [ 180.640026] vfs_write from ksys_write+0x78/0xf8 # [ 180.644996] ksys_write from ret_fast_syscall+0x0/0x1c # [ 180.650359] Exception stack(0xf1529fa8 to 0xf1529ff0) # [ 180.655719] 9fa0: 00000011 00000011 00000001 b6e68000 00000011 00000001 # [ 180.664193] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e68000 00020000 0046fe38 # [ 180.672663] 9fe0: 00000004 bea89788 b6f2e33b b6ea7616 # [ 180.678130] ---[ end trace 0000000000000000 ]--- # [ 180.682977] lkdtm: Overwrite did not happen, but no BUG?! # CORRUPT_LIST_DEL: saw 'list_del corruption': ok ok 13 selftests: lkdtm: CORRUPT_LIST_DEL.sh # timeout set to 45 # selftests: lkdtm: STACK_GUARD_PAGE_LEADING.sh <6>[ 181.817153] lkdtm: Performing direct entry STACK_GUARD_PAGE_LEADING <6>[ 181.822444] lkdtm: attempting bad read from page below current stack <1>[ 181.829137] 8<--- cut here --- <1>[ 181.832363] Unable to handle kernel paging request at virtual address f1553fff when read <1>[ 181.844899] [f1553fff] *pgd=c5506811, *pte=00000000, *ppte=00000000 <0>[ 181.852136] Internal error: Oops: 7 [#3] SMP ARM <4>[ 181.855617] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 181.893731] CPU: 0 UID: 0 PID: 1262 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 <4>[ 181.903333] Tainted: [D]=DIE, [W]=WARN <4>[ 181.907373] Hardware name: STM32 (Device Tree Support) <4>[ 181.912820] PC is at lkdtm_STACK_GUARD_PAGE_LEADING+0x34/0x4c <4>[ 181.918803] LR is at lkdtm_STACK_GUARD_PAGE_LEADING+0x2c/0x4c <4>[ 181.924871] pc : [] lr : [] psr: 60080013 <4>[ 181.931426] sp : f1555eb0 ip : 00000000 fp : 0042fe38 <4>[ 181.936875] r10: c84cd180 r9 : f1555f80 r8 : c268804c <4>[ 181.942425] r7 : f1555f80 r6 : 00000000 r5 : c5634000 r4 : f1554000 <4>[ 181.949183] r3 : c8b48a40 r2 : 00000000 r1 : 00000000 r0 : c1f9dd54 <4>[ 181.956042] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 181.963507] Control: 10c5387d Table: c898c06a DAC: 00000051 <1>[ 181.969457] Register r0 information: non-slab/vmalloc memory <1>[ 181.975422] Register r1 information: NULL pointer <1>[ 181.980476] Register r2 information: NULL pointer <1>[ 181.985426] Register r3 information: slab task_struct start c8b48a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 181.999097] copy_process+0x1f4/0x1f78 <6>[ 182.003454] kernel_clone+0xac/0x388 <6>[ 182.007510] sys_clone+0x78/0x9c <6>[ 182.011262] ret_fast_syscall+0x0/0x1c <4>[ 182.015514] Free path: <6>[ 182.018245] rcu_core+0x2dc/0xb14 <6>[ 182.022097] handle_softirqs+0x15c/0x430 <6>[ 182.026555] irq_exit+0xac/0xd4 <6>[ 182.030205] call_with_stack+0x18/0x20 <6>[ 182.034565] __irq_svc+0x9c/0xb8 <6>[ 182.038312] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 182.043574] ___slab_alloc+0x778/0xd7c <6>[ 182.047934] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 182.052996] getname_flags.part.0+0x28/0x18c <6>[ 182.057851] sys_statx+0x5c/0xf4 <6>[ 182.061604] ret_fast_syscall+0x0/0x1c <1>[ 182.065853] Register r4 information: 2-page vmalloc region starting at 0xf1554000 allocated at kernel_clone+0xac/0x388 <1>[ 182.076863] Register r5 information: non-slab/vmalloc memory <1>[ 182.082824] Register r6 information: NULL pointer <1>[ 182.087775] Register r7 information: 2-page vmalloc region starting at 0xf1554000 allocated at kernel_clone+0xac/0x388 <1>[ 182.098780] Register r8 information: non-slab/vmalloc memory <1>[ 182.104742] Register r9 information: 2-page vmalloc region starting at 0xf1554000 allocated at kernel_clone+0xac/0x388 <1>[ 182.115750] Register r10 information: slab kmalloc-192 start c84cd140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 182.129709] full_proxy_open+0x124/0x24c <6>[ 182.134160] do_dentry_open+0x144/0x4dc <6>[ 182.138517] vfs_open+0x2c/0xec <6>[ 182.142168] path_openat+0x748/0x1198 <6>[ 182.146319] do_filp_open+0x98/0x134 <6>[ 182.150470] do_sys_openat2+0xbc/0xe4 <6>[ 182.154623] sys_openat+0x98/0xd4 <6>[ 182.158475] ret_fast_syscall+0x0/0x1c <4>[ 182.162824] Free path: <6>[ 182.165453] xdr_free_bvec+0x18/0x24 <6>[ 182.169611] xprt_transmit+0x29c/0x4a0 <6>[ 182.173861] call_transmit+0x80/0x8c <6>[ 182.178016] __rpc_execute+0xc8/0x5d0 <6>[ 182.182172] rpc_async_schedule+0x24/0x40 <6>[ 182.186728] process_one_work+0x1b8/0x450 <6>[ 182.191283] worker_thread+0x1d4/0x3c4 <6>[ 182.195535] kthread+0xe8/0x104 <6>[ 182.199183] ret_from_fork+0x14/0x28 <1>[ 182.203330] Register r11 information: non-paged memory <1>[ 182.208785] Register r12 information: NULL pointer <0>[ 182.213837] Process cat (pid: 1262, stack limit = 0xf1554000) <0>[ 182.219794] Stack: (0xf1555eb0 to 0xf1556000) <0>[ 182.224447] 5ea0: f1555f80 00df8b74 00000019 c0df8798 <0>[ 182.232921] 5ec0: 00000019 c0df8b7c c0df8a60 c560c640 b6de8000 00000019 c3a41d50 c0892960 <0>[ 182.241396] 5ee0: c560c640 c0892904 f1555f80 b6de8000 c8b48a40 00000019 c84cd180 c0629858 <0>[ 182.249869] 5f00: c898edb0 00000000 00000000 00000000 00000000 00000019 b6de8000 0001ffe7 <0>[ 182.258341] 5f20: 00000001 00000000 c560cc40 00000000 00000000 00000000 00000000 00000000 <0>[ 182.266813] 5f40: 00000000 00000000 00000000 00000000 00000022 a88ff195 00000000 c560c640 <0>[ 182.275286] 5f60: c560c640 00000000 00000000 c03002f0 c8b48a40 00000004 0042fe38 c0629db4 <0>[ 182.283760] 5f80: 00000000 00000000 00000000 a88ff195 000000c0 00000019 00000019 7ff00000 <0>[ 182.292233] 5fa0: 00000004 c03000c0 00000019 00000019 00000001 b6de8000 00000019 00000001 <0>[ 182.300806] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6de8000 00020000 0042fe38 <0>[ 182.309279] 5fe0: 00000004 bebea788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 <0>[ 182.317743] Call trace: <0>[ 182.317760] lkdtm_STACK_GUARD_PAGE_LEADING from lkdtm_do_action+0x24/0x4c <0>[ 182.327677] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 182.333449] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 182.339119] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 182.344597] vfs_write from ksys_write+0x78/0xf8 <0>[ 182.349465] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 182.354928] Exception stack(0xf1555fa8 to 0xf1555ff0) <0>[ 182.360285] 5fa0: 00000019 00000019 00000001 b6de8000 00000019 00000001 <0>[ 182.368758] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6de8000 00020000 0042fe38 <0>[ 182.377227] 5fe0: 00000004 bebea788 b6eae33b b6e27616 <0>[ 182.382585] Code: e5934208 ebffc4ca e30d0d54 e34c01f9 (e5543001) <4>[ 182.393380] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 181.817153] lkdtm: Performing direct entry STACK_GUARD_PAGE_LEADING # [ 181.822444] lkdtm: attempting bad read from page below current stack # [ 181.829137] 8<--- cut here --- # [ 181.832363] Unable to handle kernel paging request at virtual address f1553fff when read # [ 181.844899] [f1553fff] *pgd=c5506811, *pte=00000000, *ppte=00000000 # [ 181.852136] Internal error: Oops: 7 [#3] SMP ARM # [ 181.855617] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 181.893731] CPU: 0 UID: 0 PID: 1262 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 # [ 181.903333] Tainted: [D]=DIE, [W]=WARN # [ 181.907373] Hardware name: STM32 (Device Tree Support) # [ 181.912820] PC is at lkdtm_STACK_GUARD_PAGE_LEADING+0x34/0x4c # [ 181.918803] LR is at lkdtm_STACK_GUARD_PAGE_LEADING+0x2c/0x4c # [ 181.924871] pc : [] lr : [] psr: 60080013 # [ 181.931426] sp : f1555eb0 ip : 00000000 fp : 0042fe38 # [ 181.936875] r10: c84cd180 r9 : f1555f80 r8 : c268804c # [ 181.942425] r7 : f1555f80 r6 : 00000000 r5 : c5634000 r4 : f1554000 # [ 181.949183] r3 : c8b48a40 r2 : 00000000 r1 : 00000000 r0 : c1f9dd54 # [ 181.956042] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 181.963507] Control: 10c5387d Table: c898c06a DAC: 00000051 # [ 181.969457] Register r0 information: non-slab/vmalloc memory # [ 181.975422] Register r1 information: NULL pointer # [ 181.980476] Register r2 information: NULL pointer # [ 181.985426] Register r3 information: slab task_struct start c8b48a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 181.999097] copy_process+0x1f4/0x1f78 # [ 182.003454] kernel_clone+0xac/0x388 # [ 182.007510] sys_clone+0x78/0x9c # [ 182.011262] ret_fast_syscall+0x0/0x1c # [ 182.015514] Free path: # [ 182.018245] rcu_core+0x2dc/0xb14 # [ 182.022097] handle_softirqs+0x15c/0x430 # [ 182.026555] irq_exit+0xac/0xd4 # [ 182.030205] call_with_stack+0x18/0x20 # [ 182.034565] __irq_svc+0x9c/0xb8 # [ 182.038312] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 182.043574] ___slab_alloc+0x778/0xd7c # [ 182.047934] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 182.052996] getname_flags.part.0+0x28/0x18c # [ 182.057851] sys_statx+0x5c/0xf4 # [ 182.061604] ret_fast_syscall+0x0/0x1c # [ 182.065853] Register r4 information: 2-page vmalloc region starting at 0xf1554000 allocated at kernel_clone+0xac/0x388 # [ 182.076863] Register r5 information: non-slab/vmalloc memory # [ 182.082824] Register r6 information: NULL pointer # [ 182.087775] Register r7 information: 2-page vmalloc region starting at 0xf1554000 allocated at kernel_clone+0xac/0x388 # [ 182.098780] Register r8 information: non-slab/vmalloc memory # [ 182.104742] Register r9 information: 2-page vmalloc region starting at 0xf1554000 allocated at kernel_clone+0xac/0x388 # [ 182.115750] Register r10 information: slab kmalloc-192 start c84cd140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 182.129709] full_proxy_open+0x124/0x24c # [ 182.134160] do_dentry_open+0x144/0x4dc # [ 182.138517] vfs_open+0x2c/0xec # [ 182.142168] path_openat+0x748/0x1198 # [ 182.146319] do_filp_open+0x98/0x134 # [ 182.150470] do_sys_openat2+0xbc/0xe4 # [ 182.154623] sys_openat+0x98/0xd4 # [ 182.158475] ret_fast_syscall+0x0/0x1c # [ 182.162824] Free path: # [ 182.165453] xdr_free_bvec+0x18/0x24 # [ 182.169611] xprt_transmit+0x29c/0x4a0 # [ 182.173861] call_transmit+0x80/0x8c # [ 182.178016] __rpc_execute+0xc8/0x5d0 # [ 182.182172] rpc_async_schedule+0x24/0x40 # [ 182.186728] process_one_work+0x1b8/0x450 # [ 182.191283] worker_thread+0x1d4/0x3c4 # [ 182.195535] kthread+0xe8/0x104 # [ 182.199183] ret_from_fork+0x14/0x28 # [ 182.203330] Register r11 information: non-paged memory # [ 182.208785] Register r12 information: NULL pointer # [ 182.213837] Process cat (pid: 1262, stack limit = 0xf1554000) # [ 182.219794] Stack: (0xf1555eb0 to 0xf1556000) # [ 182.224447] 5ea0: f1555f80 00df8b74 00000019 c0df8798 # [ 182.232921] 5ec0: 00000019 c0df8b7c c0df8a60 c560c640 b6de8000 00000019 c3a41d50 c0892960 # [ 182.241396] 5ee0: c560c640 c0892904 f1555f80 b6de8000 c8b48a40 00000019 c84cd180 c0629858 # [ 182.249869] 5f00: c898edb0 00000000 00000000 00000000 00000000 00000019 b6de8000 0001ffe7 # [ 182.258341] 5f20: 00000001 00000000 c560cc40 00000000 00000000 00000000 00000000 00000000 # [ 182.266813] 5f40: 00000000 00000000 00000000 00000000 00000022 a88ff195 00000000 c560c640 # [ 182.275286] 5f60: c560c640 00000000 00000000 c03002f0 c8b48a40 00000004 0042fe38 c0629db4 # [ 182.283760] 5f80: 00000000 00000000 00000000 a88ff195 000000c0 00000019 00000019 7ff00000 # [ 182.292233] 5fa0: 00000004 c03000c0 00000019 00000019 00000001 b6de8000 00000019 00000001 # [ 182.300806] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6de8000 00020000 0042fe38 # [ 182.309279] 5fe0: 00000004 bebea788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 # [ 182.317743] Call trace: # [ 182.317760] lkdtm_STACK_GUARD_PAGE_LEADING from lkdtm_do_action+0x24/0x4c # [ 182.327677] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 182.333449] direct_entry from full_proxy_write+0x5c/0x8c # [ 182.339119] full_proxy_write from vfs_write+0xbc/0x3cc # [ 182.344597] vfs_write from ksys_write+0x78/0xf8 # [ 182.349465] ksys_write from ret_fast_syscall+0x0/0x1c # [ 182.354928] Exception stack(0xf1555fa8 to 0xf1555ff0) # [ 182.360285] 5fa0: 00000019 00000019 00000001 b6de8000 00000019 00000001 # [ 182.368758] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6de8000 00020000 0042fe38 # [ 182.377227] 5fe0: 00000004 bebea788 b6eae33b b6e27616 # [ 182.382585] Code: e5934208 ebffc4ca e30d0d54 e34c01f9 (e5543001) # [ 182.393380] ---[ end trace 0000000000000000 ]--- # STACK_GUARD_PAGE_LEADING: saw 'call trace:': ok ok 14 selftests: lkdtm: STACK_GUARD_PAGE_LEADING.sh # timeout set to 45 # selftests: lkdtm: STACK_GUARD_PAGE_TRAILING.sh <6>[ 183.899599] lkdtm: Performing direct entry STACK_GUARD_PAGE_TRAILING <6>[ 183.905017] lkdtm: attempting bad read from page above current stack <1>[ 183.911653] 8<--- cut here --- <1>[ 183.915349] Unable to handle kernel paging request at virtual address f15e2000 when read <1>[ 183.926130] [f15e2000] *pgd=c5506811, *pte=00000000, *ppte=00000000 <0>[ 183.935317] Internal error: Oops: 7 [#4] SMP ARM <4>[ 183.938802] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 183.976915] CPU: 0 UID: 0 PID: 1344 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 <4>[ 183.986612] Tainted: [D]=DIE, [W]=WARN <4>[ 183.990553] Hardware name: STM32 (Device Tree Support) <4>[ 183.996001] PC is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x38/0x50 <4>[ 184.002084] LR is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x2c/0x50 <4>[ 184.008252] pc : [] lr : [] psr: 60080013 <4>[ 184.014808] sp : f15e1eb0 ip : 00000000 fp : 004afe38 <4>[ 184.020257] r10: c84cd180 r9 : f15e1f80 r8 : c2688054 <4>[ 184.025807] r7 : f15e1f80 r6 : 00000000 r5 : c52aa000 r4 : f15e2000 <4>[ 184.032666] r3 : c83f0a40 r2 : 00000000 r1 : 00000000 r0 : c1f9dce0 <4>[ 184.039425] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 184.046890] Control: 10c5387d Table: c871006a DAC: 00000051 <1>[ 184.052941] Register r0 information: non-slab/vmalloc memory <1>[ 184.058807] Register r1 information: NULL pointer <1>[ 184.063861] Register r2 information: NULL pointer <1>[ 184.068812] Register r3 information: slab task_struct start c83f0a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 184.082583] copy_process+0x1f4/0x1f78 <6>[ 184.086840] kernel_clone+0xac/0x388 <6>[ 184.090895] sys_clone+0x78/0x9c <6>[ 184.094648] ret_fast_syscall+0x0/0x1c <4>[ 184.098999] Free path: <6>[ 184.101629] rcu_core+0x2dc/0xb14 <6>[ 184.105481] handle_softirqs+0x15c/0x430 <6>[ 184.109938] irq_exit+0xac/0xd4 <6>[ 184.113688] call_with_stack+0x18/0x20 <6>[ 184.117949] __irq_svc+0x9c/0xb8 <6>[ 184.121696] search_index+0x58/0xd8 <6>[ 184.125753] unwind_frame+0x94/0x92c <6>[ 184.129808] arch_stack_walk+0x84/0x100 <6>[ 184.134158] stack_trace_save+0x50/0x78 <6>[ 184.138518] set_track_prepare+0x40/0x74 <6>[ 184.142975] free_to_partial_list+0x390/0x58c <6>[ 184.147936] kmem_cache_free+0x1a8/0x3c0 <6>[ 184.152394] unlink_anon_vmas+0x170/0x250 <6>[ 184.156950] free_pgtables+0xb4/0x27c <6>[ 184.161106] exit_mmap+0x190/0x424 <6>[ 184.165052] mmput+0x50/0x114 <1>[ 184.168505] Register r4 information: 2-page vmalloc region starting at 0xf15e0000 allocated at kernel_clone+0xac/0x388 <1>[ 184.179515] Register r5 information: non-slab/vmalloc memory <1>[ 184.185475] Register r6 information: NULL pointer <1>[ 184.190427] Register r7 information: 2-page vmalloc region starting at 0xf15e0000 allocated at kernel_clone+0xac/0x388 <1>[ 184.201532] Register r8 information: non-slab/vmalloc memory <1>[ 184.207389] Register r9 information: 2-page vmalloc region starting at 0xf15e0000 allocated at kernel_clone+0xac/0x388 <1>[ 184.218394] Register r10 information: slab kmalloc-192 start c84cd140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 184.232353] full_proxy_open+0x124/0x24c <6>[ 184.236803] do_dentry_open+0x144/0x4dc <6>[ 184.241158] vfs_open+0x2c/0xec <6>[ 184.244809] path_openat+0x748/0x1198 <6>[ 184.249061] do_filp_open+0x98/0x134 <6>[ 184.253111] do_sys_openat2+0xbc/0xe4 <6>[ 184.257365] sys_openat+0x98/0xd4 <6>[ 184.261217] ret_fast_syscall+0x0/0x1c <4>[ 184.265466] Free path: <6>[ 184.268195] xdr_free_bvec+0x18/0x24 <6>[ 184.272252] xprt_transmit+0x29c/0x4a0 <6>[ 184.276602] call_transmit+0x80/0x8c <6>[ 184.280657] __rpc_execute+0xc8/0x5d0 <6>[ 184.284913] rpc_async_schedule+0x24/0x40 <6>[ 184.289469] process_one_work+0x1b8/0x450 <6>[ 184.293924] worker_thread+0x1d4/0x3c4 <6>[ 184.298276] kthread+0xe8/0x104 <6>[ 184.301925] ret_from_fork+0x14/0x28 <1>[ 184.306072] Register r11 information: non-paged memory <1>[ 184.311428] Register r12 information: NULL pointer <0>[ 184.316480] Process cat (pid: 1344, stack limit = 0xf15e0000) <0>[ 184.322537] Stack: (0xf15e1eb0 to 0xf15e2000) <0>[ 184.327189] 1ea0: f15e1f80 00df8b74 0000001a c0df8798 <0>[ 184.335665] 1ec0: 0000001a c0df8b7c c0df8a60 c560c940 b6e78000 0000001a c3a41d50 c0892960 <0>[ 184.344139] 1ee0: c560c940 c0892904 f15e1f80 b6e78000 c83f0a40 0000001a c84cd180 c0629858 <0>[ 184.352612] 1f00: c8712db8 00000000 00000000 00000000 00000000 0000001a b6e78000 0001ffe6 <0>[ 184.361085] 1f20: 00000001 00000000 c560cd40 00000000 00000000 00000000 00000000 00000000 <0>[ 184.369558] 1f40: 00000000 00000000 00000000 00000000 00000022 b0470c1c 00000000 c560c940 <0>[ 184.378034] 1f60: c560c940 00000000 00000000 c03002f0 c83f0a40 00000004 004afe38 c0629db4 <0>[ 184.386508] 1f80: 00000000 00000000 00000000 b0470c1c 000000c0 0000001a 0000001a 7ff00000 <0>[ 184.394981] 1fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e78000 0000001a 00000001 <0>[ 184.403455] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 <0>[ 184.411929] 1fe0: 00000004 becfc788 b6f3e33b b6eb7616 60080030 00000001 00000000 00000000 <0>[ 184.420393] Call trace: <0>[ 184.420411] lkdtm_STACK_GUARD_PAGE_TRAILING from lkdtm_do_action+0x24/0x4c <0>[ 184.430430] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 184.436202] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 184.441873] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 184.447451] vfs_write from ksys_write+0x78/0xf8 <0>[ 184.452321] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 184.457683] Exception stack(0xf15e1fa8 to 0xf15e1ff0) <0>[ 184.463040] 1fa0: 0000001a 0000001a 00000001 b6e78000 0000001a 00000001 <0>[ 184.471514] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 <0>[ 184.479983] 1fe0: 00000004 becfc788 b6f3e33b b6eb7616 <0>[ 184.485341] Code: ebffc4de e30d0ce0 e34c01f9 e2844a02 (e5d43000) <4>[ 184.493644] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 183.899599] lkdtm: Performing direct entry STACK_GUARD_PAGE_TRAILING # [ 183.905017] lkdtm: attempting bad read from page above current stack # [ 183.911653] 8<--- cut here --- # [ 183.915349] Unable to handle kernel paging request at virtual address f15e2000 when read # [ 183.926130] [f15e2000] *pgd=c5506811, *pte=00000000, *ppte=00000000 # [ 183.935317] Internal error: Oops: 7 [#4] SMP ARM # [ 183.938802] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 183.976915] CPU: 0 UID: 0 PID: 1344 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 # [ 183.986612] Tainted: [D]=DIE, [W]=WARN # [ 183.990553] Hardware name: STM32 (Device Tree Support) # [ 183.996001] PC is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x38/0x50 # [ 184.002084] LR is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x2c/0x50 # [ 184.008252] pc : [] lr : [] psr: 60080013 # [ 184.014808] sp : f15e1eb0 ip : 00000000 fp : 004afe38 # [ 184.020257] r10: c84cd180 r9 : f15e1f80 r8 : c2688054 # [ 184.025807] r7 : f15e1f80 r6 : 00000000 r5 : c52aa000 r4 : f15e2000 # [ 184.032666] r3 : c83f0a40 r2 : 00000000 r1 : 00000000 r0 : c1f9dce0 # [ 184.039425] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 184.046890] Control: 10c5387d Table: c871006a DAC: 00000051 # [ 184.052941] Register r0 information: non-slab/vmalloc memory # [ 184.058807] Register r1 information: NULL pointer # [ 184.063861] Register r2 information: NULL pointer # [ 184.068812] Register r3 information: slab task_struct start c83f0a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 184.082583] copy_process+0x1f4/0x1f78 # [ 184.086840] kernel_clone+0xac/0x388 # [ 184.090895] sys_clone+0x78/0x9c # [ 184.094648] ret_fast_syscall+0x0/0x1c # [ 184.098999] Free path: # [ 184.101629] rcu_core+0x2dc/0xb14 # [ 184.105481] handle_softirqs+0x15c/0x430 # [ 184.109938] irq_exit+0xac/0xd4 # [ 184.113688] call_with_stack+0x18/0x20 # [ 184.117949] __irq_svc+0x9c/0xb8 # [ 184.121696] search_index+0x58/0xd8 # [ 184.125753] unwind_frame+0x94/0x92c # [ 184.129808] arch_stack_walk+0x84/0x100 # [ 184.134158] stack_trace_save+0x50/0x78 # [ 184.138518] set_track_prepare+0x40/0x74 # [ 184.142975] free_to_partial_list+0x390/0x58c # [ 184.147936] kmem_cache_free+0x1a8/0x3c0 # [ 184.152394] unlink_anon_vmas+0x170/0x250 # [ 184.156950] free_pgtables+0xb4/0x27c # [ 184.161106] exit_mmap+0x190/0x424 # [ 184.165052] mmput+0x50/0x114 # [ 184.168505] Register r4 information: 2-page vmalloc region starting at 0xf15e0000 allocated at kernel_clone+0xac/0x388 # [ 184.179515] Register r5 information: non-slab/vmalloc memory # [ 184.185475] Register r6 information: NULL pointer # [ 184.190427] Register r7 information: 2-page vmalloc region starting at 0xf15e0000 allocated at kernel_clone+0xac/0x388 # [ 184.201532] Register r8 information: non-slab/vmalloc memory # [ 184.207389] Register r9 information: 2-page vmalloc region starting at 0xf15e0000 allocated at kernel_clone+0xac/0x388 # [ 184.218394] Register r10 information: slab kmalloc-192 start c84cd140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 184.232353] full_proxy_open+0x124/0x24c # [ 184.236803] do_dentry_open+0x144/0x4dc # [ 184.241158] vfs_open+0x2c/0xec # [ 184.244809] path_openat+0x748/0x1198 # [ 184.249061] do_filp_open+0x98/0x134 # [ 184.253111] do_sys_openat2+0xbc/0xe4 # [ 184.257365] sys_openat+0x98/0xd4 # [ 184.261217] ret_fast_syscall+0x0/0x1c # [ 184.265466] Free path: # [ 184.268195] xdr_free_bvec+0x18/0x24 # [ 184.272252] xprt_transmit+0x29c/0x4a0 # [ 184.276602] call_transmit+0x80/0x8c # [ 184.280657] __rpc_execute+0xc8/0x5d0 # [ 184.284913] rpc_async_schedule+0x24/0x40 # [ 184.289469] process_one_work+0x1b8/0x450 # [ 184.293924] worker_thread+0x1d4/0x3c4 # [ 184.298276] kthread+0xe8/0x104 # [ 184.301925] ret_from_fork+0x14/0x28 # [ 184.306072] Register r11 information: non-paged memory # [ 184.311428] Register r12 information: NULL pointer # [ 184.316480] Process cat (pid: 1344, stack limit = 0xf15e0000) # [ 184.322537] Stack: (0xf15e1eb0 to 0xf15e2000) # [ 184.327189] 1ea0: f15e1f80 00df8b74 0000001a c0df8798 # [ 184.335665] 1ec0: 0000001a c0df8b7c c0df8a60 c560c940 b6e78000 0000001a c3a41d50 c0892960 # [ 184.344139] 1ee0: c560c940 c0892904 f15e1f80 b6e78000 c83f0a40 0000001a c84cd180 c0629858 # [ 184.352612] 1f00: c8712db8 00000000 00000000 00000000 00000000 0000001a b6e78000 0001ffe6 # [ 184.361085] 1f20: 00000001 00000000 c560cd40 00000000 00000000 00000000 00000000 00000000 # [ 184.369558] 1f40: 00000000 00000000 00000000 00000000 00000022 b0470c1c 00000000 c560c940 # [ 184.378034] 1f60: c560c940 00000000 00000000 c03002f0 c83f0a40 00000004 004afe38 c0629db4 # [ 184.386508] 1f80: 00000000 00000000 00000000 b0470c1c 000000c0 0000001a 0000001a 7ff00000 # [ 184.394981] 1fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e78000 0000001a 00000001 # [ 184.403455] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 # [ 184.411929] 1fe0: 00000004 becfc788 b6f3e33b b6eb7616 60080030 00000001 00000000 00000000 # [ 184.420393] Call trace: # [ 184.420411] lkdtm_STACK_GUARD_PAGE_TRAILING from lkdtm_do_action+0x24/0x4c # [ 184.430430] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 184.436202] direct_entry from full_proxy_write+0x5c/0x8c # [ 184.441873] full_proxy_write from vfs_write+0xbc/0x3cc # [ 184.447451] vfs_write from ksys_write+0x78/0xf8 # [ 184.452321] ksys_write from ret_fast_syscall+0x0/0x1c # [ 184.457683] Exception stack(0xf15e1fa8 to 0xf15e1ff0) # [ 184.463040] 1fa0: 0000001a 0000001a 00000001 b6e78000 0000001a 00000001 # [ 184.471514] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 # [ 184.479983] 1fe0: 00000004 becfc788 b6f3e33b b6eb7616 # [ 184.485341] Code: ebffc4de e30d0ce0 e34c01f9 e2844a02 (e5d43000) # [ 184.493644] ---[ end trace 0000000000000000 ]--- # STACK_GUARD_PAGE_TRAILING: saw 'call trace:': ok ok 15 selftests: lkdtm: STACK_GUARD_PAGE_TRAILING.sh # timeout set to 45 # selftests: lkdtm: REPORT_STACK_CANARY.sh <6>[ 186.190183] lkdtm: Performing direct entry REPORT_STACK_CANARY <6>[ 186.195103] lkdtm: Recorded stack canary for pid 1437 at offset 2 <6>[ 186.234361] lkdtm: Performing direct entry REPORT_STACK_CANARY <6>[ 186.239264] lkdtm: ok: stack canaries differ between pid 1437 and pid 1439 at offset 2. # [ 186.190183] lkdtm: Performing direct entry REPORT_STACK_CANARY # [ 186.195103] lkdtm: Recorded stack canary for pid 1437 at offset 2 # [ 186.234361] lkdtm: Performing direct entry REPORT_STACK_CANARY # [ 186.239264] lkdtm: ok: stack canaries differ between pid 1437 and pid 1439 at offset 2. # REPORT_STACK_CANARY: saw 'ok: stack canaries differ': ok ok 16 selftests: lkdtm: REPORT_STACK_CANARY.sh # timeout set to 45 # selftests: lkdtm: UNSET_SMEP.sh <6>[ 187.453126] lkdtm: Performing direct entry UNSET_SMEP <3>[ 187.457206] lkdtm: XFAIL: this test is x86_64-only # [ 187.453126] lkdtm: Performing direct entry UNSET_SMEP # [ 187.457206] lkdtm: XFAIL: this test is x86_64-only # UNSET_SMEP: saw 'XFAIL': [SKIP] ok 17 selftests: lkdtm: UNSET_SMEP.sh # SKIP # timeout set to 45 # selftests: lkdtm: DOUBLE_FAULT.sh <6>[ 188.635242] lkdtm: Performing direct entry DOUBLE_FAULT <3>[ 188.639444] lkdtm: XFAIL: this test is ia32-only # [ 188.635242] lkdtm: Performing direct entry DOUBLE_FAULT # [ 188.639444] lkdtm: XFAIL: this test is ia32-only # DOUBLE_FAULT: saw 'XFAIL': [SKIP] ok 18 selftests: lkdtm: DOUBLE_FAULT.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_PAC.sh <6>[ 190.090017] lkdtm: Performing direct entry CORRUPT_PAC <3>[ 190.094281] lkdtm: XFAIL: this test is arm64-only # [ 190.090017] lkdtm: Performing direct entry CORRUPT_PAC # [ 190.094281] lkdtm: XFAIL: this test is arm64-only # CORRUPT_PAC: saw 'XFAIL': [SKIP] ok 19 selftests: lkdtm: CORRUPT_PAC.sh # SKIP # timeout set to 45 # selftests: lkdtm: UNALIGNED_LOAD_STORE_WRITE.sh <6>[ 191.272754] lkdtm: Performing direct entry UNALIGNED_LOAD_STORE_WRITE <3>[ 191.278434] lkdtm: XFAIL: arch has CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS # [ 191.272754] lkdtm: Performing direct entry UNALIGNED_LOAD_STORE_WRITE # [ 191.278434] lkdtm: XFAIL: arch has CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS # UNALIGNED_LOAD_STORE_WRITE: saw 'XFAIL': [SKIP] ok 20 selftests: lkdtm: UNALIGNED_LOAD_STORE_WRITE.sh # SKIP # timeout set to 45 # selftests: lkdtm: SLAB_LINEAR_OVERFLOW.sh <6>[ 192.470890] lkdtm: Performing direct entry SLAB_LINEAR_OVERFLOW <6>[ 192.475852] lkdtm: Attempting slab linear overflow ... <3>[ 192.481717] ============================================================================= <3>[ 192.489607] BUG kmalloc-1k (Tainted: G D W ): Right Redzone overwritten <3>[ 192.497685] ----------------------------------------------------------------------------- <3>[ 192.497685] <3>[ 192.507856] 0xc5353800-0xc5353803 @offset=14336. First byte 0x78 instead of 0xcc <3>[ 192.515626] FIX kmalloc-1k: Restoring Right Redzone 0xc5353800-0xc5353803=0xcc <3>[ 192.523098] Allocated in lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 age=6 cpu=1 pid=1647 <4>[ 192.530992] lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 <4>[ 192.535950] lkdtm_do_action+0x24/0x4c <4>[ 192.539999] direct_entry+0x11c/0x140 <4>[ 192.543849] full_proxy_write+0x5c/0x8c <4>[ 192.548006] vfs_write+0xbc/0x3cc <4>[ 192.551568] ksys_write+0x78/0xf8 <4>[ 192.555213] ret_fast_syscall+0x0/0x1c <3>[ 192.559163] Freed in nfs3_proc_create+0x1b4/0x2c4 age=222 cpu=1 pid=1643 <4>[ 192.566146] nfs3_proc_create+0x1b4/0x2c4 <4>[ 192.570503] nfs_do_create+0xa8/0x178 <4>[ 192.574360] nfs_atomic_open_v23+0x84/0xd4 <4>[ 192.578810] path_openat+0xb18/0x1198 <4>[ 192.582660] do_filp_open+0x98/0x134 <4>[ 192.586509] do_sys_openat2+0xbc/0xe4 <4>[ 192.590462] sys_openat+0x98/0xd4 <4>[ 192.594012] ret_fast_syscall+0x0/0x1c <3>[ 192.598059] Slab 0xef7b4740 objects=10 used=4 fp=0xc5356400 flags=0x240(workingset|head|zone=0) <3>[ 192.607043] Object 0xc5353400 @offset=13312 fp=0xc5356400 <3>[ 192.607043] <3>[ 192.614511] Redzone c5353000: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.623584] Redzone c5353010: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.632654] Redzone c5353020: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.641724] Redzone c5353030: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.650896] Redzone c5353040: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.659967] Redzone c5353050: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.669037] Redzone c5353060: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.678106] Redzone c5353070: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.687176] Redzone c5353080: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.696346] Redzone c5353090: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.705415] Redzone c53530a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.714485] Redzone c53530b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.723554] Redzone c53530c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.732624] Redzone c53530d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.741794] Redzone c53530e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.750863] Redzone c53530f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.759934] Redzone c5353100: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.769007] Redzone c5353110: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.778077] Redzone c5353120: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.787247] Redzone c5353130: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.796316] Redzone c5353140: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.805386] Redzone c5353150: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.814455] Redzone c5353160: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.823525] Redzone c5353170: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.832695] Redzone c5353180: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.841764] Redzone c5353190: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.850834] Redzone c53531a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.859903] Redzone c53531b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.868972] Redzone c53531c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.878148] Redzone c53531d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.887231] Redzone c53531e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.896315] Redzone c53531f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.905400] Redzone c5353200: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.914481] Redzone c5353210: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.923559] Redzone c5353220: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.932632] Redzone c5353230: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.941703] Redzone c5353240: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.950873] Redzone c5353250: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.959944] Redzone c5353260: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.969016] Redzone c5353270: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.978087] Redzone c5353280: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.987157] Redzone c5353290: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 192.996226] Redzone c53532a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.005396] Redzone c53532b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.014466] Redzone c53532c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.023535] Redzone c53532d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.032606] Redzone c53532e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.041675] Redzone c53532f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.050844] Redzone c5353300: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.059914] Redzone c5353310: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.068984] Redzone c5353320: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.078054] Redzone c5353330: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.087124] Redzone c5353340: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.096193] Redzone c5353350: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.105362] Redzone c5353360: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.114432] Redzone c5353370: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.123503] Redzone c5353380: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.132572] Redzone c5353390: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.141641] Redzone c53533a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.150811] Redzone c53533b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.159881] Redzone c53533c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.168950] Redzone c53533d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.178019] Redzone c53533e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.187089] Redzone c53533f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 193.196159] Object c5353400: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.205329] Object c5353410: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.214399] Object c5353420: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.223469] Object c5353430: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.232540] Object c5353440: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.241614] Object c5353450: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.250687] Object c5353460: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.259861] Object c5353470: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.268933] Object c5353480: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.278006] Object c5353490: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.287075] Object c53534a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.296145] Object c53534b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.305217] Object c53534c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.314388] Object c53534d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.323459] Object c53534e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.332529] Object c53534f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.341599] Object c5353500: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.350668] Object c5353510: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.359739] Object c5353520: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.368912] Object c5353530: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.377983] Object c5353540: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.387054] Object c5353550: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.396124] Object c5353560: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.405193] Object c5353570: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.414364] Object c5353580: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.423433] Object c5353590: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.432503] Object c53535a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.441574] Object c53535b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.450646] Object c53535c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.459717] Object c53535d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.468887] Object c53535e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.477956] Object c53535f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.487026] Object c5353600: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.496095] Object c5353610: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.505165] Object c5353620: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.514234] Object c5353630: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.523404] Object c5353640: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.532474] Object c5353650: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.541543] Object c5353660: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.550613] Object c5353670: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.559683] Object c5353680: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.568752] Object c5353690: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.577922] Object c53536a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.586991] Object c53536b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.596060] Object c53536c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.605130] Object c53536d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.614199] Object c53536e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.623368] Object c53536f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.632438] Object c5353700: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.641507] Object c5353710: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.650576] Object c5353720: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.659646] Object c5353730: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.668715] Object c5353740: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.677885] Object c5353750: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.686955] Object c5353760: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.696025] Object c5353770: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.705094] Object c5353780: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.714164] Object c5353790: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.723233] Object c53537a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.732403] Object c53537b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.741473] Object c53537c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.750543] Object c53537d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.759612] Object c53537e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 193.768682] Object c53537f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 cc cc cc cc kkkkkkkkkkk..... <3>[ 193.777852] Redzone c5353800: cc cc cc cc .... <3>[ 193.785818] Padding c5353834: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.794887] Padding c5353844: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.804057] Padding c5353854: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.813127] Padding c5353864: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.822197] Padding c5353874: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.831266] Padding c5353884: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.840335] Padding c5353894: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.849405] Padding c53538a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.858575] Padding c53538b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.867646] Padding c53538c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.876719] Padding c53538d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.885790] Padding c53538e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.894860] Padding c53538f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.903930] Padding c5353904: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.913100] Padding c5353914: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.922170] Padding c5353924: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.931239] Padding c5353934: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.940308] Padding c5353944: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.949378] Padding c5353954: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.958548] Padding c5353964: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.967617] Padding c5353974: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.976687] Padding c5353984: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.985756] Padding c5353994: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 193.994825] Padding c53539a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.003995] Padding c53539b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.013066] Padding c53539c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.022138] Padding c53539d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.031208] Padding c53539e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.040278] Padding c53539f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.049348] Padding c5353a04: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.058518] Padding c5353a14: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.067587] Padding c5353a24: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.076657] Padding c5353a34: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.085728] Padding c5353a44: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.094798] Padding c5353a54: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.103968] Padding c5353a64: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.113038] Padding c5353a74: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.122107] Padding c5353a84: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.131177] Padding c5353a94: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.140247] Padding c5353aa4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.149316] Padding c5353ab4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.158486] Padding c5353ac4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.167555] Padding c5353ad4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.176625] Padding c5353ae4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.185694] Padding c5353af4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.194764] Padding c5353b04: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.203933] Padding c5353b14: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.213003] Padding c5353b24: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.222072] Padding c5353b34: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.231142] Padding c5353b44: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.240212] Padding c5353b54: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.249381] Padding c5353b64: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.258451] Padding c5353b74: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.267520] Padding c5353b84: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.276590] Padding c5353b94: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.285659] Padding c5353ba4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.294829] Padding c5353bb4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.303898] Padding c5353bc4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.312968] Padding c5353bd4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.322037] Padding c5353be4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 194.331107] Padding c5353bf4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ <4>[ 194.339881] CPU: 1 UID: 0 PID: 1647 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 <4>[ 194.349469] Tainted: [D]=DIE, [W]=WARN <4>[ 194.353508] Hardware name: STM32 (Device Tree Support) <4>[ 194.358956] Call trace: <4>[ 194.358972] unwind_backtrace from show_stack+0x18/0x1c <4>[ 194.367181] show_stack from dump_stack_lvl+0x88/0xb8 <4>[ 194.372559] dump_stack_lvl from check_object+0x1c0/0x474 <4>[ 194.378247] check_object from free_to_partial_list+0x178/0x58c <4>[ 194.384434] free_to_partial_list from kfree+0x224/0x2dc <4>[ 194.390013] kfree from lkdtm_do_action+0x24/0x4c <4>[ 194.394987] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 194.400757] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 194.406428] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 194.412008] vfs_write from ksys_write+0x78/0xf8 <4>[ 194.416876] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 194.422241] Exception stack(0xf1765fa8 to 0xf1765ff0) <4>[ 194.427600] 5fa0: 00000015 00000015 00000001 b6e14000 00000015 00000001 <4>[ 194.436073] 5fc0: 00000015 00000015 7ff00000 00000004 00000001 b6e14000 00020000 0049fe38 <4>[ 194.444542] 5fe0: 00000004 bec0f788 b6eda33b b6e53616 <3>[ 194.449892] FIX kmalloc-1k: Object at 0xc5353400 not freed # [ 192.470890] lkdtm: Performing direct entry SLAB_LINEAR_OVERFLOW # [ 192.475852] lkdtm: Attempting slab linear overflow ... # [ 192.481717] ============================================================================= # [ 192.489607] BUG kmalloc-1k (Tainted: G D W ): Right Redzone overwritten # [ 192.497685] ----------------------------------------------------------------------------- # # [ 192.507856] 0xc5353800-0xc5353803 @offset=14336. First byte 0x78 instead of 0xcc # [ 192.515626] FIX kmalloc-1k: Restoring Right Redzone 0xc5353800-0xc5353803=0xcc # [ 192.523098] Allocated in lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 age=6 cpu=1 pid=1647 # [ 192.530992] lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 # [ 192.535950] lkdtm_do_action+0x24/0x4c # [ 192.539999] direct_entry+0x11c/0x140 # [ 192.543849] full_proxy_write+0x5c/0x8c # [ 192.548006] vfs_write+0xbc/0x3cc # [ 192.551568] ksys_write+0x78/0xf8 # [ 192.555213] ret_fast_syscall+0x0/0x1c # [ 192.559163] Freed in nfs3_proc_create+0x1b4/0x2c4 age=222 cpu=1 pid=1643 # [ 192.566146] nfs3_proc_create+0x1b4/0x2c4 # [ 192.570503] nfs_do_create+0xa8/0x178 # [ 192.574360] nfs_atomic_open_v23+0x84/0xd4 # [ 192.578810] path_openat+0xb18/0x1198 # [ 192.582660] do_filp_open+0x98/0x134 # [ 192.586509] do_sys_openat2+0xbc/0xe4 # [ 192.590462] sys_openat+0x98/0xd4 # [ 192.594012] ret_fast_syscall+0x0/0x1c # [ 192.598059] Slab 0xef7b4740 objects=10 used=4 fp=0xc5356400 flags=0x240(workingset|head|zone=0) # [ 192.607043] Object 0xc5353400 @offset=13312 fp=0xc5356400 # # [ 192.614511] Redzone c5353000: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.623584] Redzone c5353010: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.632654] Redzone c5353020: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.641724] Redzone c5353030: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.650896] Redzone c5353040: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.659967] Redzone c5353050: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.669037] Redzone c5353060: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.678106] Redzone c5353070: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.687176] Redzone c5353080: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.696346] Redzone c5353090: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.705415] Redzone c53530a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.714485] Redzone c53530b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.723554] Redzone c53530c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.732624] Redzone c53530d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.741794] Redzone c53530e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.750863] Redzone c53530f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.759934] Redzone c5353100: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.769007] Redzone c5353110: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.778077] Redzone c5353120: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.787247] Redzone c5353130: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.796316] Redzone c5353140: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.805386] Redzone c5353150: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.814455] Redzone c5353160: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.823525] Redzone c5353170: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.832695] Redzone c5353180: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.841764] Redzone c5353190: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.850834] Redzone c53531a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.859903] Redzone c53531b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.868972] Redzone c53531c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.878148] Redzone c53531d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.887231] Redzone c53531e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.896315] Redzone c53531f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.905400] Redzone c5353200: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.914481] Redzone c5353210: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.923559] Redzone c5353220: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.932632] Redzone c5353230: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.941703] Redzone c5353240: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.950873] Redzone c5353250: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.959944] Redzone c5353260: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.969016] Redzone c5353270: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.978087] Redzone c5353280: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.987157] Redzone c5353290: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 192.996226] Redzone c53532a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.005396] Redzone c53532b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.014466] Redzone c53532c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.023535] Redzone c53532d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.032606] Redzone c53532e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.041675] Redzone c53532f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.050844] Redzone c5353300: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.059914] Redzone c5353310: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.068984] Redzone c5353320: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.078054] Redzone c5353330: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.087124] Redzone c5353340: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.096193] Redzone c5353350: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.105362] Redzone c5353360: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.114432] Redzone c5353370: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.123503] Redzone c5353380: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.132572] Redzone c5353390: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.141641] Redzone c53533a0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.150811] Redzone c53533b0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.159881] Redzone c53533c0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.168950] Redzone c53533d0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.178019] Redzone c53533e0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.187089] Redzone c53533f0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 193.196159] Object c5353400: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.205329] Object c5353410: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.214399] Object c5353420: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.223469] Object c5353430: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.232540] Object c5353440: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.241614] Object c5353450: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.250687] Object c5353460: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.259861] Object c5353470: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.268933] Object c5353480: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.278006] Object c5353490: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.287075] Object c53534a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.296145] Object c53534b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.305217] Object c53534c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.314388] Object c53534d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.323459] Object c53534e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.332529] Object c53534f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.341599] Object c5353500: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.350668] Object c5353510: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.359739] Object c5353520: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.368912] Object c5353530: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.377983] Object c5353540: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.387054] Object c5353550: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.396124] Object c5353560: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.405193] Object c5353570: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.414364] Object c5353580: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.423433] Object c5353590: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.432503] Object c53535a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.441574] Object c53535b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.450646] Object c53535c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.459717] Object c53535d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.468887] Object c53535e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.477956] Object c53535f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.487026] Object c5353600: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.496095] Object c5353610: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.505165] Object c5353620: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.514234] Object c5353630: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.523404] Object c5353640: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.532474] Object c5353650: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.541543] Object c5353660: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.550613] Object c5353670: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.559683] Object c5353680: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.568752] Object c5353690: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.577922] Object c53536a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.586991] Object c53536b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.596060] Object c53536c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.605130] Object c53536d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.614199] Object c53536e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.623368] Object c53536f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.632438] Object c5353700: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.641507] Object c5353710: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.650576] Object c5353720: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.659646] Object c5353730: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.668715] Object c5353740: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.677885] Object c5353750: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.686955] Object c5353760: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.696025] Object c5353770: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.705094] Object c5353780: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.714164] Object c5353790: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.723233] Object c53537a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.732403] Object c53537b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.741473] Object c53537c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.750543] Object c53537d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.759612] Object c53537e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 193.768682] Object c53537f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 cc cc cc cc kkkkkkkkkkk..... # [ 193.777852] Redzone c5353800: cc cc cc cc .... # [ 193.785818] Padding c5353834: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.794887] Padding c5353844: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.804057] Padding c5353854: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.813127] Padding c5353864: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.822197] Padding c5353874: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [<6>[ 196.032708] lkdtm: Performing direct entry VMALLOC_LINEAR_OVERFLOW <6>[ 196.039388] lkdtm: Attempting vmalloc linear overflow ... <1>[ 196.044849] 8<--- cut here --- <1>[ 196.048106] Unable to handle kernel paging request at virtual address f095e000 when write <1>[ 196.056595] [f095e000] *pgd=c3233811, *pte=00000000, *ppte=00000000 <0>[ 196.063221] Internal error: Oops: 807 [#5] SMP ARM <4>[ 196.068111] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 196.106243] CPU: 1 UID: 0 PID: 1686 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 196.115847] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 196.121099] Hardware name: STM32 (Device Tree Support) <4>[ 196.126549] PC is at mmioset+0x84/0xac <4>[ 196.130510] LR is at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 <4>[ 196.136477] pc : [] lr : [] psr: 00080013 <4>[ 196.143034] sp : f179deb0 ip : f095e000 fp : 004dfe38 <4>[ 196.148583] r10: c5499cc0 r9 : f179df80 r8 : c2688088 <4>[ 196.154033] r7 : f179df80 r6 : 00000000 r5 : f097b000 r4 : f095d000 <4>[ 196.160893] r3 : aaaaaaaa r2 : ffffffc1 r1 : aaaaaaaa r0 : f095d000 <4>[ 196.167655] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 196.175122] Control: 10c5387d Table: c57ac06a DAC: 00000051 <1>[ 196.181173] Register r0 information: 1-page vmalloc region starting at 0xf095d000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <1>[ 196.193594] Register r1 information: non-paged memory <1>[ 196.198850] Register r2 information: non-paged memory <1>[ 196.204204] Register r3 information: non-paged memory <1>[ 196.209558] Register r4 information: 1-page vmalloc region starting at 0xf095d000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <1>[ 196.221967] Register r5 information: 1-page vmalloc region starting at 0xf097b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x20/0x60 <1>[ 196.234377] Register r6 information: NULL pointer <1>[ 196.239329] Register r7 information: 2-page vmalloc region starting at 0xf179c000 allocated at kernel_clone+0xac/0x388 <1>[ 196.250339] Register r8 information: non-slab/vmalloc memory <1>[ 196.256300] Register r9 information: 2-page vmalloc region starting at 0xf179c000 allocated at kernel_clone+0xac/0x388 <1>[ 196.267305] Register r10 information: slab kmalloc-192 start c5499c80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 196.281166] full_proxy_open+0x124/0x24c <6>[ 196.285617] do_dentry_open+0x144/0x4dc <6>[ 196.290074] vfs_open+0x2c/0xec <6>[ 196.293726] path_openat+0x748/0x1198 <6>[ 196.297877] do_filp_open+0x98/0x134 <6>[ 196.302027] do_sys_openat2+0xbc/0xe4 <6>[ 196.306182] sys_openat+0x98/0xd4 <6>[ 196.310033] ret_fast_syscall+0x0/0x1c <4>[ 196.314285] Free path: <6>[ 196.317016] full_proxy_release+0x78/0xc0 <6>[ 196.321568] __fput+0xdc/0x2ec <6>[ 196.325112] task_work_run+0x98/0xc8 <6>[ 196.329271] do_exit+0x374/0xa1c <6>[ 196.333027] do_group_exit+0x40/0x8c <6>[ 196.337181] pid_child_should_wake+0x0/0x94 <1>[ 196.341838] Register r11 information: non-paged memory <1>[ 196.347296] Register r12 information: 1-page vmalloc region starting at 0xf095d000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <0>[ 196.359810] Process cat (pid: 1686, stack limit = 0xf179c000) <0>[ 196.365767] Stack: (0xf179deb0 to 0xf179e000) <0>[ 196.370419] dea0: 00000018 c8714000 00000000 c0df8798 <0>[ 196.378900] dec0: 00000018 c0df8b7c c0df8a60 c560cc40 b6dd4000 00000018 c3a41d50 c0892960 <0>[ 196.387386] dee0: c560cc40 c0892904 f179df80 b6dd4000 c5324640 00000018 c5499cc0 c0629858 <0>[ 196.395874] df00: c57aedb0 00000000 00000000 00000000 00000000 00000018 b6dd4000 0001ffe8 <0>[ 196.404359] df20: 00000001 00000000 c560ca40 00000000 00000000 00000000 00000000 00000000 <0>[ 196.412840] df40: 00000000 00000000 00000000 00000000 00000022 84ec02c0 00000000 c560cc40 <0>[ 196.421316] df60: c560cc40 00000000 00000000 c03002f0 c5324640 00000004 004dfe38 c0629db4 <0>[ 196.429793] df80: 00000000 00000000 00000000 84ec02c0 000000c0 00000018 00000018 7ff00000 <0>[ 196.438269] dfa0: 00000004 c03000c0 00000018 00000018 00000001 b6dd4000 00000018 00000001 <0>[ 196.446744] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6dd4000 00020000 004dfe38 <0>[ 196.455221] dfe0: 00000004 bea95788 b6e9a33b b6e13616 60080030 00000001 00000000 00000000 <0>[ 196.463687] Call trace: <0>[ 196.463700] mmioset from lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 <0>[ 196.472813] lkdtm_VMALLOC_LINEAR_OVERFLOW from lkdtm_do_action+0x24/0x4c <0>[ 196.479898] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 196.485668] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 196.491339] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 196.496917] vfs_write from ksys_write+0x78/0xf8 <0>[ 196.501785] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 196.507148] Exception stack(0xf179dfa8 to 0xf179dff0) <0>[ 196.512505] dfa0: 00000018 00000018 00000001 b6dd4000 00000018 00000001 <0>[ 196.520979] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6dd4000 00020000 004dfe38 <0>[ 196.529448] dfe0: 00000004 bea95788 b6e9a33b b6e13616 <0>[ 196.534805] Code: e3120002 14cc1001 14cc1001 e3120001 (14cc1001) <4>[ 196.541354] ---[ end trace 0000000000000000 ]--- 193.831266] Padding c5353884: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.840335] Padding c5353894: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.849405] Padding c53538a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.858575] Padding c53538b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.867646] Padding c53538c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.876719] Padding c53538d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.885790] Padding c53538e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.894860] Padding c53538f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.903930] Padding c5353904: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.913100] Padding c5353914: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.922170] Padding c5353924: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.931239] Padding c5353934: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.940308] Padding c5353944: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.949378] Padding c5353954: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.958548] Padding c5353964: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.967617] Padding c5353974: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.976687] Padding c5353984: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.985756] Padding c5353994: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 193.994825] Padding c53539a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.003995] Padding c53539b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.013066] Padding c53539c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.022138] Padding c53539d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.031208] Padding c53539e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.040278] Padding c53539f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.049348] Padding c5353a04: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.058518] Padding c5353a14: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.067587] Padding c5353a24: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.076657] Padding c5353a34: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.085728] Padding c5353a44: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.094798] Padding c5353a54: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.103968] Padding c5353a64: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.113038] Padding c5353a74: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.122107] Padding c5353a84: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.131177] Padding c5353a94: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.140247] Padding c5353aa4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.149316] Padding c5353ab4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.158486] Padding c5353ac4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.167555] Padding c5353ad4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.176625] Padding c5353ae4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.185694] Padding c5353af4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.194764] Padding c5353b04: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.203933] Padding c5353b14: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.213003] Padding c5353b24: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.222072] Padding c5353b34: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.231142] Padding c5353b44: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.240212] Padding c5353b54: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.249381] Padding c5353b64: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.258451] Padding c5353b74: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.267520] Padding c5353b84: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.276590] Padding c5353b94: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.285659] Padding c5353ba4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.294829] Padding c5353bb4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.303898] Padding c5353bc4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.312968] Padding c5353bd4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.322037] Padding c5353be4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 194.331107] Padding c5353bf4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ # [ 194.339881] CPU: 1 UID: 0 PID: 1647 Comm: cat Tainted: G D W 6.12.0-rc2-next-20241011 #1 # [ 194.349469] Tainted: [D]=DIE, [W]=WARN # [ 194.353508] Hardware name: STM32 (Device Tree Support) # [ 194.358956] Call trace: # [ 194.358972] unwind_backtrace from show_stack+0x18/0x1c # [ 194.367181] show_stack from dump_stack_lvl+0x88/0xb8 # [ 194.372559] dump_stack_lvl from check_object+0x1c0/0x474 # [ 194.378247] check_object from free_to_partial_list+0x178/0x58c # [ 194.384434] free_to_partial_list from kfree+0x224/0x2dc # [ 194.390013] kfree from lkdtm_do_action+0x24/0x4c # [ 194.394987] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 194.400757] direct_entry from full_proxy_write+0x5c/0x8c # [ 194.406428] full_proxy_write from vfs_write+0xbc/0x3cc # [ 194.412008] vfs_write from ksys_write+0x78/0xf8 # [ 194.416876] ksys_write from ret_fast_syscall+0x0/0x1c # [ 194.422241] Exception stack(0xf1765fa8 to 0xf1765ff0) # [ 194.427600] 5fa0: 00000015 00000015 00000001 b6e14000 00000015 00000001 # [ 194.436073] 5fc0: 00000015 00000015 7ff00000 00000004 00000001 b6e14000 00020000 0049fe38 # [ 194.444542] 5fe0: 00000004 bec0f788 b6eda33b b6e53616 # [ 194.449892] FIX kmalloc-1k: Object at 0xc5353400 not freed # SLAB_LINEAR_OVERFLOW: saw 'call trace:': ok ok 21 selftests: lkdtm: SLAB_LINEAR_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: VMALLOC_LINEAR_OVERFLOW.sh # Segmentation fault # [ 196.032708] lkdtm: Performing direct entry VMALLOC_LINEAR_OVERFLOW # [ 196.039388] lkdtm: Attempting vmalloc linear overflow ... # [ 196.044849] 8<--- cut here --- # [ 196.048106] Unable to handle kernel paging request at virtual address f095e000 when write # [ 196.056595] [f095e000] *pgd=c3233811, *pte=00000000, *ppte=00000000 # [ 196.063221] Internal error: Oops: 807 [#5] SMP ARM # [ 196.068111] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 196.106243] CPU: 1 UID: 0 PID: 1686 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 196.115847] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 196.121099] Hardware name: STM32 (Device Tree Support) # [ 196.126549] PC is at mmioset+0x84/0xac # [ 196.130510] LR is at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 # [ 196.136477] pc : [] lr : [] psr: 00080013 # [ 196.143034] sp : f179deb0 ip : f095e000 fp : 004dfe38 # [ 196.148583] r10: c5499cc0 r9 : f179df80 r8 : c2688088 # [ 196.154033] r7 : f179df80 r6 : 00000000 r5 : f097b000 r4 : f095d000 # [ 196.160893] r3 : aaaaaaaa r2 : ffffffc1 r1 : aaaaaaaa r0 : f095d000 # [ 196.167655] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 196.175122] Control: 10c5387d Table: c57ac06a DAC: 00000051 # [ 196.181173] Register r0 information: 1-page vmalloc region starting at 0xf095d000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 196.193594] Register r1 information: non-paged memory # [ 196.198850] Register r2 information: non-paged memory # [ 196.204204] Register r3 information: non-paged memory # [ 196.209558] Register r4 information: 1-page vmalloc region starting at 0xf095d000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 196.221967] Register r5 information: 1-page vmalloc region starting at 0xf097b000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x20/0x60 # [ 196.234377] Register r6 information: NULL pointer # [ 196.239329] Register r7 information: 2-page vmalloc region starting at 0xf179c000 allocated at kernel_clone+0xac/0x388 # [ 196.250339] Register r8 information: non-slab/vmalloc memory # [ 196.256300] Register r9 information: 2-page vmalloc region starting at 0xf179c000 allocated at kernel_clone+0xac/0x388 # [ 196.267305] Register r10 information: slab kmalloc-192 start c5499c80 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 196.281166] full_proxy_open+0x124/0x24c # [ 196.285617] do_dentry_open+0x144/0x4dc # [ 196.290074] vfs_open+0x2c/0xec # [ 196.293726] path_openat+0x748/0x1198 # [ 196.297877] do_filp_open+0x98/0x134 # [ 196.302027] do_sys_openat2+0xbc/0xe4 # [ 196.306182] sys_openat+0x98/0xd4 # [ 196.310033] ret_fast_syscall+0x0/0x1c # [ 196.314285] Free path: # [ 196.317016] full_proxy_release+0x78/0xc0 # [ 196.321568] __fput+0xdc/0x2ec # [ 196.325112] task_work_run+0x98/0xc8 # [ 196.329271] do_exit+0x374/0xa1c # [ 196.333027] do_group_exit+0x40/0x8c # [ 196.337181] pid_child_should_wake+0x0/0x94 # [ 196.341838] Register r11 information: non-paged memory # [ 196.347296] Register r12 information: 1-page vmalloc region starting at 0xf095d000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 196.359810] Process cat (pid: 1686, stack limit = 0xf179c000) # [ 196.365767] Stack: (0xf179deb0 to 0xf179e000) # [ 196.370419] dea0: 00000018 c8714000 00000000 c0df8798 # [ 196.378900] dec0: 00000018 c0df8b7c c0df8a60 c560cc40 b6dd4000 00000018 c3a41d50 c0892960 # [ 196.387386] dee0: c560cc40 c0892904 f179df80 b6dd4000 c5324640 00000018 c5499cc0 c0629858 # [ 196.395874] df00: c57aedb0 00000000 00000000 00000000 00000000 00000018 b6dd4000 0001ffe8 # [ 196.404359] df20: 00000001 00000000 c560ca40 00000000 00000000 00000000 00000000 00000000 # [ 196.412840] df40: 00000000 00000000 00000000 00000000 00000022 84ec02c0 00000000 c560cc40 # [ 196.421316] df60: c560cc40 00000000 00000000 c03002f0 c5324640 00000004 004dfe38 c0629db4 # [ 196.429793] df80: 00000000 00000000 00000000 84ec02c0 000000c0 00000018 00000018 7ff00000 # [ 196.438269] dfa0: 00000004 c03000c0 00000018 00000018 00000001 b6dd4000 00000018 00000001 # [ 196.446744] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6dd4000 00020000 004dfe38 # [ 196.455221] dfe0: 00000004 bea95788 b6e9a33b b6e13616 60080030 00000001 00000000 00000000 # [ 196.463687] Call trace: # [ 196.463700] mmioset from lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 # [ 196.472813] lkdtm_VMALLOC_LINEAR_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 196.479898] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 196.485668] direct_entry from full_proxy_write+0x5c/0x8c # [ 196.491339] full_proxy_write from vfs_write+0xbc/0x3cc # [ 196.496917] vfs_write from ksys_write+0x78/0xf8 # [ 196.501785] ksys_write from ret_fast_syscall+0x0/0x1c # [ 196.507148] Exception stack(0xf179dfa8 to 0xf179dff0) # [ 196.512505] dfa0: 00000018 00000018 00000001 b6dd4000 00000018 00000001 # [ 196.520979] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6dd4000 00020000 004dfe38 # [ 196.529448] dfe0: 00000004 bea95788 b6e9a33b b6e13616 # [ 196.534805] Code: e3120002 14cc1001 14cc1001 e3120001 (14cc1001) # [ 196.541354] ---[ end trace 0000000000000000 ]--- # VMALLOC_LINEAR_OVERFLOW: saw 'call trace:': ok ok 22 selftests: lkdtm: VMALLOC_LINEAR_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: WRITE_AFTER_FREE.sh # Skipping WRITE_AFTER_FREE: Corrupts memory on failure ok 23 selftests: lkdtm: WRITE_AFTER_FREE.sh # SKIP # timeout set to 45 # selftests: lkdtm: READ_AFTER_FREE.sh <6>[ 206.008185] lkdtm: Performing direct entry READ_AFTER_FREE <6>[ 206.013135] lkdtm: Value in memory before free: 12345678 <6>[ 206.018329] lkdtm: Attempting bad read from freed memory <6>[ 206.023869] lkdtm: Memory correctly poisoned (6b6b6b6b) # [ 206.008185] lkdtm: Performing direct entry READ_AFTER_FREE # [ 206.013135] lkdtm: Value in memory before free: 12345678 # [ 206.018329] lkdtm: Attempting bad read from freed memory # [ 206.023869] lkdtm: Memory correctly poisoned (6b6b6b6b) # READ_AFTER_FREE: saw 'call trace:|Memory correctly poisoned': ok ok 24 selftests: lkdtm: READ_AFTER_FREE.sh # timeout set to 45 # selftests: lkdtm: WRITE_BUDDY_AFTER_FREE.sh # Skipping WRITE_BUDDY_AFTER_FREE: Corrupts memory on failure ok 25 selftests: lkdtm: WRITE_BUDDY_AFTER_FREE.sh # SKIP # timeout set to 45 # selftests: lkdtm: READ_BUDDY_AFTER_FREE.sh <6>[ 208.038163] lkdtm: Performing direct entry READ_BUDDY_AFTER_FREE <6>[ 208.043219] lkdtm: Value in memory before free: 12345678 <6>[ 208.048772] lkdtm: Attempting to read from freed memory <6>[ 208.054698] lkdtm: Memory correctly poisoned (0) # [ 208.038163] lkdtm: Performing direct entry READ_BUDDY_AFTER_FREE # [ 208.043219] lkdtm: Value in memory before free: 12345678 # [ 208.048772] lkdtm: Attempting to read from freed memory # [ 208.054698] lkdtm: Memory correctly poisoned (0) # READ_BUDDY_AFTER_FREE: saw 'call trace:|Memory correctly poisoned': ok ok 26 selftests: lkdtm: READ_BUDDY_AFTER_FREE.sh # timeout set to 45 # selftests: lkdtm: SLAB_INIT_ON_ALLOC.sh <6>[ 209.338707] lkdtm: Performing direct entry SLAB_INIT_ON_ALLOC <6>[ 209.343627] lkdtm: Memory appears initialized (6b, no earlier values) # [ 209.338707] lkdtm: Performing direct entry SLAB_INIT_ON_ALLOC # [ 209.343627] lkdtm: Memory appears initialized (6b, no earlier values) # SLAB_INIT_ON_ALLOC: saw 'Memory appears initialized': ok ok 27 selftests: lkdtm: SLAB_INIT_ON_ALLOC.sh # timeout set to 45 # selftests: lkdtm: BUDDY_INIT_ON_ALLOC.sh <6>[ 212.874585] lkdtm: Performing direct entry BUDDY_INIT_ON_ALLOC <6>[ 212.879763] lkdtm: Memory appears initialized (0, no earlier values) # [ 212.874585] lkdtm: Performing direct entry BUDDY_INIT_ON_ALLOC # [ 212.879763] lkdtm: Memory appears initialized (0, no earlier values) # BUDDY_INIT_ON_ALLOC: saw 'Memory appears initialized': ok ok 28 selftests: lkdtm: BUDDY_INIT_ON_ALLOC.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_DOUBLE.sh <6>[ 214.192322] lkdtm: Performing direct entry SLAB_FREE_DOUBLE <6>[ 214.196991] lkdtm: Attempting double slab free ... <3>[ 214.202457] ============================================================================= <3>[ 214.210348] BUG lkdtm-heap-double_free (Tainted: G B D W ): Slab has 0 allocated objects but 1 are to be freed <3>[ 214.210348] <3>[ 214.223352] ----------------------------------------------------------------------------- <3>[ 214.223352] <3>[ 214.233626] Slab 0xef834a68 objects=32 used=0 fp=0xc8c4a008 flags=0x200(workingset|zone=0) <4>[ 214.242216] CPU: 0 UID: 0 PID: 2014 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 214.251804] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 214.257049] Hardware name: STM32 (Device Tree Support) <4>[ 214.262398] Call trace: <4>[ 214.262412] unwind_backtrace from show_stack+0x18/0x1c <4>[ 214.270720] show_stack from dump_stack_lvl+0x88/0xb8 <4>[ 214.276093] dump_stack_lvl from slab_err+0x78/0xb0 <4>[ 214.281270] slab_err from free_to_partial_list+0x4ec/0x58c <4>[ 214.287054] free_to_partial_list from kmem_cache_free+0x1a8/0x3c0 <4>[ 214.293539] kmem_cache_free from lkdtm_do_action+0x24/0x4c <4>[ 214.299417] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 214.305186] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 214.310855] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 214.316330] vfs_write from ksys_write+0x78/0xf8 <4>[ 214.321298] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 214.326660] Exception stack(0xf1959fa8 to 0xf1959ff0) <4>[ 214.332019] 9fa0: 00000011 00000011 00000001 b6dd8000 00000011 00000001 <4>[ 214.340492] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6dd8000 00020000 004efe38 <4>[ 214.348961] 9fe0: 00000004 bee9d788 b6e9e33b b6e17616 <3>[ 214.354311] FIX lkdtm-heap-double_free: Object at 0xc8c4a008 not freed # [ 214.192322] lkdtm: Performing direct entry SLAB_FREE_DOUBLE # [ 214.196991] lkdtm: Attempting double slab free ... # [ 214.202457] ============================================================================= # [ 214.210348] BUG lkdtm-heap-double_free (Tainted: G B D W ): Slab has 0 allocated objects but 1 are to be freed # # [ 214.223352] ----------------------------------------------------------------------------- # # [ 214.233626] Slab 0xef834a68 objects=32 used=0 fp=0xc8c4a008 flags=0x200(workingset|zone=0) # [ 214.242216] CPU: 0 UID: 0 PID: 2014 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 214.251804] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 214.257049] Hardware name: STM32 (Device Tree Support) # [ 214.262398] Call trace: # [ 214.262412] unwind_backtrace from show_stack+0x18/0x1c # [ 214.270720] show_stack from dump_stack_lvl+0x88/0xb8 # [ 214.276093] dump_stack_lvl from slab_err+0x78/0xb0 # [ 214.281270] slab_err from free_to_partial_list+0x4ec/0x58c # [ 214.287054] free_to_partial_list from kmem_cache_free+0x1a8/0x3c0 # [ 214.293539] kmem_cache_free from lkdtm_do_action+0x24/0x4c # [ 214.299417] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 214.305186] direct_entry from full_proxy_write+0x5c/0x8c # [ 214.310855] full_proxy_write from vfs_write+0xbc/0x3cc # [ 214.316330] vfs_write from ksys_write+0x78/0xf8 # [ 214.321298] ksys_write from ret_fast_syscall+0x0/0x1c # [ 214.326660] Exception stack(0xf1959fa8 to 0xf1959ff0) # [ 214.332019] 9fa0: 00000011 00000011 00000001 b6dd8000 00000011 00000001 # [ 214.340492] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6dd8000 00020000 004efe38 # [ 214.348961] 9fe0: 00000004 bee9d788 b6e9e33b b6e17616 # [ 214.354311] FIX lkdtm-heap-double_free: Object at 0xc8c4a008 not freed # SLAB_FREE_DOUBLE: saw 'call trace:': ok ok 29 selftests: lkdtm: SLAB_FREE_DOUBLE.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_CROSS.sh <6>[ 215.651434] lkdtm: Performing direct entry SLAB_FREE_CROSS <6>[ 215.656000] lkdtm: Attempting cross-cache slab free ... <4>[ 215.661435] ------------[ cut here ]------------ <4>[ 215.666303] WARNING: CPU: 1 PID: 2053 at mm/slub.c:4669 kmem_cache_free+0x2bc/0x3c0 <4>[ 215.674291] cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a <4>[ 215.682869] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 215.721180] CPU: 1 UID: 0 PID: 2053 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 215.730493] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 215.735746] Hardware name: STM32 (Device Tree Support) <4>[ 215.741095] Call trace: <4>[ 215.741111] unwind_backtrace from show_stack+0x18/0x1c <4>[ 215.749419] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 215.754795] dump_stack_lvl from __warn+0x84/0x134 <4>[ 215.759774] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 215.765255] warn_slowpath_fmt from kmem_cache_free+0x2bc/0x3c0 <4>[ 215.771444] kmem_cache_free from lkdtm_do_action+0x24/0x4c <4>[ 215.777324] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 215.783093] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 215.788762] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 215.794240] vfs_write from ksys_write+0x78/0xf8 <4>[ 215.799107] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 215.804570] Exception stack(0xf1985fa8 to 0xf1985ff0) <4>[ 215.809929] 5fa0: 00000010 00000010 00000001 b6e28000 00000010 00000001 <4>[ 215.818403] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e28000 00020000 0047fe38 <4>[ 215.826871] 5fe0: 00000004 be85f788 b6eee33b b6e67616 <4>[ 215.832382] ---[ end trace 0000000000000000 ]--- <3>[ 215.837120] Allocated in lkdtm_SLAB_FREE_CROSS+0x20/0x60 age=182 cpu=1 pid=2053 <4>[ 215.844741] lkdtm_SLAB_FREE_CROSS+0x20/0x60 <4>[ 215.849322] lkdtm_do_action+0x24/0x4c <4>[ 215.853286] direct_entry+0x11c/0x140 <4>[ 215.857255] full_proxy_write+0x5c/0x8c <4>[ 215.861323] vfs_write+0xbc/0x3cc <4>[ 215.864958] ksys_write+0x78/0xf8 <4>[ 215.868482] ret_fast_syscall+0x0/0x1c # [ 215.651434] lkdtm: Performing direct entry SLAB_FREE_CROSS # [ 215.656000] lkdtm: Attempting cross-cache slab free ... # [ 215.661435] ------------[ cut here ]------------ # [ 215.666303] WARNING: CPU: 1 PID: 2053 at mm/slub.c:4669 kmem_cache_free+0x2bc/0x3c0 # [ 215.674291] cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a # [ 215.682869] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 215.721180] CPU: 1 UID: 0 PID: 2053 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 215.730493] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 215.735746] Hardware name: STM32 (Device Tree Support) # [ 215.741095] Call trace: # [ 215.741111] unwind_backtrace from show_stack+0x18/0x1c # [ 215.749419] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 215.754795] dump_stack_lvl from __warn+0x84/0x134 # [ 215.759774] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 215.765255] warn_slowpath_fmt from kmem_cache_free+0x2bc/0x3c0 # [ 215.771444] kmem_cache_free from lkdtm_do_action+0x24/0x4c # [ 215.777324] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 215.783093] direct_entry from full_proxy_write+0x5c/0x8c # [ 215.788762] full_proxy_write from vfs_write+0xbc/0x3cc # [ 215.794240] vfs_write from ksys_write+0x78/0xf8 # [ 215.799107] ksys_write from ret_fast_syscall+0x0/0x1c # [ 215.804570] Exception stack(0xf1985fa8 to 0xf1985ff0) # [ 215.809929] 5fa0: 00000010 00000010 00000001 b6e28000 00000010 00000001 # [ 215.818403] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e28000 00020000 0047fe38 # [ 215.826871] 5fe0: 00000004 be85f788 b6eee33b b6e67616 # [ 215.832382] ---[ end trace 0000000000000000 ]--- # [ 215.837120] Allocated in lkdtm_SLAB_FREE_CROSS+0x20/0x60 age=182 cpu=1 pid=2053 # [ 215.844741] lkdtm_SLAB_FREE_CROSS+0x20/0x60 # [ 215.849322] lkdtm_do_action+0x24/0x4c # [ 215.853286] direct_entry+0x11c/0x140 # [ 215.857255] full_proxy_write+0x5c/0x8c # [ 215.861323] vfs_write+0xbc/0x3cc # [ 215.864958] ksys_write+0x78/0xf8 # [ 215.868482] ret_fast_syscall+0x0/0x1c # SLAB_FREE_CROSS: saw 'call trace:': ok ok 30 selftests: lkdtm: SLAB_FREE_CROSS.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_PAGE.sh <6>[ 217.202272] lkdtm: Performing direct entry SLAB_FREE_PAGE <6>[ 217.206679] lkdtm: Attempting non-Slab slab free ... <4>[ 217.211911] ------------[ cut here ]------------ <4>[ 217.217354] WARNING: CPU: 0 PID: 2092 at mm/slub.c:4655 kmem_cache_free+0x314/0x3c0 <4>[ 217.224753] virt_to_cache: Object is not a Slab page! <4>[ 217.230111] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 217.268403] CPU: 0 UID: 0 PID: 2092 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 217.277718] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 217.282971] Hardware name: STM32 (Device Tree Support) <4>[ 217.288422] Call trace: <4>[ 217.288439] unwind_backtrace from show_stack+0x18/0x1c <4>[ 217.296650] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 217.302026] dump_stack_lvl from __warn+0x84/0x134 <4>[ 217.307105] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 217.312486] warn_slowpath_fmt from kmem_cache_free+0x314/0x3c0 <4>[ 217.318675] kmem_cache_free from lkdtm_SLAB_FREE_PAGE+0x34/0x44 <4>[ 217.324958] lkdtm_SLAB_FREE_PAGE from lkdtm_do_action+0x24/0x4c <4>[ 217.331231] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 217.336999] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 217.342769] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 217.348245] vfs_write from ksys_write+0x78/0xf8 <4>[ 217.353114] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 217.358579] Exception stack(0xf19d1fa8 to 0xf19d1ff0) <4>[ 217.363838] 1fa0: 0000000f 0000000f 00000001 b6d88000 0000000f 00000001 <4>[ 217.372312] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6d88000 00020000 0042fe38 <4>[ 217.380881] 1fe0: 00000004 bef74788 b6e4e33b b6dc7616 <4>[ 217.386444] ---[ end trace 0000000000000000 ]--- # [ 217.202272] lkdtm: Performing direct entry SLAB_FREE_PAGE # [ 217.206679] lkdtm: Attempting non-Slab slab free ... # [ 217.211911] ------------[ cut here ]------------ # [ 217.217354] WARNING: CPU: 0 PID: 2092 at mm/slub.c:4655 kmem_cache_free+0x314/0x3c0 # [ 217.224753] virt_to_cache: Object is not a Slab page! # [ 217.230111] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 217.268403] CPU: 0 UID: 0 PID: 2092 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 217.277718] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 217.282971] Hardware name: STM32 (Device Tree Support) # [ 217.288422] Call trace: # [ 217.288439] unwind_backtrace from show_stack+0x18/0x1c # [ 217.296650] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 217.302026] dump_stack_lvl from __warn+0x84/0x134 # [ 217.307105] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 217.312486] warn_slowpath_fmt from kmem_cache_free+0x314/0x3c0 # [ 217.318675] kmem_cache_free from lkdtm_SLAB_FREE_PAGE+0x34/0x44 # [ 217.324958] lkdtm_SLAB_FREE_PAGE from lkdtm_do_action+0x24/0x4c # [ 217.331231] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 217.336999] direct_entry from full_proxy_write+0x5c/0x8c # [ 217.342769] full_proxy_write from vfs_write+0xbc/0x3cc # [ 217.348245] vfs_write from ksys_write+0x78/0xf8 # [ 217.353114] ksys_write from ret_fast_syscall+0x0/0x1c # [ 217.358579] Exception stack(0xf19d1fa8 to 0xf19d1ff0) # [ 217.363838] 1fa0: 0000000f 0000000f 00000001 b6d88000 0000000f 00000001 # [ 217.372312] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6d88000 00020000 0042fe38 # [ 217.380881] 1fe0: 00000004 bef74788 b6e4e33b b6dc7616 # [ 217.386444] ---[ end trace 0000000000000000 ]--- # SLAB_FREE_PAGE: saw 'call trace:': ok ok 31 selftests: lkdtm: SLAB_FREE_PAGE.sh # timeout set to 45 # selftests: lkdtm: SOFTLOCKUP.sh # Skipping SOFTLOCKUP: Hangs the system ok 32 selftests: lkdtm: SOFTLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: HARDLOCKUP.sh # Skipping HARDLOCKUP: Hangs the system ok 33 selftests: lkdtm: HARDLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: SMP_CALL_LOCKUP.sh # Skipping SMP_CALL_LOCKUP: Hangs the system ok 34 selftests: lkdtm: SMP_CALL_LOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: SPINLOCKUP.sh # Skipping SPINLOCKUP: Hangs the system ok 35 selftests: lkdtm: SPINLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: HUNG_TASK.sh # Skipping HUNG_TASK: Hangs the system ok 36 selftests: lkdtm: HUNG_TASK.sh # SKIP # timeout set to 45 # selftests: lkdtm: EXEC_DATA.sh <6>[ 224.442204] lkdtm: Performing direct entry EXEC_DATA <6>[ 224.446181] lkdtm: attempting ok execution at c0dfa070 <6>[ 224.452196] lkdtm: attempting bad execution at c2804328 <1>[ 224.457435] 8<--- cut here --- <1>[ 224.460302] Unable to handle kernel paging request at virtual address c2804328 when execute <1>[ 224.468982] [c2804328] *pgd=c281141e(bad) <0>[ 224.473255] Internal error: Oops: 8000000d [#6] SMP ARM <4>[ 224.478812] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 224.516920] CPU: 1 UID: 0 PID: 2306 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 224.526518] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 224.531766] Hardware name: STM32 (Device Tree Support) <4>[ 224.537113] PC is at data_area+0x0/0x40 <4>[ 224.541281] LR is at execute_location+0x9c/0xac <4>[ 224.546045] pc : [] lr : [] psr: 60080013 <4>[ 224.552602] sp : f1afdeb0 ip : 00000000 fp : 0046fe38 <4>[ 224.558151] r10: c515ce00 r9 : f1afdf80 r8 : c2688108 <4>[ 224.563600] r7 : f1afdf80 r6 : 00000001 r5 : c2804328 r4 : c0dfa070 <4>[ 224.570458] r3 : c5326440 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 224.577216] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 224.584681] Control: 10c5387d Table: c881006a DAC: 00000051 <1>[ 224.590731] Register r0 information: non-paged memory <1>[ 224.596091] Register r1 information: NULL pointer <1>[ 224.601042] Register r2 information: NULL pointer <1>[ 224.605993] Register r3 information: slab task_struct start c5326400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 224.619764] copy_process+0x1f4/0x1f78 <6>[ 224.624022] kernel_clone+0xac/0x388 <6>[ 224.628078] sys_clone+0x78/0x9c <6>[ 224.631931] ret_fast_syscall+0x0/0x1c <4>[ 224.636181] Free path: <6>[ 224.638911] rcu_core+0x2dc/0xb14 <6>[ 224.642763] handle_softirqs+0x15c/0x430 <6>[ 224.647220] irq_exit+0xac/0xd4 <6>[ 224.650870] call_with_stack+0x18/0x20 <6>[ 224.655131] __irq_svc+0x9c/0xb8 <6>[ 224.658878] memblock_overlaps_region+0x0/0x70 <6>[ 224.663838] pfn_valid+0x38/0x40 <6>[ 224.667585] __sync_icache_dcache+0x38/0xbc <6>[ 224.672341] set_ptes+0x6c/0x70 <6>[ 224.675990] filemap_map_pages+0x1ec/0x5c8 <6>[ 224.680647] handle_mm_fault+0x918/0x1198 <6>[ 224.685204] do_page_fault+0x1ac/0x470 <6>[ 224.689459] do_PrefetchAbort+0x40/0xa0 <6>[ 224.693808] ret_from_exception+0x0/0x1c <1>[ 224.698260] Register r4 information: non-slab/vmalloc memory <1>[ 224.704222] Register r5 information: non-slab/vmalloc memory <1>[ 224.710180] Register r6 information: non-paged memory <1>[ 224.715533] Register r7 information: 2-page vmalloc region starting at 0xf1afc000 allocated at kernel_clone+0xac/0x388 <1>[ 224.726540] Register r8 information: non-slab/vmalloc memory <1>[ 224.732498] Register r9 information: 2-page vmalloc region starting at 0xf1afc000 allocated at kernel_clone+0xac/0x388 <1>[ 224.743502] Register r10 information: slab kmalloc-192 start c515cdc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 224.757360] full_proxy_open+0x124/0x24c <6>[ 224.761812] do_dentry_open+0x144/0x4dc <6>[ 224.766170] vfs_open+0x2c/0xec <6>[ 224.769822] path_openat+0x748/0x1198 <6>[ 224.774075] do_filp_open+0x98/0x134 <6>[ 224.778125] do_sys_openat2+0xbc/0xe4 <6>[ 224.782379] sys_openat+0x98/0xd4 <6>[ 224.786231] ret_fast_syscall+0x0/0x1c <4>[ 224.790481] Free path: <6>[ 224.793211] __free_slab+0xdc/0xec <6>[ 224.797166] kmem_cache_free_bulk.part.0+0x2e0/0x364 <6>[ 224.802630] kvfree_rcu_bulk+0x208/0x284 <6>[ 224.807083] kfree_rcu_monitor+0x1e0/0x2cc <6>[ 224.811737] process_one_work+0x1b8/0x450 <6>[ 224.816293] worker_thread+0x1d4/0x3c4 <6>[ 224.820545] kthread+0xe8/0x104 <6>[ 224.824192] ret_from_fork+0x14/0x28 <1>[ 224.828341] Register r11 information: non-paged memory <1>[ 224.833797] Register r12 information: NULL pointer <0>[ 224.838849] Process cat (pid: 2306, stack limit = 0xf1afc000) <0>[ 224.844806] Stack: (0xf1afdeb0 to 0xf1afe000) <0>[ 224.849458] dea0: 0000000a c8c8e000 00000000 c0df8798 <0>[ 224.857932] dec0: 0000000a c0df8b7c c0df8a60 c8625040 b6d78000 0000000a c3a41d50 c0892960 <0>[ 224.866407] dee0: c8625040 c0892904 f1afdf80 b6d78000 c5326440 0000000a c515ce00 c0629858 <0>[ 224.874880] df00: c8812db0 00000000 00000000 00000000 00000000 0000000a b6d78000 0001fff6 <0>[ 224.883359] df20: 00000001 00000000 c8625140 00000000 00000000 00000000 00000000 00000000 <0>[ 224.891846] df40: 00000000 00000000 00000000 00000000 00000022 08007db3 00000000 c8625040 <0>[ 224.900334] df60: c8625040 00000000 00000000 c03002f0 c5326440 00000004 0046fe38 c0629db4 <0>[ 224.908817] df80: 00000000 00000000 00000000 08007db3 000000c0 0000000a 0000000a 7ff00000 <0>[ 224.917299] dfa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6d78000 0000000a 00000001 <0>[ 224.925775] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d78000 00020000 0046fe38 <0>[ 224.934249] dfe0: 00000004 be9c3788 b6e3e33b b6db7616 60080030 00000001 00000000 00000000 <0>[ 224.942714] Call trace: <0>[ 224.942736] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 224.951456] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 224.957233] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 224.962905] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 224.968384] vfs_write from ksys_write+0x78/0xf8 <0>[ 224.973252] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 224.978716] Exception stack(0xf1afdfa8 to 0xf1afdff0) <0>[ 224.984074] dfa0: 0000000a 0000000a 00000001 b6d78000 0000000a 00000001 <0>[ 224.992547] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d78000 00020000 0046fe38 <0>[ 225.001017] dfe0: 00000004 be9c3788 b6e3e33b b6db7616 <0>[ 225.006375] Code: 00000002 c6779040 c6779140 c36eff40 (e52de004) <4>[ 225.012732] ---[ end trace 0000000000000000 ]--- <6>[ 225.017579] note: cat[2306] exited with irqs disabled # Segmentation fault # [ 224.442204] lkdtm: Performing direct entry EXEC_DATA # [ 224.446181] lkdtm: attempting ok execution at c0dfa070 # [ 224.452196] lkdtm: attempting bad execution at c2804328 # [ 224.457435] 8<--- cut here --- # [ 224.460302] Unable to handle kernel paging request at virtual address c2804328 when execute # [ 224.468982] [c2804328] *pgd=c281141e(bad) # [ 224.473255] Internal error: Oops: 8000000d [#6] SMP ARM # [ 224.478812] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 224.516920] CPU: 1 UID: 0 PID: 2306 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 224.526518] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 224.531766] Hardware name: STM32 (Device Tree Support) # [ 224.537113] PC is at data_area+0x0/0x40 # [ 224.541281] LR is at execute_location+0x9c/0xac # [ 224.546045] pc : [] lr : [] psr: 60080013 # [ 224.552602] sp : f1afdeb0 ip : 00000000 fp : 0046fe38 # [ 224.558151] r10: c515ce00 r9 : f1afdf80 r8 : c2688108 # [ 224.563600] r7 : f1afdf80 r6 : 00000001 r5 : c2804328 r4 : c0dfa070 # [ 224.570458] r3 : c5326440 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 224.577216] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 224.584681] Control: 10c5387d Table: c881006a DAC: 00000051 # [ 224.590731] Register r0 information: non-paged memory # [ 224.596091] Register r1 information: NULL pointer # [ 224.601042] Register r2 information: NULL pointer # [ 224.605993] Register r3 information: slab task_struct start c5326400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 224.619764] copy_process+0x1f4/0x1f78 # [ 224.624022] kernel_clone+0xac/0x388 # [ 224.628078] sys_clone+0x78/0x9c # [ 224.631931] ret_fast_syscall+0x0/0x1c # [ 224.636181] Free path: # [ 224.638911] rcu_core+0x2dc/0xb14 # [ 224.642763] handle_softirqs+0x15c/0x430 # [ 224.647220] irq_exit+0xac/0xd4 # [ 224.650870] call_with_stack+0x18/0x20 # [ 224.655131] __irq_svc+0x9c/0xb8 # [ 224.658878] memblock_overlaps_region+0x0/0x70 # [ 224.663838] pfn_valid+0x38/0x40 # [ 224.667585] __sync_icache_dcache+0x38/0xbc # [ 224.672341] set_ptes+0x6c/0x70 # [ 224.675990] filemap_map_pages+0x1ec/0x5c8 # [ 224.680647] handle_mm_fault+0x918/0x1198 # [ 224.685204] do_page_fault+0x1ac/0x470 # [ 224.689459] do_PrefetchAbort+0x40/0xa0 # [ 224.693808] ret_from_exception+0x0/0x1c # [ 224.698260] Register r4 information: non-slab/vmalloc memory # [ 224.704222] Register r5 information: non-slab/vmalloc memory # [ 224.710180] Register r6 information: non-paged memory # [ 224.715533] Register r7 information: 2-page vmalloc region starting at 0xf1afc000 allocated at kernel_clone+0xac/0x388 # [ 224.726540] Register r8 information: non-slab/vmalloc memory # [ 224.732498] Register r9 information: 2-page vmalloc region starting at 0xf1afc000 allocated at kernel_clone+0xac/0x388 # [ 224.743502] Register r10 information: slab kmalloc-192 start c515cdc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 224.757360] full_proxy_open+0x124/0x24c # [ 224.761812] do_dentry_open+0x144/0x4dc # [ 224.766170] vfs_open+0x2c/0xec # [ 224.769822] path_openat+0x748/0x1198 # [ 224.774075] do_filp_open+0x98/0x134 # [ 224.778125] do_sys_openat2+0xbc/0xe4 # [ 224.782379] sys_openat+0x98/0xd4 # [ 224.786231] ret_fast_syscall+0x0/0x1c # [ 224.790481] Free path: # [ 224.793211] __free_slab+0xdc/0xec # [ 224.797166] kmem_cache_free_bulk.part.0+0x2e0/0x364 # [ 224.802630] kvfree_rcu_bulk+0x208/0x284 # [ 224.807083] kfree_rcu_monitor+0x1e0/0x2cc # [ 224.811737] process_one_work+0x1b8/0x450 # [ 224.816293] worker_thread+0x1d4/0x3c4 # [ 224.820545] kthread+0xe8/0x104 # [ 224.824192] ret_from_fork+0x14/0x28 # [ 224.828341] Register r11 information: non-paged memory # [ 224.833797] Register r12 information: NULL pointer # [ 224.838849] Process cat (pid: 2306, stack limit = 0xf1afc000) # [ 224.844806] Stack: (0xf1afdeb0 to 0xf1afe000) # [ 224.849458] dea0: 0000000a c8c8e000 00000000 c0df8798 # [ 224.857932] dec0: 0000000a c0df8b7c c0df8a60 c8625040 b6d78000 0000000a c3a41d50 c0892960 # [ 224.866407] dee0: c8625040 c0892904 f1afdf80 b6d78000 c5326440 0000000a c515ce00 c0629858 # [ 224.874880] df00: c8812db0 00000000 00000000 00000000 00000000 0000000a b6d78000 0001fff6 # [ 224.883359] df20: 00000001 00000000 c8625140 00000000 00000000 00000000 00000000 00000000 # [ 224.891846] df40: 00000000 00000000 00000000 00000000 00000022 08007db3 00000000 c8625040 # [ 224.900334] df60: c8625040 00000000 00000000 c03002f0 c5326440 00000004 0046fe38 c0629db4 # [ 224.908817] df80: 00000000 00000000 00000000 08007db3 000000c0 0000000a 0000000a 7ff00000 # [ 224.917299] dfa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6d78000 0000000a 00000001 # [ 224.925775] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d78000 00020000 0046fe38 # [ 224.934249] dfe0: 00000004 be9c3788 b6e3e33b b6db7616 60080030 00000001 00000000 00000000 # [ 224.942714] Call trace: # [ 224.942736] execute_location from lkdtm_do_action+0x24/0x4c # [ 224.951456] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 224.957233] direct_entry from full_proxy_write+0x5c/0x8c # [ 224.962905] full_proxy_write from vfs_write+0xbc/0x3cc # [ 224.968384] vfs_write from ksys_write+0x78/0xf8 # [ 224.973252] ksys_write from ret_fast_syscall+0x0/0x1c # [ 224.978716] Exception stack(0xf1afdfa8 to 0xf1afdff0) # [ 224.984074] dfa0: 0000000a 0000000a 00000001 b6d78000 0000000a 00000001 # [ 224.992547] dfc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6d78000 00020000 0046fe38 # [ 225.001017] dfe0: 00000004 be9c3788 b6e3e33b b6db7616 # [ 225.006375] Code: 00000002 c6779040 c6779140 c36eff40 (e52de004) # [ 225.012732] ---[ end trace 0000000000000000 ]--- # [ 225.017579] note: cat[2306] exited with irqs disabled # EXEC_DATA: saw 'call trace:': ok ok 37 selftests: lkdtm: EXEC_DATA.sh # timeout set to 45 # selftests: lkdtm: EXEC_STACK.sh <6>[ 226.730200] lkdtm: Performing direct entry EXEC_STACK <6>[ 226.734289] lkdtm: attempting ok execution at c0dfa070 <6>[ 226.739628] lkdtm: attempting bad execution at f1b39e74 <1>[ 226.745201] 8<--- cut here --- <1>[ 226.748465] Unable to handle kernel execution of memory at virtual address f1b39e74 when execute <1>[ 226.757541] [f1b39e74] *pgd=c8c8c811, *pte=fb5ec65f, *ppte=fb5ec45f <0>[ 226.764138] Internal error: Oops: 8000000f [#7] SMP ARM <4>[ 226.769530] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 226.807665] CPU: 1 UID: 0 PID: 2387 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 226.817265] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 226.822513] Hardware name: STM32 (Device Tree Support) <4>[ 226.827964] PC is at 0xf1b39e74 <4>[ 226.831318] LR is at execute_location+0x9c/0xac <4>[ 226.836189] pc : [] lr : [] psr: 60080013 <4>[ 226.842745] sp : f1b39e60 ip : 00000000 fp : 004efe38 <4>[ 226.848195] r10: c5499e00 r9 : f1b39f80 r8 : c2688110 <4>[ 226.853745] r7 : f1b39f80 r6 : 00000001 r5 : f1b39e74 r4 : c0dfa070 <4>[ 226.860503] r3 : c83f1440 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 226.867361] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 226.874827] Control: 10c5387d Table: c894006a DAC: 00000051 <1>[ 226.880777] Register r0 information: non-paged memory <1>[ 226.886140] Register r1 information: NULL pointer <1>[ 226.891092] Register r2 information: NULL pointer <1>[ 226.896142] Register r3 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 226.909815] copy_process+0x1f4/0x1f78 <6>[ 226.914071] kernel_clone+0xac/0x388 <6>[ 226.918228] sys_clone+0x78/0x9c <6>[ 226.921980] ret_fast_syscall+0x0/0x1c <4>[ 226.926231] Free path: <6>[ 226.928961] rcu_core+0x2dc/0xb14 <6>[ 226.932813] handle_softirqs+0x15c/0x430 <6>[ 226.937269] irq_exit+0xac/0xd4 <6>[ 226.940920] call_with_stack+0x18/0x20 <6>[ 226.945179] __irq_svc+0x9c/0xb8 <6>[ 226.948926] search_index+0x78/0xd8 <6>[ 226.952982] unwind_frame+0x94/0x92c <6>[ 226.957138] arch_stack_walk+0x84/0x100 <6>[ 226.961488] stack_trace_save+0x50/0x78 <6>[ 226.965847] set_track_prepare+0x40/0x74 <6>[ 226.970305] ___slab_alloc+0xd28/0xd7c <6>[ 226.974563] __kmalloc_noprof+0x178/0x4f8 <6>[ 226.979121] lsm_blob_alloc+0x28/0x3c <6>[ 226.983273] security_prepare_creds+0x2c/0x100 <6>[ 226.988333] prepare_creds+0x1f8/0x2c0 <6>[ 226.992594] prepare_exec_creds+0x10/0x50 <1>[ 226.997151] Register r4 information: non-slab/vmalloc memory <1>[ 227.003013] Register r5 information: 2-page vmalloc region starting at 0xf1b38000 allocated at kernel_clone+0xac/0x388 <1>[ 227.014021] Register r6 information: non-paged memory <1>[ 227.019376] Register r7 information: 2-page vmalloc region starting at 0xf1b38000 allocated at kernel_clone+0xac/0x388 <1>[ 227.030380] Register r8 information: non-slab/vmalloc memory <1>[ 227.036339] Register r9 information: 2-page vmalloc region starting at 0xf1b38000 allocated at kernel_clone+0xac/0x388 <1>[ 227.047343] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 227.061203] full_proxy_open+0x124/0x24c <6>[ 227.065754] do_dentry_open+0x144/0x4dc <6>[ 227.070109] vfs_open+0x2c/0xec <6>[ 227.073760] path_openat+0x748/0x1198 <6>[ 227.077911] do_filp_open+0x98/0x134 <6>[ 227.082061] do_sys_openat2+0xbc/0xe4 <6>[ 227.086216] sys_openat+0x98/0xd4 <6>[ 227.090069] ret_fast_syscall+0x0/0x1c <4>[ 227.094423] Free path: <6>[ 227.097054] full_proxy_release+0x78/0xc0 <6>[ 227.101607] __fput+0xdc/0x2ec <6>[ 227.105254] task_work_run+0x98/0xc8 <6>[ 227.109312] do_exit+0x374/0xa1c <6>[ 227.113061] do_group_exit+0x40/0x8c <6>[ 227.117213] pid_child_should_wake+0x0/0x94 <1>[ 227.121870] Register r11 information: non-paged memory <1>[ 227.127330] Register r12 information: NULL pointer <0>[ 227.132392] Process cat (pid: 2387, stack limit = 0xf1b38000) <0>[ 227.138461] Stack: (0xf1b39e60 to 0xf1b3a000) <0>[ 227.143031] 9e60: 0000000b c8966000 00000000 c16db364 c23d39c0 e52de004 e28dd004 e12fff1e <0>[ 227.151519] 9e80: e92d4010 e52de004 e28dd004 e3a00040 ebdf82d2 e3a01001 e1a04000 eb23846c <0>[ 227.160007] 9ea0: e1a00004 e8bd4010 eadf7fa8 e92d4010 e52de004 5d889f3c c1f9da10 c0df8798 <0>[ 227.168492] 9ec0: 0000000b c0df8b7c c0df8a60 c49ee140 b6d84000 0000000b c3a41d50 c0892960 <0>[ 227.176974] 9ee0: c49ee140 c0892904 f1b39f80 b6d84000 c83f1440 0000000b c5499e00 c0629858 <0>[ 227.185450] 9f00: c8942db0 00000000 00000000 00000000 00000000 0000000b b6d84000 0001fff5 <0>[ 227.193924] 9f20: 00000001 00000000 c49eec40 00000000 00000000 00000000 00000000 00000000 <0>[ 227.202398] 9f40: 00000000 00000000 00000000 00000000 00000022 5d889f3c 00000000 c49ee140 <0>[ 227.210873] 9f60: c49ee140 00000000 00000000 c03002f0 c83f1440 00000004 004efe38 c0629db4 <0>[ 227.219349] 9f80: 00000000 00000000 00000000 5d889f3c 000000c0 0000000b 0000000b 7ff00000 <0>[ 227.227823] 9fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6d84000 0000000b 00000001 <0>[ 227.236296] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6d84000 00020000 004efe38 <0>[ 227.244769] 9fe0: 00000004 bed4f788 b6e4a33b b6dc3616 60080030 00000001 00000000 00000000 <0>[ 227.253233] Call trace: <0>[ 227.253251] execute_location from lkdtm_EXEC_STACK+0x3c/0x60 <0>[ 227.262069] lkdtm_EXEC_STACK from lkdtm_do_action+0x24/0x4c <0>[ 227.268054] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 227.273825] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 227.279497] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 227.284975] vfs_write from ksys_write+0x78/0xf8 <0>[ 227.289844] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 227.295308] Exception stack(0xf1b39fa8 to 0xf1b39ff0) <0>[ 227.300564] 9fa0: 0000000b 0000000b 00000001 b6d84000 0000000b 00000001 <0>[ 227.309038] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6d84000 00020000 004efe38 <0>[ 227.317507] 9fe0: 00000004 bed4f788 b6e4a33b b6dc3616 <0>[ 227.322865] Code: c8966000 00000000 c16db364 c23d39c0 (e52de004) <4>[ 227.329540] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 226.730200] lkdtm: Performing direct entry EXEC_STACK # [ 226.734289] lkdtm: attempting ok execution at c0dfa070 # [ 226.739628] lkdtm: attempting bad execution at f1b39e74 # [ 226.745201] 8<--- cut here --- # [ 226.748465] Unable to handle kernel execution of memory at virtual address f1b39e74 when execute # [ 226.757541] [f1b39e74] *pgd=c8c8c811, *pte=fb5ec65f, *ppte=fb5ec45f # [ 226.764138] Internal error: Oops: 8000000f [#7] SMP ARM # [ 226.769530] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 226.807665] CPU: 1 UID: 0 PID: 2387 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 226.817265] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 226.822513] Hardware name: STM32 (Device Tree Support) # [ 226.827964] PC is at 0xf1b39e74 # [ 226.831318] LR is at execute_location+0x9c/0xac # [ 226.836189] pc : [] lr : [] psr: 60080013 # [ 226.842745] sp : f1b39e60 ip : 00000000 fp : 004efe38 # [ 226.848195] r10: c5499e00 r9 : f1b39f80 r8 : c2688110 # [ 226.853745] r7 : f1b39f80 r6 : 00000001 r5 : f1b39e74 r4 : c0dfa070 # [ 226.860503] r3 : c83f1440 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 226.867361] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 226.874827] Control: 10c5387d Table: c894006a DAC: 00000051 # [ 226.880777] Register r0 information: non-paged memory # [ 226.886140] Register r1 information: NULL pointer # [ 226.891092] Register r2 information: NULL pointer # [ 226.896142] Register r3 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 226.909815] copy_process+0x1f4/0x1f78 # [ 226.914071] kernel_clone+0xac/0x388 # [ 226.918228] sys_clone+0x78/0x9c # [ 226.921980] ret_fast_syscall+0x0/0x1c # [ 226.926231] Free path: # [ 226.928961] rcu_core+0x2dc/0xb14 # [ 226.932813] handle_softirqs+0x15c/0x430 # [ 226.937269] irq_exit+0xac/0xd4 # [ 226.940920] call_with_stack+0x18/0x20 # [ 226.945179] __irq_svc+0x9c/0xb8 # [ 226.948926] search_index+0x78/0xd8 # [ 226.952982] unwind_frame+0x94/0x92c # [ 226.957138] arch_stack_walk+0x84/0x100 # [ 226.961488] stack_trace_save+0x50/0x78 # [ 226.965847] set_track_prepare+0x40/0x74 # [ 226.970305] ___slab_alloc+0xd28/0xd7c # [ 226.974563] __kmalloc_noprof+0x178/0x4f8 # [ 226.979121] lsm_blob_alloc+0x28/0x3c # [ 226.983273] security_prepare_creds+0x2c/0x100 # [ 226.988333] prepare_creds+0x1f8/0x2c0 # [ 226.992594] prepare_exec_creds+0x10/0x50 # [ 226.997151] Register r4 information: non-slab/vmalloc memory # [ 227.003013] Register r5 information: 2-page vmalloc region starting at 0xf1b38000 allocated at kernel_clone+0xac/0x388 # [ 227.014021] Register r6 information: non-paged memory # [ 227.019376] Register r7 information: 2-page vmalloc region starting at 0xf1b38000 allocated at kernel_clone+0xac/0x388 # [ 227.030380] Register r8 information: non-slab/vmalloc memory # [ 227.036339] Register r9 information: 2-page vmalloc region starting at 0xf1b38000 allocated at kernel_clone+0xac/0x388 # [ 227.047343] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 227.061203] full_proxy_open+0x124/0x24c # [ 227.065754] do_dentry_open+0x144/0x4dc # [ 227.070109] vfs_open+0x2c/0xec # [ 227.073760] path_openat+0x748/0x1198 # [ 227.077911] do_filp_open+0x98/0x134 # [ 227.082061] do_sys_openat2+0xbc/0xe4 # [ 227.086216] sys_openat+0x98/0xd4 # [ 227.090069] ret_fast_syscall+0x0/0x1c # [ 227.094423] Free path: # [ 227.097054] full_proxy_release+0x78/0xc0 # [ 227.101607] __fput+0xdc/0x2ec # [ 227.105254] task_work_run+0x98/0xc8 # [ 227.109312] do_exit+0x374/0xa1c # [ 227.113061] do_group_exit+0x40/0x8c # [ 227.117213] pid_child_should_wake+0x0/0x94 # [ 227.121870] Register r11 information: non-paged memory # [ 227.127330] Register r12 information: NULL pointer # [ 227.132392] Process cat (pid: 2387, stack limit = 0xf1b38000) # [ 227.138461] Stack: (0xf1b39e60 to 0xf1b3a000) # [ 227.143031] 9e60: 0000000b c8966000 00000000 c16db364 c23d39c0 e52de004 e28dd004 e12fff1e # [ 227.151519] 9e80: e92d4010 e52de004 e28dd004 e3a00040 ebdf82d2 e3a01001 e1a04000 eb23846c # [ 227.160007] 9ea0: e1a00004 e8bd4010 eadf7fa8 e92d4010 e52de004 5d889f3c c1f9da10 c0df8798 # [ 227.168492] 9ec0: 0000000b c0df8b7c c0df8a60 c49ee140 b6d84000 0000000b c3a41d50 c0892960 # [ 227.176974] 9ee0: c49ee140 c0892904 f1b39f80 b6d84000 c83f1440 0000000b c5499e00 c0629858 # [ 227.185450] 9f00: c8942db0 00000000 00000000 00000000 00000000 0000000b b6d84000 0001fff5 # [ 227.193924] 9f20: 00000001 00000000 c49eec40 00000000 00000000 00000000 00000000 00000000 # [ 227.202398] 9f40: 00000000 00000000 00000000 00000000 00000022 5d889f3c 00000000 c49ee140 # [ 227.210873] 9f60: c49ee140 00000000 00000000 c03002f0 c83f1440 00000004 004efe38 c0629db4 # [ 227.219349] 9f80: 00000000 00000000 00000000 5d889f3c 000000c0 0000000b 0000000b 7ff00000 # [ 227.227823] 9fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6d84000 0000000b 00000001 # [ 227.236296] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6d84000 00020000 004efe38 # [ 227.244769] 9fe0: 00000004 bed4f788 b6e4a33b b6dc3616 60080030 00000001 00000000 00000000 # [ 227.253233] Call trace: # [ 227.253251] execute_location from lkdtm_EXEC_STACK+0x3c/0x60 # [ 227.262069] lkdtm_EXEC_STACK from lkdtm_do_action+0x24/0x4c # [ 227.268054] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 227.273825] direct_entry from full_proxy_write+0x5c/0x8c # [ 227.279497] full_proxy_write from vfs_write+0xbc/0x3cc # [ 227.284975] vfs_write from ksys_write+0x78/0xf8 # [ 227.289844] ksys_write from ret_fast_syscall+0x0/0x1c # [ 227.295308] Exception stack(0xf1b39fa8 to 0xf1b39ff0) # [ 227.300564] 9fa0: 0000000b 0000000b 00000001 b6d84000 0000000b 00000001 # [ 227.309038] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6d84000 00020000 004efe38 # [ 227.317507] 9fe0: 00000004 bed4f788 b6e4a33b b6dc3616 # [ 227.322865] Code: c8966000 00000000 c16db364 c23d39c0 (e52de004) # [ 227.329540] ---[ end trace 0000000000000000 ]--- # EXEC_STACK: saw 'call trace:': ok ok 38 selftests: lkdtm: EXEC_STACK.sh # timeout set to 45 # selftests: lkdtm: EXEC_KMALLOC.sh <6>[ 229.157569] lkdtm: Performing direct entry EXEC_KMALLOC <6>[ 229.161818] lkdtm: attempting ok execution at c0dfa070 <6>[ 229.168421] lkdtm: attempting bad execution at c86e9700 <1>[ 229.172725] 8<--- cut here --- <1>[ 229.175985] Unable to handle kernel paging request at virtual address c86e9700 when execute <1>[ 229.184572] [c86e9700] *pgd=c861141e(bad) <0>[ 229.188858] Internal error: Oops: 8000000d [#8] SMP ARM <4>[ 229.194430] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 229.232452] CPU: 1 UID: 0 PID: 2471 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 229.242154] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 229.247300] Hardware name: STM32 (Device Tree Support) <4>[ 229.252748] PC is at 0xc86e9700 <4>[ 229.256201] LR is at execute_location+0x9c/0xac <4>[ 229.260971] pc : [] lr : [] psr: 60080013 <4>[ 229.267530] sp : f1bd1ea8 ip : 00000000 fp : 0048fe38 <4>[ 229.273080] r10: c5499e00 r9 : f1bd1f80 r8 : c2688118 <4>[ 229.278531] r7 : f1bd1f80 r6 : 00000001 r5 : c86e9700 r4 : c0dfa070 <4>[ 229.285389] r3 : c83f0a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 229.292148] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 229.299614] Control: 10c5387d Table: c8a8006a DAC: 00000051 <1>[ 229.305664] Register r0 information: non-paged memory <1>[ 229.310925] Register r1 information: NULL pointer <1>[ 229.315976] Register r2 information: NULL pointer <1>[ 229.320927] Register r3 information: slab task_struct start c83f0a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 229.334600] copy_process+0x1f4/0x1f78 <6>[ 229.338957] kernel_clone+0xac/0x388 <6>[ 229.343012] sys_clone+0x78/0x9c <6>[ 229.346764] ret_fast_syscall+0x0/0x1c <4>[ 229.351115] Free path: <6>[ 229.353744] rcu_core+0x2dc/0xb14 <6>[ 229.357596] handle_softirqs+0x15c/0x430 <6>[ 229.362052] irq_exit+0xac/0xd4 <6>[ 229.365702] call_with_stack+0x18/0x20 <6>[ 229.370060] __irq_svc+0x9c/0xb8 <6>[ 229.373807] from_kuid_munged+0x0/0x24 <6>[ 229.378066] cp_statx+0x74/0x1c4 <6>[ 229.381823] do_statx+0x88/0xb4 <6>[ 229.385474] sys_statx+0x78/0xf4 <6>[ 229.389227] ret_fast_syscall+0x0/0x1c <1>[ 229.393576] Register r4 information: non-slab/vmalloc memory <1>[ 229.399438] Register r5 information: slab kmalloc-64 start c86e96c0 data offset 64 pointer offset 0 size 64 allocated at lkdtm_EXEC_KMALLOC+0x24/0x3c <6>[ 229.413199] lkdtm_EXEC_KMALLOC+0x24/0x3c <6>[ 229.417753] lkdtm_do_action+0x24/0x4c <6>[ 229.422004] direct_entry+0x11c/0x140 <6>[ 229.426254] full_proxy_write+0x5c/0x8c <6>[ 229.430605] vfs_write+0xbc/0x3cc <6>[ 229.434463] ksys_write+0x78/0xf8 <6>[ 229.438308] ret_fast_syscall+0x0/0x1c <4>[ 229.442557] Free path: <6>[ 229.445287] rcu_core+0x2dc/0xb14 <6>[ 229.449138] handle_softirqs+0x15c/0x430 <6>[ 229.453594] irq_exit+0xac/0xd4 <6>[ 229.457243] call_with_stack+0x18/0x20 <6>[ 229.461501] __irq_svc+0x9c/0xb8 <6>[ 229.465247] nfs_generic_pgio+0x1ec/0x448 <6>[ 229.469806] nfs_generic_pg_pgios+0x64/0xcc <6>[ 229.474563] nfs_pageio_doio+0x4c/0x6c <6>[ 229.478816] nfs_pageio_complete+0x88/0x124 <6>[ 229.483574] nfs_writepages_callback+0x24/0x50 <6>[ 229.488527] write_cache_pages+0x64/0xa8 <6>[ 229.492978] nfs_writepages+0x114/0x294 <6>[ 229.497327] do_writepages+0x7c/0x250 <6>[ 229.501577] __filemap_fdatawrite_range+0xa8/0xb0 <6>[ 229.506838] filemap_write_and_wait_range+0x5c/0xc0 <6>[ 229.512198] nfs_wb_all+0x44/0x124 <1>[ 229.516145] Register r6 information: non-paged memory <1>[ 229.521501] Register r7 information: 2-page vmalloc region starting at 0xf1bd0000 allocated at kernel_clone+0xac/0x388 <1>[ 229.532509] Register r8 information: non-slab/vmalloc memory <1>[ 229.538469] Register r9 information: 2-page vmalloc region starting at 0xf1bd0000 allocated at kernel_clone+0xac/0x388 <1>[ 229.549474] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 229.563328] full_proxy_open+0x124/0x24c <6>[ 229.567780] do_dentry_open+0x144/0x4dc <6>[ 229.572135] vfs_open+0x2c/0xec <6>[ 229.575885] path_openat+0x748/0x1198 <6>[ 229.580036] do_filp_open+0x98/0x134 <6>[ 229.584186] do_sys_openat2+0xbc/0xe4 <6>[ 229.588339] sys_openat+0x98/0xd4 <6>[ 229.592191] ret_fast_syscall+0x0/0x1c <4>[ 229.596440] Free path: <6>[ 229.599169] full_proxy_release+0x78/0xc0 <6>[ 229.603720] __fput+0xdc/0x2ec <6>[ 229.607264] task_work_run+0x98/0xc8 <6>[ 229.611421] do_exit+0x374/0xa1c <6>[ 229.615170] do_group_exit+0x40/0x8c <6>[ 229.619320] pid_child_should_wake+0x0/0x94 <1>[ 229.623974] Register r11 information: non-paged memory <1>[ 229.629432] Register r12 information: NULL pointer <0>[ 229.634492] Process cat (pid: 2471, stack limit = 0xf1bd0000) <0>[ 229.640555] Stack: (0xf1bd1ea8 to 0xf1bd2000) <0>[ 229.645113] 1ea0: c86e9700 c8bef000 00000000 c0dfa0d8 0000000d c0df8798 <0>[ 229.653590] 1ec0: 0000000d c0df8b7c c0df8a60 c560c140 b6e18000 0000000d c3a41d50 c0892960 <0>[ 229.662064] 1ee0: c560c140 c0892904 f1bd1f80 b6e18000 c83f0a40 0000000d c5499e00 c0629858 <0>[ 229.670537] 1f00: c8a82db8 00000000 00000000 00000000 00000000 0000000d b6e18000 0001fff3 <0>[ 229.679009] 1f20: 00000001 00000000 c560c740 00000000 00000000 00000000 00000000 00000000 <0>[ 229.687582] 1f40: 00000000 00000000 00000000 00000000 00000022 8fbad839 00000000 c560c140 <0>[ 229.696055] 1f60: c560c140 00000000 00000000 c03002f0 c83f0a40 00000004 0048fe38 c0629db4 <0>[ 229.704528] 1f80: 00000000 00000000 00000000 8fbad839 000000c0 0000000d 0000000d 7ff00000 <0>[ 229.713000] 1fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6e18000 0000000d 00000001 <0>[ 229.721473] 1fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e18000 00020000 0048fe38 <0>[ 229.729946] 1fe0: 00000004 bea51788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 <0>[ 229.738411] Call trace: <0>[ 229.738431] execute_location from lkdtm_EXEC_KMALLOC+0x30/0x3c <0>[ 229.747353] lkdtm_EXEC_KMALLOC from lkdtm_do_action+0x24/0x4c <0>[ 229.753529] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 229.759300] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 229.764970] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 229.770448] vfs_write from ksys_write+0x78/0xf8 <0>[ 229.775316] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 229.780779] Exception stack(0xf1bd1fa8 to 0xf1bd1ff0) <0>[ 229.786136] 1fa0: 0000000d 0000000d 00000001 b6e18000 0000000d 00000001 <0>[ 229.794610] 1fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e18000 00020000 0048fe38 <0>[ 229.803079] 1fe0: 00000004 bea51788 b6ede33b b6e57616 <0>[ 229.808338] Code: cccccccc cccccccc cccccccc cccccccc (e52de004) <4>[ 229.814795] ---[ end trace 0000000000000000 ]--- <6>[ 229.819641] note: cat[2471] exited with irqs disabled # Segmentation fault # [ 229.157569] lkdtm: Performing direct entry EXEC_KMALLOC # [ 229.161818] lkdtm: attempting ok execution at c0dfa070 # [ 229.168421] lkdtm: attempting bad execution at c86e9700 # [ 229.172725] 8<--- cut here --- # [ 229.175985] Unable to handle kernel paging request at virtual address c86e9700 when execute # [ 229.184572] [c86e9700] *pgd=c861141e(bad) # [ 229.188858] Internal error: Oops: 8000000d [#8] SMP ARM # [ 229.194430] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 229.232452] CPU: 1 UID: 0 PID: 2471 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 229.242154] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 229.247300] Hardware name: STM32 (Device Tree Support) # [ 229.252748] PC is at 0xc86e9700 # [ 229.256201] LR is at execute_location+0x9c/0xac # [ 229.260971] pc : [] lr : [] psr: 60080013 # [ 229.267530] sp : f1bd1ea8 ip : 00000000 fp : 0048fe38 # [ 229.273080] r10: c5499e00 r9 : f1bd1f80 r8 : c2688118 # [ 229.278531] r7 : f1bd1f80 r6 : 00000001 r5 : c86e9700 r4 : c0dfa070 # [ 229.285389] r3 : c83f0a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 229.292148] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 229.299614] Control: 10c5387d Table: c8a8006a DAC: 00000051 # [ 229.305664] Register r0 information: non-paged memory # [ 229.310925] Register r1 information: NULL pointer # [ 229.315976] Register r2 information: NULL pointer # [ 229.320927] Register r3 information: slab task_struct start c83f0a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 229.334600] copy_process+0x1f4/0x1f78 # [ 229.338957] kernel_clone+0xac/0x388 # [ 229.343012] sys_clone+0x78/0x9c # [ 229.346764] ret_fast_syscall+0x0/0x1c # [ 229.351115] Free path: # [ 229.353744] rcu_core+0x2dc/0xb14 # [ 229.357596] handle_softirqs+0x15c/0x430 # [ 229.362052] irq_exit+0xac/0xd4 # [ 229.365702] call_with_stack+0x18/0x20 # [ 229.370060] __irq_svc+0x9c/0xb8 # [ 229.373807] from_kuid_munged+0x0/0x24 # [ 229.378066] cp_statx+0x74/0x1c4 # [ 229.381823] do_statx+0x88/0xb4 # [ 229.385474] sys_statx+0x78/0xf4 # [ 229.389227] ret_fast_syscall+0x0/0x1c # [ 229.393576] Register r4 information: non-slab/vmalloc memory # [ 229.399438] Register r5 information: slab kmalloc-64 start c86e96c0 data offset 64 pointer offset 0 size 64 allocated at lkdtm_EXEC_KMALLOC+0x24/0x3c # [ 229.413199] lkdtm_EXEC_KMALLOC+0x24/0x3c # [ 229.417753] lkdtm_do_action+0x24/0x4c # [ 229.422004] direct_entry+0x11c/0x140 # [ 229.426254] full_proxy_write+0x5c/0x8c # [ 229.430605] vfs_write+0xbc/0x3cc # [ 229.434463] ksys_write+0x78/0xf8 # [ 229.438308] ret_fast_syscall+0x0/0x1c # [ 229.442557] Free path: # [ 229.445287] rcu_core+0x2dc/0xb14 # [ 229.449138] handle_softirqs+0x15c/0x430 # [ 229.453594] irq_exit+0xac/0xd4 # [ 229.457243] call_with_stack+0x18/0x20 # [ 229.461501] __irq_svc+0x9c/0xb8 # [ 229.465247] nfs_generic_pgio+0x1ec/0x448 # [ 229.469806] nfs_generic_pg_pgios+0x64/0xcc # [ 229.474563] nfs_pageio_doio+0x4c/0x6c # [ 229.478816] nfs_pageio_complete+0x88/0x124 # [ 229.483574] nfs_writepages_callback+0x24/0x50 # [ 229.488527] write_cache_pages+0x64/0xa8 # [ 229.492978] nfs_writepages+0x114/0x294 # [ 229.497327] do_writepages+0x7c/0x250 # [ 229.501577] __filemap_fdatawrite_range+0xa8/0xb0 # [ 229.506838] filemap_write_and_wait_range+0x5c/0xc0 # [ 229.512198] nfs_wb_all+0x44/0x124 # [ 229.516145] Register r6 information: non-paged memory # [ 229.521501] Register r7 information: 2-page vmalloc region starting at 0xf1bd0000 allocated at kernel_clone+0xac/0x388 # [ 229.532509] Register r8 information: non-slab/vmalloc memory # [ 229.538469] Register r9 information: 2-page vmalloc region starting at 0xf1bd0000 allocated at kernel_clone+0xac/0x388 # [ 229.549474] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 229.563328] full_proxy_open+0x124/0x24c # [ 229.567780] do_dentry_open+0x144/0x4dc # [ 229.572135] vfs_open+0x2c/0xec # [ 229.575885] path_openat+0x748/0x1198 # [ 229.580036] do_filp_open+0x98/0x134 # [ 229.584186] do_sys_openat2+0xbc/0xe4 # [ 229.588339] sys_openat+0x98/0xd4 # [ 229.592191] ret_fast_syscall+0x0/0x1c # [ 229.596440] Free path: # [ 229.599169] full_proxy_release+0x78/0xc0 # [ 229.603720] __fput+0xdc/0x2ec # [ 229.607264] task_work_run+0x98/0xc8 # [ 229.611421] do_exit+0x374/0xa1c # [ 229.615170] do_group_exit+0x40/0x8c # [ 229.619320] pid_child_should_wake+0x0/0x94 # [ 229.623974] Register r11 information: non-paged memory # [ 229.629432] Register r12 information: NULL pointer # [ 229.634492] Process cat (pid: 2471, stack limit = 0xf1bd0000) # [ 229.640555] Stack: (0xf1bd1ea8 to 0xf1bd2000) # [ 229.645113] 1ea0: c86e9700 c8bef000 00000000 c0dfa0d8 0000000d c0df8798 # [ 229.653590] 1ec0: 0000000d c0df8b7c c0df8a60 c560c140 b6e18000 0000000d c3a41d50 c0892960 # [ 229.662064] 1ee0: c560c140 c0892904 f1bd1f80 b6e18000 c83f0a40 0000000d c5499e00 c0629858 # [ 229.670537] 1f00: c8a82db8 00000000 00000000 00000000 00000000 0000000d b6e18000 0001fff3 # [ 229.679009] 1f20: 00000001 00000000 c560c740 00000000 00000000 00000000 00000000 00000000 # [ 229.687582] 1f40: 00000000 00000000 00000000 00000000 00000022 8fbad839 00000000 c560c140 # [ 229.696055] 1f60: c560c140 00000000 00000000 c03002f0 c83f0a40 00000004 0048fe38 c0629db4 # [ 229.704528] 1f80: 00000000 00000000 00000000 8fbad839 000000c0 0000000d 0000000d 7ff00000 # [ 229.713000] 1fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6e18000 0000000d 00000001 # [ 229.721473] 1fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e18000 00020000 0048fe38 # [ 229.729946] 1fe0: 00000004 bea51788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 # [ 229.738411] Call trace: # [ 229.738431] execute_location from lkdtm_EXEC_KMALLOC+0x30/0x3c # [ 229.747353] lkdtm_EXEC_KMALLOC from lkdtm_do_action+0x24/0x4c # [ 229.753529] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 229.759300] direct_entry from full_proxy_write+0x5c/0x8c # [ 229.764970] full_proxy_write from vfs_write+0xbc/0x3cc # [ 229.770448] vfs_write from ksys_write+0x78/0xf8 # [ 229.775316] ksys_write from ret_fast_syscall+0x0/0x1c # [ 229.780779] Exception stack(0xf1bd1fa8 to 0xf1bd1ff0) # [ 229.786136] 1fa0: 0000000d 0000000d 00000001 b6e18000 0000000d 00000001 # [ 229.794610] 1fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e18000 00020000 0048fe38 # [ 229.803079] 1fe0: 00000004 bea51788 b6ede33b b6e57616 # [ 229.808338] Code: cccccccc cccccccc cccccccc cccccccc (e52de004) # [ 229.814795] ---[ end trace 0000000000000000 ]--- # [ 229.819641] note: cat[2471] exited with irqs disabled # EXEC_KMALLOC: saw 'call trace:': ok ok 39 selftests: lkdtm: EXEC_KMALLOC.sh # timeout set to 45 # selftests: lkdtm: EXEC_VMALLOC.sh <6>[ 231.802301] lkdtm: Performing direct entry EXEC_VMALLOC <6>[ 231.806797] lkdtm: attempting ok execution at c0dfa070 <6>[ 231.812429] lkdtm: attempting bad execution at f097d000 <1>[ 231.817530] 8<--- cut here --- <1>[ 231.821012] Unable to handle kernel execution of memory at virtual address f097d000 when execute <1>[ 231.829837] [f097d000] *pgd=c3233811, *pte=f7e3a65f, *ppte=f7e3a45f <0>[ 231.836452] Internal error: Oops: 8000000f [#9] SMP ARM <4>[ 231.841843] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 231.879973] CPU: 1 UID: 0 PID: 2553 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 231.889574] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 231.894822] Hardware name: STM32 (Device Tree Support) <4>[ 231.900171] PC is at 0xf097d000 <4>[ 231.903625] LR is at execute_location+0x9c/0xac <4>[ 231.908397] pc : [] lr : [] psr: 60080013 <4>[ 231.914954] sp : f1c29ea8 ip : 00000000 fp : 0046fe38 <4>[ 231.920503] r10: c5499400 r9 : f1c29f80 r8 : c2688120 <4>[ 231.925953] r7 : f1c29f80 r6 : 00000001 r5 : f097d000 r4 : c0dfa070 <4>[ 231.932811] r3 : c83f0a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 231.939569] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 231.947035] Control: 10c5387d Table: c891006a DAC: 00000051 <1>[ 231.953086] Register r0 information: non-paged memory <1>[ 231.958447] Register r1 information: NULL pointer <1>[ 231.963399] Register r2 information: NULL pointer <1>[ 231.968350] Register r3 information: slab task_struct start c83f0a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 231.982123] copy_process+0x1f4/0x1f78 <6>[ 231.986379] kernel_clone+0xac/0x388 <6>[ 231.990434] sys_clone+0x78/0x9c <6>[ 231.994187] ret_fast_syscall+0x0/0x1c <4>[ 231.998537] Free path: <6>[ 232.001267] rcu_core+0x2dc/0xb14 <6>[ 232.005118] handle_softirqs+0x15c/0x430 <6>[ 232.009575] irq_exit+0xac/0xd4 <6>[ 232.013225] call_with_stack+0x18/0x20 <6>[ 232.017486] __irq_svc+0x9c/0xb8 <6>[ 232.021233] copy_process+0x1aac/0x1f78 <6>[ 232.025589] kernel_clone+0xac/0x388 <6>[ 232.029743] sys_clone+0x78/0x9c <6>[ 232.033496] ret_fast_syscall+0x0/0x1c <1>[ 232.037746] Register r4 information: non-slab/vmalloc memory <1>[ 232.043707] Register r5 information: 1-page vmalloc region starting at 0xf097d000 allocated at lkdtm_EXEC_VMALLOC+0x14/0x2c <1>[ 232.055116] Register r6 information: non-paged memory <1>[ 232.060473] Register r7 information: 2-page vmalloc region starting at 0xf1c28000 allocated at kernel_clone+0xac/0x388 <1>[ 232.071479] Register r8 information: non-slab/vmalloc memory <1>[ 232.077438] Register r9 information: 2-page vmalloc region starting at 0xf1c28000 allocated at kernel_clone+0xac/0x388 <1>[ 232.088444] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 232.102307] full_proxy_open+0x124/0x24c <6>[ 232.106761] do_dentry_open+0x144/0x4dc <6>[ 232.111118] vfs_open+0x2c/0xec <6>[ 232.114871] path_openat+0x748/0x1198 <6>[ 232.119024] do_filp_open+0x98/0x134 <6>[ 232.123173] do_sys_openat2+0xbc/0xe4 <6>[ 232.127329] sys_openat+0x98/0xd4 <6>[ 232.131189] ret_fast_syscall+0x0/0x1c <4>[ 232.135452] Free path: <6>[ 232.138191] full_proxy_release+0x78/0xc0 <6>[ 232.142755] __fput+0xdc/0x2ec <6>[ 232.146312] task_work_run+0x98/0xc8 <6>[ 232.150382] do_exit+0x374/0xa1c <6>[ 232.154143] do_group_exit+0x40/0x8c <6>[ 232.158302] pid_child_should_wake+0x0/0x94 <1>[ 232.162961] Register r11 information: non-paged memory <1>[ 232.168426] Register r12 information: NULL pointer <0>[ 232.173486] Process cat (pid: 2553, stack limit = 0xf1c28000) <0>[ 232.179544] Stack: (0xf1c29ea8 to 0xf1c2a000) <0>[ 232.184100] 9ea0: f097d000 c8875000 00000000 c0dfa09c 0000000d c0df8798 <0>[ 232.192575] 9ec0: 0000000d c0df8b7c c0df8a60 c8625940 b6de8000 0000000d c3a41d50 c0892960 <0>[ 232.201049] 9ee0: c8625940 c0892904 f1c29f80 b6de8000 c83f0a40 0000000d c5499400 c0629858 <0>[ 232.209524] 9f00: c8912db0 00000000 00000000 00000000 00000000 0000000d b6de8000 0001fff3 <0>[ 232.217998] 9f20: 00000001 00000000 c8625a40 00000000 00000000 00000000 00000000 00000000 <0>[ 232.226473] 9f40: 00000000 00000000 00000000 00000000 00000022 d66a0450 00000000 c8625940 <0>[ 232.235047] 9f60: c8625940 00000000 00000000 c03002f0 c83f0a40 00000004 0046fe38 c0629db4 <0>[ 232.243523] 9f80: 00000000 00000000 00000000 d66a0450 000000c0 0000000d 0000000d 7ff00000 <0>[ 232.251997] 9fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6de8000 0000000d 00000001 <0>[ 232.260471] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6de8000 00020000 0046fe38 <0>[ 232.268944] 9fe0: 00000004 bebe1788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 <0>[ 232.277409] Call trace: <0>[ 232.277426] execute_location from lkdtm_EXEC_VMALLOC+0x20/0x2c <0>[ 232.286347] lkdtm_EXEC_VMALLOC from lkdtm_do_action+0x24/0x4c <0>[ 232.292524] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 232.298294] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 232.303965] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 232.309441] vfs_write from ksys_write+0x78/0xf8 <0>[ 232.314309] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 232.319773] Exception stack(0xf1c29fa8 to 0xf1c29ff0) <0>[ 232.325129] 9fa0: 0000000d 0000000d 00000001 b6de8000 0000000d 00000001 <0>[ 232.333602] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6de8000 00020000 0046fe38 <0>[ 232.342071] 9fe0: 00000004 bebe1788 b6eae33b b6e27616 <0>[ 232.347431] Code: bad PC value <4>[ 232.350837] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 231.802301] lkdtm: Performing direct entry EXEC_VMALLOC # [ 231.806797] lkdtm: attempting ok execution at c0dfa070 # [ 231.812429] lkdtm: attempting bad execution at f097d000 # [ 231.817530] 8<--- cut here --- # [ 231.821012] Unable to handle kernel execution of memory at virtual address f097d000 when execute # [ 231.829837] [f097d000] *pgd=c3233811, *pte=f7e3a65f, *ppte=f7e3a45f # [ 231.836452] Internal error: Oops: 8000000f [#9] SMP ARM # [ 231.841843] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 231.879973] CPU: 1 UID: 0 PID: 2553 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 231.889574] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 231.894822] Hardware name: STM32 (Device Tree Support) # [ 231.900171] PC is at 0xf097d000 # [ 231.903625] LR is at execute_location+0x9c/0xac # [ 231.908397] pc : [] lr : [] psr: 60080013 # [ 231.914954] sp : f1c29ea8 ip : 00000000 fp : 0046fe38 # [ 231.920503] r10: c5499400 r9 : f1c29f80 r8 : c2688120 # [ 231.925953] r7 : f1c29f80 r6 : 00000001 r5 : f097d000 r4 : c0dfa070 # [ 231.932811] r3 : c83f0a40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 231.939569] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 231.947035] Control: 10c5387d Table: c891006a DAC: 00000051 # [ 231.953086] Register r0 information: non-paged memory # [ 231.958447] Register r1 information: NULL pointer # [ 231.963399] Register r2 information: NULL pointer # [ 231.968350] Register r3 information: slab task_struct start c83f0a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 231.982123] copy_process+0x1f4/0x1f78 # [ 231.986379] kernel_clone+0xac/0x388 # [ 231.990434] sys_clone+0x78/0x9c # [ 231.994187] ret_fast_syscall+0x0/0x1c # [ 231.998537] Free path: # [ 232.001267] rcu_core+0x2dc/0xb14 # [ 232.005118] handle_softirqs+0x15c/0x430 # [ 232.009575] irq_exit+0xac/0xd4 # [ 232.013225] call_with_stack+0x18/0x20 # [ 232.017486] __irq_svc+0x9c/0xb8 # [ 232.021233] copy_process+0x1aac/0x1f78 # [ 232.025589] kernel_clone+0xac/0x388 # [ 232.029743] sys_clone+0x78/0x9c # [ 232.033496] ret_fast_syscall+0x0/0x1c # [ 232.037746] Register r4 information: non-slab/vmalloc memory # [ 232.043707] Register r5 information: 1-page vmalloc region starting at 0xf097d000 allocated at lkdtm_EXEC_VMALLOC+0x14/0x2c # [ 232.055116] Register r6 information: non-paged memory # [ 232.060473] Register r7 information: 2-page vmalloc region starting at 0xf1c28000 allocated at kernel_clone+0xac/0x388 # [ 232.071479] Register r8 information: non-slab/vmalloc memory # [ 232.077438] Register r9 information: 2-page vmalloc region starting at 0xf1c28000 allocated at kernel_clone+0xac/0x388 # [ 232.088444] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 232.102307] full_proxy_open+0x124/0x24c # [ 232.106761] do_dentry_open+0x144/0x4dc # [ 232.111118] vfs_open+0x2c/0xec # [ 232.114871] path_openat+0x748/0x1198 # [ 232.119024] do_filp_open+0x98/0x134 # [ 232.123173] do_sys_openat2+0xbc/0xe4 # [ 232.127329] sys_openat+0x98/0xd4 # [ 232.131189] ret_fast_syscall+0x0/0x1c # [ 232.135452] Free path: # [ 232.138191] full_proxy_release+0x78/0xc0 # [ 232.142755] __fput+0xdc/0x2ec # [ 232.146312] task_work_run+0x98/0xc8 # [ 232.150382] do_exit+0x374/0xa1c # [ 232.154143] do_group_exit+0x40/0x8c # [ 232.158302] pid_child_should_wake+0x0/0x94 # [ 232.162961] Register r11 information: non-paged memory # [ 232.168426] Register r12 information: NULL pointer # [ 232.173486] Process cat (pid: 2553, stack limit = 0xf1c28000) # [ 232.179544] Stack: (0xf1c29ea8 to 0xf1c2a000) # [ 232.184100] 9ea0: f097d000 c8875000 00000000 c0dfa09c 0000000d c0df8798 # [ 232.192575] 9ec0: 0000000d c0df8b7c c0df8a60 c8625940 b6de8000 0000000d c3a41d50 c0892960 # [ 232.201049] 9ee0: c8625940 c0892904 f1c29f80 b6de8000 c83f0a40 0000000d c5499400 c0629858 # [ 232.209524] 9f00: c8912db0 00000000 00000000 00000000 00000000 0000000d b6de8000 0001fff3 # [ 232.217998] 9f20: 00000001 00000000 c8625a40 00000000 00000000 00000000 00000000 00000000 # [ 232.226473] 9f40: 00000000 00000000 00000000 00000000 00000022 d66a0450 00000000 c8625940 # [ 232.235047] 9f60: c8625940 00000000 00000000 c03002f0 c83f0a40 00000004 0046fe38 c0629db4 # [ 232.243523] 9f80: 00000000 00000000 00000000 d66a0450 000000c0 0000000d 0000000d 7ff00000 # [ 232.251997] 9fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6de8000 0000000d 00000001 # [ 232.260471] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6de8000 00020000 0046fe38 # [ 232.268944] 9fe0: 00000004 bebe1788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 # [ 232.277409] Call trace: # [ 232.277426] execute_location from lkdtm_EXEC_VMALLOC+0x20/0x2c # [ 232.286347] lkdtm_EXEC_VMALLOC from lkdtm_do_action+0x24/0x4c # [ 232.292524] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 232.298294] direct_entry from full_proxy_write+0x5c/0x8c # [ 232.303965] full_proxy_write from vfs_write+0xbc/0x3cc # [ 232.309441] vfs_write from ksys_write+0x78/0xf8 # [ 232.314309] ksys_write from ret_fast_syscall+0x0/0x1c # [ 232.319773] Exception stack(0xf1c29fa8 to 0xf1c29ff0) # [ 232.325129] 9fa0: 0000000d 0000000d 00000001 b6de8000 0000000d 00000001 # [ 232.333602] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6de8000 00020000 0046fe38 # [ 232.342071] 9fe0: 00000004 bebe1788 b6eae33b b6e27616 # [ 232.347431] Code: bad PC value # [ 232.350837] ---[ end trace 0000000000000000 ]--- # EXEC_VMALLOC: saw 'call trace:': ok ok 40 selftests: lkdtm: EXEC_VMALLOC.sh # timeout set to 45 # selftests: lkdtm: EXEC_RODATA.sh <6>[ 234.151961] lkdtm: Performing direct entry EXEC_RODATA <6>[ 234.156173] lkdtm: attempting ok execution at c0dfa070 <6>[ 234.162026] lkdtm: attempting bad execution at c19712a0 <1>[ 234.167081] 8<--- cut here --- <1>[ 234.170240] Unable to handle kernel paging request at virtual address c19712a0 when execute <1>[ 234.178913] [c19712a0] *pgd=c181941e(bad) <0>[ 234.183182] Internal error: Oops: 8000000d [#10] SMP ARM <4>[ 234.188737] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 234.226840] CPU: 1 UID: 0 PID: 2636 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 234.236528] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 234.241773] Hardware name: STM32 (Device Tree Support) <4>[ 234.247121] PC is at lkdtm_rodata_do_nothing+0x0/0x4 <4>[ 234.252391] LR is at execute_location+0x9c/0xac <4>[ 234.257154] pc : [] lr : [] psr: 60080013 <4>[ 234.263710] sp : f1ca5eb0 ip : 00000000 fp : 0043fe38 <4>[ 234.269259] r10: c5499400 r9 : f1ca5f80 r8 : c2688128 <4>[ 234.274809] r7 : f1ca5f80 r6 : 00000000 r5 : c19712a0 r4 : c0dfa070 <4>[ 234.281567] r3 : c5322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 234.288425] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 234.295788] Control: 10c5387d Table: c8c6006a DAC: 00000051 <1>[ 234.301837] Register r0 information: non-paged memory <1>[ 234.307195] Register r1 information: NULL pointer <1>[ 234.312146] Register r2 information: NULL pointer <1>[ 234.317197] Register r3 information: slab task_struct start c5322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 234.330865] copy_process+0x1f4/0x1f78 <6>[ 234.335121] kernel_clone+0xac/0x388 <6>[ 234.339276] sys_clone+0x78/0x9c <6>[ 234.343029] ret_fast_syscall+0x0/0x1c <4>[ 234.347279] Free path: <6>[ 234.350009] rcu_core+0x2dc/0xb14 <6>[ 234.353861] handle_softirqs+0x15c/0x430 <6>[ 234.358320] irq_exit+0xac/0xd4 <6>[ 234.361977] call_with_stack+0x18/0x20 <6>[ 234.366239] __irq_svc+0x9c/0xb8 <6>[ 234.369987] stack_trace_save+0x24/0x78 <6>[ 234.374346] set_track_prepare+0x40/0x74 <6>[ 234.378806] ___slab_alloc+0xd28/0xd7c <6>[ 234.383168] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 234.388331] anon_vma_clone+0x84/0x214 <6>[ 234.392586] anon_vma_fork+0x2c/0x174 <6>[ 234.396737] copy_process+0x1d5c/0x1f78 <6>[ 234.401095] kernel_clone+0xac/0x388 <6>[ 234.405250] sys_clone+0x78/0x9c <6>[ 234.409002] ret_fast_syscall+0x0/0x1c <1>[ 234.413250] Register r4 information: non-slab/vmalloc memory <1>[ 234.419216] Register r5 information: non-slab/vmalloc memory <1>[ 234.425174] Register r6 information: NULL pointer <1>[ 234.430126] Register r7 information: 2-page vmalloc region starting at 0xf1ca4000 allocated at kernel_clone+0xac/0x388 <1>[ 234.441132] Register r8 information: non-slab/vmalloc memory <1>[ 234.447090] Register r9 information: 2-page vmalloc region starting at 0xf1ca4000 allocated at kernel_clone+0xac/0x388 <1>[ 234.458094] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 234.472052] full_proxy_open+0x124/0x24c <6>[ 234.476502] do_dentry_open+0x144/0x4dc <6>[ 234.480858] vfs_open+0x2c/0xec <6>[ 234.484508] path_openat+0x748/0x1198 <6>[ 234.488660] do_filp_open+0x98/0x134 <6>[ 234.492809] do_sys_openat2+0xbc/0xe4 <6>[ 234.496963] sys_openat+0x98/0xd4 <6>[ 234.500814] ret_fast_syscall+0x0/0x1c <4>[ 234.505163] Free path: <6>[ 234.507792] nfs_pgio_header_free+0x34/0x48 <6>[ 234.512551] nfs_write_completion+0x60/0x240 <6>[ 234.517404] rpc_free_task+0x34/0x54 <6>[ 234.521461] rpc_async_release+0x24/0x40 <6>[ 234.525915] process_one_work+0x1b8/0x450 <6>[ 234.530470] worker_thread+0x1d4/0x3c4 <6>[ 234.534721] kthread+0xe8/0x104 <6>[ 234.538469] ret_from_fork+0x14/0x28 <1>[ 234.542516] Register r11 information: non-paged memory <1>[ 234.547972] Register r12 information: NULL pointer <0>[ 234.553024] Process cat (pid: 2636, stack limit = 0xf1ca4000) <0>[ 234.559079] Stack: (0xf1ca5eb0 to 0xf1ca6000) <0>[ 234.563731] 5ea0: 0000000c c8bc3000 00000000 c0df8798 <0>[ 234.572205] 5ec0: 0000000c c0df8b7c c0df8a60 c560c240 b6df8000 0000000c c3a41d50 c0892960 <0>[ 234.580679] 5ee0: c560c240 c0892904 f1ca5f80 b6df8000 c5322840 0000000c c5499400 c0629858 <0>[ 234.589152] 5f00: c8c62db0 00000000 00000000 00000000 00000000 0000000c b6df8000 0001fff4 <0>[ 234.597623] 5f20: 00000001 00000000 c560c440 00000000 00000000 00000000 00000000 00000000 <0>[ 234.606096] 5f40: 00000000 00000000 00000000 00000000 00000022 a67268a1 00000000 c560c240 <0>[ 234.614570] 5f60: c560c240 00000000 00000000 c03002f0 c5322840 00000004 0043fe38 c0629db4 <0>[ 234.623042] 5f80: 00000000 00000000 00000000 a67268a1 000000c0 0000000c 0000000c 7ff00000 <0>[ 234.631520] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6df8000 0000000c 00000001 <0>[ 234.640005] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6df8000 00020000 0043fe38 <0>[ 234.648492] 5fe0: 00000004 bed2b788 b6ebe33b b6e37616 60080030 00000001 00000000 00000000 <0>[ 234.656967] Call trace: <0>[ 234.656994] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 234.665622] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 234.671396] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 234.677069] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 234.682649] vfs_write from ksys_write+0x78/0xf8 <0>[ 234.687518] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 234.692884] Exception stack(0xf1ca5fa8 to 0xf1ca5ff0) <0>[ 234.698251] 5fa0: 0000000c 0000000c 00000001 b6df8000 0000000c 00000001 <0>[ 234.706733] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6df8000 00020000 0043fe38 <0>[ 234.715204] 5fe0: 00000004 bed2b788 b6ebe33b b6e37616 <0>[ 234.720565] Code: 5f727563 6e756f63 00000074 aa55aa55 (e12fff1e) <4>[ 234.726922] ---[ end trace 0000000000000000 ]--- <6>[ 234.731769] note: cat[2636] exited with irqs disabled # Segmentation fault # [ 234.151961] lkdtm: Performing direct entry EXEC_RODATA # [ 234.156173] lkdtm: attempting ok execution at c0dfa070 # [ 234.162026] lkdtm: attempting bad execution at c19712a0 # [ 234.167081] 8<--- cut here --- # [ 234.170240] Unable to handle kernel paging request at virtual address c19712a0 when execute # [ 234.178913] [c19712a0] *pgd=c181941e(bad) # [ 234.183182] Internal error: Oops: 8000000d [#10] SMP ARM # [ 234.188737] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 234.226840] CPU: 1 UID: 0 PID: 2636 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 234.236528] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 234.241773] Hardware name: STM32 (Device Tree Support) # [ 234.247121] PC is at lkdtm_rodata_do_nothing+0x0/0x4 # [ 234.252391] LR is at execute_location+0x9c/0xac # [ 234.257154] pc : [] lr : [] psr: 60080013 # [ 234.263710] sp : f1ca5eb0 ip : 00000000 fp : 0043fe38 # [ 234.269259] r10: c5499400 r9 : f1ca5f80 r8 : c2688128 # [ 234.274809] r7 : f1ca5f80 r6 : 00000000 r5 : c19712a0 r4 : c0dfa070 # [ 234.281567] r3 : c5322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 234.288425] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 234.295788] Control: 10c5387d Table: c8c6006a DAC: 00000051 # [ 234.301837] Register r0 information: non-paged memory # [ 234.307195] Register r1 information: NULL pointer # [ 234.312146] Register r2 information: NULL pointer # [ 234.317197] Register r3 information: slab task_struct start c5322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 234.330865] copy_process+0x1f4/0x1f78 # [ 234.335121] kernel_clone+0xac/0x388 # [ 234.339276] sys_clone+0x78/0x9c # [ 234.343029] ret_fast_syscall+0x0/0x1c # [ 234.347279] Free path: # [ 234.350009] rcu_core+0x2dc/0xb14 # [ 234.353861] handle_softirqs+0x15c/0x430 # [ 234.358320] irq_exit+0xac/0xd4 # [ 234.361977] call_with_stack+0x18/0x20 # [ 234.366239] __irq_svc+0x9c/0xb8 # [ 234.369987] stack_trace_save+0x24/0x78 # [ 234.374346] set_track_prepare+0x40/0x74 # [ 234.378806] ___slab_alloc+0xd28/0xd7c # [ 234.383168] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 234.388331] anon_vma_clone+0x84/0x214 # [ 234.392586] anon_vma_fork+0x2c/0x174 # [ 234.396737] copy_process+0x1d5c/0x1f78 # [ 234.401095] kernel_clone+0xac/0x388 # [ 234.405250] sys_clone+0x78/0x9c # [ 234.409002] ret_fast_syscall+0x0/0x1c # [ 234.413250] Register r4 information: non-slab/vmalloc memory # [ 234.419216] Register r5 information: non-slab/vmalloc memory # [ 234.425174] Register r6 information: NULL pointer # [ 234.430126] Register r7 information: 2-page vmalloc region starting at 0xf1ca4000 allocated at kernel_clone+0xac/0x388 # [ 234.441132] Register r8 information: non-slab/vmalloc memory # [ 234.447090] Register r9 information: 2-page vmalloc region starting at 0xf1ca4000 allocated at kernel_clone+0xac/0x388 # [ 234.458094] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 234.472052] full_proxy_open+0x124/0x24c # [ 234.476502] do_dentry_open+0x144/0x4dc # [ 234.480858] vfs_open+0x2c/0xec # [ 234.484508] path_openat+0x748/0x1198 # [ 234.488660] do_filp_open+0x98/0x134 # [ 234.492809] do_sys_openat2+0xbc/0xe4 # [ 234.496963] sys_openat+0x98/0xd4 # [ 234.500814] ret_fast_syscall+0x0/0x1c # [ 234.505163] Free path: # [ 234.507792] nfs_pgio_header_free+0x34/0x48 # [ 234.512551] nfs_write_completion+0x60/0x240 # [ 234.517404] rpc_free_task+0x34/0x54 # [ 234.521461] rpc_async_release+0x24/0x40 # [ 234.525915] process_one_work+0x1b8/0x450 # [ 234.530470] worker_thread+0x1d4/0x3c4 # [ 234.534721] kthread+0xe8/0x104 # [ 234.538469] ret_from_fork+0x14/0x28 # [ 234.542516] Register r11 information: non-paged memory # [ 234.547972] Register r12 information: NULL pointer # [ 234.553024] Process cat (pid: 2636, stack limit = 0xf1ca4000) # [ 234.559079] Stack: (0xf1ca5eb0 to 0xf1ca6000) # [ 234.563731] 5ea0: 0000000c c8bc3000 00000000 c0df8798 # [ 234.572205] 5ec0: 0000000c c0df8b7c c0df8a60 c560c240 b6df8000 0000000c c3a41d50 c0892960 # [ 234.580679] 5ee0: c560c240 c0892904 f1ca5f80 b6df8000 c5322840 0000000c c5499400 c0629858 # [ 234.589152] 5f00: c8c62db0 00000000 00000000 00000000 00000000 0000000c b6df8000 0001fff4 # [ 234.597623] 5f20: 00000001 00000000 c560c440 00000000 00000000 00000000 00000000 00000000 # [ 234.606096] 5f40: 00000000 00000000 00000000 00000000 00000022 a67268a1 00000000 c560c240 # [ 234.614570] 5f60: c560c240 00000000 00000000 c03002f0 c5322840 00000004 0043fe38 c0629db4 # [ 234.623042] 5f80: 00000000 00000000 00000000 a67268a1 000000c0 0000000c 0000000c 7ff00000 # [ 234.631520] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6df8000 0000000c 00000001 # [ 234.640005] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6df8000 00020000 0043fe38 # [ 234.648492] 5fe0: 00000004 bed2b788 b6ebe33b b6e37616 60080030 00000001 00000000 00000000 # [ 234.656967] Call trace: # [ 234.656994] execute_location from lkdtm_do_action+0x24/0x4c # [ 234.665622] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 234.671396] direct_entry from full_proxy_write+0x5c/0x8c # [ 234.677069] full_proxy_write from vfs_write+0xbc/0x3cc # [ 234.682649] vfs_write from ksys_write+0x78/0xf8 # [ 234.687518] ksys_write from ret_fast_syscall+0x0/0x1c # [ 234.692884] Exception stack(0xf1ca5fa8 to 0xf1ca5ff0) # [ 234.698251] 5fa0: 0000000c 0000000c 00000001 b6df8000 0000000c 00000001 # [ 234.706733] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6df8000 00020000 0043fe38 # [ 234.715204] 5fe0: 00000004 bed2b788 b6ebe33b b6e37616 # [ 234.720565] Code: 5f727563 6e756f63 00000074 aa55aa55 (e12fff1e) # [ 234.726922] ---[ end trace 0000000000000000 ]--- # [ 234.731769] note: cat[2636] exited with irqs disabled # EXEC_RODATA: saw 'call trace:': ok ok 41 selftests: lkdtm: EXEC_RODATA.sh # timeout set to 45 # selftests: lkdtm: EXEC_USERSPACE.sh <6>[ 236.570979] lkdtm: Performing direct entry EXEC_USERSPACE <6>[ 236.575879] lkdtm: attempting ok execution at c0dfa070 <6>[ 236.581292] lkdtm: attempting bad execution at b6f7d000 <1>[ 236.586689] 8<--- cut here --- <1>[ 236.589948] Unhandled prefetch abort: page domain fault (0x00b) at 0xb6f7d000 <0>[ 236.597335] Internal error: : b [#11] SMP ARM <4>[ 236.602003] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 236.640032] CPU: 1 UID: 0 PID: 2717 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 236.649733] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 236.654882] Hardware name: STM32 (Device Tree Support) <4>[ 236.660331] PC is at 0xb6f7d000 <4>[ 236.663782] LR is at lkdtm_EXEC_USERSPACE+0xb4/0xc4 <4>[ 236.668949] pc : [] lr : [] psr: 60080013 <4>[ 236.675506] sp : f1d1deb0 ip : 00000000 fp : 0043fe38 <4>[ 236.680957] r10: c5499400 r9 : f1d1df80 r8 : c2688130 <4>[ 236.686508] r7 : f1d1df80 r6 : 00000000 r5 : c8a41000 r4 : b6f7d000 <4>[ 236.693267] r3 : c5322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 236.700125] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 236.707491] Control: 10c5387d Table: c55f006a DAC: 00000051 <1>[ 236.713541] Register r0 information: non-paged memory <1>[ 236.718903] Register r1 information: NULL pointer <1>[ 236.723856] Register r2 information: NULL pointer <1>[ 236.728907] Register r3 information: slab task_struct start c5322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 236.742580] copy_process+0x1f4/0x1f78 <6>[ 236.746838] kernel_clone+0xac/0x388 <6>[ 236.750994] sys_clone+0x78/0x9c <6>[ 236.754748] ret_fast_syscall+0x0/0x1c <4>[ 236.759000] Free path: <6>[ 236.761733] rcu_core+0x2dc/0xb14 <6>[ 236.765589] handle_softirqs+0x15c/0x430 <6>[ 236.770048] irq_exit+0xac/0xd4 <6>[ 236.773701] call_with_stack+0x18/0x20 <6>[ 236.777963] __irq_svc+0x9c/0xb8 <6>[ 236.781712] default_idle_call+0x20/0xc0 <6>[ 236.786173] do_idle+0x25c/0x2f4 <6>[ 236.789923] cpu_startup_entry+0x30/0x34 <6>[ 236.794376] secondary_start_kernel+0x138/0x158 <6>[ 236.799436] __enable_mmu+0x0/0x20 <1>[ 236.803386] Register r4 information: non-paged memory <1>[ 236.808743] Register r5 information: non-slab/vmalloc memory <1>[ 236.814702] Register r6 information: NULL pointer <1>[ 236.819653] Register r7 information: 2-page vmalloc region starting at 0xf1d1c000 allocated at kernel_clone+0xac/0x388 <1>[ 236.830661] Register r8 information: non-slab/vmalloc memory <1>[ 236.836619] Register r9 information: 2-page vmalloc region starting at 0xf1d1c000 allocated at kernel_clone+0xac/0x388 <1>[ 236.847625] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 236.861483] full_proxy_open+0x124/0x24c <6>[ 236.866034] do_dentry_open+0x144/0x4dc <6>[ 236.870389] vfs_open+0x2c/0xec <6>[ 236.874040] path_openat+0x748/0x1198 <6>[ 236.878192] do_filp_open+0x98/0x134 <6>[ 236.882350] do_sys_openat2+0xbc/0xe4 <6>[ 236.886511] sys_openat+0x98/0xd4 <6>[ 236.890364] ret_fast_syscall+0x0/0x1c <4>[ 236.894615] Free path: <6>[ 236.897346] nfs_pgio_header_free+0x34/0x48 <6>[ 236.902106] nfs_write_completion+0x60/0x240 <6>[ 236.906860] rpc_free_task+0x34/0x54 <6>[ 236.911018] rpc_async_release+0x24/0x40 <6>[ 236.915473] process_one_work+0x1b8/0x450 <6>[ 236.920030] worker_thread+0x1d4/0x3c4 <6>[ 236.924283] kthread+0xe8/0x104 <6>[ 236.927932] ret_from_fork+0x14/0x28 <1>[ 236.932080] Register r11 information: non-paged memory <1>[ 236.937440] Register r12 information: NULL pointer <0>[ 236.942592] Process cat (pid: 2717, stack limit = 0xf1d1c000) <0>[ 236.948548] Stack: (0xf1d1deb0 to 0xf1d1e000) <0>[ 236.953200] dea0: 00000001 00000000 0000000f c0df8798 <0>[ 236.961675] dec0: 0000000f c0df8b7c c0df8a60 c8625440 b6e18000 0000000f c3a41d50 c0892960 <0>[ 236.970149] dee0: c8625440 c0892904 f1d1df80 b6e18000 c5322840 0000000f c5499400 c0629858 <0>[ 236.978621] df00: c55f2db8 00000000 00000000 00000000 00000000 0000000f b6e18000 0001fff1 <0>[ 236.987093] df20: 00000001 00000000 c8625740 00000000 00000000 00000000 00000000 00000000 <0>[ 236.995566] df40: 00000000 00000000 00000000 00000000 00000022 0273380d 00000000 c8625440 <0>[ 237.004039] df60: c8625440 00000000 00000000 c03002f0 c5322840 00000004 0043fe38 c0629db4 <0>[ 237.012612] df80: 00000000 00000000 00000000 0273380d 000000c0 0000000f 0000000f 7ff00000 <0>[ 237.021084] dfa0: 00000004 c03000c0 0000000f 0000000f 00000001 b6e18000 0000000f 00000001 <0>[ 237.029558] dfc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e18000 00020000 0043fe38 <0>[ 237.038030] dfe0: 00000004 be858788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 <0>[ 237.046495] Call trace: <0>[ 237.046516] lkdtm_EXEC_USERSPACE from lkdtm_do_action+0x24/0x4c <0>[ 237.055523] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 237.061293] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 237.066964] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 237.072544] vfs_write from ksys_write+0x78/0xf8 <0>[ 237.077415] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 237.082777] Exception stack(0xf1d1dfa8 to 0xf1d1dff0) <0>[ 237.088134] dfa0: 0000000f 0000000f 00000001 b6e18000 0000000f 00000001 <0>[ 237.096609] dfc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e18000 00020000 0043fe38 <0>[ 237.105078] dfe0: 00000004 be858788 b6ede33b b6e57616 <0>[ 237.110429] Code: bad PC value <4>[ 237.113769] ---[ end trace 0000000000000000 ]--- <6>[ 237.118615] note: cat[2717] exited with irqs disabled # Segmentation fault # [ 236.570979] lkdtm: Performing direct entry EXEC_USERSPACE # [ 236.575879] lkdtm: attempting ok execution at c0dfa070 # [ 236.581292] lkdtm: attempting bad execution at b6f7d000 # [ 236.586689] 8<--- cut here --- # [ 236.589948] Unhandled prefetch abort: page domain fault (0x00b) at 0xb6f7d000 # [ 236.597335] Internal error: : b [#11] SMP ARM # [ 236.602003] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 236.640032] CPU: 1 UID: 0 PID: 2717 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 236.649733] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 236.654882] Hardware name: STM32 (Device Tree Support) # [ 236.660331] PC is at 0xb6f7d000 # [ 236.663782] LR is at lkdtm_EXEC_USERSPACE+0xb4/0xc4 # [ 236.668949] pc : [] lr : [] psr: 60080013 # [ 236.675506] sp : f1d1deb0 ip : 00000000 fp : 0043fe38 # [ 236.680957] r10: c5499400 r9 : f1d1df80 r8 : c2688130 # [ 236.686508] r7 : f1d1df80 r6 : 00000000 r5 : c8a41000 r4 : b6f7d000 # [ 236.693267] r3 : c5322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 236.700125] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 236.707491] Control: 10c5387d Table: c55f006a DAC: 00000051 # [ 236.713541] Register r0 information: non-paged memory # [ 236.718903] Register r1 information: NULL pointer # [ 236.723856] Register r2 information: NULL pointer # [ 236.728907] Register r3 information: slab task_struct start c5322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 236.742580] copy_process+0x1f4/0x1f78 # [ 236.746838] kernel_clone+0xac/0x388 # [ 236.750994] sys_clone+0x78/0x9c # [ 236.754748] ret_fast_syscall+0x0/0x1c # [ 236.759000] Free path: # [ 236.761733] rcu_core+0x2dc/0xb14 # [ 236.765589] handle_softirqs+0x15c/0x430 # [ 236.770048] irq_exit+0xac/0xd4 # [ 236.773701] call_with_stack+0x18/0x20 # [ 236.777963] __irq_svc+0x9c/0xb8 # [ 236.781712] default_idle_call+0x20/0xc0 # [ 236.786173] do_idle+0x25c/0x2f4 # [ 236.789923] cpu_startup_entry+0x30/0x34 # [ 236.794376] secondary_start_kernel+0x138/0x158 # [ 236.799436] __enable_mmu+0x0/0x20 # [ 236.803386] Register r4 information: non-paged memory # [ 236.808743] Register r5 information: non-slab/vmalloc memory # [ 236.814702] Register r6 information: NULL pointer # [ 236.819653] Register r7 information: 2-page vmalloc region starting at 0xf1d1c000 allocated at kernel_clone+0xac/0x388 # [ 236.830661] Register r8 information: non-slab/vmalloc memory # [ 236.836619] Register r9 information: 2-page vmalloc region starting at 0xf1d1c000 allocated at kernel_clone+0xac/0x388 # [ 236.847625] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 236.861483] full_proxy_open+0x124/0x24c # [ 236.866034] do_dentry_open+0x144/0x4dc # [ 236.870389] vfs_open+0x2c/0xec # [ 236.874040] path_openat+0x748/0x1198 # [ 236.878192] do_filp_open+0x98/0x134 # [ 236.882350] do_sys_openat2+0xbc/0xe4 # [ 236.886511] sys_openat+0x98/0xd4 # [ 236.890364] ret_fast_syscall+0x0/0x1c # [ 236.894615] Free path: # [ 236.897346] nfs_pgio_header_free+0x34/0x48 # [ 236.902106] nfs_write_completion+0x60/0x240 # [ 236.906860] rpc_free_task+0x34/0x54 # [ 236.911018] rpc_async_release+0x24/0x40 # [ 236.915473] process_one_work+0x1b8/0x450 # [ 236.920030] worker_thread+0x1d4/0x3c4 # [ 236.924283] kthread+0xe8/0x104 # [ 236.927932] ret_from_fork+0x14/0x28 # [ 236.932080] Register r11 information: non-paged memory # [ 236.937440] Register r12 information: NULL pointer # [ 236.942592] Process cat (pid: 2717, stack limit = 0xf1d1c000) # [ 236.948548] Stack: (0xf1d1deb0 to 0xf1d1e000) # [ 236.953200] dea0: 00000001 00000000 0000000f c0df8798 # [ 236.961675] dec0: 0000000f c0df8b7c c0df8a60 c8625440 b6e18000 0000000f c3a41d50 c0892960 # [ 236.970149] dee0: c8625440 c0892904 f1d1df80 b6e18000 c5322840 0000000f c5499400 c0629858 # [ 236.978621] df00: c55f2db8 00000000 00000000 00000000 00000000 0000000f b6e18000 0001fff1 # [ 236.987093] df20: 00000001 00000000 c8625740 00000000 00000000 00000000 00000000 00000000 # [ 236.995566] df40: 00000000 00000000 00000000 00000000 00000022 0273380d 00000000 c8625440 # [ 237.004039] df60: c8625440 00000000 00000000 c03002f0 c5322840 00000004 0043fe38 c0629db4 # [ 237.012612] df80: 00000000 00000000 00000000 0273380d 000000c0 0000000f 0000000f 7ff00000 # [ 237.021084] dfa0: 00000004 c03000c0 0000000f 0000000f 00000001 b6e18000 0000000f 00000001 # [ 237.029558] dfc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e18000 00020000 0043fe38 # [ 237.038030] dfe0: 00000004 be858788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 # [ 237.046495] Call trace: # [ 237.046516] lkdtm_EXEC_USERSPACE from lkdtm_do_action+0x24/0x4c # [ 237.055523] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 237.061293] direct_entry from full_proxy_write+0x5c/0x8c # [ 237.066964] full_proxy_write from vfs_write+0xbc/0x3cc # [ 237.072544] vfs_write from ksys_write+0x78/0xf8 # [ 237.077415] ksys_write from ret_fast_syscall+0x0/0x1c # [ 237.082777] Exception stack(0xf1d1dfa8 to 0xf1d1dff0) # [ 237.088134] dfa0: 0000000f 0000000f 00000001 b6e18000 0000000f 00000001 # [ 237.096609] dfc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e18000 00020000 0043fe38 # [ 237.105078] dfe0: 00000004 be858788 b6ede33b b6e57616 # [ 237.110429] Code: bad PC value # [ 237.113769] ---[ end trace 0000000000000000 ]--- # [ 237.118615] note: cat[2717] exited with irqs disabled # EXEC_USERSPACE: saw 'call trace:': ok ok 42 selftests: lkdtm: EXEC_USERSPACE.sh # timeout set to 45 # selftests: lkdtm: EXEC_NULL.sh <6>[ 238.907021] lkdtm: Performing direct entry EXEC_NULL <6>[ 238.911578] lkdtm: attempting ok execution at c0dfa070 <6>[ 238.916464] lkdtm: attempting bad execution at 00000000 <1>[ 238.922078] 8<--- cut here --- <1>[ 238.925319] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute <1>[ 238.934806] [00000000] *pgd=00000000 <0>[ 238.938662] Internal error: Oops: 80000005 [#12] SMP ARM <4>[ 238.944245] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 238.982278] CPU: 1 UID: 0 PID: 2797 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 238.991882] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 238.997129] Hardware name: STM32 (Device Tree Support) <4>[ 239.002578] PC is at 0x0 <4>[ 239.005325] LR is at execute_location+0x9c/0xac <4>[ 239.010196] pc : [<00000000>] lr : [] psr: 60080013 <4>[ 239.016753] sp : f1d79eb0 ip : 00000000 fp : 0047fe38 <4>[ 239.022204] r10: c5499400 r9 : f1d79f80 r8 : c2688138 <4>[ 239.027753] r7 : f1d79f80 r6 : 00000000 r5 : 00000000 r4 : c0dfa070 <4>[ 239.034511] r3 : c5322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 239.041370] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 239.048837] Control: 10c5387d Table: c88dc06a DAC: 00000051 <1>[ 239.054788] Register r0 information: non-paged memory <1>[ 239.060151] Register r1 information: NULL pointer <1>[ 239.065104] Register r2 information: NULL pointer <1>[ 239.070155] Register r3 information: slab task_struct start c5322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 239.083830] copy_process+0x1f4/0x1f78 <6>[ 239.088088] kernel_clone+0xac/0x388 <6>[ 239.092244] sys_clone+0x78/0x9c <6>[ 239.095997] ret_fast_syscall+0x0/0x1c <4>[ 239.100248] Free path: <6>[ 239.102978] rcu_core+0x2dc/0xb14 <6>[ 239.106829] handle_softirqs+0x15c/0x430 <6>[ 239.111287] run_ksoftirqd+0x48/0x60 <6>[ 239.115439] smpboot_thread_fn+0xc0/0x15c <6>[ 239.119892] kthread+0xe8/0x104 <6>[ 239.123641] ret_from_fork+0x14/0x28 <1>[ 239.127688] Register r4 information: non-slab/vmalloc memory <1>[ 239.133648] Register r5 information: NULL pointer <1>[ 239.138599] Register r6 information: NULL pointer <1>[ 239.143651] Register r7 information: 2-page vmalloc region starting at 0xf1d78000 allocated at kernel_clone+0xac/0x388 <1>[ 239.154660] Register r8 information: non-slab/vmalloc memory <1>[ 239.160619] Register r9 information: 2-page vmalloc region starting at 0xf1d78000 allocated at kernel_clone+0xac/0x388 <1>[ 239.171623] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 239.185484] full_proxy_open+0x124/0x24c <6>[ 239.189941] do_dentry_open+0x144/0x4dc <6>[ 239.194301] vfs_open+0x2c/0xec <6>[ 239.197954] path_openat+0x748/0x1198 <6>[ 239.202206] do_filp_open+0x98/0x134 <6>[ 239.206256] do_sys_openat2+0xbc/0xe4 <6>[ 239.210510] sys_openat+0x98/0xd4 <6>[ 239.214362] ret_fast_syscall+0x0/0x1c <4>[ 239.218612] Free path: <6>[ 239.221342] nfs_pgio_header_free+0x34/0x48 <6>[ 239.226003] nfs_write_completion+0x60/0x240 <6>[ 239.230856] rpc_free_task+0x34/0x54 <6>[ 239.234913] rpc_async_release+0x24/0x40 <6>[ 239.239369] process_one_work+0x1b8/0x450 <6>[ 239.243924] worker_thread+0x1d4/0x3c4 <6>[ 239.248276] kthread+0xe8/0x104 <6>[ 239.251924] ret_from_fork+0x14/0x28 <1>[ 239.255972] Register r11 information: non-paged memory <1>[ 239.261430] Register r12 information: NULL pointer <0>[ 239.266484] Process cat (pid: 2797, stack limit = 0xf1d78000) <0>[ 239.272540] Stack: (0xf1d79eb0 to 0xf1d7a000) <0>[ 239.277194] 9ea0: 0000000a c55ee000 00000000 c0df8798 <0>[ 239.285670] 9ec0: 0000000a c0df8b7c c0df8a60 c560c640 b6e34000 0000000a c3a41d50 c0892960 <0>[ 239.294145] 9ee0: c560c640 c0892904 f1d79f80 b6e34000 c5322840 0000000a c5499400 c0629858 <0>[ 239.302620] 9f00: c88dedb8 00000000 00000000 00000000 00000000 0000000a b6e34000 0001fff6 <0>[ 239.311094] 9f20: 00000001 00000000 c560c240 00000000 00000000 00000000 00000000 00000000 <0>[ 239.319569] 9f40: 00000000 00000000 00000000 00000000 00000022 fe63013f 00000000 c560c640 <0>[ 239.328043] 9f60: c560c640 00000000 00000000 c03002f0 c5322840 00000004 0047fe38 c0629db4 <0>[ 239.336516] 9f80: 00000000 00000000 00000000 fe63013f 000000c0 0000000a 0000000a 7ff00000 <0>[ 239.344990] 9fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e34000 0000000a 00000001 <0>[ 239.353464] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e34000 00020000 0047fe38 <0>[ 239.361937] 9fe0: 00000004 bebca788 b6efa33b b6e73616 60080030 00000001 00000000 00000000 <0>[ 239.370403] Call trace: <0>[ 239.370419] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 239.379138] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 239.384926] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 239.390618] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 239.396117] vfs_write from ksys_write+0x78/0xf8 <0>[ 239.401006] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 239.406488] Exception stack(0xf1d79fa8 to 0xf1d79ff0) <0>[ 239.411757] 9fa0: 0000000a 0000000a 00000001 b6e34000 0000000a 00000001 <0>[ 239.420242] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e34000 00020000 0047fe38 <0>[ 239.428721] 9fe0: 00000004 bebca788 b6efa33b b6e73616 <0>[ 239.434083] Code: bad PC value <4>[ 239.437593] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 0.000000] ** If you see this message and you are not debugging ** # [ 0.000000] ** the kernel, report this immediately to your system ** # [ 0.000000] ** administrator! ** # [ 0.000000] ** ** # [ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** # [ 0.000000] ********************************************************** # [ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1 # [ 0.000000] ftrace: allocating 70526 entries in 207 pages # [ 0.000000] ftrace: allocated 207 pages with 6 groups # [ 238.907021] lkdtm: Performing direct entry EXEC_NULL # [ 238.911578] lkdtm: attempting ok execution at c0dfa070 # [ 238.916464] lkdtm: attempting bad execution at 00000000 # [ 238.922078] 8<--- cut here --- # [ 238.925319] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute # [ 238.934806] [00000000] *pgd=00000000 # [ 238.938662] Internal error: Oops: 80000005 [#12] SMP ARM # [ 238.944245] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 238.982278] CPU: 1 UID: 0 PID: 2797 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 238.991882] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 238.997129] Hardware name: STM32 (Device Tree Support) # [ 239.002578] PC is at 0x0 # [ 239.005325] LR is at execute_location+0x9c/0xac # [ 239.010196] pc : [<00000000>] lr : [] psr: 60080013 # [ 239.016753] sp : f1d79eb0 ip : 00000000 fp : 0047fe38 # [ 239.022204] r10: c5499400 r9 : f1d79f80 r8 : c2688138 # [ 239.027753] r7 : f1d79f80 r6 : 00000000 r5 : 00000000 r4 : c0dfa070 # [ 239.034511] r3 : c5322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 239.041370] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 239.048837] Control: 10c5387d Table: c88dc06a DAC: 00000051 # [ 239.054788] Register r0 information: non-paged memory # [ 239.060151] Register r1 information: NULL pointer # [ 239.065104] Register r2 information: NULL pointer # [ 239.070155] Register r3 information: slab task_struct start c5322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 239.083830] copy_process+0x1f4/0x1f78 # [ 239.088088] kernel_clone+0xac/0x388 # [ 239.092244] sys_clone+0x78/0x9c # [ 239.095997] ret_fast_syscall+0x0/0x1c # [ 239.100248] Free path: # [ 239.102978] rcu_core+0x2dc/0xb14 # [ 239.106829] handle_softirqs+0x15c/0x430 # [ 239.111287] run_ksoftirqd+0x48/0x60 # [ 239.115439] smpboot_thread_fn+0xc0/0x15c # [ 239.119892] kthread+0xe8/0x104 # [ 239.123641] ret_from_fork+0x14/0x28 # [ 239.127688] Register r4 information: non-slab/vmalloc memory # [ 239.133648] Register r5 information: NULL pointer # [ 239.138599] Register r6 information: NULL pointer # [ 239.143651] Register r7 information: 2-page vmalloc region starting at 0xf1d78000 allocated at kernel_clone+0xac/0x388 # [ 239.154660] Register r8 information: non-slab/vmalloc memory # [ 239.160619] Register r9 information: 2-page vmalloc region starting at 0xf1d78000 allocated at kernel_clone+0xac/0x388 # [ 239.171623] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 239.185484] full_proxy_open+0x124/0x24c # [ 239.189941] do_dentry_open+0x144/0x4dc # [ 239.194301] vfs_open+0x2c/0xec # [ 239.197954] path_openat+0x748/0x1198 # [ 239.202206] do_filp_open+0x98/0x134 # [ 239.206256] do_sys_openat2+0xbc/0xe4 # [ 239.210510] sys_openat+0x98/0xd4 # [ 239.214362] ret_fast_syscall+0x0/0x1c # [ 239.218612] Free path: # [ 239.221342] nfs_pgio_header_free+0x34/0x48 # [ 239.226003] nfs_write_completion+0x60/0x240 # [ 239.230856] rpc_free_task+0x34/0x54 # [ 239.234913] rpc_async_release+0x24/0x40 # [ 239.239369] process_one_work+0x1b8/0x450 # [ 239.243924] worker_thread+0x1d4/0x3c4 # [ 239.248276] kthread+0xe8/0x104 # [ 239.251924] ret_from_fork+0x14/0x28 # [ 239.255972] Register r11 information: non-paged memory # [ 239.261430] Register r12 information: NULL pointer # [ 239.266484] Process cat (pid: 2797, stack limit = 0xf1d78000) # [ 239.272540] Stack: (0xf1d79eb0 to 0xf1d7a000) # [ 239.277194] 9ea0: 0000000a c55ee000 00000000 c0df8798 # [ 239.285670] 9ec0: 0000000a c0df8b7c c0df8a60 c560c640 b6e34000 0000000a c3a41d50 c0892960 # [ 239.294145] 9ee0: c560c640 c0892904 f1d79f80 b6e34000 c5322840 0000000a c5499400 c0629858 # [ 239.302620] 9f00: c88dedb8 00000000 00000000 00000000 00000000 0000000a b6e34000 0001fff6 # [ 239.311094] 9f20: 00000001 00000000 c560c240 00000000 00000000 00000000 00000000 00000000 # [ 239.319569] 9f40: 00000000 00000000 00000000 00000000 00000022 fe63013f 00000000 c560c640 # [ 239.328043] 9f60: c560c640 00000000 00000000 c03002f0 c5322840 00000004 0047fe38 c0629db4 # [ 239.336516] 9f80: 00000000 00000000 00000000 fe63013f 000000c0 0000000a 0000000a 7ff00000 # [ 239.344990] 9fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e34000 0000000a 00000001 # [ 239.353464] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e34000 00020000 0047fe38 # [ 239.361937] 9fe0: 00000004 bebca788 b6efa33b b6e73616 60080030 00000001 00000000 00000000 # [ 239.370403] Call trace: # [ 239.370419] execute_location from lkdtm_do_action+0x24/0x4c # [ 239.379138] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 239.384926] direct_entry from full_proxy_write+0x5c/0x8c # [ 239.390618] full_proxy_write from vfs_write+0xbc/0x3cc # [ 239.396117] vfs_write from ksys_write+0x78/0xf8 # [ 239.401006] ksys_write from ret_fast_syscall+0x0/0x1c # [ 239.406488] Exception stack(0xf1d79fa8 to 0xf1d79ff0) # [ 239.411757] 9fa0: 0000000a 0000000a 00000001 b6e34000 0000000a 00000001 # [ 239.420242] 9fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e34000 00020000 0047fe38 # [ 239.428721] 9fe0: 00000004 bebca788 b6efa33b b6e73616 # [ 239.434083] Code: bad PC value # [ 239.437593] ---[ end trace 0000000000000000 ]--- # EXEC_NULL: saw 'call trace:': ok ok 43 selftests: lkdtm: EXEC_NULL.sh # timeout set to 45 # selftests: lkdtm: ACCESS_USERSPACE.sh <6>[ 241.317807] lkdtm: Performing direct entry ACCESS_USERSPACE <6>[ 241.322676] lkdtm: attempting bad read at b6faf000 <1>[ 241.327444] 8<--- cut here --- <1>[ 241.330692] Unhandled fault: page domain fault (0x01b) at 0xb6faf000 <1>[ 241.337366] [b6faf000] *pgd=fb1ac835 <0>[ 241.341141] Internal error: : 1b [#13] SMP ARM <4>[ 241.345903] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 241.384021] CPU: 0 UID: 0 PID: 2878 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 241.393613] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 241.398860] Hardware name: STM32 (Device Tree Support) <4>[ 241.404307] PC is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 <4>[ 241.409681] LR is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 <4>[ 241.415140] pc : [] lr : [] psr: 60080013 <4>[ 241.421696] sp : f1dddea0 ip : 00000000 fp : 004dfe38 <4>[ 241.427145] r10: c5499400 r9 : f1dddf80 r8 : c2688140 <4>[ 241.432695] r7 : f1dddf80 r6 : 00000000 r5 : 00000051 r4 : b6faf000 <4>[ 241.439453] r3 : c83f0040 r2 : 00000000 r1 : 00000000 r0 : 00000026 <4>[ 241.446311] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 241.453776] Control: 10c5387d Table: c8d7006a DAC: 00000051 <1>[ 241.459726] Register r0 information: non-paged memory <1>[ 241.465085] Register r1 information: NULL pointer <1>[ 241.470037] Register r2 information: NULL pointer <1>[ 241.475088] Register r3 information: slab task_struct start c83f0000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 241.488761] copy_process+0x1f4/0x1f78 <6>[ 241.493018] kernel_clone+0xac/0x388 <6>[ 241.497174] sys_clone+0x78/0x9c <6>[ 241.500926] ret_fast_syscall+0x0/0x1c <4>[ 241.505177] Free path: <6>[ 241.507906] rcu_core+0x2dc/0xb14 <6>[ 241.511759] handle_softirqs+0x15c/0x430 <6>[ 241.516216] irq_exit+0xac/0xd4 <6>[ 241.519865] call_with_stack+0x18/0x20 <6>[ 241.524225] __irq_svc+0x9c/0xb8 <6>[ 241.527972] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 241.533232] __timer_delete_sync+0x8c/0x118 <6>[ 241.537988] xprt_request_enqueue_receive+0x144/0x1c0 <6>[ 241.543545] call_encode+0x164/0x338 <6>[ 241.547700] __rpc_execute+0xc8/0x5d0 <6>[ 241.551857] rpc_async_schedule+0x24/0x40 <6>[ 241.556412] process_one_work+0x1b8/0x450 <6>[ 241.560969] worker_thread+0x1d4/0x3c4 <6>[ 241.565222] kthread+0xe8/0x104 <6>[ 241.568971] ret_from_fork+0x14/0x28 <1>[ 241.573019] Register r4 information: non-paged memory <1>[ 241.578374] Register r5 information: non-paged memory <1>[ 241.583728] Register r6 information: NULL pointer <1>[ 241.588679] Register r7 information: 2-page vmalloc region starting at 0xf1ddc000 allocated at kernel_clone+0xac/0x388 <1>[ 241.599687] Register r8 information: non-slab/vmalloc memory <1>[ 241.605647] Register r9 information: 2-page vmalloc region starting at 0xf1ddc000 allocated at kernel_clone+0xac/0x388 <1>[ 241.616652] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 241.630508] full_proxy_open+0x124/0x24c <6>[ 241.634966] do_dentry_open+0x144/0x4dc <6>[ 241.639326] vfs_open+0x2c/0xec <6>[ 241.643078] path_openat+0x748/0x1198 <6>[ 241.647229] do_filp_open+0x98/0x134 <6>[ 241.651379] do_sys_openat2+0xbc/0xe4 <6>[ 241.655533] sys_openat+0x98/0xd4 <6>[ 241.659384] ret_fast_syscall+0x0/0x1c <4>[ 241.663635] Free path: <6>[ 241.666365] nfs_pgio_header_free+0x34/0x48 <6>[ 241.671125] nfs_write_completion+0x60/0x240 <6>[ 241.675880] rpc_free_task+0x34/0x54 <6>[ 241.680036] rpc_async_release+0x24/0x40 <6>[ 241.684489] process_one_work+0x1b8/0x450 <6>[ 241.689044] worker_thread+0x1d4/0x3c4 <6>[ 241.693296] kthread+0xe8/0x104 <6>[ 241.696943] ret_from_fork+0x14/0x28 <1>[ 241.701090] Register r11 information: non-paged memory <1>[ 241.706447] Register r12 information: NULL pointer <0>[ 241.711600] Process cat (pid: 2878, stack limit = 0xf1ddc000) <0>[ 241.717556] Stack: (0xf1dddea0 to 0xf1dde000) <0>[ 241.722213] dea0: 00000022 00000000 00000000 b607a40c f1dddf80 00000011 c5489000 c0df8798 <0>[ 241.730689] dec0: 00000011 c0df8b7c c0df8a60 c8625040 b6e48000 00000011 c3a41d50 c0892960 <0>[ 241.739165] dee0: c8625040 c0892904 f1dddf80 b6e48000 c83f0040 00000011 c5499400 c0629858 <0>[ 241.747638] df00: c8d72db8 00000000 00000000 00000000 00000000 00000011 b6e48000 0001ffef <0>[ 241.756111] df20: 00000001 00000000 c8625f40 00000000 00000000 00000000 00000000 00000000 <0>[ 241.764584] df40: 00000000 00000000 00000000 00000000 00000022 b607a40c 00000000 c8625040 <0>[ 241.773058] df60: c8625040 00000000 00000000 c03002f0 c83f0040 00000004 004dfe38 c0629db4 <0>[ 241.781531] df80: 00000000 00000000 00000000 b607a40c 000000c0 00000011 00000011 7ff00000 <0>[ 241.790005] dfa0: 00000004 c03000c0 00000011 00000011 00000001 b6e48000 00000011 00000001 <0>[ 241.798579] dfc0: 00000011 00000011 7ff00000 00000004 00000001 b6e48000 00020000 004dfe38 <0>[ 241.807053] dfe0: 00000004 be803788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 241.815518] Call trace: <0>[ 241.815534] lkdtm_ACCESS_USERSPACE from lkdtm_do_action+0x24/0x4c <0>[ 241.824739] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 241.830510] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 241.836179] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 241.841656] vfs_write from ksys_write+0x78/0xf8 <0>[ 241.846625] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 241.851988] Exception stack(0xf1dddfa8 to 0xf1dddff0) <0>[ 241.857345] dfa0: 00000011 00000011 00000001 b6e48000 00000011 00000001 <0>[ 241.865820] dfc0: 00000011 00000011 7ff00000 00000004 00000001 b6e48000 00020000 004dfe38 <0>[ 241.874289] dfe0: 00000004 be803788 b6f0e33b b6e87616 <0>[ 241.879647] Code: e1a01004 e30f0108 e34c01f9 eb234791 (e5943000) <4>[ 241.886003] ---[ end trace 0000000000000000 ]--- <6>[ 241.890949] note: cat[2878] exited with irqs disabled # Segmentation fault # [ 241.317807] lkdtm: Performing direct entry ACCESS_USERSPACE # [ 241.322676] lkdtm: attempting bad read at b6faf000 # [ 241.327444] 8<--- cut here --- # [ 241.330692] Unhandled fault: page domain fault (0x01b) at 0xb6faf000 # [ 241.337366] [b6faf000] *pgd=fb1ac835 # [ 241.341141] Internal error: : 1b [#13] SMP ARM # [ 241.345903] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 241.384021] CPU: 0 UID: 0 PID: 2878 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 241.393613] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 241.398860] Hardware name: STM32 (Device Tree Support) # [ 241.404307] PC is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 # [ 241.409681] LR is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 # [ 241.415140] pc : [] lr : [] psr: 60080013 # [ 241.421696] sp : f1dddea0 ip : 00000000 fp : 004dfe38 # [ 241.427145] r10: c5499400 r9 : f1dddf80 r8 : c2688140 # [ 241.432695] r7 : f1dddf80 r6 : 00000000 r5 : 00000051 r4 : b6faf000 # [ 241.439453] r3 : c83f0040 r2 : 00000000 r1 : 00000000 r0 : 00000026 # [ 241.446311] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 241.453776] Control: 10c5387d Table: c8d7006a DAC: 00000051 # [ 241.459726] Register r0 information: non-paged memory # [ 241.465085] Register r1 information: NULL pointer # [ 241.470037] Register r2 information: NULL pointer # [ 241.475088] Register r3 information: slab task_struct start c83f0000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 241.488761] copy_process+0x1f4/0x1f78 # [ 241.493018] kernel_clone+0xac/0x388 # [ 241.497174] sys_clone+0x78/0x9c # [ 241.500926] ret_fast_syscall+0x0/0x1c # [ 241.505177] Free path: # [ 241.507906] rcu_core+0x2dc/0xb14 # [ 241.511759] handle_softirqs+0x15c/0x430 # [ 241.516216] irq_exit+0xac/0xd4 # [ 241.519865] call_with_stack+0x18/0x20 # [ 241.524225] __irq_svc+0x9c/0xb8 # [ 241.527972] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 241.533232] __timer_delete_sync+0x8c/0x118 # [ 241.537988] xprt_request_enqueue_receive+0x144/0x1c0 # [ 241.543545] call_encode+0x164/0x338 # [ 241.547700] __rpc_execute+0xc8/0x5d0 # [ 241.551857] rpc_async_schedule+0x24/0x40 # [ 241.556412] process_one_work+0x1b8/0x450 # [ 241.560969] worker_thread+0x1d4/0x3c4 # [ 241.565222] kthread+0xe8/0x104 # [ 241.568971] ret_from_fork+0x14/0x28 # [ 241.573019] Register r4 information: non-paged memory # [ 241.578374] Register r5 information: non-paged memory # [ 241.583728] Register r6 information: NULL pointer # [ 241.588679] Register r7 information: 2-page vmalloc region starting at 0xf1ddc000 allocated at kernel_clone+0xac/0x388 # [ 241.599687] Register r8 information: non-slab/vmalloc memory # [ 241.605647] Register r9 information: 2-page vmalloc region starting at 0xf1ddc000 allocated at kernel_clone+0xac/0x388 # [ 241.616652] Register r10 information: slab kmalloc-192 start c54993c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 241.630508] full_proxy_open+0x124/0x24c # [ 241.634966] do_dentry_open+0x144/0x4dc # [ 241.639326] vfs_open+0x2c/0xec # [ 241.643078] path_openat+0x748/0x1198 # [ 241.647229] do_filp_open+0x98/0x134 # [ 241.651379] do_sys_openat2+0xbc/0xe4 # [ 241.655533] sys_openat+0x98/0xd4 # [ 241.659384] ret_fast_syscall+0x0/0x1c # [ 241.663635] Free path: # [ 241.666365] nfs_pgio_header_free+0x34/0x48 # [ 241.671125] nfs_write_completion+0x60/0x240 # [ 241.675880] rpc_free_task+0x34/0x54 # [ 241.680036] rpc_async_release+0x24/0x40 # [ 241.684489] process_one_work+0x1b8/0x450 # [ 241.689044] worker_thread+0x1d4/0x3c4 # [ 241.693296] kthread+0xe8/0x104 # [ 241.696943] ret_from_fork+0x14/0x28 # [ 241.701090] Register r11 information: non-paged memory # [ 241.706447] Register r12 information: NULL pointer # [ 241.711600] Process cat (pid: 2878, stack limit = 0xf1ddc000) # [ 241.717556] Stack: (0xf1dddea0 to 0xf1dde000) # [ 241.722213] dea0: 00000022 00000000 00000000 b607a40c f1dddf80 00000011 c5489000 c0df8798 # [ 241.730689] dec0: 00000011 c0df8b7c c0df8a60 c8625040 b6e48000 00000011 c3a41d50 c0892960 # [ 241.739165] dee0: c8625040 c0892904 f1dddf80 b6e48000 c83f0040 00000011 c5499400 c0629858 # [ 241.747638] df00: c8d72db8 00000000 00000000 00000000 00000000 00000011 b6e48000 0001ffef # [ 241.756111] df20: 00000001 00000000 c8625f40 00000000 00000000 00000000 00000000 00000000 # [ 241.764584] df40: 00000000 00000000 00000000 00000000 00000022 b607a40c 00000000 c8625040 # [ 241.773058] df60: c8625040 00000000 00000000 c03002f0 c83f0040 00000004 004dfe38 c0629db4 # [ 241.781531] df80: 00000000 00000000 00000000 b607a40c 000000c0 00000011 00000011 7ff00000 # [ 241.790005] dfa0: 00000004 c03000c0 00000011 00000011 00000001 b6e48000 00000011 00000001 # [ 241.798579] dfc0: 00000011 00000011 7ff00000 00000004 00000001 b6e48000 00020000 004dfe38 # [ 241.807053] dfe0: 00000004 be803788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 241.815518] Call trace: # [ 241.815534] lkdtm_ACCESS_USERSPACE from lkdtm_do_action+0x24/0x4c # [ 241.824739] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 241.830510] direct_entry from full_proxy_write+0x5c/0x8c # [ 241.836179] full_proxy_write from vfs_write+0xbc/0x3cc # [ 241.841656] vfs_write from ksys_write+0x78/0xf8 # [ 241.846625] ksys_write from ret_fast_syscall+0x0/0x1c # [ 241.851988] Exception stack(0xf1dddfa8 to 0xf1dddff0) # [ 241.857345] dfa0: 00000011 00000011 00000001 b6e48000 00000011 00000001 # [ 241.865820] dfc0: 00000011 00000011 7ff00000 00000004 00000001 b6e48000 00020000 004dfe38 # [ 241.874289] dfe0: 00000004 be803788 b6f0e33b b6e87616 # [ 241.879647] Code: e1a01004 e30f0108 e34c01f9 eb234791 (e5943000) # [ 241.886003] ---[ end trace 0000000000000000 ]--- # [ 241.890949] note: cat[2878] exited with irqs disabled # ACCESS_USERSPACE: saw 'call trace:': ok ok 44 selftests: lkdtm: ACCESS_USERSPACE.sh # timeout set to 45 # selftests: lkdtm: ACCESS_NULL.sh <6>[ 243.811186] lkdtm: Performing direct entry ACCESS_NULL <6>[ 243.815377] lkdtm: attempting bad read at 00000000 <1>[ 243.820446] 8<--- cut here --- <1>[ 243.823681] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read <1>[ 243.836485] [00000000] *pgd=00000000 <0>[ 243.840558] Internal error: Oops: 5 [#14] SMP ARM <4>[ 243.844146] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 243.882264] CPU: 0 UID: 0 PID: 2959 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 243.891857] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 243.897104] Hardware name: STM32 (Device Tree Support) <4>[ 243.902551] PC is at lkdtm_ACCESS_NULL+0x20/0x60 <4>[ 243.907427] LR is at lkdtm_ACCESS_NULL+0x20/0x60 <4>[ 243.912287] pc : [] lr : [] psr: 60080013 <4>[ 243.918844] sp : f1e65eb0 ip : 00000000 fp : 0042fe38 <4>[ 243.924394] r10: c5499e00 r9 : f1e65f80 r8 : c2688148 <4>[ 243.929843] r7 : f1e65f80 r6 : 00000000 r5 : c8b5e000 r4 : 00000000 <4>[ 243.936702] r3 : c5322840 r2 : 00000000 r1 : 00000000 r0 : 00000026 <4>[ 243.943564] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 243.950930] Control: 10c5387d Table: c8d7406a DAC: 00000051 <1>[ 243.956982] Register r0 information: non-paged memory <1>[ 243.962342] Register r1 information: NULL pointer <1>[ 243.967294] Register r2 information: NULL pointer <1>[ 243.972245] Register r3 information: slab task_struct start c5322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 243.986019] copy_process+0x1f4/0x1f78 <6>[ 243.990277] kernel_clone+0xac/0x388 <6>[ 243.994433] sys_clone+0x78/0x9c <6>[ 243.998186] ret_fast_syscall+0x0/0x1c <4>[ 244.002437] Free path: <6>[ 244.005167] rcu_core+0x2dc/0xb14 <6>[ 244.009019] handle_softirqs+0x15c/0x430 <6>[ 244.013477] call_with_stack+0x18/0x20 <6>[ 244.017737] do_softirq+0x88/0x90 <6>[ 244.021588] __local_bh_enable_ip+0xd8/0xf8 <6>[ 244.026245] __dev_queue_xmit+0x23c/0xef4 <6>[ 244.030802] ip_finish_output2+0x370/0x688 <6>[ 244.035456] __ip_queue_xmit+0x198/0x488 <6>[ 244.039907] __tcp_transmit_skb+0x588/0xd68 <6>[ 244.044663] tcp_write_xmit+0x378/0x1890 <6>[ 244.049117] __tcp_push_pending_frames+0x38/0x120 <6>[ 244.054375] tcp_sendmsg_locked+0xa30/0xdd8 <6>[ 244.059037] tcp_sendmsg+0x30/0x44 <6>[ 244.062994] __sock_sendmsg+0x44/0x7c <6>[ 244.067150] sock_sendmsg+0x70/0xa4 <6>[ 244.071203] xprt_sock_sendmsg+0x148/0x30c <1>[ 244.075856] Register r4 information: NULL pointer <1>[ 244.080810] Register r5 information: non-slab/vmalloc memory <1>[ 244.086772] Register r6 information: NULL pointer <1>[ 244.091723] Register r7 information: 2-page vmalloc region starting at 0xf1e64000 allocated at kernel_clone+0xac/0x388 <1>[ 244.102733] Register r8 information: non-slab/vmalloc memory <1>[ 244.108692] Register r9 information: 2-page vmalloc region starting at 0xf1e64000 allocated at kernel_clone+0xac/0x388 <1>[ 244.119698] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 244.133557] full_proxy_open+0x124/0x24c <6>[ 244.138007] do_dentry_open+0x144/0x4dc <6>[ 244.142464] vfs_open+0x2c/0xec <6>[ 244.146116] path_openat+0x748/0x1198 <6>[ 244.150268] do_filp_open+0x98/0x134 <6>[ 244.154418] do_sys_openat2+0xbc/0xe4 <6>[ 244.158573] sys_openat+0x98/0xd4 <6>[ 244.162425] ret_fast_syscall+0x0/0x1c <4>[ 244.166675] Free path: <6>[ 244.169405] nfs_pgio_header_free+0x34/0x48 <6>[ 244.174164] nfs_write_completion+0x60/0x240 <6>[ 244.178917] rpc_free_task+0x34/0x54 <6>[ 244.183074] rpc_async_release+0x24/0x40 <6>[ 244.187528] process_one_work+0x1b8/0x450 <6>[ 244.192085] worker_thread+0x1d4/0x3c4 <6>[ 244.196338] kthread+0xe8/0x104 <6>[ 244.199987] ret_from_fork+0x14/0x28 <1>[ 244.204135] Register r11 information: non-paged memory <1>[ 244.209491] Register r12 information: NULL pointer <0>[ 244.214644] Process cat (pid: 2959, stack limit = 0xf1e64000) <0>[ 244.220601] Stack: (0xf1e65eb0 to 0xf1e66000) <0>[ 244.225254] 5ea0: 0000000c c8b5e000 00000000 c0df8798 <0>[ 244.233728] 5ec0: 0000000c c0df8b7c c0df8a60 c8625f40 b6df4000 0000000c c3a41d50 c0892960 <0>[ 244.242203] 5ee0: c8625f40 c0892904 f1e65f80 b6df4000 c5322840 0000000c c5499e00 c0629858 <0>[ 244.250676] 5f00: c8d76db0 00000000 00000000 00000000 00000000 0000000c b6df4000 0001fff4 <0>[ 244.259148] 5f20: 00000001 00000000 c8625a40 00000000 00000000 00000000 00000000 00000000 <0>[ 244.267621] 5f40: 00000000 00000000 00000000 00000000 00000022 b3e11e23 00000000 c8625f40 <0>[ 244.276096] 5f60: c8625f40 00000000 00000000 c03002f0 c5322840 00000004 0042fe38 c0629db4 <0>[ 244.284570] 5f80: 00000000 00000000 00000000 b3e11e23 000000c0 0000000c 0000000c 7ff00000 <0>[ 244.293043] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6df4000 0000000c 00000001 <0>[ 244.301516] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6df4000 00020000 0042fe38 <0>[ 244.309989] 5fe0: 00000004 bea43788 b6eba33b b6e33616 60080030 00000001 00000000 00000000 <0>[ 244.318455] Call trace: <0>[ 244.318473] lkdtm_ACCESS_NULL from lkdtm_do_action+0x24/0x4c <0>[ 244.327285] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 244.333056] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 244.338827] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 244.344306] vfs_write from ksys_write+0x78/0xf8 <0>[ 244.349176] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 244.354638] Exception stack(0xf1e65fa8 to 0xf1e65ff0) <0>[ 244.359895] 5fa0: 0000000c 0000000c 00000001 b6df4000 0000000c 00000001 <0>[ 244.368369] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6df4000 00020000 0042fe38 <0>[ 244.376839] 5fe0: 00000004 bea43788 b6eba33b b6e33616 <0>[ 244.382198] Code: e30f0108 e34c01f9 e1a01004 ebffc404 (e5945000) <4>[ 244.389983] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 243.811186] lkdtm: Performing direct entry ACCESS_NULL # [ 243.815377] lkdtm: attempting bad read at 00000000 # [ 243.820446] 8<--- cut here --- # [ 243.823681] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read # [ 243.836485] [00000000] *pgd=00000000 # [ 243.840558] Internal error: Oops: 5 [#14] SMP ARM # [ 243.844146] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 243.882264] CPU: 0 UID: 0 PID: 2959 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 243.891857] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 243.897104] Hardware name: STM32 (Device Tree Support) # [ 243.902551] PC is at lkdtm_ACCESS_NULL+0x20/0x60 # [ 243.907427] LR is at lkdtm_ACCESS_NULL+0x20/0x60 # [ 243.912287] pc : [] lr : [] psr: 60080013 # [ 243.918844] sp : f1e65eb0 ip : 00000000 fp : 0042fe38 # [ 243.924394] r10: c5499e00 r9 : f1e65f80 r8 : c2688148 # [ 243.929843] r7 : f1e65f80 r6 : 00000000 r5 : c8b5e000 r4 : 00000000 # [ 243.936702] r3 : c5322840 r2 : 00000000 r1 : 00000000 r0 : 00000026 # [ 243.943564] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 243.950930] Control: 10c5387d Table: c8d7406a DAC: 00000051 # [ 243.956982] Register r0 information: non-paged memory # [ 243.962342] Register r1 information: NULL pointer # [ 243.967294] Register r2 information: NULL pointer # [ 243.972245] Register r3 information: slab task_struct start c5322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 243.986019] copy_process+0x1f4/0x1f78 # [ 243.990277] kernel_clone+0xac/0x388 # [ 243.994433] sys_clone+0x78/0x9c # [ 243.998186] ret_fast_syscall+0x0/0x1c # [ 244.002437] Free path: # [ 244.005167] rcu_core+0x2dc/0xb14 # [ 244.009019] handle_softirqs+0x15c/0x430 # [ 244.013477] call_with_stack+0x18/0x20 # [ 244.017737] do_softirq+0x88/0x90 # [ 244.021588] __local_bh_enable_ip+0xd8/0xf8 # [ 244.026245] __dev_queue_xmit+0x23c/0xef4 # [ 244.030802] ip_finish_output2+0x370/0x688 # [ 244.035456] __ip_queue_xmit+0x198/0x488 # [ 244.039907] __tcp_transmit_skb+0x588/0xd68 # [ 244.044663] tcp_write_xmit+0x378/0x1890 # [ 244.049117] __tcp_push_pending_frames+0x38/0x120 # [ 244.054375] tcp_sendmsg_locked+0xa30/0xdd8 # [ 244.059037] tcp_sendmsg+0x30/0x44 # [ 244.062994] __sock_sendmsg+0x44/0x7c # [ 244.067150] sock_sendmsg+0x70/0xa4 # [ 244.071203] xprt_sock_sendmsg+0x148/0x30c # [ 244.075856] Register r4 information: NULL pointer # [ 244.080810] Register r5 information: non-slab/vmalloc memory # [ 244.086772] Register r6 information: NULL pointer # [ 244.091723] Register r7 information: 2-page vmalloc region starting at 0xf1e64000 allocated at kernel_clone+0xac/0x388 # [ 244.102733] Register r8 information: non-slab/vmalloc memory # [ 244.108692] Register r9 information: 2-page vmalloc region starting at 0xf1e64000 allocated at kernel_clone+0xac/0x388 # [ 244.119698] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 244.133557] full_proxy_open+0x124/0x24c # [ 244.138007] do_dentry_open+0x144/0x4dc # [ 244.142464] vfs_open+0x2c/0xec # [ 244.146116] path_openat+0x748/0x1198 # [ 244.150268] do_filp_open+0x98/0x134 # [ 244.154418] do_sys_openat2+0xbc/0xe4 # [ 244.158573] sys_openat+0x98/0xd4 # [ 244.162425] ret_fast_syscall+0x0/0x1c # [ 244.166675] Free path: # [ 244.169405] nfs_pgio_header_free+0x34/0x48 # [ 244.174164] nfs_write_completion+0x60/0x240 # [ 244.178917] rpc_free_task+0x34/0x54 # [ 244.183074] rpc_async_release+0x24/0x40 # [ 244.187528] process_one_work+0x1b8/0x450 # [ 244.192085] worker_thread+0x1d4/0x3c4 # [ 244.196338] kthread+0xe8/0x104 # [ 244.199987] ret_from_fork+0x14/0x28 # [ 244.204135] Register r11 information: non-paged memory # [ 244.209491] Register r12 information: NULL pointer # [ 244.214644] Process cat (pid: 2959, stack limit = 0xf1e64000) # [ 244.220601] Stack: (0xf1e65eb0 to 0xf1e66000) # [ 244.225254] 5ea0: 0000000c c8b5e000 00000000 c0df8798 # [ 244.233728] 5ec0: 0000000c c0df8b7c c0df8a60 c8625f40 b6df4000 0000000c c3a41d50 c0892960 # [ 244.242203] 5ee0: c8625f40 c0892904 f1e65f80 b6df4000 c5322840 0000000c c5499e00 c0629858 # [ 244.250676] 5f00: c8d76db0 00000000 00000000 00000000 00000000 0000000c b6df4000 0001fff4 # [ 244.259148] 5f20: 00000001 00000000 c8625a40 00000000 00000000 00000000 00000000 00000000 # [ 244.267621] 5f40: 00000000 00000000 00000000 00000000 00000022 b3e11e23 00000000 c8625f40 # [ 244.276096] 5f60: c8625f40 00000000 00000000 c03002f0 c5322840 00000004 0042fe38 c0629db4 # [ 244.284570] 5f80: 00000000 00000000 00000000 b3e11e23 000000c0 0000000c 0000000c 7ff00000 # [ 244.293043] 5fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6df4000 0000000c 00000001 # [ 244.301516] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6df4000 00020000 0042fe38 # [ 244.309989] 5fe0: 00000004 bea43788 b6eba33b b6e33616 60080030 00000001 00000000 00000000 # [ 244.318455] Call trace: # [ 244.318473] lkdtm_ACCESS_NULL from lkdtm_do_action+0x24/0x4c # [ 244.327285] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 244.333056] direct_entry from full_proxy_write+0x5c/0x8c # [ 244.338827] full_proxy_write from vfs_write+0xbc/0x3cc # [ 244.344306] vfs_write from ksys_write+0x78/0xf8 # [ 244.349176] ksys_write from ret_fast_syscall+0x0/0x1c # [ 244.354638] Exception stack(0xf1e65fa8 to 0xf1e65ff0) # [ 244.359895] 5fa0: 0000000c 0000000c 00000001 b6df4000 0000000c 00000001 # [ 244.368369] 5fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6df4000 00020000 0042fe38 # [ 244.376839] 5fe0: 00000004 bea43788 b6eba33b b6e33616 # [ 244.382198] Code: e30f0108 e34c01f9 e1a01004 ebffc404 (e5945000) # [ 244.389983] ---[ end trace 0000000000000000 ]--- # ACCESS_NULL: saw 'call trace:': ok ok 45 selftests: lkdtm: ACCESS_NULL.sh # timeout set to 45 # selftests: lkdtm: WRITE_RO.sh <6>[ 246.343133] lkdtm: Performing direct entry WRITE_RO <6>[ 246.347017] lkdtm: attempting bad rodata write at c197129c <1>[ 246.352825] 8<--- cut here --- <1>[ 246.355982] Unable to handle kernel paging request at virtual address c197129c when write <1>[ 246.364455] [c197129c] *pgd=c181941e(bad) <0>[ 246.368724] Internal error: Oops: 80d [#15] SMP ARM <4>[ 246.373878] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 246.411986] CPU: 0 UID: 0 PID: 3040 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 246.421676] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 246.426921] Hardware name: STM32 (Device Tree Support) <4>[ 246.432268] PC is at lkdtm_WRITE_RO+0x34/0x48 <4>[ 246.436939] LR is at lkdtm_WRITE_RO+0x24/0x48 <4>[ 246.441596] pc : [] lr : [] psr: 60080013 <4>[ 246.448153] sp : f1eddeb8 ip : 00000000 fp : 004ffe38 <4>[ 246.453602] r10: c5499e00 r9 : f1eddf80 r8 : c26880e8 <4>[ 246.459152] r7 : f1eddf80 r6 : 00000000 r5 : c5479000 r4 : c197129c <4>[ 246.465911] r3 : 0198b861 r2 : aa55aa55 r1 : 00000000 r0 : 0000002e <4>[ 246.472771] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 246.480137] Control: 10c5387d Table: c8c3006a DAC: 00000051 <1>[ 246.486187] Register r0 information: non-paged memory <1>[ 246.491546] Register r1 information: NULL pointer <1>[ 246.496497] Register r2 information: non-paged memory <1>[ 246.501850] Register r3 information: non-paged memory <1>[ 246.507203] Register r4 information: non-slab/vmalloc memory <1>[ 246.513164] Register r5 information: non-slab/vmalloc memory <1>[ 246.519121] Register r6 information: NULL pointer <1>[ 246.524071] Register r7 information: 2-page vmalloc region starting at 0xf1edc000 allocated at kernel_clone+0xac/0x388 <1>[ 246.535085] Register r8 information: non-slab/vmalloc memory <1>[ 246.541043] Register r9 information: 2-page vmalloc region starting at 0xf1edc000 allocated at kernel_clone+0xac/0x388 <1>[ 246.552049] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 246.565910] full_proxy_open+0x124/0x24c <6>[ 246.570361] do_dentry_open+0x144/0x4dc <6>[ 246.574717] vfs_open+0x2c/0xec <6>[ 246.578368] path_openat+0x748/0x1198 <6>[ 246.582620] do_filp_open+0x98/0x134 <6>[ 246.586670] do_sys_openat2+0xbc/0xe4 <6>[ 246.590924] sys_openat+0x98/0xd4 <6>[ 246.594776] ret_fast_syscall+0x0/0x1c <4>[ 246.599026] Free path: <6>[ 246.601756] nfs_pgio_header_free+0x34/0x48 <6>[ 246.606516] nfs_write_completion+0x60/0x240 <6>[ 246.611268] rpc_free_task+0x34/0x54 <6>[ 246.615425] rpc_async_release+0x24/0x40 <6>[ 246.619879] process_one_work+0x1b8/0x450 <6>[ 246.624435] worker_thread+0x1d4/0x3c4 <6>[ 246.628691] kthread+0xe8/0x104 <6>[ 246.632350] ret_from_fork+0x14/0x28 <1>[ 246.636411] Register r11 information: non-paged memory <1>[ 246.641876] Register r12 information: NULL pointer <0>[ 246.646930] Process cat (pid: 3040, stack limit = 0xf1edc000) <0>[ 246.652989] Stack: (0xf1eddeb8 to 0xf1ede000) <0>[ 246.657640] dea0: 00000009 c0df8798 <0>[ 246.666116] dec0: 00000009 c0df8b7c c0df8a60 c560c040 b6e48000 00000009 c3a41d50 c0892960 <0>[ 246.674591] dee0: c560c040 c0892904 f1eddf80 b6e48000 c83f1440 00000009 c5499e00 c0629858 <0>[ 246.683064] df00: c8c32db8 00000000 00000000 00000000 00000000 00000009 b6e48000 0001fff7 <0>[ 246.691536] df20: 00000001 00000000 c560c940 00000000 00000000 00000000 00000000 00000000 <0>[ 246.700010] df40: 00000000 00000000 00000000 00000000 00000022 6613c6f8 00000000 c560c040 <0>[ 246.708484] df60: c560c040 00000000 00000000 c03002f0 c83f1440 00000004 004ffe38 c0629db4 <0>[ 246.716957] df80: 00000000 00000000 00000000 6613c6f8 000000c0 00000009 00000009 7ff00000 <0>[ 246.725430] dfa0: 00000004 c03000c0 00000009 00000009 00000001 b6e48000 00000009 00000001 <0>[ 246.733903] dfc0: 00000009 00000009 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 <0>[ 246.742376] dfe0: 00000004 bec80788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 246.750841] Call trace: <0>[ 246.750856] lkdtm_WRITE_RO from lkdtm_do_action+0x24/0x4c <0>[ 246.759371] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 246.765140] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 246.770912] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 246.776391] vfs_write from ksys_write+0x78/0xf8 <0>[ 246.781260] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 246.786721] Exception stack(0xf1eddfa8 to 0xf1eddff0) <0>[ 246.791978] dfa0: 00000009 00000009 00000001 b6e48000 00000009 00000001 <0>[ 246.800551] dfc0: 00000009 00000009 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 <0>[ 246.809021] dfe0: 00000004 bec80788 b6f0e33b b6e87616 <0>[ 246.814278] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) <4>[ 246.820735] ---[ end trace 0000000000000000 ]--- <6>[ 246.825581] note: cat[3040] exited with irqs disabled # Segmentation fault # [ 246.343133] lkdtm: Performing direct entry WRITE_RO # [ 246.347017] lkdtm: attempting bad rodata write at c197129c # [ 246.352825] 8<--- cut here --- # [ 246.355982] Unable to handle kernel paging request at virtual address c197129c when write # [ 246.364455] [c197129c] *pgd=c181941e(bad) # [ 246.368724] Internal error: Oops: 80d [#15] SMP ARM # [ 246.373878] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 246.411986] CPU: 0 UID: 0 PID: 3040 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 246.421676] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 246.426921] Hardware name: STM32 (Device Tree Support) # [ 246.432268] PC is at lkdtm_WRITE_RO+0x34/0x48 # [ 246.436939] LR is at lkdtm_WRITE_RO+0x24/0x48 # [ 246.441596] pc : [] lr : [] psr: 60080013 # [ 246.448153] sp : f1eddeb8 ip : 00000000 fp : 004ffe38 # [ 246.453602] r10: c5499e00 r9 : f1eddf80 r8 : c26880e8 # [ 246.459152] r7 : f1eddf80 r6 : 00000000 r5 : c5479000 r4 : c197129c # [ 246.465911] r3 : 0198b861 r2 : aa55aa55 r1 : 00000000 r0 : 0000002e # [ 246.472771] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 246.480137] Control: 10c5387d Table: c8c3006a DAC: 00000051 # [ 246.486187] Register r0 information: non-paged memory # [ 246.491546] Register r1 information: NULL pointer # [ 246.496497] Register r2 information: non-paged memory # [ 246.501850] Register r3 information: non-paged memory # [ 246.507203] Register r4 information: non-slab/vmalloc memory # [ 246.513164] Register r5 information: non-slab/vmalloc memory # [ 246.519121] Register r6 information: NULL pointer # [ 246.524071] Register r7 information: 2-page vmalloc region starting at 0xf1edc000 allocated at kernel_clone+0xac/0x388 # [ 246.535085] Register r8 information: non-slab/vmalloc memory # [ 246.541043] Register r9 information: 2-page vmalloc region starting at 0xf1edc000 allocated at kernel_clone+0xac/0x388 # [ 246.552049] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 246.565910] full_proxy_open+0x124/0x24c # [ 246.570361] do_dentry_open+0x144/0x4dc # [ 246.574717] vfs_open+0x2c/0xec # [ 246.578368] path_openat+0x748/0x1198 # [ 246.582620] do_filp_open+0x98/0x134 # [ 246.586670] do_sys_openat2+0xbc/0xe4 # [ 246.590924] sys_openat+0x98/0xd4 # [ 246.594776] ret_fast_syscall+0x0/0x1c # [ 246.599026] Free path: # [ 246.601756] nfs_pgio_header_free+0x34/0x48 # [ 246.606516] nfs_write_completion+0x60/0x240 # [ 246.611268] rpc_free_task+0x34/0x54 # [ 246.615425] rpc_async_release+0x24/0x40 # [ 246.619879] process_one_work+0x1b8/0x450 # [ 246.624435] worker_thread+0x1d4/0x3c4 # [ 246.628691] kthread+0xe8/0x104 # [ 246.632350] ret_from_fork+0x14/0x28 # [ 246.636411] Register r11 information: non-paged memory # [ 246.641876] Register r12 information: NULL pointer # [ 246.646930] Process cat (pid: 3040, stack limit = 0xf1edc000) # [ 246.652989] Stack: (0xf1eddeb8 to 0xf1ede000) # [ 246.657640] dea0: 00000009 c0df8798 # [ 246.666116] dec0: 00000009 c0df8b7c c0df8a60 c560c040 b6e48000 00000009 c3a41d50 c0892960 # [ 246.674591] dee0: c560c040 c0892904 f1eddf80 b6e48000 c83f1440 00000009 c5499e00 c0629858 # [ 246.683064] df00: c8c32db8 00000000 00000000 00000000 00000000 00000009 b6e48000 0001fff7 # [ 246.691536] df20: 00000001 00000000 c560c940 00000000 00000000 00000000 00000000 00000000 # [ 246.700010] df40: 00000000 00000000 00000000 00000000 00000022 6613c6f8 00000000 c560c040 # [ 246.708484] df60: c560c040 00000000 00000000 c03002f0 c83f1440 00000004 004ffe38 c0629db4 # [ 246.716957] df80: 00000000 00000000 00000000 6613c6f8 000000c0 00000009 00000009 7ff00000 # [ 246.725430] dfa0: 00000004 c03000c0 00000009 00000009 00000001 b6e48000 00000009 00000001 # [ 246.733903] dfc0: 00000009 00000009 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 # [ 246.742376] dfe0: 00000004 bec80788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 246.750841] Call trace: # [ 246.750856] lkdtm_WRITE_RO from lkdtm_do_action+0x24/0x4c # [ 246.759371] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 246.765140] direct_entry from full_proxy_write+0x5c/0x8c # [ 246.770912] full_proxy_write from vfs_write+0xbc/0x3cc # [ 246.776391] vfs_write from ksys_write+0x78/0xf8 # [ 246.781260] ksys_write from ret_fast_syscall+0x0/0x1c # [ 246.786721] Exception stack(0xf1eddfa8 to 0xf1eddff0) # [ 246.791978] dfa0: 00000009 00000009 00000001 b6e48000 00000009 00000001 # [ 246.800551] dfc0: 00000009 00000009 7ff00000 00000004 00000001 b6e48000 00020000 004ffe38 # [ 246.809021] dfe0: 00000004 bec80788 b6f0e33b b6e87616 # [ 246.814278] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) # [ 246.820735] ---[ end trace 0000000000000000 ]--- # [ 246.825581] note: cat[3040] exited with irqs disabled # WRITE_RO: saw 'call trace:': ok ok 46 selftests: lkdtm: WRITE_RO.sh # timeout set to 45 # selftests: lkdtm: WRITE_RO_AFTER_INIT.sh <6>[ 248.730875] lkdtm: Performing direct entry WRITE_RO_AFTER_INIT <6>[ 248.735792] lkdtm: attempting bad ro_after_init write at c208ccc4 <1>[ 248.742045] 8<--- cut here --- <1>[ 248.745295] Unable to handle kernel paging request at virtual address c208ccc4 when write <1>[ 248.753777] [c208ccc4] *pgd=c201941e(bad) <0>[ 248.758062] Internal error: Oops: 80d [#16] SMP ARM <4>[ 248.763231] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 248.801369] CPU: 1 UID: 0 PID: 3121 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 248.810971] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 248.816219] Hardware name: STM32 (Device Tree Support) <4>[ 248.821667] PC is at lkdtm_WRITE_RO_AFTER_INIT+0x58/0x6c <4>[ 248.827247] LR is at lkdtm_WRITE_RO_AFTER_INIT+0x48/0x6c <4>[ 248.832812] pc : [] lr : [] psr: 60080013 <4>[ 248.839369] sp : f1f45eb8 ip : 00000000 fp : 004efe38 <4>[ 248.844822] r10: c5499e00 r9 : f1f45f80 r8 : c26880f0 <4>[ 248.850377] r7 : f1f45f80 r6 : 00000000 r5 : c8b02000 r4 : c208ccc4 <4>[ 248.857238] r3 : fe67479e r2 : 55aa55aa r1 : 00000000 r0 : 00000035 <4>[ 248.863998] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 248.871466] Control: 10c5387d Table: c572406a DAC: 00000051 <1>[ 248.877418] Register r0 information: non-paged memory <1>[ 248.882780] Register r1 information: NULL pointer <1>[ 248.887732] Register r2 information: non-paged memory <1>[ 248.893087] Register r3 information: vmalloc memory <1>[ 248.898242] Register r4 information: non-slab/vmalloc memory <1>[ 248.904202] Register r5 information: non-slab/vmalloc memory <1>[ 248.910160] Register r6 information: NULL pointer <1>[ 248.915111] Register r7 information: 2-page vmalloc region starting at 0xf1f44000 allocated at kernel_clone+0xac/0x388 <1>[ 248.926125] Register r8 information: non-slab/vmalloc memory <1>[ 248.932085] Register r9 information: 2-page vmalloc region starting at 0xf1f44000 allocated at kernel_clone+0xac/0x388 <1>[ 248.943092] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 248.956957] full_proxy_open+0x124/0x24c <6>[ 248.961410] do_dentry_open+0x144/0x4dc <6>[ 248.965768] vfs_open+0x2c/0xec <6>[ 248.969520] path_openat+0x748/0x1198 <6>[ 248.973673] do_filp_open+0x98/0x134 <6>[ 248.977823] do_sys_openat2+0xbc/0xe4 <6>[ 248.981978] sys_openat+0x98/0xd4 <6>[ 248.985830] ret_fast_syscall+0x0/0x1c <4>[ 248.990081] Free path: <6>[ 248.992810] nfs_pgio_header_free+0x34/0x48 <6>[ 248.997570] nfs_write_completion+0x60/0x240 <6>[ 249.002325] rpc_free_task+0x34/0x54 <6>[ 249.006482] rpc_async_release+0x24/0x40 <6>[ 249.010936] process_one_work+0x1b8/0x450 <6>[ 249.015492] worker_thread+0x1d4/0x3c4 <6>[ 249.019744] kthread+0xe8/0x104 <6>[ 249.023393] ret_from_fork+0x14/0x28 <1>[ 249.027540] Register r11 information: non-paged memory <1>[ 249.032896] Register r12 information: NULL pointer <0>[ 249.038050] Process cat (pid: 3121, stack limit = 0xf1f44000) <0>[ 249.044006] Stack: (0xf1f45eb8 to 0xf1f46000) <0>[ 249.048656] 5ea0: 00000014 c0df8798 <0>[ 249.057132] 5ec0: 00000014 c0df8b7c c0df8a60 c49ee440 b6e38000 00000014 c3a41d50 c0892960 <0>[ 249.065609] 5ee0: c49ee440 c0892904 f1f45f80 b6e38000 c83f1e40 00000014 c5499e00 c0629858 <0>[ 249.074083] 5f00: c5726db8 00000000 00000000 00000000 00000000 00000014 b6e38000 0001ffec <0>[ 249.082557] 5f20: 00000001 00000000 c49eea40 00000000 00000000 00000000 00000000 00000000 <0>[ 249.091030] 5f40: 00000000 00000000 00000000 00000000 00000022 6e291bf4 00000000 c49ee440 <0>[ 249.099503] 5f60: c49ee440 00000000 00000000 c03002f0 c83f1e40 00000004 004efe38 c0629db4 <0>[ 249.107976] 5f80: 00000000 00000000 00000000 6e291bf4 000000c0 00000014 00000014 7ff00000 <0>[ 249.116451] 5fa0: 00000004 c03000c0 00000014 00000014 00000001 b6e38000 00000014 00000001 <0>[ 249.124925] 5fc0: 00000014 00000014 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 <0>[ 249.133404] 5fe0: 00000004 bebb4788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 249.141878] Call trace: <0>[ 249.141895] lkdtm_WRITE_RO_AFTER_INIT from lkdtm_do_action+0x24/0x4c <0>[ 249.151418] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 249.157193] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 249.162866] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 249.168345] vfs_write from ksys_write+0x78/0xf8 <0>[ 249.173315] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 249.178679] Exception stack(0xf1f45fa8 to 0xf1f45ff0) <0>[ 249.184040] 5fa0: 00000014 00000014 00000001 b6e38000 00000014 00000001 <0>[ 249.192516] 5fc0: 00000014 00000014 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 <0>[ 249.200986] 5fe0: 00000004 bebb4788 b6efe33b b6e77616 <0>[ 249.206344] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) <4>[ 249.212701] ---[ end trace 0000000000000000 ]--- <6>[ 249.217547] note: cat[3121] exited with irqs disabled # Segmentation fault # [ 248.730875] lkdtm: Performing direct entry WRITE_RO_AFTER_INIT # [ 248.735792] lkdtm: attempting bad ro_after_init write at c208ccc4 # [ 248.742045] 8<--- cut here --- # [ 248.745295] Unable to handle kernel paging request at virtual address c208ccc4 when write # [ 248.753777] [c208ccc4] *pgd=c201941e(bad) # [ 248.758062] Internal error: Oops: 80d [#16] SMP ARM # [ 248.763231] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 248.801369] CPU: 1 UID: 0 PID: 3121 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 248.810971] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 248.816219] Hardware name: STM32 (Device Tree Support) # [ 248.821667] PC is at lkdtm_WRITE_RO_AFTER_INIT+0x58/0x6c # [ 248.827247] LR is at lkdtm_WRITE_RO_AFTER_INIT+0x48/0x6c # [ 248.832812] pc : [] lr : [] psr: 60080013 # [ 248.839369] sp : f1f45eb8 ip : 00000000 fp : 004efe38 # [ 248.844822] r10: c5499e00 r9 : f1f45f80 r8 : c26880f0 # [ 248.850377] r7 : f1f45f80 r6 : 00000000 r5 : c8b02000 r4 : c208ccc4 # [ 248.857238] r3 : fe67479e r2 : 55aa55aa r1 : 00000000 r0 : 00000035 # [ 248.863998] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 248.871466] Control: 10c5387d Table: c572406a DAC: 00000051 # [ 248.877418] Register r0 information: non-paged memory # [ 248.882780] Register r1 information: NULL pointer # [ 248.887732] Register r2 information: non-paged memory # [ 248.893087] Register r3 information: vmalloc memory # [ 248.898242] Register r4 information: non-slab/vmalloc memory # [ 248.904202] Register r5 information: non-slab/vmalloc memory # [ 248.910160] Register r6 information: NULL pointer # [ 248.915111] Register r7 information: 2-page vmalloc region starting at 0xf1f44000 allocated at kernel_clone+0xac/0x388 # [ 248.926125] Register r8 information: non-slab/vmalloc memory # [ 248.932085] Register r9 information: 2-page vmalloc region starting at 0xf1f44000 allocated at kernel_clone+0xac/0x388 # [ 248.943092] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 248.956957] full_proxy_open+0x124/0x24c # [ 248.961410] do_dentry_open+0x144/0x4dc # [ 248.965768] vfs_open+0x2c/0xec # [ 248.969520] path_openat+0x748/0x1198 # [ 248.973673] do_filp_open+0x98/0x134 # [ 248.977823] do_sys_openat2+0xbc/0xe4 # [ 248.981978] sys_openat+0x98/0xd4 # [ 248.985830] ret_fast_syscall+0x0/0x1c # [ 248.990081] Free path: # [ 248.992810] nfs_pgio_header_free+0x34/0x48 # [ 248.997570] nfs_write_completion+0x60/0x240 # [ 249.002325] rpc_free_task+0x34/0x54 # [ 249.006482] rpc_async_release+0x24/0x40 # [ 249.010936] process_one_work+0x1b8/0x450 # [ 249.015492] worker_thread+0x1d4/0x3c4 # [ 249.019744] kthread+0xe8/0x104 # [ 249.023393] ret_from_fork+0x14/0x28 # [ 249.027540] Register r11 information: non-paged memory # [ 249.032896] Register r12 information: NULL pointer # [ 249.038050] Process cat (pid: 3121, stack limit = 0xf1f44000) # [ 249.044006] Stack: (0xf1f45eb8 to 0xf1f46000) # [ 249.048656] 5ea0: 00000014 c0df8798 # [ 249.057132] 5ec0: 00000014 c0df8b7c c0df8a60 c49ee440 b6e38000 00000014 c3a41d50 c0892960 # [ 249.065609] 5ee0: c49ee440 c0892904 f1f45f80 b6e38000 c83f1e40 00000014 c5499e00 c0629858 # [ 249.074083] 5f00: c5726db8 00000000 00000000 00000000 00000000 00000014 b6e38000 0001ffec # [ 249.082557] 5f20: 00000001 00000000 c49eea40 00000000 00000000 00000000 00000000 00000000 # [ 249.091030] 5f40: 00000000 00000000 00000000 00000000 00000022 6e291bf4 00000000 c49ee440 # [ 249.099503] 5f60: c49ee440 00000000 00000000 c03002f0 c83f1e40 00000004 004efe38 c0629db4 # [ 249.107976] 5f80: 00000000 00000000 00000000 6e291bf4 000000c0 00000014 00000014 7ff00000 # [ 249.116451] 5fa0: 00000004 c03000c0 00000014 00000014 00000001 b6e38000 00000014 00000001 # [ 249.124925] 5fc0: 00000014 00000014 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 # [ 249.133404] 5fe0: 00000004 bebb4788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 249.141878] Call trace: # [ 249.141895] lkdtm_WRITE_RO_AFTER_INIT from lkdtm_do_action+0x24/0x4c # [ 249.151418] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 249.157193] direct_entry from full_proxy_write+0x5c/0x8c # [ 249.162866] full_proxy_write from vfs_write+0xbc/0x3cc # [ 249.168345] vfs_write from ksys_write+0x78/0xf8 # [ 249.173315] ksys_write from ret_fast_syscall+0x0/0x1c # [ 249.178679] Exception stack(0xf1f45fa8 to 0xf1f45ff0) # [ 249.184040] 5fa0: 00000014 00000014 00000001 b6e38000 00000014 00000001 # [ 249.192516] 5fc0: 00000014 00000014 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 # [ 249.200986] 5fe0: 00000004 bebb4788 b6efe33b b6e77616 # [ 249.206344] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) # [ 249.212701] ---[ end trace 0000000000000000 ]--- # [ 249.217547] note: cat[3121] exited with irqs disabled # WRITE_RO_AFTER_INIT: saw 'call trace:': ok ok 47 selftests: lkdtm: WRITE_RO_AFTER_INIT.sh # timeout set to 45 # selftests: lkdtm: WRITE_KERN.sh <6>[ 251.229191] lkdtm: Performing direct entry WRITE_KERN <6>[ 251.233281] lkdtm: attempting bad 9310356 byte write at c16db104 <1>[ 251.240192] 8<--- cut here --- <1>[ 251.242759] Unable to handle kernel paging request at virtual address c16db104 when write <1>[ 251.251243] [c16db104] *pgd=c161940e(bad) <0>[ 251.255531] Internal error: Oops: 80d [#17] SMP ARM <4>[ 251.260701] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 251.298832] CPU: 1 UID: 0 PID: 3202 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 251.308442] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 251.313697] Hardware name: STM32 (Device Tree Support) <4>[ 251.319053] PC is at mmiocpy+0x54/0x334 <4>[ 251.323221] LR is at 0xebdf82d2 <4>[ 251.326571] pc : [] lr : [] psr: 20080013 <4>[ 251.333129] sp : f1fd9e90 ip : e3a00040 fp : f1fd9ea0 <4>[ 251.338680] r10: c5499e00 r9 : e28dd004 r8 : e52de004 <4>[ 251.344130] r7 : f1fd9f80 r6 : e92d4010 r5 : e12fff1e r4 : e28dd004 <4>[ 251.350988] r3 : e52de004 r2 : 008e0ff4 r1 : c0dfa090 r0 : c16db104 <4>[ 251.357849] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 251.365218] Control: 10c5387d Table: c8bd406a DAC: 00000051 <1>[ 251.371271] Register r0 information: non-slab/vmalloc memory <1>[ 251.377240] Register r1 information: non-slab/vmalloc memory <1>[ 251.383099] Register r2 information: non-paged memory <1>[ 251.388455] Register r3 information: non-slab/vmalloc memory <1>[ 251.394413] Register r4 information: non-slab/vmalloc memory <1>[ 251.400369] Register r5 information: non-slab/vmalloc memory <1>[ 251.406327] Register r6 information: non-slab/vmalloc memory <1>[ 251.412284] Register r7 information: 2-page vmalloc region starting at 0xf1fd8000 allocated at kernel_clone+0xac/0x388 <1>[ 251.423299] Register r8 information: non-slab/vmalloc memory <1>[ 251.429259] Register r9 information: non-slab/vmalloc memory <1>[ 251.435117] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 251.449079] full_proxy_open+0x124/0x24c <6>[ 251.453530] do_dentry_open+0x144/0x4dc <6>[ 251.457887] vfs_open+0x2c/0xec <6>[ 251.461539] path_openat+0x748/0x1198 <6>[ 251.465790] do_filp_open+0x98/0x134 <6>[ 251.469840] do_sys_openat2+0xbc/0xe4 <6>[ 251.474094] sys_openat+0x98/0xd4 <6>[ 251.477846] ret_fast_syscall+0x0/0x1c <4>[ 251.482197] Free path: <6>[ 251.484927] nfs_pgio_header_free+0x34/0x48 <6>[ 251.489586] nfs_write_completion+0x60/0x240 <6>[ 251.494440] rpc_free_task+0x34/0x54 <6>[ 251.498497] rpc_async_release+0x24/0x40 <6>[ 251.502951] process_one_work+0x1b8/0x450 <6>[ 251.507507] worker_thread+0x1d4/0x3c4 <6>[ 251.511759] kthread+0xe8/0x104 <6>[ 251.515508] ret_from_fork+0x14/0x28 <1>[ 251.519563] Register r11 information: 2-page vmalloc region starting at 0xf1fd8000 allocated at kernel_clone+0xac/0x388 <1>[ 251.530678] Register r12 information: non-slab/vmalloc memory <0>[ 251.536742] Process cat (pid: 3202, stack limit = 0xf1fd8000) <0>[ 251.542702] Stack: (0xf1fd9e90 to 0xf1fda000) <0>[ 251.547360] 9e80: c0dfa070 008e1094 c26880f8 f1fd9f80 <0>[ 251.555837] 9ea0: c16db104 c16db104 0047fe38 c16db224 0000000b c8cbc000 00000000 c0df8798 <0>[ 251.564311] 9ec0: 0000000b c0df8b7c c0df8a60 c49ee040 b6dd8000 0000000b c3a41d50 c0892960 <0>[ 251.572787] 9ee0: c49ee040 c0892904 f1fd9f80 b6dd8000 c83f1440 0000000b c5499e00 c0629858 <0>[ 251.581262] 9f00: c8bd6db0 00000000 00000000 00000000 00000000 0000000b b6dd8000 0001fff5 <0>[ 251.589735] 9f20: 00000001 00000000 c49ee640 00000000 00000000 00000000 00000000 00000000 <0>[ 251.598209] 9f40: 00000000 00000000 00000000 00000000 00000022 1609a751 00000000 c49ee040 <0>[ 251.606683] 9f60: c49ee040 00000000 00000000 c03002f0 c83f1440 00000004 0047fe38 c0629db4 <0>[ 251.615156] 9f80: 00000000 00000000 00000000 1609a751 000000c0 0000000b 0000000b 7ff00000 <0>[ 251.623730] 9fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6dd8000 0000000b 00000001 <0>[ 251.632209] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6dd8000 00020000 0047fe38 <0>[ 251.640597] 9fe0: 00000004 beda0788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 251.649076] Call trace: <0>[ 251.649096] mmiocpy from lkdtm_WRITE_KERN+0x44/0x70 <0>[ 251.657119] lkdtm_WRITE_KERN from lkdtm_do_action+0x24/0x4c <0>[ 251.663124] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 251.668911] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 251.674593] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 251.680075] vfs_write from ksys_write+0x78/0xf8 <0>[ 251.684944] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 251.690309] Exception stack(0xf1fd9fa8 to 0xf1fd9ff0) <0>[ 251.695669] 9fa0: 0000000b 0000000b 00000001 b6dd8000 0000000b 00000001 <0>[ 251.704144] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6dd8000 00020000 0047fe38 <0>[ 251.712616] 9fe0: 00000004 beda0788 b6e9e33b b6e17616 <0>[ 251.717977] Code: f5d1f05c f5d1f07c e8b15378 e2522020 (e8a05378) <4>[ 251.724335] ---[ end trace 0000000000000000 ]--- <6>[ 251.729283] note: cat[3202] exited with irqs disabled # Segmentation fault # [ 251.229191] lkdtm: Performing direct entry WRITE_KERN # [ 251.233281] lkdtm: attempting bad 9310356 byte write at c16db104 # [ 251.240192] 8<--- cut here --- # [ 251.242759] Unable to handle kernel paging request at virtual address c16db104 when write # [ 251.251243] [c16db104] *pgd=c161940e(bad) # [ 251.255531] Internal error: Oops: 80d [#17] SMP ARM # [ 251.260701] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 251.298832] CPU: 1 UID: 0 PID: 3202 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 251.308442] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 251.313697] Hardware name: STM32 (Device Tree Support) # [ 251.319053] PC is at mmiocpy+0x54/0x334 # [ 251.323221] LR is at 0xebdf82d2 # [ 251.326571] pc : [] lr : [] psr: 20080013 # [ 251.333129] sp : f1fd9e90 ip : e3a00040 fp : f1fd9ea0 # [ 251.338680] r10: c5499e00 r9 : e28dd004 r8 : e52de004 # [ 251.344130] r7 : f1fd9f80 r6 : e92d4010 r5 : e12fff1e r4 : e28dd004 # [ 251.350988] r3 : e52de004 r2 : 008e0ff4 r1 : c0dfa090 r0 : c16db104 # [ 251.357849] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 251.365218] Control: 10c5387d Table: c8bd406a DAC: 00000051 # [ 251.371271] Register r0 information: non-slab/vmalloc memory # [ 251.377240] Register r1 information: non-slab/vmalloc memory # [ 251.383099] Register r2 information: non-paged memory # [ 251.388455] Register r3 information: non-slab/vmalloc memory # [ 251.394413] Register r4 information: non-slab/vmalloc memory # [ 251.400369] Register r5 information: non-slab/vmalloc memory # [ 251.406327] Register r6 information: non-slab/vmalloc memory # [ 251.412284] Register r7 information: 2-page vmalloc region starting at 0xf1fd8000 allocated at kernel_clone+0xac/0x388 # [ 251.423299] Register r8 information: non-slab/vmalloc memory # [ 251.429259] Register r9 information: non-slab/vmalloc memory # [ 251.435117] Register r10 information: slab kmalloc-192 start c5499dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 251.449079] full_proxy_open+0x124/0x24c # [ 251.453530] do_dentry_open+0x144/0x4dc # [ 251.457887] vfs_open+0x2c/0xec # [ 251.461539] path_openat+0x748/0x1198 # [ 251.465790] do_filp_open+0x98/0x134 # [ 251.469840] do_sys_openat2+0xbc/0xe4 # [ 251.474094] sys_openat+0x98/0xd4 # [ 251.477846] ret_fast_syscall+0x0/0x1c # [ 251.482197] Free path: # [ 251.484927] nfs_pgio_header_free+0x34/0x48 # [ 251.489586] nfs_write_completion+0x60/0x240 # [ 251.494440] rpc_free_task+0x34/0x54 # [ 251.498497] rpc_async_release+0x24/0x40 # [ 251.502951] process_one_work+0x1b8/0x450 # [ 251.507507] worker_thread+0x1d4/0x3c4 # [ 251.511759] kthread+0xe8/0x104 # [ 251.515508] ret_from_fork+0x14/0x28 # [ 251.519563] Register r11 information: 2-page vmalloc region starting at 0xf1fd8000 allocated at kernel_clone+0xac/0x388 # [ 251.530678] Register r12 information: non-slab/vmalloc memory # [ 251.536742] Process cat (pid: 3202, stack limit = 0xf1fd8000) # [ 251.542702] Stack: (0xf1fd9e90 to 0xf1fda000) # [ 251.547360] 9e80: c0dfa070 008e1094 c26880f8 f1fd9f80 # [ 251.555837] 9ea0: c16db104 c16db104 0047fe38 c16db224 0000000b c8cbc000 00000000 c0df8798 # [ 251.564311] 9ec0: 0000000b c0df8b7c c0df8a60 c49ee040 b6dd8000 0000000b c3a41d50 c0892960 # [ 251.572787] 9ee0: c49ee040 c0892904 f1fd9f80 b6dd8000 c83f1440 0000000b c5499e00 c0629858 # [ 251.581262] 9f00: c8bd6db0 00000000 00000000 00000000 00000000 0000000b b6dd8000 0001fff5 # [ 251.589735] 9f20: 00000001 00000000 c49ee640 00000000 00000000 00000000 00000000 00000000 # [ 251.598209] 9f40: 00000000 00000000 00000000 00000000 00000022 1609a751 00000000 c49ee040 # [ 251.606683] 9f60: c49ee040 00000000 00000000 c03002f0 c83f1440 00000004 0047fe38 c0629db4 # [ 251.615156] 9f80: 00000000 00000000 00000000 1609a751 000000c0 0000000b 0000000b 7ff00000 # [ 251.623730] 9fa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6dd8000 0000000b 00000001 # [ 251.632209] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6dd8000 00020000 0047fe38 # [ 251.640597] 9fe0: 00000004 beda0788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 251.649076] Call trace: # [ 251.649096] mmiocpy from lkdtm_WRITE_KERN+0x44/0x70 # [ 251.657119] lkdtm_WRITE_KERN from lkdtm_do_action+0x24/0x4c # [ 251.663124] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 251.668911] direct_entry from full_proxy_write+0x5c/0x8c # [ 251.674593] full_proxy_write from vfs_write+0xbc/0x3cc # [ 251.680075] vfs_write from ksys_write+0x78/0xf8 # [ 251.684944] ksys_write from ret_fast_syscall+0x0/0x1c # [ 251.690309] Exception stack(0xf1fd9fa8 to 0xf1fd9ff0) # [ 251.695669] 9fa0: 0000000b 0000000b 00000001 b6dd8000 0000000b 00000001 # [ 251.704144] 9fc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6dd8000 00020000 0047fe38 # [ 251.712616] 9fe0: 00000004 beda0788 b6e9e33b b6e17616 # [ 251.717977] Code: f5d1f05c f5d1f07c e8b15378 e2522020 (e8a05378) # [ 251.724335] ---[ end trace 0000000000000000 ]--- # [ 251.729283] note: cat[3202] exited with irqs disabled # WRITE_KERN: saw 'call trace:': ok ok 48 selftests: lkdtm: WRITE_KERN.sh # timeout set to 45 # selftests: lkdtm: WRITE_OPD.sh <6>[ 253.532685] lkdtm: Performing direct entry WRITE_OPD <6>[ 253.536696] lkdtm: XFAIL: Platform doesn't use function descriptors. # [ 253.532685] lkdtm: Performing direct entry WRITE_OPD # [ 253.536696] lkdtm: XFAIL: Platform doesn't use function descriptors. # WRITE_OPD: saw 'XFAIL': [SKIP] ok 49 selftests: lkdtm: WRITE_OPD.sh # SKIP # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_OVERFLOW.sh <6>[ 254.937235] lkdtm: Performing direct entry REFCOUNT_INC_OVERFLOW <6>[ 254.942250] lkdtm: attempting good refcount_inc() without overflow <6>[ 254.948692] lkdtm: attempting bad refcount_inc() overflow <4>[ 254.955022] ------------[ cut here ]------------ <4>[ 254.959256] WARNING: CPU: 0 PID: 3326 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 <4>[ 254.968357] refcount_t: saturated; leaking memory. <4>[ 254.973672] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 255.011695] CPU: 0 UID: 0 PID: 3326 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 255.021108] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 255.026361] Hardware name: STM32 (Device Tree Support) <4>[ 255.031711] Call trace: <4>[ 255.031726] unwind_backtrace from show_stack+0x18/0x1c <4>[ 255.040038] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 255.045413] dump_stack_lvl from __warn+0x84/0x134 <4>[ 255.050394] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 255.055875] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 <4>[ 255.062970] lkdtm_REFCOUNT_INC_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 255.069857] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 255.075626] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 255.081296] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 255.086773] vfs_write from ksys_write+0x78/0xf8 <4>[ 255.091641] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 255.097104] Exception stack(0xf208dfa8 to 0xf208dff0) <4>[ 255.102463] dfa0: 00000016 00000016 00000001 b6e18000 00000016 00000001 <4>[ 255.110938] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e18000 00020000 004bfe38 <4>[ 255.119408] dfe0: 00000004 be9fa788 b6ede33b b6e57616 <4>[ 255.124922] ---[ end trace 0000000000000000 ]--- <6>[ 255.129667] lkdtm: Overflow detected: saturated # [ 254.937235] lkdtm: Performing direct entry REFCOUNT_INC_OVERFLOW # [ 254.942250] lkdtm: attempting good refcount_inc() without overflow # [ 254.948692] lkdtm: attempting bad refcount_inc() overflow # [ 254.955022] ------------[ cut here ]------------ # [ 254.959256] WARNING: CPU: 0 PID: 3326 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 # [ 254.968357] refcount_t: saturated; leaking memory. # [ 254.973672] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 255.011695] CPU: 0 UID: 0 PID: 3326 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 255.021108] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 255.026361] Hardware name: STM32 (Device Tree Support) # [ 255.031711] Call trace: # [ 255.031726] unwind_backtrace from show_stack+0x18/0x1c # [ 255.040038] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 255.045413] dump_stack_lvl from __warn+0x84/0x134 # [ 255.050394] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 255.055875] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 # [ 255.062970] lkdtm_REFCOUNT_INC_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 255.069857] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 255.075626] direct_entry from full_proxy_write+0x5c/0x8c # [ 255.081296] full_proxy_write from vfs_write+0xbc/0x3cc # [ 255.086773] vfs_write from ksys_write+0x78/0xf8 # [ 255.091641] ksys_write from ret_fast_syscall+0x0/0x1c # [ 255.097104] Exception stack(0xf208dfa8 to 0xf208dff0) # [ 255.102463] dfa0: 00000016 00000016 00000001 b6e18000 00000016 00000001 # [ 255.110938] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e18000 00020000 004bfe38 # [ 255.119408] dfe0: 00000004 be9fa788 b6ede33b b6e57616 # [ 255.124922] ---[ end trace 0000000000000000 ]--- # [ 255.129667] lkdtm: Overflow detected: saturated # REFCOUNT_INC_OVERFLOW: saw 'call trace:': ok ok 50 selftests: lkdtm: REFCOUNT_INC_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_OVERFLOW.sh <6>[ 256.523985] lkdtm: Performing direct entry REFCOUNT_ADD_OVERFLOW <6>[ 256.529178] lkdtm: attempting good refcount_add() without overflow <6>[ 256.535613] lkdtm: attempting bad refcount_add() overflow <4>[ 256.541368] ------------[ cut here ]------------ <4>[ 256.546656] WARNING: CPU: 1 PID: 3365 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 <4>[ 256.555516] refcount_t: saturated; leaking memory. <4>[ 256.560363] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 256.598524] CPU: 1 UID: 0 PID: 3365 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 256.608039] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 256.613286] Hardware name: STM32 (Device Tree Support) <4>[ 256.618736] Call trace: <4>[ 256.618752] unwind_backtrace from show_stack+0x18/0x1c <4>[ 256.626960] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 256.632336] dump_stack_lvl from __warn+0x84/0x134 <4>[ 256.637418] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 256.642802] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 <4>[ 256.649900] lkdtm_REFCOUNT_ADD_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 256.656788] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 256.662558] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 256.668229] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 256.673809] vfs_write from ksys_write+0x78/0xf8 <4>[ 256.678678] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 256.684041] Exception stack(0xf20cdfa8 to 0xf20cdff0) <4>[ 256.689401] dfa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 <4>[ 256.697876] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 0042fe38 <4>[ 256.706345] dfe0: 00000004 bee6e788 b6e9e33b b6e17616 <4>[ 256.711825] ---[ end trace 0000000000000000 ]--- <6>[ 256.716661] lkdtm: Overflow detected: saturated # [ 256.523985] lkdtm: Performing direct entry REFCOUNT_ADD_OVERFLOW # [ 256.529178] lkdtm: attempting good refcount_add() without overflow # [ 256.535613] lkdtm: attempting bad refcount_add() overflow # [ 256.541368] ------------[ cut here ]------------ # [ 256.546656] WARNING: CPU: 1 PID: 3365 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 # [ 256.555516] refcount_t: saturated; leaking memory. # [ 256.560363] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 256.598524] CPU: 1 UID: 0 PID: 3365 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 256.608039] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 256.613286] Hardware name: STM32 (Device Tree Support) # [ 256.618736] Call trace: # [ 256.618752] unwind_backtrace from show_stack+0x18/0x1c # [ 256.626960] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 256.632336] dump_stack_lvl from __warn+0x84/0x134 # [ 256.637418] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 256.642802] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 # [ 256.649900] lkdtm_REFCOUNT_ADD_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 256.656788] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 256.662558] direct_entry from full_proxy_write+0x5c/0x8c # [ 256.668229] full_proxy_write from vfs_write+0xbc/0x3cc # [ 256.673809] vfs_write from ksys_write+0x78/0xf8 # [ 256.678678] ksys_write from ret_fast_syscall+0x0/0x1c # [ 256.684041] Exception stack(0xf20cdfa8 to 0xf20cdff0) # [ 256.689401] dfa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 # [ 256.697876] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 0042fe38 # [ 256.706345] dfe0: 00000004 bee6e788 b6e9e33b b6e17616 # [ 256.711825] ---[ end trace 0000000000000000 ]--- # [ 256.716661] lkdtm: Overflow detected: saturated # REFCOUNT_ADD_OVERFLOW: saw 'call trace:': ok ok 51 selftests: lkdtm: REFCOUNT_ADD_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh <6>[ 258.099335] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_OVERFLOW <6>[ 258.105146] lkdtm: attempting bad refcount_inc_not_zero() overflow <4>[ 258.111607] ------------[ cut here ]------------ <4>[ 258.116578] WARNING: CPU: 0 PID: 3404 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 258.126284] refcount_t: saturated; leaking memory. <4>[ 258.131335] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 258.169706] CPU: 0 UID: 0 PID: 3404 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 258.179017] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 258.184269] Hardware name: STM32 (Device Tree Support) <4>[ 258.189719] Call trace: <4>[ 258.189735] unwind_backtrace from show_stack+0x18/0x1c <4>[ 258.197945] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 258.203320] dump_stack_lvl from __warn+0x84/0x134 <4>[ 258.208400] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 258.213781] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 258.221580] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW+0x40/0x80 <4>[ 258.231085] lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 258.238777] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 258.244546] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 258.250217] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 258.255694] vfs_write from ksys_write+0x78/0xf8 <4>[ 258.260562] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 258.266025] Exception stack(0xf210dfa8 to 0xf210dff0) <4>[ 258.271385] dfa0: 0000001f 0000001f 00000001 b6db8000 0000001f 00000001 <4>[ 258.279859] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6db8000 00020000 004efe38 <4>[ 258.288328] dfe0: 00000004 bec95788 b6e7e33b b6df7616 <4>[ 258.293992] ---[ end trace 0000000000000000 ]--- <6>[ 258.298649] lkdtm: Overflow detected: saturated # [ 258.099335] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_OVERFLOW # [ 258.105146] lkdtm: attempting bad refcount_inc_not_zero() overflow # [ 258.111607] ------------[ cut here ]------------ # [ 258.116578] WARNING: CPU: 0 PID: 3404 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 258.126284] refcount_t: saturated; leaking memory. # [ 258.131335] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 258.169706] CPU: 0 UID: 0 PID: 3404 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 258.179017] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 258.184269] Hardware name: STM32 (Device Tree Support) # [ 258.189719] Call trace: # [ 258.189735] unwind_backtrace from show_stack+0x18/0x1c # [ 258.197945] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 258.203320] dump_stack_lvl from __warn+0x84/0x134 # [ 258.208400] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 258.213781] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 258.221580] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW+0x40/0x80 # [ 258.231085] lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 258.238777] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 258.244546] direct_entry from full_proxy_write+0x5c/0x8c # [ 258.250217] full_proxy_write from vfs_write+0xbc/0x3cc # [ 258.255694] vfs_write from ksys_write+0x78/0xf8 # [ 258.260562] ksys_write from ret_fast_syscall+0x0/0x1c # [ 258.266025] Exception stack(0xf210dfa8 to 0xf210dff0) # [ 258.271385] dfa0: 0000001f 0000001f 00000001 b6db8000 0000001f 00000001 # [ 258.279859] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6db8000 00020000 004efe38 # [ 258.288328] dfe0: 00000004 bec95788 b6e7e33b b6df7616 # [ 258.293992] ---[ end trace 0000000000000000 ]--- # [ 258.298649] lkdtm: Overflow detected: saturated # REFCOUNT_INC_NOT_ZERO_OVERFLOW: saw 'call trace:': ok ok 52 selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh <6>[ 259.760816] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_OVERFLOW <6>[ 259.766641] lkdtm: attempting bad refcount_add_not_zero() overflow <4>[ 259.773095] ------------[ cut here ]------------ <4>[ 259.778366] WARNING: CPU: 1 PID: 3443 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 259.787798] refcount_t: saturated; leaking memory. <4>[ 259.792848] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 259.830944] CPU: 1 UID: 0 PID: 3443 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 259.840450] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 259.845703] Hardware name: STM32 (Device Tree Support) <4>[ 259.851152] Call trace: <4>[ 259.851169] unwind_backtrace from show_stack+0x18/0x1c <4>[ 259.859480] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 259.864753] dump_stack_lvl from __warn+0x84/0x134 <4>[ 259.869834] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 259.875315] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 259.883013] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW+0x40/0x80 <4>[ 259.892518] lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 259.900209] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 259.905978] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 259.911649] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 259.917128] vfs_write from ksys_write+0x78/0xf8 <4>[ 259.921995] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 259.927459] Exception stack(0xf214dfa8 to 0xf214dff0) <4>[ 259.932819] dfa0: 0000001f 0000001f 00000001 b6d98000 0000001f 00000001 <4>[ 259.941295] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6d98000 00020000 004cfe38 <4>[ 259.949765] dfe0: 00000004 bee76788 b6e5e33b b6dd7616 <4>[ 259.955245] ---[ end trace 0000000000000000 ]--- <6>[ 259.960112] lkdtm: Overflow detected: saturated # [ 259.760816] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_OVERFLOW # [ 259.766641] lkdtm: attempting bad refcount_add_not_zero() overflow # [ 259.773095] ------------[ cut here ]------------ # [ 259.778366] WARNING: CPU: 1 PID: 3443 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 259.787798] refcount_t: saturated; leaking memory. # [ 259.792848] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 259.830944] CPU: 1 UID: 0 PID: 3443 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 259.840450] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 259.845703] Hardware name: STM32 (Device Tree Support) # [ 259.851152] Call trace: # [ 259.851169] unwind_backtrace from show_stack+0x18/0x1c # [ 259.859480] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 259.864753] dump_stack_lvl from __warn+0x84/0x134 # [ 259.869834] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 259.875315] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 259.883013] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW+0x40/0x80 # [ 259.892518] lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 259.900209] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 259.905978] direct_entry from full_proxy_write+0x5c/0x8c # [ 259.911649] full_proxy_write from vfs_write+0xbc/0x3cc # [ 259.917128] vfs_write from ksys_write+0x78/0xf8 # [ 259.921995] ksys_write from ret_fast_syscall+0x0/0x1c # [ 259.927459] Exception stack(0xf214dfa8 to 0xf214dff0) # [ 259.932819] dfa0: 0000001f 0000001f 00000001 b6d98000 0000001f 00000001 # [ 259.941295] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6d98000 00020000 004cfe38 # [ 259.949765] dfe0: 00000004 bee76788 b6e5e33b b6dd7616 # [ 259.955245] ---[ end trace 0000000000000000 ]--- # [ 259.960112] lkdtm: Overflow detected: saturated # REFCOUNT_ADD_NOT_ZERO_OVERFLOW: saw 'call trace:': ok ok 53 selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_ZERO.sh <6>[ 261.400444] lkdtm: Performing direct entry REFCOUNT_DEC_ZERO <6>[ 261.405594] lkdtm: attempting good refcount_dec() <6>[ 261.410591] lkdtm: attempting bad refcount_dec() to zero <4>[ 261.415777] ------------[ cut here ]------------ <4>[ 261.420517] WARNING: CPU: 0 PID: 3482 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 <4>[ 261.429340] refcount_t: decrement hit 0; leaking memory. <4>[ 261.434887] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 261.473205] CPU: 0 UID: 0 PID: 3482 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 261.482515] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 261.487765] Hardware name: STM32 (Device Tree Support) <4>[ 261.493215] Call trace: <4>[ 261.493229] unwind_backtrace from show_stack+0x18/0x1c <4>[ 261.501541] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 261.506819] dump_stack_lvl from __warn+0x84/0x134 <4>[ 261.511900] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 261.517380] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 <4>[ 261.524073] lkdtm_REFCOUNT_DEC_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 261.530660] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 261.536429] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 261.542100] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 261.547578] vfs_write from ksys_write+0x78/0xf8 <4>[ 261.552446] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 261.557909] Exception stack(0xf2191fa8 to 0xf2191ff0) <4>[ 261.563269] 1fa0: 00000012 00000012 00000001 b6e48000 00000012 00000001 <4>[ 261.571743] 1fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e48000 00020000 0042fe38 <4>[ 261.580213] 1fe0: 00000004 beef2788 b6f0e33b b6e87616 <4>[ 261.585780] ---[ end trace 0000000000000000 ]--- <6>[ 261.590436] lkdtm: Zero detected: saturated # [ 261.400444] lkdtm: Performing direct entry REFCOUNT_DEC_ZERO # [ 261.405594] lkdtm: attempting good refcount_dec() # [ 261.410591] lkdtm: attempting bad refcount_dec() to zero # [ 261.415777] ------------[ cut here ]------------ # [ 261.420517] WARNING: CPU: 0 PID: 3482 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 # [ 261.429340] refcount_t: decrement hit 0; leaking memory. # [ 261.434887] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 261.473205] CPU: 0 UID: 0 PID: 3482 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 261.482515] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 261.487765] Hardware name: STM32 (Device Tree Support) # [ 261.493215] Call trace: # [ 261.493229] unwind_backtrace from show_stack+0x18/0x1c # [ 261.501541] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 261.506819] dump_stack_lvl from __warn+0x84/0x134 # [ 261.511900] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 261.517380] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 # [ 261.524073] lkdtm_REFCOUNT_DEC_ZERO from lkdtm_do_action+0x24/0x4c # [ 261.530660] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 261.536429] direct_entry from full_proxy_write+0x5c/0x8c # [ 261.542100] full_proxy_write from vfs_write+0xbc/0x3cc # [ 261.547578] vfs_write from ksys_write+0x78/0xf8 # [ 261.552446] ksys_write from ret_fast_syscall+0x0/0x1c # [ 261.557909] Exception stack(0xf2191fa8 to 0xf2191ff0) # [ 261.563269] 1fa0: 00000012 00000012 00000001 b6e48000 00000012 00000001 # [ 261.571743] 1fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e48000 00020000 0042fe38 # [ 261.580213] 1fe0: 00000004 beef2788 b6f0e33b b6e87616 # [ 261.585780] ---[ end trace 0000000000000000 ]--- # [ 261.590436] lkdtm: Zero detected: saturated # REFCOUNT_DEC_ZERO: saw 'call trace:': ok ok 54 selftests: lkdtm: REFCOUNT_DEC_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_NEGATIVE.sh <6>[ 263.136575] lkdtm: Performing direct entry REFCOUNT_DEC_NEGATIVE <6>[ 263.141612] lkdtm: attempting bad refcount_dec() below zero <4>[ 263.147435] ------------[ cut here ]------------ <4>[ 263.152398] WARNING: CPU: 1 PID: 3526 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c <4>[ 263.161822] refcount_t: decrement hit 0; leaking memory. <4>[ 263.167002] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 263.205108] CPU: 1 UID: 0 PID: 3526 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 263.214717] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 263.219871] Hardware name: STM32 (Device Tree Support) <4>[ 263.225321] Call trace: <4>[ 263.225337] unwind_backtrace from show_stack+0x18/0x1c <4>[ 263.233646] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 263.238920] dump_stack_lvl from __warn+0x84/0x134 <4>[ 263.244000] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 263.249483] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c <4>[ 263.256479] lkdtm_REFCOUNT_DEC_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 263.263466] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 263.269235] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 263.274906] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 263.280383] vfs_write from ksys_write+0x78/0xf8 <4>[ 263.285252] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 263.290715] Exception stack(0xf21c9fa8 to 0xf21c9ff0) <4>[ 263.296074] 9fa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 <4>[ 263.304549] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 004afe38 <4>[ 263.313018] 9fe0: 00000004 bef9f788 b6e9e33b b6e17616 <4>[ 263.318371] ---[ end trace 0000000000000000 ]--- <6>[ 263.323308] lkdtm: Negative detected: saturated # [ 263.136575] lkdtm: Performing direct entry REFCOUNT_DEC_NEGATIVE # [ 263.141612] lkdtm: attempting bad refcount_dec() below zero # [ 263.147435] ------------[ cut here ]------------ # [ 263.152398] WARNING: CPU: 1 PID: 3526 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c # [ 263.161822] refcount_t: decrement hit 0; leaking memory. # [ 263.167002] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 263.205108] CPU: 1 UID: 0 PID: 3526 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 263.214717] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 263.219871] Hardware name: STM32 (Device Tree Support) # [ 263.225321] Call trace: # [ 263.225337] unwind_backtrace from show_stack+0x18/0x1c # [ 263.233646] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 263.238920] dump_stack_lvl from __warn+0x84/0x134 # [ 263.244000] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 263.249483] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c # [ 263.256479] lkdtm_REFCOUNT_DEC_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 263.263466] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 263.269235] direct_entry from full_proxy_write+0x5c/0x8c # [ 263.274906] full_proxy_write from vfs_write+0xbc/0x3cc # [ 263.280383] vfs_write from ksys_write+0x78/0xf8 # [ 263.285252] ksys_write from ret_fast_syscall+0x0/0x1c # [ 263.290715] Exception stack(0xf21c9fa8 to 0xf21c9ff0) # [ 263.296074] 9fa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 # [ 263.304549] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 004afe38 # [ 263.313018] 9fe0: 00000004 bef9f788 b6e9e33b b6e17616 # [ 263.318371] ---[ end trace 0000000000000000 ]--- # [ 263.323308] lkdtm: Negative detected: saturated # REFCOUNT_DEC_NEGATIVE: saw 'Negative detected: saturated': ok ok 55 selftests: lkdtm: REFCOUNT_DEC_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_AND_TEST_NEGATIVE.sh <6>[ 265.534930] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_NEGATIVE <6>[ 265.540877] lkdtm: attempting bad refcount_dec_and_test() below zero <4>[ 265.547355] ------------[ cut here ]------------ <4>[ 265.552327] WARNING: CPU: 1 PID: 3570 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 265.562026] refcount_t: underflow; use-after-free. <4>[ 265.567112] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 265.605270] CPU: 1 UID: 0 PID: 3570 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 265.614777] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 265.620033] Hardware name: STM32 (Device Tree Support) <4>[ 265.625383] Call trace: <4>[ 265.625398] unwind_backtrace from show_stack+0x18/0x1c <4>[ 265.633708] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 265.639082] dump_stack_lvl from __warn+0x84/0x134 <4>[ 265.644162] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 265.649543] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 265.657338] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE+0x3c/0x80 <4>[ 265.666743] lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 265.674431] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 265.680199] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 265.685869] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 265.691346] vfs_write from ksys_write+0x78/0xf8 <4>[ 265.696314] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 265.701677] Exception stack(0xf21edfa8 to 0xf21edff0) <4>[ 265.707035] dfa0: 0000001f 0000001f 00000001 b6e08000 0000001f 00000001 <4>[ 265.715510] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e08000 00020000 0046fe38 <4>[ 265.723981] dfe0: 00000004 bed38788 b6ece33b b6e47616 <4>[ 265.729437] ---[ end trace 0000000000000000 ]--- <6>[ 265.734285] lkdtm: Negative detected: saturated # [ 265.534930] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_NEGATIVE # [ 265.540877] lkdtm: attempting bad refcount_dec_and_test() below zero # [ 265.547355] ------------[ cut here ]------------ # [ 265.552327] WARNING: CPU: 1 PID: 3570 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 265.562026] refcount_t: underflow; use-after-free. # [ 265.567112] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 265.605270] CPU: 1 UID: 0 PID: 3570 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 265.614777] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 265.620033] Hardware name: STM32 (Device Tree Support) # [ 265.625383] Call trace: # [ 265.625398] unwind_backtrace from show_stack+0x18/0x1c # [ 265.633708] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 265.639082] dump_stack_lvl from __warn+0x84/0x134 # [ 265.644162] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 265.649543] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 265.657338] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE+0x3c/0x80 # [ 265.666743] lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 265.674431] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 265.680199] direct_entry from full_proxy_write+0x5c/0x8c # [ 265.685869] full_proxy_write from vfs_write+0xbc/0x3cc # [ 265.691346] vfs_write from ksys_write+0x78/0xf8 # [ 265.696314] ksys_write from ret_fast_syscall+0x0/0x1c # [ 265.701677] Exception stack(0xf21edfa8 to 0xf21edff0) # [ 265.707035] dfa0: 0000001f 0000001f 00000001 b6e08000 0000001f 00000001 # [ 265.715510] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e08000 00020000 0046fe38 # [ 265.723981] dfe0: 00000004 bed38788 b6ece33b b6e47616 # [ 265.729437] ---[ end trace 0000000000000000 ]--- # [ 265.734285] lkdtm: Negative detected: saturated # REFCOUNT_DEC_AND_TEST_NEGATIVE: saw 'Negative detected: saturated': ok ok 56 selftests: lkdtm: REFCOUNT_DEC_AND_TEST_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_SUB_AND_TEST_NEGATIVE.sh <6>[ 267.214191] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_NEGATIVE <6>[ 267.219992] lkdtm: attempting bad refcount_sub_and_test() below zero <4>[ 267.226663] ------------[ cut here ]------------ <4>[ 267.231542] WARNING: CPU: 1 PID: 3614 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 267.241359] refcount_t: underflow; use-after-free. <4>[ 267.246414] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 267.284484] CPU: 1 UID: 0 PID: 3614 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 267.293994] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 267.299248] Hardware name: STM32 (Device Tree Support) <4>[ 267.304700] Call trace: <4>[ 267.304717] unwind_backtrace from show_stack+0x18/0x1c <4>[ 267.313031] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 267.318308] dump_stack_lvl from __warn+0x84/0x134 <4>[ 267.323388] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 267.328769] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 267.336566] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE+0x40/0x84 <4>[ 267.345971] lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 267.353761] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 267.359431] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 267.365203] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 267.370682] vfs_write from ksys_write+0x78/0xf8 <4>[ 267.375551] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 267.381015] Exception stack(0xf222dfa8 to 0xf222dff0) <4>[ 267.386275] dfa0: 0000001f 0000001f 00000001 b6de8000 0000001f 00000001 <4>[ 267.394750] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6de8000 00020000 004afe38 <4>[ 267.403220] dfe0: 00000004 be8e3788 b6eae33b b6e27616 <4>[ 267.408669] ---[ end trace 0000000000000000 ]--- <6>[ 267.413522] lkdtm: Negative detected: saturated # [ 267.214191] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_NEGATIVE # [ 267.219992] lkdtm: attempting bad refcount_sub_and_test() below zero # [ 267.226663] ------------[ cut here ]------------ # [ 267.231542] WARNING: CPU: 1 PID: 3614 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 267.241359] refcount_t: underflow; use-after-free. # [ 267.246414] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 267.284484] CPU: 1 UID: 0 PID: 3614 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 267.293994] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 267.299248] Hardware name: STM32 (Device Tree Support) # [ 267.304700] Call trace: # [ 267.304717] unwind_backtrace from show_stack+0x18/0x1c # [ 267.313031] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 267.318308] dump_stack_lvl from __warn+0x84/0x134 # [ 267.323388] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 267.328769] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 267.336566] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE+0x40/0x84 # [ 267.345971] lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 267.353761] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 267.359431] direct_entry from full_proxy_write+0x5c/0x8c # [ 267.365203] full_proxy_write from vfs_write+0xbc/0x3cc # [ 267.370682] vfs_write from ksys_write+0x78/0xf8 # [ 267.375551] ksys_write from ret_fast_syscall+0x0/0x1c # [ 267.381015] Exception stack(0xf222dfa8 to 0xf222dff0) # [ 267.386275] dfa0: 0000001f 0000001f 00000001 b6de8000 0000001f 00000001 # [ 267.394750] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6de8000 00020000 004afe38 # [ 267.403220] dfe0: 00000004 be8e3788 b6eae33b b6e27616 # [ 267.408669] ---[ end trace 0000000000000000 ]--- # [ 267.413522] lkdtm: Negative detected: saturated # REFCOUNT_SUB_AND_TEST_NEGATIVE: saw 'Negative detected: saturated': ok ok 57 selftests: lkdtm: REFCOUNT_SUB_AND_TEST_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_ZERO.sh <6>[ 268.827965] lkdtm: Performing direct entry REFCOUNT_INC_ZERO <6>[ 268.833383] lkdtm: attempting safe refcount_inc_not_zero() from zero <6>[ 268.839260] lkdtm: Good: zero detected <6>[ 268.843291] lkdtm: Correctly stayed at zero <6>[ 268.847715] lkdtm: attempting bad refcount_inc() from zero <4>[ 268.853571] ------------[ cut here ]------------ <4>[ 268.858425] WARNING: CPU: 1 PID: 3653 at lib/refcount.c:25 lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 <4>[ 268.867120] refcount_t: addition on 0; use-after-free. <4>[ 268.872578] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 268.910772] CPU: 1 UID: 0 PID: 3653 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 268.920181] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 268.925435] Hardware name: STM32 (Device Tree Support) <4>[ 268.930885] Call trace: <4>[ 268.930899] unwind_backtrace from show_stack+0x18/0x1c <4>[ 268.939209] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 268.944484] dump_stack_lvl from __warn+0x84/0x134 <4>[ 268.949564] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 268.954946] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 <4>[ 268.961738] lkdtm_REFCOUNT_INC_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 268.968326] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 268.974001] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 268.979772] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 268.985249] vfs_write from ksys_write+0x78/0xf8 <4>[ 268.990117] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 268.995582] Exception stack(0xf2265fa8 to 0xf2265ff0) <4>[ 269.000844] 5fa0: 00000012 00000012 00000001 b6e18000 00000012 00000001 <4>[ 269.009419] 5fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e18000 00020000 0043fe38 <4>[ 269.017889] 5fe0: 00000004 beb1d788 b6ede33b b6e57616 <4>[ 269.023286] ---[ end trace 0000000000000000 ]--- <6>[ 269.028139] lkdtm: Zero detected: saturated # [ 268.827965] lkdtm: Performing direct entry REFCOUNT_INC_ZERO # [ 268.833383] lkdtm: attempting safe refcount_inc_not_zero() from zero # [ 268.839260] lkdtm: Good: zero detected # [ 268.843291] lkdtm: Correctly stayed at zero # [ 268.847715] lkdtm: attempting bad refcount_inc() from zero # [ 268.853571] ------------[ cut here ]------------ # [ 268.858425] WARNING: CPU: 1 PID: 3653 at lib/refcount.c:25 lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 # [ 268.867120] refcount_t: addition on 0; use-after-free. # [ 268.872578] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 268.910772] CPU: 1 UID: 0 PID: 3653 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 268.920181] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 268.925435] Hardware name: STM32 (Device Tree Support) # [ 268.930885] Call trace: # [ 268.930899] unwind_backtrace from show_stack+0x18/0x1c # [ 268.939209] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 268.944484] dump_stack_lvl from __warn+0x84/0x134 # [ 268.949564] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 268.954946] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 # [ 268.961738] lkdtm_REFCOUNT_INC_ZERO from lkdtm_do_action+0x24/0x4c # [ 268.968326] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 268.974001] direct_entry from full_proxy_write+0x5c/0x8c # [ 268.979772] full_proxy_write from vfs_write+0xbc/0x3cc # [ 268.985249] vfs_write from ksys_write+0x78/0xf8 # [ 268.990117] ksys_write from ret_fast_syscall+0x0/0x1c # [ 268.995582] Exception stack(0xf2265fa8 to 0xf2265ff0) # [ 269.000844] 5fa0: 00000012 00000012 00000001 b6e18000 00000012 00000001 # [ 269.009419] 5fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e18000 00020000 0043fe38 # [ 269.017889] 5fe0: 00000004 beb1d788 b6ede33b b6e57616 # [ 269.023286] ---[ end trace 0000000000000000 ]--- # [ 269.028139] lkdtm: Zero detected: saturated # REFCOUNT_INC_ZERO: saw 'call trace:': ok ok 58 selftests: lkdtm: REFCOUNT_INC_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_ZERO.sh <6>[ 274.005284] lkdtm: Performing direct entry REFCOUNT_ADD_ZERO <6>[ 274.009989] lkdtm: attempting safe refcount_add_not_zero() from zero <6>[ 274.017192] lkdtm: Good: zero detected <6>[ 274.020687] lkdtm: Correctly stayed at zero <6>[ 274.025015] lkdtm: attempting bad refcount_add() from zero <4>[ 274.030787] ------------[ cut here ]------------ <4>[ 274.035717] WARNING: CPU: 1 PID: 3693 at lib/refcount.c:25 lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 <4>[ 274.044431] refcount_t: addition on 0; use-after-free. <4>[ 274.049872] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 274.088086] CPU: 1 UID: 0 PID: 3693 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 274.097505] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 274.102756] Hardware name: STM32 (Device Tree Support) <4>[ 274.108205] Call trace: <4>[ 274.108219] unwind_backtrace from show_stack+0x18/0x1c <4>[ 274.116428] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 274.121801] dump_stack_lvl from __warn+0x84/0x134 <4>[ 274.126881] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 274.132264] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 <4>[ 274.139057] lkdtm_REFCOUNT_ADD_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 274.145541] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 274.151311] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 274.156982] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 274.162560] vfs_write from ksys_write+0x78/0xf8 <4>[ 274.167429] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 274.172792] Exception stack(0xf2299fa8 to 0xf2299ff0) <4>[ 274.178150] 9fa0: 00000012 00000012 00000001 b6da8000 00000012 00000001 <4>[ 274.186624] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6da8000 00020000 004ffe38 <4>[ 274.195094] 9fe0: 00000004 be80b788 b6e6e33b b6de7616 <4>[ 274.200614] ---[ end trace 0000000000000000 ]--- <6>[ 274.205472] lkdtm: Zero detected: saturated # [ 274.005284] lkdtm: Performing direct entry REFCOUNT_ADD_ZERO # [ 274.009989] lkdtm: attempting safe refcount_add_not_zero() from zero # [ 274.017192] lkdtm: Good: zero detected # [ 274.020687] lkdtm: Correctly stayed at zero # [ 274.025015] lkdtm: attempting bad refcount_add() from zero # [ 274.030787] ------------[ cut here ]------------ # [ 274.035717] WARNING: CPU: 1 PID: 3693 at lib/refcount.c:25 lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 # [ 274.044431] refcount_t: addition on 0; use-after-free. # [ 274.049872] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 274.088086] CPU: 1 UID: 0 PID: 3693 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 274.097505] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 274.102756] Hardware name: STM32 (Device Tree Support) # [ 274.108205] Call trace: # [ 274.108219] unwind_backtrace from show_stack+0x18/0x1c # [ 274.116428] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 274.121801] dump_stack_lvl from __warn+0x84/0x134 # [ 274.126881] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 274.132264] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 # [ 274.139057] lkdtm_REFCOUNT_ADD_ZERO from lkdtm_do_action+0x24/0x4c # [ 274.145541] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 274.151311] direct_entry from full_proxy_write+0x5c/0x8c # [ 274.156982] full_proxy_write from vfs_write+0xbc/0x3cc # [ 274.162560] vfs_write from ksys_write+0x78/0xf8 # [ 274.167429] ksys_write from ret_fast_syscall+0x0/0x1c # [ 274.172792] Exception stack(0xf2299fa8 to 0xf2299ff0) # [ 274.178150] 9fa0: 00000012 00000012 00000001 b6da8000 00000012 00000001 # [ 274.186624] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6da8000 00020000 004ffe38 # [ 274.195094] 9fe0: 00000004 be80b788 b6e6e33b b6de7616 # [ 274.200614] ---[ end trace 0000000000000000 ]--- # [ 274.205472] lkdtm: Zero detected: saturated # REFCOUNT_ADD_ZERO: saw 'call trace:': ok ok 59 selftests: lkdtm: REFCOUNT_ADD_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_SATURATED.sh <6>[ 288.648938] lkdtm: Performing direct entry REFCOUNT_INC_SATURATED <6>[ 288.654095] lkdtm: attempting bad refcount_inc() from saturated <4>[ 288.660237] ------------[ cut here ]------------ <4>[ 288.665209] WARNING: CPU: 1 PID: 3737 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c <4>[ 288.674310] refcount_t: saturated; leaking memory. <4>[ 288.679366] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 288.717538] CPU: 1 UID: 0 PID: 3737 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 288.727047] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 288.732303] Hardware name: STM32 (Device Tree Support) <4>[ 288.737652] Call trace: <4>[ 288.737668] unwind_backtrace from show_stack+0x18/0x1c <4>[ 288.745976] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 288.751352] dump_stack_lvl from __warn+0x84/0x134 <4>[ 288.756435] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 288.761815] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c <4>[ 288.769013] lkdtm_REFCOUNT_INC_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 288.776002] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 288.781770] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 288.787442] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 288.792918] vfs_write from ksys_write+0x78/0xf8 <4>[ 288.797787] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 288.803250] Exception stack(0xf22f5fa8 to 0xf22f5ff0) <4>[ 288.808610] 5fa0: 00000017 00000017 00000001 b6e78000 00000017 00000001 <4>[ 288.817084] 5fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 <4>[ 288.825554] 5fe0: 00000004 be958788 b6f3e33b b6eb7616 <4>[ 288.831034] ---[ end trace 0000000000000000 ]--- <6>[ 288.835800] lkdtm: Saturation detected: still saturated # [ 288.648938] lkdtm: Performing direct entry REFCOUNT_INC_SATURATED # [ 288.654095] lkdtm: attempting bad refcount_inc() from saturated # [ 288.660237] ------------[ cut here ]------------ # [ 288.665209] WARNING: CPU: 1 PID: 3737 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c # [ 288.674310] refcount_t: saturated; leaking memory. # [ 288.679366] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 288.717538] CPU: 1 UID: 0 PID: 3737 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 288.727047] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 288.732303] Hardware name: STM32 (Device Tree Support) # [ 288.737652] Call trace: # [ 288.737668] unwind_backtrace from show_stack+0x18/0x1c # [ 288.745976] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 288.751352] dump_stack_lvl from __warn+0x84/0x134 # [ 288.756435] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 288.761815] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c # [ 288.769013] lkdtm_REFCOUNT_INC_SATURATED from lkdtm_do_action+0x24/0x4c # [ 288.776002] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 288.781770] direct_entry from full_proxy_write+0x5c/0x8c # [ 288.787442] full_proxy_write from vfs_write+0xbc/0x3cc # [ 288.792918] vfs_write from ksys_write+0x78/0xf8 # [ 288.797787] ksys_write from ret_fast_syscall+0x0/0x1c # [ 288.803250] Exception stack(0xf22f5fa8 to 0xf22f5ff0) # [ 288.808610] 5fa0: 00000017 00000017 00000001 b6e78000 00000017 00000001 # [ 288.817084] 5fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 # [ 288.825554] 5fe0: 00000004 be958788 b6f3e33b b6eb7616 # [ 288.831034] ---[ end trace 0000000000000000 ]--- # [ 288.835800] lkdtm: Saturation detected: still saturated # REFCOUNT_INC_SATURATED: saw 'Saturation detected: still saturated': ok ok 60 selftests: lkdtm: REFCOUNT_INC_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_SATURATED.sh <6>[ 297.565966] lkdtm: Performing direct entry REFCOUNT_DEC_SATURATED <6>[ 297.571114] lkdtm: attempting bad refcount_dec() from saturated <4>[ 297.577256] ------------[ cut here ]------------ <4>[ 297.582761] WARNING: CPU: 0 PID: 3781 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 <4>[ 297.591380] refcount_t: decrement hit 0; leaking memory. <4>[ 297.597388] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 297.635298] CPU: 0 UID: 0 PID: 3781 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 297.644607] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 297.649757] Hardware name: STM32 (Device Tree Support) <4>[ 297.655208] Call trace: <4>[ 297.655223] unwind_backtrace from show_stack+0x18/0x1c <4>[ 297.663534] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 297.668809] dump_stack_lvl from __warn+0x84/0x134 <4>[ 297.673892] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 297.679373] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 <4>[ 297.686467] lkdtm_REFCOUNT_DEC_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 297.693454] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 297.699223] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 297.704995] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 297.710473] vfs_write from ksys_write+0x78/0xf8 <4>[ 297.715341] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 297.720804] Exception stack(0xf2329fa8 to 0xf2329ff0) <4>[ 297.726063] 9fa0: 00000017 00000017 00000001 b6e38000 00000017 00000001 <4>[ 297.734538] 9fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 <4>[ 297.743008] 9fe0: 00000004 be83a788 b6efe33b b6e77616 <4>[ 297.748813] ---[ end trace 0000000000000000 ]--- <6>[ 297.754107] lkdtm: Saturation detected: still saturated # [ 297.565966] lkdtm: Performing direct entry REFCOUNT_DEC_SATURATED # [ 297.571114] lkdtm: attempting bad refcount_dec() from saturated # [ 297.577256] ------------[ cut here ]------------ # [ 297.582761] WARNING: CPU: 0 PID: 3781 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 # [ 297.591380] refcount_t: decrement hit 0; leaking memory. # [ 297.597388] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 297.635298] CPU: 0 UID: 0 PID: 3781 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 297.644607] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 297.649757] Hardware name: STM32 (Device Tree Support) # [ 297.655208] Call trace: # [ 297.655223] unwind_backtrace from show_stack+0x18/0x1c # [ 297.663534] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 297.668809] dump_stack_lvl from __warn+0x84/0x134 # [ 297.673892] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 297.679373] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 # [ 297.686467] lkdtm_REFCOUNT_DEC_SATURATED from lkdtm_do_action+0x24/0x4c # [ 297.693454] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 297.699223] direct_entry from full_proxy_write+0x5c/0x8c # [ 297.704995] full_proxy_write from vfs_write+0xbc/0x3cc # [ 297.710473] vfs_write from ksys_write+0x78/0xf8 # [ 297.715341] ksys_write from ret_fast_syscall+0x0/0x1c # [ 297.720804] Exception stack(0xf2329fa8 to 0xf2329ff0) # [ 297.726063] 9fa0: 00000017 00000017 00000001 b6e38000 00000017 00000001 # [ 297.734538] 9fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 # [ 297.743008] 9fe0: 00000004 be83a788 b6efe33b b6e77616 # [ 297.748813] ---[ end trace 0000000000000000 ]--- # [ 297.754107] lkdtm: Saturation detected: still saturated # REFCOUNT_DEC_SATURATED: saw 'Saturation detected: still saturated': ok ok 61 selftests: lkdtm: REFCOUNT_DEC_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_SATURATED.sh <6>[ 303.042155] lkdtm: Performing direct entry REFCOUNT_ADD_SATURATED <6>[ 303.047430] lkdtm: attempting bad refcount_dec() from saturated <4>[ 303.053477] ------------[ cut here ]------------ <4>[ 303.058266] WARNING: CPU: 0 PID: 3825 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c <4>[ 303.067519] refcount_t: saturated; leaking memory. <4>[ 303.072508] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 303.111621] CPU: 0 UID: 0 PID: 3825 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 303.120237] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 303.125484] Hardware name: STM32 (Device Tree Support) <4>[ 303.130833] Call trace: <4>[ 303.130847] unwind_backtrace from show_stack+0x18/0x1c <4>[ 303.139153] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 303.144527] dump_stack_lvl from __warn+0x84/0x134 <4>[ 303.149606] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 303.154988] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c <4>[ 303.162183] lkdtm_REFCOUNT_ADD_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 303.169170] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 303.174939] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 303.180610] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 303.186086] vfs_write from ksys_write+0x78/0xf8 <4>[ 303.190954] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 303.196417] Exception stack(0xf237dfa8 to 0xf237dff0) <4>[ 303.201776] dfa0: 00000017 00000017 00000001 b6d98000 00000017 00000001 <4>[ 303.210249] dfc0: 00000017 00000017 7ff00000 00000004 00000001 b6d98000 00020000 0047fe38 <4>[ 303.218718] dfe0: 00000004 bebbb788 b6e5e33b b6dd7616 <4>[ 303.224247] ---[ end trace 0000000000000000 ]--- <6>[ 303.228998] lkdtm: Saturation detected: still saturated # [ 303.042155] lkdtm: Performing direct entry REFCOUNT_ADD_SATURATED # [ 303.047430] lkdtm: attempting bad refcount_dec() from saturated # [ 303.053477] ------------[ cut here ]------------ # [ 303.058266] WARNING: CPU: 0 PID: 3825 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c # [ 303.067519] refcount_t: saturated; leaking memory. # [ 303.072508] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 303.111621] CPU: 0 UID: 0 PID: 3825 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 303.120237] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 303.125484] Hardware name: STM32 (Device Tree Support) # [ 303.130833] Call trace: # [ 303.130847] unwind_backtrace from show_stack+0x18/0x1c # [ 303.139153] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 303.144527] dump_stack_lvl from __warn+0x84/0x134 # [ 303.149606] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 303.154988] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c # [ 303.162183] lkdtm_REFCOUNT_ADD_SATURATED from lkdtm_do_action+0x24/0x4c # [ 303.169170] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 303.174939] direct_entry from full_proxy_write+0x5c/0x8c # [ 303.180610] full_proxy_write from vfs_write+0xbc/0x3cc # [ 303.186086] vfs_write from ksys_write+0x78/0xf8 # [ 303.190954] ksys_write from ret_fast_syscall+0x0/0x1c # [ 303.196417] Exception stack(0xf237dfa8 to 0xf237dff0) # [ 303.201776] dfa0: 00000017 00000017 00000001 b6d98000 00000017 00000001 # [ 303.210249] dfc0: 00000017 00000017 7ff00000 00000004 00000001 b6d98000 00020000 0047fe38 # [ 303.218718] dfe0: 00000004 bebbb788 b6e5e33b b6dd7616 # [ 303.224247] ---[ end trace 0000000000000000 ]--- # [ 303.228998] lkdtm: Saturation detected: still saturated # REFCOUNT_ADD_SATURATED: saw 'Saturation detected: still saturated': ok ok 62 selftests: lkdtm: REFCOUNT_ADD_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_SATURATED.sh <6>[ 306.530220] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_SATURATED <6>[ 306.536144] lkdtm: attempting bad refcount_inc_not_zero() from saturated <4>[ 306.543625] ------------[ cut here ]------------ <4>[ 306.548014] WARNING: CPU: 1 PID: 3864 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 306.557779] refcount_t: saturated; leaking memory. <4>[ 306.562805] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 306.601019] CPU: 1 UID: 0 PID: 3864 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 306.610532] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 306.615680] Hardware name: STM32 (Device Tree Support) <4>[ 306.621129] Call trace: <4>[ 306.621145] unwind_backtrace from show_stack+0x18/0x1c <4>[ 306.629453] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 306.634729] dump_stack_lvl from __warn+0x84/0x134 <4>[ 306.639811] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 306.645297] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 306.653002] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED+0x40/0x80 <4>[ 306.662610] lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 306.670303] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 306.676074] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 306.681845] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 306.687323] vfs_write from ksys_write+0x78/0xf8 <4>[ 306.692192] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 306.697655] Exception stack(0xf23b5fa8 to 0xf23b5ff0) <4>[ 306.702915] 5fa0: 00000020 00000020 00000001 b6e68000 00000020 00000001 <4>[ 306.711390] 5fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e68000 00020000 004bfe38 <4>[ 306.719859] 5fe0: 00000004 bea6f788 b6f2e33b b6ea7616 <4>[ 306.725311] ---[ end trace 0000000000000000 ]--- <6>[ 306.730137] lkdtm: Saturation detected: still saturated # [ 306.530220] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_SATURATED # [ 306.536144] lkdtm: attempting bad refcount_inc_not_zero() from saturated # [ 306.543625] ------------[ cut here ]------------ # [ 306.548014] WARNING: CPU: 1 PID: 3864 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 306.557779] refcount_t: saturated; leaking memory. # [ 306.562805] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 306.601019] CPU: 1 UID: 0 PID: 3864 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 306.610532] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 306.615680] Hardware name: STM32 (Device Tree Support) # [ 306.621129] Call trace: # [ 306.621145] unwind_backtrace from show_stack+0x18/0x1c # [ 306.629453] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 306.634729] dump_stack_lvl from __warn+0x84/0x134 # [ 306.639811] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 306.645297] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 306.653002] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED+0x40/0x80 # [ 306.662610] lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c # [ 306.670303] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 306.676074] direct_entry from full_proxy_write+0x5c/0x8c # [ 306.681845] full_proxy_write from vfs_write+0xbc/0x3cc # [ 306.687323] vfs_write from ksys_write+0x78/0xf8 # [ 306.692192] ksys_write from ret_fast_syscall+0x0/0x1c # [ 306.697655] Exception stack(0xf23b5fa8 to 0xf23b5ff0) # [ 306.702915] 5fa0: 00000020 00000020 00000001 b6e68000 00000020 00000001 # [ 306.711390] 5fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e68000 00020000 004bfe38 # [ 306.719859] 5fe0: 00000004 bea6f788 b6f2e33b b6ea7616 # [ 306.725311] ---[ end trace 0000000000000000 ]--- # [ 306.730137] lkdtm: Saturation detected: still saturated # REFCOUNT_INC_NOT_ZERO_SATURATED: saw 'call trace:': ok ok 63 selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_SATURATED.sh <6>[ 316.132703] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_SATURATED <6>[ 316.138627] lkdtm: attempting bad refcount_add_not_zero() from saturated <4>[ 316.145570] ------------[ cut here ]------------ <4>[ 316.150545] WARNING: CPU: 0 PID: 3903 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 316.160256] refcount_t: saturated; leaking memory. <4>[ 316.165321] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 316.203697] CPU: 0 UID: 0 PID: 3903 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 316.213008] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 316.218260] Hardware name: STM32 (Device Tree Support) <4>[ 316.223611] Call trace: <4>[ 316.223628] unwind_backtrace from show_stack+0x18/0x1c <4>[ 316.231940] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 316.237314] dump_stack_lvl from __warn+0x84/0x134 <4>[ 316.242294] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 316.247775] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 316.255575] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED+0x40/0x80 <4>[ 316.265081] lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 316.272874] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 316.278643] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 316.284314] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 316.289792] vfs_write from ksys_write+0x78/0xf8 <4>[ 316.294660] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 316.300124] Exception stack(0xf23e1fa8 to 0xf23e1ff0) <4>[ 316.305482] 1fa0: 00000020 00000020 00000001 b6e24000 00000020 00000001 <4>[ 316.313957] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e24000 00020000 004ffe38 <4>[ 316.322426] 1fe0: 00000004 be8bf788 b6eea33b b6e63616 <4>[ 316.328277] ---[ end trace 0000000000000000 ]--- <6>[ 316.332775] lkdtm: Saturation detected: still saturated # [ 316.132703] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_SATURATED # [ 316.138627] lkdtm: attempting bad refcount_add_not_zero() from saturated # [ 316.145570] ------------[ cut here ]------------ # [ 316.150545] WARNING: CPU: 0 PID: 3903 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 316.160256] refcount_t: saturated; leaking memory. # [ 316.165321] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 316.203697] CPU: 0 UID: 0 PID: 3903 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 316.213008] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 316.218260] Hardware name: STM32 (Device Tree Support) # [ 316.223611] Call trace: # [ 316.223628] unwind_backtrace from show_stack+0x18/0x1c # [ 316.231940] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 316.237314] dump_stack_lvl from __warn+0x84/0x134 # [ 316.242294] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 316.247775] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 316.255575] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED+0x40/0x80 # [ 316.265081] lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c # [ 316.272874] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 316.278643] direct_entry from full_proxy_write+0x5c/0x8c # [ 316.284314] full_proxy_write from vfs_write+0xbc/0x3cc # [ 316.289792] vfs_write from ksys_write+0x78/0xf8 # [ 316.294660] ksys_write from ret_fast_syscall+0x0/0x1c # [ 316.300124] Exception stack(0xf23e1fa8 to 0xf23e1ff0) # [ 316.305482] 1fa0: 00000020 00000020 00000001 b6e24000 00000020 00000001 # [ 316.313957] 1fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e24000 00020000 004ffe38 # [ 316.322426] 1fe0: 00000004 be8bf788 b6eea33b b6e63616 # [ 316.328277] ---[ end trace 0000000000000000 ]--- # [ 316.332775] lkdtm: Saturation detected: still saturated # REFCOUNT_ADD_NOT_ZERO_SATURATED: saw 'call trace:': ok ok 64 selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_AND_TEST_SATURATED.sh <6>[ 342.045257] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_SATURATED <6>[ 342.051170] lkdtm: attempting bad refcount_dec_and_test() from saturated <4>[ 342.058659] ------------[ cut here ]------------ <4>[ 342.063145] WARNING: CPU: 1 PID: 3947 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 342.072757] refcount_t: underflow; use-after-free. <4>[ 342.077908] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 342.116033] CPU: 1 UID: 0 PID: 3947 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 342.125548] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 342.130803] Hardware name: STM32 (Device Tree Support) <4>[ 342.136154] Call trace: <4>[ 342.136171] unwind_backtrace from show_stack+0x18/0x1c <4>[ 342.144482] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 342.149858] dump_stack_lvl from __warn+0x84/0x134 <4>[ 342.154839] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 342.160324] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 342.168124] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED+0x40/0x80 <4>[ 342.177633] lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 342.185424] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 342.191195] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 342.196868] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 342.202345] vfs_write from ksys_write+0x78/0xf8 <4>[ 342.207214] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 342.212678] Exception stack(0xf242dfa8 to 0xf242dff0) <4>[ 342.217937] dfa0: 00000020 00000020 00000001 b6e48000 00000020 00000001 <4>[ 342.226512] dfc0: 00000020 00000020 7ff00000 00000004 00000001 b6e48000 00020000 004efe38 <4>[ 342.234983] dfe0: 00000004 bec8c788 b6f0e33b b6e87616 <4>[ 342.240339] ---[ end trace 0000000000000000 ]--- <6>[ 342.245271] lkdtm: Saturation detected: still saturated # [ 342.045257] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_SATURATED # [ 342.051170] lkdtm: attempting bad refcount_dec_and_test() from saturated # [ 342.058659] ------------[ cut here ]------------ # [ 342.063145] WARNING: CPU: 1 PID: 3947 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 342.072757] refcount_t: underflow; use-after-free. # [ 342.077908] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 342.116033] CPU: 1 UID: 0 PID: 3947 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 342.125548] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 342.130803] Hardware name: STM32 (Device Tree Support) # [ 342.136154] Call trace: # [ 342.136171] unwind_backtrace from show_stack+0x18/0x1c # [ 342.144482] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 342.149858] dump_stack_lvl from __warn+0x84/0x134 # [ 342.154839] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 342.160324] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 342.168124] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED+0x40/0x80 # [ 342.177633] lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c # [ 342.185424] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 342.191195] direct_entry from full_proxy_write+0x5c/0x8c # [ 342.196868] full_proxy_write from vfs_write+0xbc/0x3cc # [ 342.202345] vfs_write from ksys_write+0x78/0xf8 # [ 342.207214] ksys_write from ret_fast_syscall+0x0/0x1c # [ 342.212678] Exception stack(0xf242dfa8 to 0xf242dff0) # [ 342.217937] dfa0: 00000020 00000020 00000001 b6e48000 00000020 00000001 # [ 342.226512] dfc0: 00000020 00000020 7ff00000 00000004 00000001 b6e48000 00020000 004efe38 # [ 342.234983] dfe0: 00000004 bec8c788 b6f0e33b b6e87616 # [ 342.240339] ---[ end trace 0000000000000000 ]--- # [ 342.245271] lkdtm: Saturation detected: still saturated # REFCOUNT_DEC_AND_TEST_SATURATED: saw 'Saturation detected: still saturated': ok ok 65 selftests: lkdtm: REFCOUNT_DEC_AND_TEST_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_SUB_AND_TEST_SATURATED.sh <6>[ 366.998514] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_SATURATED <6>[ 367.004437] lkdtm: attempting bad refcount_sub_and_test() from saturated <4>[ 367.011898] ------------[ cut here ]------------ <4>[ 367.016433] WARNING: CPU: 1 PID: 3992 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 367.026072] refcount_t: underflow; use-after-free. <4>[ 367.031127] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 367.069316] CPU: 1 UID: 0 PID: 3992 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 367.078735] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 367.083990] Hardware name: STM32 (Device Tree Support) <4>[ 367.089441] Call trace: <4>[ 367.089458] unwind_backtrace from show_stack+0x18/0x1c <4>[ 367.097773] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 367.103058] dump_stack_lvl from __warn+0x84/0x134 <4>[ 367.108143] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 367.113526] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 367.121324] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED+0x40/0x80 <4>[ 367.130830] lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 367.138619] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 367.144390] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 367.150062] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 367.155540] vfs_write from ksys_write+0x78/0xf8 <4>[ 367.160509] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 367.165872] Exception stack(0xf2475fa8 to 0xf2475ff0) <4>[ 367.171233] 5fa0: 00000020 00000020 00000001 b6da8000 00000020 00000001 <4>[ 367.179708] 5fc0: 00000020 00000020 7ff00000 00000004 00000001 b6da8000 00020000 0046fe38 <4>[ 367.188178] 5fe0: 00000004 be908788 b6e6e33b b6de7616 <4>[ 367.193648] ---[ end trace 0000000000000000 ]--- <6>[ 367.198500] lkdtm: Saturation detected: still saturated # [ 366.998514] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_SATURATED # [ 367.004437] lkdtm: attempting bad refcount_sub_and_test() from saturated # [ 367.011898] ------------[ cut here ]------------ # [ 367.016433] WARNING: CPU: 1 PID: 3992 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 367.026072] refcount_t: underflow; use-after-free. # [ 367.031127] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 367.069316] CPU: 1 UID: 0 PID: 3992 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 367.078735] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 367.083990] Hardware name: STM32 (Device Tree Support) # [ 367.089441] Call trace: # [ 367.089458] unwind_backtrace from show_stack+0x18/0x1c # [ 367.097773] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 367.103058] dump_stack_lvl from __warn+0x84/0x134 # [ 367.108143] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 367.113526] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 367.121324] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED+0x40/0x80 # [ 367.130830] lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c # [ 367.138619] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 367.144390] direct_entry from full_proxy_write+0x5c/0x8c # [ 367.150062] full_proxy_write from vfs_write+0xbc/0x3cc # [ 367.155540] vfs_write from ksys_write+0x78/0xf8 # [ 367.160509] ksys_write from ret_fast_syscall+0x0/0x1c # [ 367.165872] Exception stack(0xf2475fa8 to 0xf2475ff0) # [ 367.171233] 5fa0: 00000020 00000020 00000001 b6da8000 00000020 00000001 # [ 367.179708] 5fc0: 00000020 00000020 7ff00000 00000004 00000001 b6da8000 00020000 0046fe38 # [ 367.188178] 5fe0: 00000004 be908788 b6e6e33b b6de7616 # [ 367.193648] ---[ end trace 0000000000000000 ]--- # [ 367.198500] lkdtm: Saturation detected: still saturated # REFCOUNT_SUB_AND_TEST_SATURATED: saw 'Saturation detected: still saturated': ok ok 66 selftests: lkdtm: REFCOUNT_SUB_AND_TEST_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_TIMING.sh # Skipping REFCOUNT_TIMING: timing only ok 67 selftests: lkdtm: REFCOUNT_TIMING.sh # SKIP # timeout set to 45 # selftests: lkdtm: ATOMIC_TIMING.sh # Skipping ATOMIC_TIMING: timing only ok 68 selftests: lkdtm: ATOMIC_TIMING.sh # SKIP # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_SIZE_TO.sh <6>[ 370.307685] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_TO <6>[ 370.313159] lkdtm: attempting good copy_to_user of correct size <6>[ 370.319581] lkdtm: attempting bad copy_to_user of too large size <0>[ 370.325159] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-1k' (offset 16, size 1024)! <4>[ 370.335954] ------------[ cut here ]------------ <2>[ 370.340717] kernel BUG at mm/usercopy.c:102! <0>[ 370.345275] Internal error: Oops - BUG: 0 [#18] SMP ARM <4>[ 370.350843] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 370.388982] CPU: 1 UID: 0 PID: 4101 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 370.398592] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 370.403747] Hardware name: STM32 (Device Tree Support) <4>[ 370.409205] PC is at usercopy_abort+0x98/0x9c <4>[ 370.413788] LR is at usercopy_abort+0x98/0x9c <4>[ 370.418452] pc : [] lr : [] psr: 60080013 <4>[ 370.425014] sp : f251de28 ip : 00000000 fp : 00000200 <4>[ 370.430570] r10: b6fa2010 r9 : c5357010 r8 : c5357010 <4>[ 370.436025] r7 : 00000001 r6 : 00000400 r5 : 00000400 r4 : 00000010 <4>[ 370.442886] r3 : c5326e40 r2 : 00000000 r1 : 00000000 r0 : 00000067 <4>[ 370.449645] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 370.457113] Control: 10c5387d Table: c8a2406a DAC: 00000051 <1>[ 370.463167] Register r0 information: non-paged memory <1>[ 370.468434] Register r1 information: NULL pointer <1>[ 370.473489] Register r2 information: NULL pointer <1>[ 370.478441] Register r3 information: slab task_struct start c5326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 370.492118] copy_process+0x1f4/0x1f78 <6>[ 370.496477] kernel_clone+0xac/0x388 <6>[ 370.500533] sys_clone+0x78/0x9c <6>[ 370.504288] ret_fast_syscall+0x0/0x1c <4>[ 370.508540] Free path: <6>[ 370.511270] rcu_core+0x2dc/0xb14 <6>[ 370.515124] handle_softirqs+0x15c/0x430 <6>[ 370.519582] irq_exit+0xac/0xd4 <6>[ 370.523234] call_with_stack+0x18/0x20 <6>[ 370.527595] __irq_svc+0x9c/0xb8 <6>[ 370.531343] prepare_creds+0x34/0x2c0 <6>[ 370.535502] prepare_exec_creds+0x10/0x50 <6>[ 370.540061] bprm_execve+0x3c/0x5a4 <6>[ 370.544118] do_execveat_common+0x15c/0x1b4 <6>[ 370.548776] sys_execve+0x38/0x40 <6>[ 370.552629] ret_fast_syscall+0x0/0x1c <1>[ 370.556877] Register r4 information: zero-size pointer <1>[ 370.562335] Register r5 information: non-paged memory <1>[ 370.567688] Register r6 information: non-paged memory <1>[ 370.573042] Register r7 information: non-paged memory <1>[ 370.578295] Register r8 information: slab kmalloc-1k start c5356c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 370.592863] do_usercopy_slab_size+0x30/0x330 <6>[ 370.597721] lkdtm_do_action+0x24/0x4c <6>[ 370.601972] direct_entry+0x11c/0x140 <6>[ 370.606223] full_proxy_write+0x5c/0x8c <6>[ 370.610573] vfs_write+0xbc/0x3cc <6>[ 370.614430] ksys_write+0x78/0xf8 <6>[ 370.618276] ret_fast_syscall+0x0/0x1c <4>[ 370.622526] Free path: <6>[ 370.625256] nfs3_proc_create+0x1b4/0x2c4 <6>[ 370.629821] nfs_do_create+0xa8/0x178 <6>[ 370.633991] nfs_atomic_open_v23+0x84/0xd4 <6>[ 370.638654] path_openat+0xb18/0x1198 <6>[ 370.642820] do_filp_open+0x98/0x134 <6>[ 370.646982] do_sys_openat2+0xbc/0xe4 <6>[ 370.651150] sys_openat+0x98/0xd4 <6>[ 370.655013] ret_fast_syscall+0x0/0x1c <1>[ 370.659276] Register r9 information: slab kmalloc-1k start c5356c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 370.673762] do_usercopy_slab_size+0x30/0x330 <6>[ 370.678632] lkdtm_do_action+0x24/0x4c <6>[ 370.682985] direct_entry+0x11c/0x140 <6>[ 370.687138] full_proxy_write+0x5c/0x8c <6>[ 370.691489] vfs_write+0xbc/0x3cc <6>[ 370.695345] ksys_write+0x78/0xf8 <6>[ 370.699192] ret_fast_syscall+0x0/0x1c <4>[ 370.703448] Free path: <6>[ 370.706184] nfs3_proc_create+0x1b4/0x2c4 <6>[ 370.710753] nfs_do_create+0xa8/0x178 <6>[ 370.714918] nfs_atomic_open_v23+0x84/0xd4 <6>[ 370.719572] path_openat+0xb18/0x1198 <6>[ 370.723724] do_filp_open+0x98/0x134 <6>[ 370.727875] do_sys_openat2+0xbc/0xe4 <6>[ 370.732030] sys_openat+0x98/0xd4 <6>[ 370.735881] ret_fast_syscall+0x0/0x1c <1>[ 370.740231] Register r10 information: non-paged memory <1>[ 370.745590] Register r11 information: non-paged memory <1>[ 370.751046] Register r12 information: NULL pointer <0>[ 370.756102] Process cat (pid: 4101, stack limit = 0xf251c000) <0>[ 370.762164] Stack: (0xf251de28 to 0xf251e000) <0>[ 370.766721] de20: c1ea8f40 c1ea3e28 c1e930dc 00000010 00000400 00000c00 <0>[ 370.775199] de40: ffffffff c05f62cc 00000400 c0317008 c5357010 ef7b4740 00000400 00000001 <0>[ 370.783674] de60: c5357410 c0622004 00000400 c16cc10c f251de84 00000400 c5357000 c5356400 <0>[ 370.792147] de80: b6fa2000 00000001 c5357010 c0dfafc8 00000022 00000000 f251debc 00000016 <0>[ 370.800622] dea0: c571e000 00000000 f251df80 c26882d0 f251df80 c5499e00 0047fe38 c0df8798 <0>[ 370.809197] dec0: 00000016 c0df8b7c c0df8a60 c49ee240 b6e44000 00000016 c3a41d50 c0892960 <0>[ 370.817671] dee0: c49ee240 c0892904 f251df80 b6e44000 c5326e40 00000016 c5499e00 c0629858 <0>[ 370.826144] df00: c8a26db8 00000000 00000000 00000000 00000000 00000016 b6e44000 0001ffea <0>[ 370.834617] df20: 00000001 00000000 c49ee640 00000000 00000000 00000000 00000000 00000000 <0>[ 370.843089] df40: 00000000 00000000 00000000 00000000 00000022 ca044ec5 00000000 c49ee240 <0>[ 370.851563] df60: c49ee240 00000000 00000000 c03002f0 c5326e40 00000004 0047fe38 c0629db4 <0>[ 370.860037] df80: 00000000 00000000 00000000 ca044ec5 000000c0 00000016 00000016 7ff00000 <0>[ 370.868511] dfa0: 00000004 c03000c0 00000016 00000016 00000001 b6e44000 00000016 00000001 <0>[ 370.876985] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e44000 00020000 0047fe38 <0>[ 370.885459] dfe0: 00000004 be95a788 b6f0a33b b6e83616 60080030 00000001 00000000 00000000 <0>[ 370.893924] Call trace: <0>[ 370.893940] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 370.902954] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 370.909632] __check_object_size from do_usercopy_slab_size+0x1f4/0x330 <0>[ 370.916517] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c <0>[ 370.922894] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 370.928664] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 370.934334] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 370.939912] vfs_write from ksys_write+0x78/0xf8 <0>[ 370.944780] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 370.950143] Exception stack(0xf251dfa8 to 0xf251dff0) <0>[ 370.955500] dfa0: 00000016 00000016 00000001 b6e44000 00000016 00000001 <0>[ 370.963974] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e44000 00020000 0047fe38 <0>[ 370.972444] dfe0: 00000004 be95a788 b6f0a33b b6e83616 <0>[ 370.977802] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) <4>[ 370.984158] ---[ end trace 0000000000000000 ]--- <6>[ 370.989105] note: cat[4101] exited with irqs disabled # Segmentation fault # [ 370.307685] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_TO # [ 370.313159] lkdtm: attempting good copy_to_user of correct size # [ 370.319581] lkdtm: attempting bad copy_to_user of too large size # [ 370.325159] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-1k' (offset 16, size 1024)! # [ 370.335954] ------------[ cut here ]------------ # [ 370.340717] kernel BUG at mm/usercopy.c:102! # [ 370.345275] Internal error: Oops - BUG: 0 [#18] SMP ARM # [ 370.350843] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 370.388982] CPU: 1 UID: 0 PID: 4101 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 370.398592] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 370.403747] Hardware name: STM32 (Device Tree Support) # [ 370.409205] PC is at usercopy_abort+0x98/0x9c # [ 370.413788] LR is at usercopy_abort+0x98/0x9c # [ 370.418452] pc : [] lr : [] psr: 60080013 # [ 370.425014] sp : f251de28 ip : 00000000 fp : 00000200 # [ 370.430570] r10: b6fa2010 r9 : c5357010 r8 : c5357010 # [ 370.436025] r7 : 00000001 r6 : 00000400 r5 : 00000400 r4 : 00000010 # [ 370.442886] r3 : c5326e40 r2 : 00000000 r1 : 00000000 r0 : 00000067 # [ 370.449645] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 370.457113] Control: 10c5387d Table: c8a2406a DAC: 00000051 # [ 370.463167] Register r0 information: non-paged memory # [ 370.468434] Register r1 information: NULL pointer # [ 370.473489] Register r2 information: NULL pointer # [ 370.478441] Register r3 information: slab task_struct start c5326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 370.492118] copy_process+0x1f4/0x1f78 # [ 370.496477] kernel_clone+0xac/0x388 # [ 370.500533] sys_clone+0x78/0x9c # [ 370.504288] ret_fast_syscall+0x0/0x1c # [ 370.508540] Free path: # [ 370.511270] rcu_core+0x2dc/0xb14 # [ 370.515124] handle_softirqs+0x15c/0x430 # [ 370.519582] irq_exit+0xac/0xd4 # [ 370.523234] call_with_stack+0x18/0x20 # [ 370.527595] __irq_svc+0x9c/0xb8 # [ 370.531343] prepare_creds+0x34/0x2c0 # [ 370.535502] prepare_exec_creds+0x10/0x50 # [ 370.540061] bprm_execve+0x3c/0x5a4 # [ 370.544118] do_execveat_common+0x15c/0x1b4 # [ 370.548776] sys_execve+0x38/0x40 # [ 370.552629] ret_fast_syscall+0x0/0x1c # [ 370.556877] Register r4 information: zero-size pointer # [ 370.562335] Register r5 information: non-paged memory # [ 370.567688] Register r6 information: non-paged memory # [ 370.573042] Register r7 information: non-paged memory # [ 370.578295] Register r8 information: slab kmalloc-1k start c5356c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 370.592863] do_usercopy_slab_size+0x30/0x330 # [ 370.597721] lkdtm_do_action+0x24/0x4c # [ 370.601972] direct_entry+0x11c/0x140 # [ 370.606223] full_proxy_write+0x5c/0x8c # [ 370.610573] vfs_write+0xbc/0x3cc # [ 370.614430] ksys_write+0x78/0xf8 # [ 370.618276] ret_fast_syscall+0x0/0x1c # [ 370.622526] Free path: # [ 370.625256] nfs3_proc_create+0x1b4/0x2c4 # [ 370.629821] nfs_do_create+0xa8/0x178 # [ 370.633991] nfs_atomic_open_v23+0x84/0xd4 # [ 370.638654] path_openat+0xb18/0x1198 # [ 370.642820] do_filp_open+0x98/0x134 # [ 370.646982] do_sys_openat2+0xbc/0xe4 # [ 370.651150] sys_openat+0x98/0xd4 # [ 370.655013] ret_fast_syscall+0x0/0x1c # [ 370.659276] Register r9 information: slab kmalloc-1k start c5356c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 370.673762] do_usercopy_slab_size+0x30/0x330 # [ 370.678632] lkdtm_do_action+0x24/0x4c # [ 370.682985] direct_entry+0x11c/0x140 # [ 370.687138] full_proxy_write+0x5c/0x8c # [ 370.691489] vfs_write+0xbc/0x3cc # [ 370.695345] ksys_write+0x78/0xf8 # [ 370.699192] ret_fast_syscall+0x0/0x1c # [ 370.703448] Free path: # [ 370.706184] nfs3_proc_create+0x1b4/0x2c4 # [ 370.710753] nfs_do_create+0xa8/0x178 # [ 370.714918] nfs_atomic_open_v23+0x84/0xd4 # [ 370.719572] path_openat+0xb18/0x1198 # [ 370.723724] do_filp_open+0x98/0x134 # [ 370.727875] do_sys_openat2+0xbc/0xe4 # [ 370.732030] sys_openat+0x98/0xd4 # [ 370.735881] ret_fast_syscall+0x0/0x1c # [ 370.740231] Register r10 information: non-paged memory # [ 370.745590] Register r11 information: non-paged memory # [ 370.751046] Register r12 information: NULL pointer # [ 370.756102] Process cat (pid: 4101, stack limit = 0xf251c000) # [ 370.762164] Stack: (0xf251de28 to 0xf251e000) # [ 370.766721] de20: c1ea8f40 c1ea3e28 c1e930dc 00000010 00000400 00000c00 # [ 370.775199] de40: ffffffff c05f62cc 00000400 c0317008 c5357010 ef7b4740 00000400 00000001 # [ 370.783674] de60: c5357410 c0622004 00000400 c16cc10c f251de84 00000400 c5357000 c5356400 # [ 370.792147] de80: b6fa2000 00000001 c5357010 c0dfafc8 00000022 00000000 f251debc 00000016 # [ 370.800622] dea0: c571e000 00000000 f251df80 c26882d0 f251df80 c5499e00 0047fe38 c0df8798 # [ 370.809197] dec0: 00000016 c0df8b7c c0df8a60 c49ee240 b6e44000 00000016 c3a41d50 c0892960 # [ 370.817671] dee0: c49ee240 c0892904 f251df80 b6e44000 c5326e40 00000016 c5499e00 c0629858 # [ 370.826144] df00: c8a26db8 00000000 00000000 00000000 00000000 00000016 b6e44000 0001ffea # [ 370.834617] df20: 00000001 00000000 c49ee640 00000000 00000000 00000000 00000000 00000000 # [ 370.843089] df40: 00000000 00000000 00000000 00000000 00000022 ca044ec5 00000000 c49ee240 # [ 370.851563] df60: c49ee240 00000000 00000000 c03002f0 c5326e40 00000004 0047fe38 c0629db4 # [ 370.860037] df80: 00000000 00000000 00000000 ca044ec5 000000c0 00000016 00000016 7ff00000 # [ 370.868511] dfa0: 00000004 c03000c0 00000016 00000016 00000001 b6e44000 00000016 00000001 # [ 370.876985] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e44000 00020000 0047fe38 # [ 370.885459] dfe0: 00000004 be95a788 b6f0a33b b6e83616 60080030 00000001 00000000 00000000 # [ 370.893924] Call trace: # [ 370.893940] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 370.902954] __check_heap_object from __check_object_size+0x294/0x310 # [ 370.909632] __check_object_size from do_usercopy_slab_size+0x1f4/0x330 # [ 370.916517] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c # [ 370.922894] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 370.928664] direct_entry from full_proxy_write+0x5c/0x8c # [ 370.934334] full_proxy_write from vfs_write+0xbc/0x3cc # [ 370.939912] vfs_write from ksys_write+0x78/0xf8 # [ 370.944780] ksys_write from ret_fast_syscall+0x0/0x1c # [ 370.950143] Exception stack(0xf251dfa8 to 0xf251dff0) # [ 370.955500] dfa0: 00000016 00000016 00000001 b6e44000 00000016 00000001 # [ 370.963974] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e44000 00020000 0047fe38 # [ 370.972444] dfe0: 00000004 be95a788 b6f0a33b b6e83616 # [ 370.977802] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) # [ 370.984158] ---[ end trace 0000000000000000 ]--- # [ 370.989105] note: cat[4101] exited with irqs disabled # USERCOPY_SLAB_SIZE_TO: saw 'call trace:': ok ok 69 selftests: lkdtm: USERCOPY_SLAB_SIZE_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_SIZE_FROM.sh <6>[ 372.949393] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_FROM <6>[ 372.954839] lkdtm: attempting good copy_from_user of correct size <6>[ 372.961586] lkdtm: attempting bad copy_from_user of too large size <0>[ 372.967597] usercopy: Kernel memory overwrite attempt detected to SLUB object 'kmalloc-1k' (offset 16, size 1024)! <4>[ 372.978113] ------------[ cut here ]------------ <2>[ 372.982871] kernel BUG at mm/usercopy.c:102! <0>[ 372.987427] Internal error: Oops - BUG: 0 [#19] SMP ARM <4>[ 372.992986] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 373.031105] CPU: 1 UID: 0 PID: 4188 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 373.040699] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 373.045944] Hardware name: STM32 (Device Tree Support) <4>[ 373.051291] PC is at usercopy_abort+0x98/0x9c <4>[ 373.055963] LR is at usercopy_abort+0x98/0x9c <4>[ 373.060620] pc : [] lr : [] psr: 60080013 <4>[ 373.067177] sp : f2569e28 ip : 00000000 fp : 00000200 <4>[ 373.072626] r10: b6f79010 r9 : c5352810 r8 : c5352810 <4>[ 373.078177] r7 : 00000000 r6 : 00000400 r5 : 00000400 r4 : 00000010 <4>[ 373.084934] r3 : c5326e40 r2 : 00000000 r1 : 00000000 r0 : 00000066 <4>[ 373.091793] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 373.099258] Control: 10c5387d Table: c56d406a DAC: 00000051 <1>[ 373.105209] Register r0 information: non-paged memory <1>[ 373.110569] Register r1 information: NULL pointer <1>[ 373.115521] Register r2 information: NULL pointer <1>[ 373.120572] Register r3 information: slab task_struct start c5326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 373.134244] copy_process+0x1f4/0x1f78 <6>[ 373.138501] kernel_clone+0xac/0x388 <6>[ 373.142656] sys_clone+0x78/0x9c <6>[ 373.146409] ret_fast_syscall+0x0/0x1c <4>[ 373.150660] Free path: <6>[ 373.153390] rcu_core+0x2dc/0xb14 <6>[ 373.157242] handle_softirqs+0x15c/0x430 <6>[ 373.161699] irq_exit+0xac/0xd4 <6>[ 373.165349] call_with_stack+0x18/0x20 <6>[ 373.169610] __irq_svc+0x9c/0xb8 <6>[ 373.173357] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 373.178718] percpu_counter_destroy_many+0x98/0x140 <6>[ 373.184182] __mmdrop+0xe4/0x22c <6>[ 373.187934] begin_new_exec+0x4ac/0xb64 <6>[ 373.192293] load_elf_binary+0x1b8/0x1374 <6>[ 373.196850] bprm_execve+0x20c/0x5a4 <6>[ 373.200904] do_execveat_common+0x15c/0x1b4 <6>[ 373.205662] sys_execve+0x38/0x40 <6>[ 373.209515] ret_fast_syscall+0x0/0x1c <1>[ 373.213767] Register r4 information: zero-size pointer <1>[ 373.219224] Register r5 information: non-paged memory <1>[ 373.224579] Register r6 information: non-paged memory <1>[ 373.229832] Register r7 information: NULL pointer <1>[ 373.234884] Register r8 information: slab kmalloc-1k start c5352400 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 373.249351] do_usercopy_slab_size+0x30/0x330 <6>[ 373.254209] lkdtm_do_action+0x24/0x4c <6>[ 373.258560] direct_entry+0x11c/0x140 <6>[ 373.262710] full_proxy_write+0x5c/0x8c <6>[ 373.267061] vfs_write+0xbc/0x3cc <6>[ 373.270918] ksys_write+0x78/0xf8 <6>[ 373.274764] ret_fast_syscall+0x0/0x1c <4>[ 373.279013] Free path: <6>[ 373.281743] nfs3_proc_create+0x1b4/0x2c4 <6>[ 373.286305] nfs_do_create+0xa8/0x178 <6>[ 373.290463] nfs_atomic_open_v23+0x84/0xd4 <6>[ 373.295114] path_openat+0xb18/0x1198 <6>[ 373.299365] do_filp_open+0x98/0x134 <6>[ 373.303415] do_sys_openat2+0xbc/0xe4 <6>[ 373.307671] sys_openat+0x98/0xd4 <6>[ 373.311523] ret_fast_syscall+0x0/0x1c <1>[ 373.315772] Register r9 information: slab kmalloc-1k start c5352400 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 373.330235] do_usercopy_slab_size+0x30/0x330 <6>[ 373.335192] lkdtm_do_action+0x24/0x4c <6>[ 373.339442] direct_entry+0x11c/0x140 <6>[ 373.343691] full_proxy_write+0x5c/0x8c <6>[ 373.348040] vfs_write+0xbc/0x3cc <6>[ 373.351896] ksys_write+0x78/0xf8 <6>[ 373.355742] ret_fast_syscall+0x0/0x1c <4>[ 373.359991] Free path: <6>[ 373.362720] nfs3_proc_create+0x1b4/0x2c4 <6>[ 373.367279] nfs_do_create+0xa8/0x178 <6>[ 373.371435] nfs_atomic_open_v23+0x84/0xd4 <6>[ 373.376087] path_openat+0xb18/0x1198 <6>[ 373.380245] do_filp_open+0x98/0x134 <6>[ 373.384407] do_sys_openat2+0xbc/0xe4 <6>[ 373.388575] sys_openat+0x98/0xd4 <6>[ 373.392440] ret_fast_syscall+0x0/0x1c <1>[ 373.396703] Register r10 information: non-paged memory <1>[ 373.402073] Register r11 information: non-paged memory <1>[ 373.407540] Register r12 information: NULL pointer <0>[ 373.412605] Process cat (pid: 4188, stack limit = 0xf2568000) <0>[ 373.418672] Stack: (0xf2569e28 to 0xf256a000) <0>[ 373.423236] 9e20: c1ea8f40 c1ea3e28 c1e930dc 00000010 00000400 00000c00 <0>[ 373.431718] 9e40: ffffffff c05f62cc 00000400 c0317008 c5352810 ef7b4740 00000400 00000000 <0>[ 373.440194] 9e60: c5352c10 c0622004 00000400 c16cc10c f2569e84 00000400 c5352800 c5354000 <0>[ 373.448669] 9e80: b6f79000 00000000 c5352810 c0dfb0b4 00000022 00000000 f2569ebc 00000018 <0>[ 373.457143] 9ea0: c57ad000 00000000 f2569f80 c26882d8 f2569f80 c5499e00 0048fe38 c0df8798 <0>[ 373.465620] 9ec0: 00000018 c0df8b7c c0df8a60 c560c940 b6e18000 00000018 c3a41d50 c0892960 <0>[ 373.474099] 9ee0: c560c940 c0892904 f2569f80 b6e18000 c5326e40 00000018 c5499e00 c0629858 <0>[ 373.482573] 9f00: c56d6db8 00000000 00000000 00000000 00000000 00000018 b6e18000 0001ffe8 <0>[ 373.491045] 9f20: 00000001 00000000 c560c040 00000000 00000000 00000000 00000000 00000000 <0>[ 373.499518] 9f40: 00000000 00000000 00000000 00000000 00000022 a8182f54 00000000 c560c940 <0>[ 373.507992] 9f60: c560c940 00000000 00000000 c03002f0 c5326e40 00000004 0048fe38 c0629db4 <0>[ 373.516466] 9f80: 00000000 00000000 00000000 a8182f54 000000c0 00000018 00000018 7ff00000 <0>[ 373.524940] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e18000 00000018 00000001 <0>[ 373.533414] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e18000 00020000 0048fe38 <0>[ 373.541889] 9fe0: 00000004 bebac788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 <0>[ 373.550356] Call trace: <0>[ 373.550372] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 373.559387] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 373.566167] __check_object_size from do_usercopy_slab_size+0x2e0/0x330 <0>[ 373.573052] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c <0>[ 373.579429] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 373.585198] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 373.590869] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 373.596346] vfs_write from ksys_write+0x78/0xf8 <0>[ 373.601215] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 373.606679] Exception stack(0xf2569fa8 to 0xf2569ff0) <0>[ 373.612037] 9fa0: 00000018 00000018 00000001 b6e18000 00000018 00000001 <0>[ 373.620512] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e18000 00020000 0048fe38 <0>[ 373.628983] 9fe0: 00000004 bebac788 b6ede33b b6e57616 <0>[ 373.634341] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) <4>[ 373.640699] ---[ end trace 0000000000000000 ]--- <6>[ 373.645546] note: cat[4188] exited with irqs disabled # Segmentation fault # [ 372.949393] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_FROM # [ 372.954839] lkdtm: attempting good copy_from_user of correct size # [ 372.961586] lkdtm: attempting bad copy_from_user of too large size # [ 372.967597] usercopy: Kernel memory overwrite attempt detected to SLUB object 'kmalloc-1k' (offset 16, size 1024)! # [ 372.978113] ------------[ cut here ]------------ # [ 372.982871] kernel BUG at mm/usercopy.c:102! # [ 372.987427] Internal error: Oops - BUG: 0 [#19] SMP ARM # [ 372.992986] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 373.031105] CPU: 1 UID: 0 PID: 4188 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 373.040699] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 373.045944] Hardware name: STM32 (Device Tree Support) # [ 373.051291] PC is at usercopy_abort+0x98/0x9c # [ 373.055963] LR is at usercopy_abort+0x98/0x9c # [ 373.060620] pc : [] lr : [] psr: 60080013 # [ 373.067177] sp : f2569e28 ip : 00000000 fp : 00000200 # [ 373.072626] r10: b6f79010 r9 : c5352810 r8 : c5352810 # [ 373.078177] r7 : 00000000 r6 : 00000400 r5 : 00000400 r4 : 00000010 # [ 373.084934] r3 : c5326e40 r2 : 00000000 r1 : 00000000 r0 : 00000066 # [ 373.091793] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 373.099258] Control: 10c5387d Table: c56d406a DAC: 00000051 # [ 373.105209] Register r0 information: non-paged memory # [ 373.110569] Register r1 information: NULL pointer # [ 373.115521] Register r2 information: NULL pointer # [ 373.120572] Register r3 information: slab task_struct start c5326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 373.134244] copy_process+0x1f4/0x1f78 # [ 373.138501] kernel_clone+0xac/0x388 # [ 373.142656] sys_clone+0x78/0x9c # [ 373.146409] ret_fast_syscall+0x0/0x1c # [ 373.150660] Free path: # [ 373.153390] rcu_core+0x2dc/0xb14 # [ 373.157242] handle_softirqs+0x15c/0x430 # [ 373.161699] irq_exit+0xac/0xd4 # [ 373.165349] call_with_stack+0x18/0x20 # [ 373.169610] __irq_svc+0x9c/0xb8 # [ 373.173357] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 373.178718] percpu_counter_destroy_many+0x98/0x140 # [ 373.184182] __mmdrop+0xe4/0x22c # [ 373.187934] begin_new_exec+0x4ac/0xb64 # [ 373.192293] load_elf_binary+0x1b8/0x1374 # [ 373.196850] bprm_execve+0x20c/0x5a4 # [ 373.200904] do_execveat_common+0x15c/0x1b4 # [ 373.205662] sys_execve+0x38/0x40 # [ 373.209515] ret_fast_syscall+0x0/0x1c # [ 373.213767] Register r4 information: zero-size pointer # [ 373.219224] Register r5 information: non-paged memory # [ 373.224579] Register r6 information: non-paged memory # [ 373.229832] Register r7 information: NULL pointer # [ 373.234884] Register r8 information: slab kmalloc-1k start c5352400 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 373.249351] do_usercopy_slab_size+0x30/0x330 # [ 373.254209] lkdtm_do_action+0x24/0x4c # [ 373.258560] direct_entry+0x11c/0x140 # [ 373.262710] full_proxy_write+0x5c/0x8c # [ 373.267061] vfs_write+0xbc/0x3cc # [ 373.270918] ksys_write+0x78/0xf8 # [ 373.274764] ret_fast_syscall+0x0/0x1c # [ 373.279013] Free path: # [ 373.281743] nfs3_proc_create+0x1b4/0x2c4 # [ 373.286305] nfs_do_create+0xa8/0x178 # [ 373.290463] nfs_atomic_open_v23+0x84/0xd4 # [ 373.295114] path_openat+0xb18/0x1198 # [ 373.299365] do_filp_open+0x98/0x134 # [ 373.303415] do_sys_openat2+0xbc/0xe4 # [ 373.307671] sys_openat+0x98/0xd4 # [ 373.311523] ret_fast_syscall+0x0/0x1c # [ 373.315772] Register r9 information: slab kmalloc-1k start c5352400 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 373.330235] do_usercopy_slab_size+0x30/0x330 # [ 373.335192] lkdtm_do_action+0x24/0x4c # [ 373.339442] direct_entry+0x11c/0x140 # [ 373.343691] full_proxy_write+0x5c/0x8c # [ 373.348040] vfs_write+0xbc/0x3cc # [ 373.351896] ksys_write+0x78/0xf8 # [ 373.355742] ret_fast_syscall+0x0/0x1c # [ 373.359991] Free path: # [ 373.362720] nfs3_proc_create+0x1b4/0x2c4 # [ 373.367279] nfs_do_create+0xa8/0x178 # [ 373.371435] nfs_atomic_open_v23+0x84/0xd4 # [ 373.376087] path_openat+0xb18/0x1198 # [ 373.380245] do_filp_open+0x98/0x134 # [ 373.384407] do_sys_openat2+0xbc/0xe4 # [ 373.388575] sys_openat+0x98/0xd4 # [ 373.392440] ret_fast_syscall+0x0/0x1c # [ 373.396703] Register r10 information: non-paged memory # [ 373.402073] Register r11 information: non-paged memory # [ 373.407540] Register r12 information: NULL pointer # [ 373.412605] Process cat (pid: 4188, stack limit = 0xf2568000) # [ 373.418672] Stack: (0xf2569e28 to 0xf256a000) # [ 373.423236] 9e20: c1ea8f40 c1ea3e28 c1e930dc 00000010 00000400 00000c00 # [ 373.431718] 9e40: ffffffff c05f62cc 00000400 c0317008 c5352810 ef7b4740 00000400 00000000 # [ 373.440194] 9e60: c5352c10 c0622004 00000400 c16cc10c f2569e84 00000400 c5352800 c5354000 # [ 373.448669] 9e80: b6f79000 00000000 c5352810 c0dfb0b4 00000022 00000000 f2569ebc 00000018 # [ 373.457143] 9ea0: c57ad000 00000000 f2569f80 c26882d8 f2569f80 c5499e00 0048fe38 c0df8798 # [ 373.465620] 9ec0: 00000018 c0df8b7c c0df8a60 c560c940 b6e18000 00000018 c3a41d50 c0892960 # [ 373.474099] 9ee0: c560c940 c0892904 f2569f80 b6e18000 c5326e40 00000018 c5499e00 c0629858 # [ 373.482573] 9f00: c56d6db8 00000000 00000000 00000000 00000000 00000018 b6e18000 0001ffe8 # [ 373.491045] 9f20: 00000001 00000000 c560c040 00000000 00000000 00000000 00000000 00000000 # [ 373.499518] 9f40: 00000000 00000000 00000000 00000000 00000022 a8182f54 00000000 c560c940 # [ 373.507992] 9f60: c560c940 00000000 00000000 c03002f0 c5326e40 00000004 0048fe38 c0629db4 # [ 373.516466] 9f80: 00000000 00000000 00000000 a8182f54 000000c0 00000018 00000018 7ff00000 # [ 373.524940] 9fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e18000 00000018 00000001 # [ 373.533414] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e18000 00020000 0048fe38 # [ 373.541889] 9fe0: 00000004 bebac788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 # [ 373.550356] Call trace: # [ 373.550372] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 373.559387] __check_heap_object from __check_object_size+0x294/0x310 # [ 373.566167] __check_object_size from do_usercopy_slab_size+0x2e0/0x330 # [ 373.573052] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c # [ 373.579429] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 373.585198] direct_entry from full_proxy_write+0x5c/0x8c # [ 373.590869] full_proxy_write from vfs_write+0xbc/0x3cc # [ 373.596346] vfs_write from ksys_write+0x78/0xf8 # [ 373.601215] ksys_write from ret_fast_syscall+0x0/0x1c # [ 373.606679] Exception stack(0xf2569fa8 to 0xf2569ff0) # [ 373.612037] 9fa0: 00000018 00000018 00000001 b6e18000 00000018 00000001 # [ 373.620512] 9fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e18000 00020000 0048fe38 # [ 373.628983] 9fe0: 00000004 bebac788 b6ede33b b6e57616 # [ 373.634341] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) # [ 373.640699] ---[ end trace 0000000000000000 ]--- # [ 373.645546] note: cat[4188] exited with irqs disabled # USERCOPY_SLAB_SIZE_FROM: saw 'call trace:': ok ok 70 selftests: lkdtm: USERCOPY_SLAB_SIZE_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_WHITELIST_TO.sh <6>[ 375.740169] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_TO <6>[ 375.745896] lkdtm: attempting good copy_to_user inside whitelist <6>[ 375.752151] lkdtm: attempting bad copy_to_user outside whitelist <0>[ 375.758255] usercopy: Kernel memory exposure attempt detected from SLUB object 'lkdtm-usercopy' (offset 255, size 64)! <4>[ 375.769253] ------------[ cut here ]------------ <2>[ 375.774010] kernel BUG at mm/usercopy.c:102! <0>[ 375.778565] Internal error: Oops - BUG: 0 [#20] SMP ARM <4>[ 375.784127] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 375.822148] CPU: 1 UID: 0 PID: 4275 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 375.831842] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 375.837088] Hardware name: STM32 (Device Tree Support) <4>[ 375.842435] PC is at usercopy_abort+0x98/0x9c <4>[ 375.847108] LR is at usercopy_abort+0x98/0x9c <4>[ 375.851765] pc : [] lr : [] psr: 60080013 <4>[ 375.858322] sp : f25c1e28 ip : 00000000 fp : 0050fe38 <4>[ 375.863771] r10: c26881f8 r9 : 00000040 r8 : c8dd0107 <4>[ 375.869321] r7 : 00000001 r6 : 00000040 r5 : 00000040 r4 : 000000ff <4>[ 375.876078] r3 : c6073c40 r2 : 00000000 r1 : 00000000 r0 : 0000006a <4>[ 375.882936] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 375.890402] Control: 10c5387d Table: c8dd406a DAC: 00000051 <1>[ 375.896353] Register r0 information: non-paged memory <1>[ 375.901714] Register r1 information: NULL pointer <1>[ 375.906666] Register r2 information: NULL pointer <1>[ 375.911717] Register r3 information: slab task_struct start c6073c00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 375.925390] copy_process+0x1f4/0x1f78 <6>[ 375.929646] kernel_clone+0xac/0x388 <6>[ 375.933802] sys_clone+0x78/0x9c <6>[ 375.937554] ret_fast_syscall+0x0/0x1c <4>[ 375.941805] Free path: <6>[ 375.944536] rcu_core+0x2dc/0xb14 <6>[ 375.948389] handle_softirqs+0x15c/0x430 <6>[ 375.952847] irq_exit+0xac/0xd4 <6>[ 375.956497] call_with_stack+0x18/0x20 <6>[ 375.960757] __irq_svc+0x9c/0xb8 <6>[ 375.964603] tcp_established_options+0xcc/0x25c <6>[ 375.969662] tcp_current_mss+0xa8/0x12c <6>[ 375.974014] tcp_send_mss+0x1c/0xbc <6>[ 375.977970] tcp_sendmsg_locked+0x164/0xdd8 <6>[ 375.982729] tcp_sendmsg+0x30/0x44 <6>[ 375.986682] __sock_sendmsg+0x44/0x7c <6>[ 375.990837] sock_sendmsg+0x70/0xa4 <6>[ 375.994889] xprt_sock_sendmsg+0x1f0/0x30c <6>[ 375.999541] xs_tcp_send_request+0xfc/0x288 <6>[ 376.004196] xprt_transmit+0x1a0/0x4a0 <6>[ 376.008545] call_transmit+0x80/0x8c <1>[ 376.012600] Register r4 information: non-paged memory <1>[ 376.017956] Register r5 information: non-paged memory <1>[ 376.023309] Register r6 information: non-paged memory <1>[ 376.028664] Register r7 information: non-paged memory <1>[ 376.033917] Register r8 information: slab lkdtm-usercopy start c8dd0000 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 376.049086] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 376.054449] lkdtm_do_action+0x24/0x4c <6>[ 376.058701] direct_entry+0x11c/0x140 <6>[ 376.062851] full_proxy_write+0x5c/0x8c <6>[ 376.067204] vfs_write+0xbc/0x3cc <6>[ 376.071063] ksys_write+0x78/0xf8 <6>[ 376.074908] ret_fast_syscall+0x0/0x1c <1>[ 376.079259] Register r9 information: non-paged memory <1>[ 376.084514] Register r10 information: non-slab/vmalloc memory <1>[ 376.090576] Register r11 information: non-paged memory <1>[ 376.096030] Register r12 information: NULL pointer <0>[ 376.101083] Process cat (pid: 4275, stack limit = 0xf25c0000) <0>[ 376.107139] Stack: (0xf25c1e28 to 0xf25c2000) <0>[ 376.111694] 1e20: c1ea8f40 c1fa0824 c1e930dc 000000ff 00000040 00000440 <0>[ 376.120269] 1e40: ffffffff c05f62cc 00000040 c0317008 c8dd0107 ef838140 00000040 00000001 <0>[ 376.128750] 1e60: c8dd0147 c0622004 b6f58000 c16cc10c f25c1e84 b6f58000 c8dd0008 c2804368 <0>[ 376.137137] 1e80: c8dd0107 00000100 00000040 c0dface0 00000022 00000000 f25c1ebc 0000001b <0>[ 376.145625] 1ea0: c8bfb000 00000000 f25c1f80 c26882e0 f25c1f80 c5499e00 0050fe38 c0df8798 <0>[ 376.154114] 1ec0: 0000001b c0df8b7c c0df8a60 c49ee240 b6df8000 0000001b c3a41d50 c0892960 <0>[ 376.162600] 1ee0: c49ee240 c0892904 f25c1f80 b6df8000 c6073c40 0000001b c5499e00 c0629858 <0>[ 376.171087] 1f00: c8dd6db0 00000000 00000000 00000000 00000000 0000001b b6df8000 0001ffe5 <0>[ 376.179569] 1f20: 00000001 00000000 c49ee140 00000000 00000000 00000000 00000000 00000000 <0>[ 376.188044] 1f40: 00000000 00000000 00000000 00000000 00000022 5df284a9 00000000 c49ee240 <0>[ 376.196519] 1f60: c49ee240 00000000 00000000 c03002f0 c6073c40 00000004 0050fe38 c0629db4 <0>[ 376.204992] 1f80: 00000000 00000000 00000000 5df284a9 000000c0 0000001b 0000001b 7ff00000 <0>[ 376.213469] 1fa0: 00000004 c03000c0 0000001b 0000001b 00000001 b6df8000 0000001b 00000001 <0>[ 376.221946] 1fc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6df8000 00020000 0050fe38 <0>[ 376.230420] 1fe0: 00000004 bede8788 b6ebe33b b6e37616 60080030 00000001 00000000 00000000 <0>[ 376.238885] Call trace: <0>[ 376.238900] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 376.247913] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 376.254594] __check_object_size from do_usercopy_slab_whitelist+0x250/0x324 <0>[ 376.261980] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c <0>[ 376.268759] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 376.274530] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 376.280199] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 376.285776] vfs_write from ksys_write+0x78/0xf8 <0>[ 376.290644] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 376.296007] Exception stack(0xf25c1fa8 to 0xf25c1ff0) <0>[ 376.301364] 1fa0: 0000001b 0000001b 00000001 b6df8000 0000001b 00000001 <0>[ 376.309838] 1fc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6df8000 00020000 0050fe38 <0>[ 376.318308] 1fe0: 00000004 bede8788 b6ebe33b b6e37616 <0>[ 376.323665] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) <4>[ 376.330022] ---[ end trace 0000000000000000 ]--- <6>[ 376.334968] note: cat[4275] exited with irqs disabled # Segmentation fault # [ 375.740169] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_TO # [ 375.745896] lkdtm: attempting good copy_to_user inside whitelist # [ 375.752151] lkdtm: attempting bad copy_to_user outside whitelist # [ 375.758255] usercopy: Kernel memory exposure attempt detected from SLUB object 'lkdtm-usercopy' (offset 255, size 64)! # [ 375.769253] ------------[ cut here ]------------ # [ 375.774010] kernel BUG at mm/usercopy.c:102! # [ 375.778565] Internal error: Oops - BUG: 0 [#20] SMP ARM # [ 375.784127] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 375.822148] CPU: 1 UID: 0 PID: 4275 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 375.831842] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 375.837088] Hardware name: STM32 (Device Tree Support) # [ 375.842435] PC is at usercopy_abort+0x98/0x9c # [ 375.847108] LR is at usercopy_abort+0x98/0x9c # [ 375.851765] pc : [] lr : [] psr: 60080013 # [ 375.858322] sp : f25c1e28 ip : 00000000 fp : 0050fe38 # [ 375.863771] r10: c26881f8 r9 : 00000040 r8 : c8dd0107 # [ 375.869321] r7 : 00000001 r6 : 00000040 r5 : 00000040 r4 : 000000ff # [ 375.876078] r3 : c6073c40 r2 : 00000000 r1 : 00000000 r0 : 0000006a # [ 375.882936] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 375.890402] Control: 10c5387d Table: c8dd406a DAC: 00000051 # [ 375.896353] Register r0 information: non-paged memory # [ 375.901714] Register r1 information: NULL pointer # [ 375.906666] Register r2 information: NULL pointer # [ 375.911717] Register r3 information: slab task_struct start c6073c00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 375.925390] copy_process+0x1f4/0x1f78 # [ 375.929646] kernel_clone+0xac/0x388 # [ 375.933802] sys_clone+0x78/0x9c # [ 375.937554] ret_fast_syscall+0x0/0x1c # [ 375.941805] Free path: # [ 375.944536] rcu_core+0x2dc/0xb14 # [ 375.948389] handle_softirqs+0x15c/0x430 # [ 375.952847] irq_exit+0xac/0xd4 # [ 375.956497] call_with_stack+0x18/0x20 # [ 375.960757] __irq_svc+0x9c/0xb8 # [ 375.964603] tcp_established_options+0xcc/0x25c # [ 375.969662] tcp_current_mss+0xa8/0x12c # [ 375.974014] tcp_send_mss+0x1c/0xbc # [ 375.977970] tcp_sendmsg_locked+0x164/0xdd8 # [ 375.982729] tcp_sendmsg+0x30/0x44 # [ 375.986682] __sock_sendmsg+0x44/0x7c # [ 375.990837] sock_sendmsg+0x70/0xa4 # [ 375.994889] xprt_sock_sendmsg+0x1f0/0x30c # [ 375.999541] xs_tcp_send_request+0xfc/0x288 # [ 376.004196] xprt_transmit+0x1a0/0x4a0 # [ 376.008545] call_transmit+0x80/0x8c # [ 376.012600] Register r4 information: non-paged memory # [ 376.017956] Register r5 information: non-paged memory # [ 376.023309] Register r6 information: non-paged memory # [ 376.028664] Register r7 information: non-paged memory # [ 376.033917] Register r8 information: slab lkdtm-usercopy start c8dd0000 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 376.049086] do_usercopy_slab_whitelist+0x38/0x324 # [ 376.054449] lkdtm_do_action+0x24/0x4c # [ 376.058701] direct_entry+0x11c/0x140 # [ 376.062851] full_proxy_write+0x5c/0x8c # [ 376.067204] vfs_write+0xbc/0x3cc # [ 376.071063] ksys_write+0x78/0xf8 # [ 376.074908] ret_fast_syscall+0x0/0x1c # [ 376.079259] Register r9 information: non-paged memory # [ 376.084514] Register r10 information: non-slab/vmalloc memory # [ 376.090576] Register r11 information: non-paged memory # [ 376.096030] Register r12 information: NULL pointer # [ 376.101083] Process cat (pid: 4275, stack limit = 0xf25c0000) # [ 376.107139] Stack: (0xf25c1e28 to 0xf25c2000) # [ 376.111694] 1e20: c1ea8f40 c1fa0824 c1e930dc 000000ff 00000040 00000440 # [ 376.120269] 1e40: ffffffff c05f62cc 00000040 c0317008 c8dd0107 ef838140 00000040 00000001 # [ 376.128750] 1e60: c8dd0147 c0622004 b6f58000 c16cc10c f25c1e84 b6f58000 c8dd0008 c2804368 # [ 376.137137] 1e80: c8dd0107 00000100 00000040 c0dface0 00000022 00000000 f25c1ebc 0000001b # [ 376.145625] 1ea0: c8bfb000 00000000 f25c1f80 c26882e0 f25c1f80 c5499e00 0050fe38 c0df8798 # [ 376.154114] 1ec0: 0000001b c0df8b7c c0df8a60 c49ee240 b6df8000 0000001b c3a41d50 c0892960 # [ 376.162600] 1ee0: c49ee240 c0892904 f25c1f80 b6df8000 c6073c40 0000001b c5499e00 c0629858 # [ 376.171087] 1f00: c8dd6db0 00000000 00000000 00000000 00000000 0000001b b6df8000 0001ffe5 # [ 376.179569] 1f20: 00000001 00000000 c49ee140 00000000 00000000 00000000 00000000 00000000 # [ 376.188044] 1f40: 00000000 00000000 00000000 00000000 00000022 5df284a9 00000000 c49ee240 # [ 376.196519] 1f60: c49ee240 00000000 00000000 c03002f0 c6073c40 00000004 0050fe38 c0629db4 # [ 376.204992] 1f80: 00000000 00000000 00000000 5df284a9 000000c0 0000001b 0000001b 7ff00000 # [ 376.213469] 1fa0: 00000004 c03000c0 0000001b 0000001b 00000001 b6df8000 0000001b 00000001 # [ 376.221946] 1fc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6df8000 00020000 0050fe38 # [ 376.230420] 1fe0: 00000004 bede8788 b6ebe33b b6e37616 60080030 00000001 00000000 00000000 # [ 376.238885] Call trace: # [ 376.238900] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 376.247913] __check_heap_object from __check_object_size+0x294/0x310 # [ 376.254594] __check_object_size from do_usercopy_slab_whitelist+0x250/0x324 # [ 376.261980] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c # [ 376.268759] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 376.274530] direct_entry from full_proxy_write+0x5c/0x8c # [ 376.280199] full_proxy_write from vfs_write+0xbc/0x3cc # [ 376.285776] vfs_write from ksys_write+0x78/0xf8 # [ 376.290644] ksys_write from ret_fast_syscall+0x0/0x1c # [ 376.296007] Exception stack(0xf25c1fa8 to 0xf25c1ff0) # [ 376.301364] 1fa0: 0000001b 0000001b 00000001 b6df8000 0000001b 00000001 # [ 376.309838] 1fc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6df8000 00020000 0050fe38 # [ 376.318308] 1fe0: 00000004 bede8788 b6ebe33b b6e37616 # [ 376.323665] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) # [ 376.330022] ---[ end trace 0000000000000000 ]--- # [ 376.334968] note: cat[4275] exited with irqs disabled # USERCOPY_SLAB_WHITELIST_TO: saw 'call trace:': ok ok 71 selftests: lkdtm: USERCOPY_SLAB_WHITELIST_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_WHITELIST_FROM.sh <6>[ 382.806532] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_FROM <6>[ 382.812348] lkdtm: attempting good copy_from_user inside whitelist <6>[ 382.819259] lkdtm: attempting bad copy_from_user outside whitelist <0>[ 382.825115] usercopy: Kernel memory overwrite attempt detected to SLUB object 'lkdtm-usercopy' (offset 255, size 64)! <4>[ 382.836025] ------------[ cut here ]------------ <2>[ 382.840802] kernel BUG at mm/usercopy.c:102! <0>[ 382.845362] Internal error: Oops - BUG: 0 [#21] SMP ARM <4>[ 382.850832] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 382.888969] CPU: 1 UID: 0 PID: 4362 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 382.898572] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 382.903820] Hardware name: STM32 (Device Tree Support) <4>[ 382.909269] PC is at usercopy_abort+0x98/0x9c <4>[ 382.913845] LR is at usercopy_abort+0x98/0x9c <4>[ 382.918506] pc : [] lr : [] psr: 60080013 <4>[ 382.925063] sp : f264de28 ip : 00000000 fp : c8dd0548 <4>[ 382.930515] r10: 00000000 r9 : 00000040 r8 : c8dd0547 <4>[ 382.936064] r7 : 00000000 r6 : 00000040 r5 : 00000040 r4 : 000000ff <4>[ 382.942923] r3 : c83f1440 r2 : 00000000 r1 : 00000000 r0 : 00000069 <4>[ 382.949681] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 382.957148] Control: 10c5387d Table: c8d4806a DAC: 00000051 <1>[ 382.963199] Register r0 information: non-paged memory <1>[ 382.968459] Register r1 information: NULL pointer <1>[ 382.973512] Register r2 information: NULL pointer <1>[ 382.978463] Register r3 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 382.992136] copy_process+0x1f4/0x1f78 <6>[ 382.996494] kernel_clone+0xac/0x388 <6>[ 383.000550] sys_clone+0x78/0x9c <6>[ 383.004302] ret_fast_syscall+0x0/0x1c <4>[ 383.008653] Free path: <6>[ 383.011282] rcu_core+0x2dc/0xb14 <6>[ 383.015134] handle_softirqs+0x15c/0x430 <6>[ 383.019592] irq_exit+0xac/0xd4 <6>[ 383.023242] call_with_stack+0x18/0x20 <6>[ 383.027602] __irq_svc+0x9c/0xb8 <6>[ 383.031349] unwind_frame+0x1b8/0x92c <6>[ 383.035506] arch_stack_walk+0x84/0x100 <6>[ 383.039858] stack_trace_save+0x50/0x78 <6>[ 383.044217] set_track_prepare+0x40/0x74 <6>[ 383.048675] ___slab_alloc+0xd28/0xd7c <6>[ 383.053033] kmem_cache_alloc_node_noprof+0x12c/0x3a8 <6>[ 383.058599] __alloc_skb+0x13c/0x184 <6>[ 383.062657] tcp_stream_alloc_skb+0x24/0x130 <6>[ 383.067519] tcp_sendmsg_locked+0x40c/0xdd8 <6>[ 383.072278] tcp_sendmsg+0x30/0x44 <6>[ 383.076131] __sock_sendmsg+0x44/0x7c <1>[ 383.080386] Register r4 information: non-paged memory <1>[ 383.085642] Register r5 information: non-paged memory <1>[ 383.090996] Register r6 information: non-paged memory <1>[ 383.096349] Register r7 information: NULL pointer <1>[ 383.101300] Register r8 information: slab lkdtm-usercopy start c8dd0440 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 383.116471] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 383.121731] lkdtm_do_action+0x24/0x4c <6>[ 383.126085] direct_entry+0x11c/0x140 <6>[ 383.130241] full_proxy_write+0x5c/0x8c <6>[ 383.134604] vfs_write+0xbc/0x3cc <6>[ 383.138474] ksys_write+0x78/0xf8 <6>[ 383.142330] ret_fast_syscall+0x0/0x1c <1>[ 383.146593] Register r9 information: non-paged memory <1>[ 383.151962] Register r10 information: NULL pointer <1>[ 383.157027] Register r11 information: slab lkdtm-usercopy start c8dd0440 data offset 8 pointer offset 256 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 383.172213] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 383.177582] lkdtm_do_action+0x24/0x4c <6>[ 383.181834] direct_entry+0x11c/0x140 <6>[ 383.185987] full_proxy_write+0x5c/0x8c <6>[ 383.190338] vfs_write+0xbc/0x3cc <6>[ 383.194194] ksys_write+0x78/0xf8 <6>[ 383.198038] ret_fast_syscall+0x0/0x1c <1>[ 383.202390] Register r12 information: NULL pointer <0>[ 383.207448] Process cat (pid: 4362, stack limit = 0xf264c000) <0>[ 383.213410] Stack: (0xf264de28 to 0xf264e000) <0>[ 383.218067] de20: c1ea8f40 c1fa0824 c1e930dc 000000ff 00000040 00000440 <0>[ 383.226543] de40: ffffffff c05f62cc 00000040 c0317008 c8dd0547 ef838140 00000040 00000000 <0>[ 383.235019] de60: c8dd0587 c0622004 b6ee2000 c16cc10c f264de84 b6ee2000 c8dd0448 c2804368 <0>[ 383.243495] de80: c8dd0547 00000100 00000040 c0dfac6c 00000022 00000000 f264debc 0000001d <0>[ 383.251970] dea0: c896e000 00000000 f264df80 c26882e8 f264df80 c54997c0 004bfe38 c0df8798 <0>[ 383.260446] dec0: 0000001d c0df8b7c c0df8a60 c49eec40 b6d84000 0000001d c3a41d50 c0892960 <0>[ 383.269020] dee0: c49eec40 c0892904 f264df80 b6d84000 c83f1440 0000001d c54997c0 c0629858 <0>[ 383.277493] df00: c8d4adb0 00000000 00000000 00000000 00000000 0000001d b6d84000 0001ffe3 <0>[ 383.285966] df20: 00000001 00000000 c49ee040 00000000 00000000 00000000 00000000 00000000 <0>[ 383.294440] df40: 00000000 00000000 00000000 00000000 00000022 97ea2669 00000000 c49eec40 <0>[ 383.302913] df60: c49eec40 00000000 00000000 c03002f0 c83f1440 00000004 004bfe38 c0629db4 <0>[ 383.311387] df80: 00000000 00000000 00000000 97ea2669 000000c0 0000001d 0000001d 7ff00000 <0>[ 383.319860] dfa0: 00000004 c03000c0 0000001d 0000001d 00000001 b6d84000 0000001d 00000001 <0>[ 383.328335] dfc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6d84000 00020000 004bfe38 <0>[ 383.336809] dfe0: 00000004 bed00788 b6e4a33b b6dc3616 60080030 00000001 00000000 00000000 <0>[ 383.345275] Call trace: <0>[ 383.345291] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 383.354301] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 383.360982] __check_object_size from do_usercopy_slab_whitelist+0x1dc/0x324 <0>[ 383.368369] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c <0>[ 383.375147] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 383.380917] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 383.386587] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 383.392164] vfs_write from ksys_write+0x78/0xf8 <0>[ 383.397040] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 383.402405] Exception stack(0xf264dfa8 to 0xf264dff0) <0>[ 383.407763] dfa0: 0000001d 0000001d 00000001 b6d84000 0000001d 00000001 <0>[ 383.416238] dfc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6d84000 00020000 004bfe38 <0>[ 383.424708] dfe0: 00000004 bed00788 b6e4a33b b6dc3616 <0>[ 383.430066] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) <4>[ 383.436424] ---[ end trace 0000000000000000 ]--- <6>[ 383.441370] note: cat[4362] exited with irqs disabled # Segmentation fault # [ 382.806532] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_FROM # [ 382.812348] lkdtm: attempting good copy_from_user inside whitelist # [ 382.819259] lkdtm: attempting bad copy_from_user outside whitelist # [ 382.825115] usercopy: Kernel memory overwrite attempt detected to SLUB object 'lkdtm-usercopy' (offset 255, size 64)! # [ 382.836025] ------------[ cut here ]------------ # [ 382.840802] kernel BUG at mm/usercopy.c:102! # [ 382.845362] Internal error: Oops - BUG: 0 [#21] SMP ARM # [ 382.850832] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 382.888969] CPU: 1 UID: 0 PID: 4362 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 382.898572] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 382.903820] Hardware name: STM32 (Device Tree Support) # [ 382.909269] PC is at usercopy_abort+0x98/0x9c # [ 382.913845] LR is at usercopy_abort+0x98/0x9c # [ 382.918506] pc : [] lr : [] psr: 60080013 # [ 382.925063] sp : f264de28 ip : 00000000 fp : c8dd0548 # [ 382.930515] r10: 00000000 r9 : 00000040 r8 : c8dd0547 # [ 382.936064] r7 : 00000000 r6 : 00000040 r5 : 00000040 r4 : 000000ff # [ 382.942923] r3 : c83f1440 r2 : 00000000 r1 : 00000000 r0 : 00000069 # [ 382.949681] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 382.957148] Control: 10c5387d Table: c8d4806a DAC: 00000051 # [ 382.963199] Register r0 information: non-paged memory # [ 382.968459] Register r1 information: NULL pointer # [ 382.973512] Register r2 information: NULL pointer # [ 382.978463] Register r3 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 382.992136] copy_process+0x1f4/0x1f78 # [ 382.996494] kernel_clone+0xac/0x388 # [ 383.000550] sys_clone+0x78/0x9c # [ 383.004302] ret_fast_syscall+0x0/0x1c # [ 383.008653] Free path: # [ 383.011282] rcu_core+0x2dc/0xb14 # [ 383.015134] handle_softirqs+0x15c/0x430 # [ 383.019592] irq_exit+0xac/0xd4 # [ 383.023242] call_with_stack+0x18/0x20 # [ 383.027602] __irq_svc+0x9c/0xb8 # [ 383.031349] unwind_frame+0x1b8/0x92c # [ 383.035506] arch_stack_walk+0x84/0x100 # [ 383.039858] stack_trace_save+0x50/0x78 # [ 383.044217] set_track_prepare+0x40/0x74 # [ 383.048675] ___slab_alloc+0xd28/0xd7c # [ 383.053033] kmem_cache_alloc_node_noprof+0x12c/0x3a8 # [ 383.058599] __alloc_skb+0x13c/0x184 # [ 383.062657] tcp_stream_alloc_skb+0x24/0x130 # [ 383.067519] tcp_sendmsg_locked+0x40c/0xdd8 # [ 383.072278] tcp_sendmsg+0x30/0x44 # [ 383.076131] __sock_sendmsg+0x44/0x7c # [ 383.080386] Register r4 information: non-paged memory # [ 383.085642] Register r5 information: non-paged memory # [ 383.090996] Register r6 information: non-paged memory # [ 383.096349] Register r7 information: NULL pointer # [ 383.101300] Register r8 information: slab lkdtm-usercopy start c8dd0440 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 383.116471] do_usercopy_slab_whitelist+0x38/0x324 # [ 383.121731] lkdtm_do_action+0x24/0x4c # [ 383.126085] direct_entry+0x11c/0x140 # [ 383.130241] full_proxy_write+0x5c/0x8c # [ 383.134604] vfs_write+0xbc/0x3cc # [ 383.138474] ksys_write+0x78/0xf8 # [ 383.142330] ret_fast_syscall+0x0/0x1c # [ 383.146593] Register r9 information: non-paged memory # [ 383.151962] Register r10 information: NULL pointer # [ 383.157027] Register r11 information: slab lkdtm-usercopy start c8dd0440 data offset 8 pointer offset 256 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 383.172213] do_usercopy_slab_whitelist+0x38/0x324 # [ 383.177582] lkdtm_do_action+0x24/0x4c # [ 383.181834] direct_entry+0x11c/0x140 # [ 383.185987] full_proxy_write+0x5c/0x8c # [ 383.190338] vfs_write+0xbc/0x3cc # [ 383.194194] ksys_write+0x78/0xf8 # [ 383.198038] ret_fast_syscall+0x0/0x1c # [ 383.202390] Register r12 information: NULL pointer # [ 383.207448] Process cat (pid: 4362, stack limit = 0xf264c000) # [ 383.213410] Stack: (0xf264de28 to 0xf264e000) # [ 383.218067] de20: c1ea8f40 c1fa0824 c1e930dc 000000ff 00000040 00000440 # [ 383.226543] de40: ffffffff c05f62cc 00000040 c0317008 c8dd0547 ef838140 00000040 00000000 # [ 383.235019] de60: c8dd0587 c0622004 b6ee2000 c16cc10c f264de84 b6ee2000 c8dd0448 c2804368 # [ 383.243495] de80: c8dd0547 00000100 00000040 c0dfac6c 00000022 00000000 f264debc 0000001d # [ 383.251970] dea0: c896e000 00000000 f264df80 c26882e8 f264df80 c54997c0 004bfe38 c0df8798 # [ 383.260446] dec0: 0000001d c0df8b7c c0df8a60 c49eec40 b6d84000 0000001d c3a41d50 c0892960 # [ 383.269020] dee0: c49eec40 c0892904 f264df80 b6d84000 c83f1440 0000001d c54997c0 c0629858 # [ 383.277493] df00: c8d4adb0 00000000 00000000 00000000 00000000 0000001d b6d84000 0001ffe3 # [ 383.285966] df20: 00000001 00000000 c49ee040 00000000 00000000 00000000 00000000 00000000 # [ 383.294440] df40: 00000000 00000000 00000000 00000000 00000022 97ea2669 00000000 c49eec40 # [ 383.302913] df60: c49eec40 00000000 00000000 c03002f0 c83f1440 00000004 004bfe38 c0629db4 # [ 383.311387] df80: 00000000 00000000 00000000 97ea2669 000000c0 0000001d 0000001d 7ff00000 # [ 383.319860] dfa0: 00000004 c03000c0 0000001d 0000001d 00000001 b6d84000 0000001d 00000001 # [ 383.328335] dfc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6d84000 00020000 004bfe38 # [ 383.336809] dfe0: 00000004 bed00788 b6e4a33b b6dc3616 60080030 00000001 00000000 00000000 # [ 383.345275] Call trace: # [ 383.345291] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 383.354301] __check_heap_object from __check_object_size+0x294/0x310 # [ 383.360982] __check_object_size from do_usercopy_slab_whitelist+0x1dc/0x324 # [ 383.368369] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c # [ 383.375147] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 383.380917] direct_entry from full_proxy_write+0x5c/0x8c # [ 383.386587] full_proxy_write from vfs_write+0xbc/0x3cc # [ 383.392164] vfs_write from ksys_write+0x78/0xf8 # [ 383.397040] ksys_write from ret_fast_syscall+0x0/0x1c # [ 383.402405] Exception stack(0xf264dfa8 to 0xf264dff0) # [ 383.407763] dfa0: 0000001d 0000001d 00000001 b6d84000 0000001d 00000001 # [ 383.416238] dfc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6d84000 00020000 004bfe38 # [ 383.424708] dfe0: 00000004 bed00788 b6e4a33b b6dc3616 # [ 383.430066] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) # [ 383.436424] ---[ end trace 0000000000000000 ]--- # [ 383.441370] note: cat[4362] exited with irqs disabled # USERCOPY_SLAB_WHITELIST_FROM: saw 'call trace:': ok ok 72 selftests: lkdtm: USERCOPY_SLAB_WHITELIST_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_FRAME_TO.sh <6>[ 385.426328] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_TO <6>[ 385.431541] lkdtm: good_stack: f26c5e74-f26c5e94 <6>[ 385.436404] lkdtm: bad_stack : f26c5dec-f26c5e0c <6>[ 385.441529] lkdtm: attempting good copy_to_user of local stack <6>[ 385.447518] lkdtm: attempting bad copy_to_user of distant stack <0>[ 385.453708] usercopy: Kernel memory exposure attempt detected from process stack (offset 84, size 32)! <4>[ 385.463229] ------------[ cut here ]------------ <2>[ 385.468006] kernel BUG at mm/usercopy.c:102! <0>[ 385.472566] Internal error: Oops - BUG: 0 [#22] SMP ARM <4>[ 385.478135] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 385.516170] CPU: 1 UID: 0 PID: 4450 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 385.525773] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 385.531022] Hardware name: STM32 (Device Tree Support) <4>[ 385.536471] PC is at usercopy_abort+0x98/0x9c <4>[ 385.541146] LR is at usercopy_abort+0x98/0x9c <4>[ 385.545706] pc : [] lr : [] psr: 60080013 <4>[ 385.552264] sp : f26c5e20 ip : 00000000 fp : f0f0f0f1 <4>[ 385.557814] r10: c19712a4 r9 : c83f0040 r8 : f26c5e0c <4>[ 385.563264] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : 00000054 <4>[ 385.570124] r3 : c83f0040 r2 : 00000000 r1 : 00000000 r0 : 0000005a <4>[ 385.576883] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 385.584350] Control: 10c5387d Table: c8b5806a DAC: 00000051 <1>[ 385.590402] Register r0 information: non-paged memory <1>[ 385.595764] Register r1 information: NULL pointer <1>[ 385.600716] Register r2 information: NULL pointer <1>[ 385.605668] Register r3 information: slab task_struct start c83f0000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 385.619441] copy_process+0x1f4/0x1f78 <6>[ 385.623698] kernel_clone+0xac/0x388 <6>[ 385.627752] sys_clone+0x78/0x9c <6>[ 385.631506] ret_fast_syscall+0x0/0x1c <4>[ 385.635857] Free path: <6>[ 385.638486] rcu_core+0x2dc/0xb14 <6>[ 385.642338] handle_softirqs+0x15c/0x430 <6>[ 385.646796] irq_exit+0xac/0xd4 <6>[ 385.650546] call_with_stack+0x18/0x20 <6>[ 385.654805] __irq_svc+0x9c/0xb8 <6>[ 385.658552] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 385.663912] stack_depot_save_flags+0x4cc/0x884 <6>[ 385.668966] set_track_prepare+0x50/0x74 <6>[ 385.673425] free_to_partial_list+0x390/0x58c <6>[ 385.678286] kfree+0x224/0x2dc <6>[ 385.681838] xdr_free_bvec+0x18/0x24 <6>[ 385.685995] xprt_transmit+0x29c/0x4a0 <6>[ 385.690245] call_transmit+0x80/0x8c <6>[ 385.694401] __rpc_execute+0xc8/0x5d0 <6>[ 385.698556] rpc_execute+0xa4/0x14c <6>[ 385.702609] rpc_run_task+0x170/0x1b8 <1>[ 385.706764] Register r4 information: non-paged memory <1>[ 385.712119] Register r5 information: non-paged memory <1>[ 385.717473] Register r6 information: non-paged memory <1>[ 385.722726] Register r7 information: non-paged memory <1>[ 385.728079] Register r8 information: 2-page vmalloc region starting at 0xf26c4000 allocated at kernel_clone+0xac/0x388 <1>[ 385.739087] Register r9 information: slab task_struct start c83f0000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 385.752847] copy_process+0x1f4/0x1f78 <6>[ 385.757104] kernel_clone+0xac/0x388 <6>[ 385.761258] sys_clone+0x78/0x9c <6>[ 385.765011] ret_fast_syscall+0x0/0x1c <4>[ 385.769260] Free path: <6>[ 385.771990] rcu_core+0x2dc/0xb14 <6>[ 385.775840] handle_softirqs+0x15c/0x430 <6>[ 385.780297] irq_exit+0xac/0xd4 <6>[ 385.783946] call_with_stack+0x18/0x20 <6>[ 385.788203] __irq_svc+0x9c/0xb8 <6>[ 385.791950] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 385.797308] stack_depot_save_flags+0x4cc/0x884 <6>[ 385.802362] set_track_prepare+0x50/0x74 <6>[ 385.806818] free_to_partial_list+0x390/0x58c <6>[ 385.811778] kfree+0x224/0x2dc <6>[ 385.815330] xdr_free_bvec+0x18/0x24 <6>[ 385.819484] xprt_transmit+0x29c/0x4a0 <6>[ 385.823732] call_transmit+0x80/0x8c <6>[ 385.827786] __rpc_execute+0xc8/0x5d0 <6>[ 385.832041] rpc_execute+0xa4/0x14c <6>[ 385.836094] rpc_run_task+0x170/0x1b8 <1>[ 385.840248] Register r10 information: non-slab/vmalloc memory <1>[ 385.846309] Register r11 information: 0-page vmalloc region starting at 0xf0f0b000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 385.858621] Register r12 information: NULL pointer <0>[ 385.863680] Process cat (pid: 4450, stack limit = 0xf26c4000) <0>[ 385.869737] Stack: (0xf26c5e20 to 0xf26c6000) <0>[ 385.874295] 5e20: c1e8aefc c1e8aefc c1e8aefc 00000054 00000020 c03ca338 f26c5e5c c0621ed4 <0>[ 385.882775] 5e40: 00000020 c16cc10c f26c5e5c 00000020 b6fc1000 f26c5dec 00000001 00000001 <0>[ 385.891266] 5e60: c83f0040 c0dfb560 00000022 00000000 f26c5dec 73696854 20736920 65742061 <0>[ 385.899756] 5e80: 0a2e7473 69685400 73692073 74206120 2e747365 21eccfd1 f26c5ebc 00000018 <0>[ 385.908243] 5ea0: c892b000 00000000 f26c5f80 c26882f0 f26c5f80 c515ce00 004cfe38 c0df8798 <0>[ 385.916730] 5ec0: 00000018 c0df8b7c c0df8a60 c49eec40 b6e64000 00000018 c3a41d50 c0892960 <0>[ 385.925215] 5ee0: c49eec40 c0892904 f26c5f80 b6e64000 c83f0040 00000018 c515ce00 c0629858 <0>[ 385.933695] 5f00: c8b5adb8 00000000 00000000 00000000 00000000 00000018 b6e64000 0001ffe8 <0>[ 385.942170] 5f20: 00000001 00000000 c49eef40 00000000 00000000 00000000 00000000 00000000 <0>[ 385.950643] 5f40: 00000000 00000000 00000000 00000000 00000022 21eccfd1 00000000 c49eec40 <0>[ 385.959117] 5f60: c49eec40 00000000 00000000 c03002f0 c83f0040 00000004 004cfe38 c0629db4 <0>[ 385.967593] 5f80: 00000000 00000000 00000000 21eccfd1 000000c0 00000018 00000018 7ff00000 <0>[ 385.976071] 5fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e64000 00000018 00000001 <0>[ 385.984549] 5fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e64000 00020000 004cfe38 <0>[ 385.993024] 5fe0: 00000004 bedba788 b6f2a33b b6ea3616 60080030 00000001 00000000 00000000 <0>[ 386.001489] Call trace: <0>[ 386.001504] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 386.010624] __check_object_size from do_usercopy_stack+0x358/0x380 <0>[ 386.017111] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 386.023187] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 386.028957] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 386.034629] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 386.040105] vfs_write from ksys_write+0x78/0xf8 <0>[ 386.044973] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 386.050437] Exception stack(0xf26c5fa8 to 0xf26c5ff0) <0>[ 386.055796] 5fa0: 00000018 00000018 00000001 b6e64000 00000018 00000001 <0>[ 386.064270] 5fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e64000 00020000 004cfe38 <0>[ 386.072740] 5fe0: 00000004 bedba788 b6f2a33b b6ea3616 <0>[ 386.077998] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) <4>[ 386.084455] ---[ end trace 0000000000000000 ]--- <6>[ 386.089302] note: cat[4450] exited with irqs disabled # Segmentation fault # [ 385.426328] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_TO # [ 385.431541] lkdtm: good_stack: f26c5e74-f26c5e94 # [ 385.436404] lkdtm: bad_stack : f26c5dec-f26c5e0c # [ 385.441529] lkdtm: attempting good copy_to_user of local stack # [ 385.447518] lkdtm: attempting bad copy_to_user of distant stack # [ 385.453708] usercopy: Kernel memory exposure attempt detected from process stack (offset 84, size 32)! # [ 385.463229] ------------[ cut here ]------------ # [ 385.468006] kernel BUG at mm/usercopy.c:102! # [ 385.472566] Internal error: Oops - BUG: 0 [#22] SMP ARM # [ 385.478135] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 385.516170] CPU: 1 UID: 0 PID: 4450 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 385.525773] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 385.531022] Hardware name: STM32 (Device Tree Support) # [ 385.536471] PC is at usercopy_abort+0x98/0x9c # [ 385.541146] LR is at usercopy_abort+0x98/0x9c # [ 385.545706] pc : [] lr : [] psr: 60080013 # [ 385.552264] sp : f26c5e20 ip : 00000000 fp : f0f0f0f1 # [ 385.557814] r10: c19712a4 r9 : c83f0040 r8 : f26c5e0c # [ 385.563264] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : 00000054 # [ 385.570124] r3 : c83f0040 r2 : 00000000 r1 : 00000000 r0 : 0000005a # [ 385.576883] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 385.584350] Control: 10c5387d Table: c8b5806a DAC: 00000051 # [ 385.590402] Register r0 information: non-paged memory # [ 385.595764] Register r1 information: NULL pointer # [ 385.600716] Register r2 information: NULL pointer # [ 385.605668] Register r3 information: slab task_struct start c83f0000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 385.619441] copy_process+0x1f4/0x1f78 # [ 385.623698] kernel_clone+0xac/0x388 # [ 385.627752] sys_clone+0x78/0x9c # [ 385.631506] ret_fast_syscall+0x0/0x1c # [ 385.635857] Free path: # [ 385.638486] rcu_core+0x2dc/0xb14 # [ 385.642338] handle_softirqs+0x15c/0x430 # [ 385.646796] irq_exit+0xac/0xd4 # [ 385.650546] call_with_stack+0x18/0x20 # [ 385.654805] __irq_svc+0x9c/0xb8 # [ 385.658552] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 385.663912] stack_depot_save_flags+0x4cc/0x884 # [ 385.668966] set_track_prepare+0x50/0x74 # [ 385.673425] free_to_partial_list+0x390/0x58c # [ 385.678286] kfree+0x224/0x2dc # [ 385.681838] xdr_free_bvec+0x18/0x24 # [ 385.685995] xprt_transmit+0x29c/0x4a0 # [ 385.690245] call_transmit+0x80/0x8c # [ 385.694401] __rpc_execute+0xc8/0x5d0 # [ 385.698556] rpc_execute+0xa4/0x14c # [ 385.702609] rpc_run_task+0x170/0x1b8 # [ 385.706764] Register r4 information: non-paged memory # [ 385.712119] Register r5 information: non-paged memory # [ 385.717473] Register r6 information: non-paged memory # [ 385.722726] Register r7 information: non-paged memory # [ 385.728079] Register r8 information: 2-page vmalloc region starting at 0xf26c4000 allocated at kernel_clone+0xac/0x388 # [ 385.739087] Register r9 information: slab task_struct start c83f0000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 385.752847] copy_process+0x1f4/0x1f78 # [ 385.757104] kernel_clone+0xac/0x388 # [ 385.761258] sys_clone+0x78/0x9c # [ 385.765011] ret_fast_syscall+0x0/0x1c # [ 385.769260] Free path: # [ 385.771990] rcu_core+0x2dc/0xb14 # [ 385.775840] handle_softirqs+0x15c/0x430 # [ 385.780297] irq_exit+0xac/0xd4 # [ 385.783946] call_with_stack+0x18/0x20 # [ 385.788203] __irq_svc+0x9c/0xb8 # [ 385.791950] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 385.797308] stack_depot_save_flags+0x4cc/0x884 # [ 385.802362] set_track_prepare+0x50/0x74 # [ 385.806818] free_to_partial_list+0x390/0x58c # [ 385.811778] kfree+0x224/0x2dc # [ 385.815330] xdr_free_bvec+0x18/0x24 # [ 385.819484] xprt_transmit+0x29c/0x4a0 # [ 385.823732] call_transmit+0x80/0x8c # [ 385.827786] __rpc_execute+0xc8/0x5d0 # [ 385.832041] rpc_execute+0xa4/0x14c # [ 385.836094] rpc_run_task+0x170/0x1b8 # [ 385.840248] Register r10 information: non-slab/vmalloc memory # [ 385.846309] Register r11 information: 0-page vmalloc region starting at 0xf0f0b000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 385.858621] Register r12 information: NULL pointer # [ 385.863680] Process cat (pid: 4450, stack limit = 0xf26c4000) # [ 385.869737] Stack: (0xf26c5e20 to 0xf26c6000) # [ 385.874295] 5e20: c1e8aefc c1e8aefc c1e8aefc 00000054 00000020 c03ca338 f26c5e5c c0621ed4 # [ 385.882775] 5e40: 00000020 c16cc10c f26c5e5c 00000020 b6fc1000 f26c5dec 00000001 00000001 # [ 385.891266] 5e60: c83f0040 c0dfb560 00000022 00000000 f26c5dec 73696854 20736920 65742061 # [ 385.899756] 5e80: 0a2e7473 69685400 73692073 74206120 2e747365 21eccfd1 f26c5ebc 00000018 # [ 385.908243] 5ea0: c892b000 00000000 f26c5f80 c26882f0 f26c5f80 c515ce00 004cfe38 c0df8798 # [ 385.916730] 5ec0: 00000018 c0df8b7c c0df8a60 c49eec40 b6e64000 00000018 c3a41d50 c0892960 # [ 385.925215] 5ee0: c49eec40 c0892904 f26c5f80 b6e64000 c83f0040 00000018 c515ce00 c0629858 # [ 385.933695] 5f00: c8b5adb8 00000000 00000000 00000000 00000000 00000018 b6e64000 0001ffe8 # [ 385.942170] 5f20: 00000001 00000000 c49eef40 00000000 00000000 00000000 00000000 00000000 # [ 385.950643] 5f40: 00000000 00000000 00000000 00000000 00000022 21eccfd1 00000000 c49eec40 # [ 385.959117] 5f60: c49eec40 00000000 00000000 c03002f0 c83f0040 00000004 004cfe38 c0629db4 # [ 385.967593] 5f80: 00000000 00000000 00000000 21eccfd1 000000c0 00000018 00000018 7ff00000 # [ 385.976071] 5fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e64000 00000018 00000001 # [ 385.984549] 5fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e64000 00020000 004cfe38 # [ 385.993024] 5fe0: 00000004 bedba788 b6f2a33b b6ea3616 60080030 00000001 00000000 00000000 # [ 386.001489] Call trace: # [ 386.001504] usercopy_abort from __check_object_size+0x164/0x310 # [ 386.010624] __check_object_size from do_usercopy_stack+0x358/0x380 # [ 386.017111] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 386.023187] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 386.028957] direct_entry from full_proxy_write+0x5c/0x8c # [ 386.034629] full_proxy_write from vfs_write+0xbc/0x3cc # [ 386.040105] vfs_write from ksys_write+0x78/0xf8 # [ 386.044973] ksys_write from ret_fast_syscall+0x0/0x1c # [ 386.050437] Exception stack(0xf26c5fa8 to 0xf26c5ff0) # [ 386.055796] 5fa0: 00000018 00000018 00000001 b6e64000 00000018 00000001 # [ 386.064270] 5fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e64000 00020000 004cfe38 # [ 386.072740] 5fe0: 00000004 bedba788 b6f2a33b b6ea3616 # [ 386.077998] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) # [ 386.084455] ---[ end trace 0000000000000000 ]--- # [ 386.089302] note: cat[4450] exited with irqs disabled # USERCOPY_STACK_FRAME_TO: saw 'call trace:': ok ok 73 selftests: lkdtm: USERCOPY_STACK_FRAME_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_FRAME_FROM.sh <6>[ 388.143578] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_FROM <6>[ 388.149199] lkdtm: good_stack: f2745e74-f2745e94 <6>[ 388.153874] lkdtm: bad_stack : f2745dec-f2745e0c <6>[ 388.159398] lkdtm: attempting good copy_from_user of local stack <6>[ 388.165196] lkdtm: attempting bad copy_from_user of distant stack <0>[ 388.171476] usercopy: Kernel memory overwrite attempt detected to process stack (offset 84, size 32)! <4>[ 388.180965] ------------[ cut here ]------------ <2>[ 388.185725] kernel BUG at mm/usercopy.c:102! <0>[ 388.190281] Internal error: Oops - BUG: 0 [#23] SMP ARM <4>[ 388.195743] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 388.233861] CPU: 1 UID: 0 PID: 4536 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 388.243554] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 388.248699] Hardware name: STM32 (Device Tree Support) <4>[ 388.254147] PC is at usercopy_abort+0x98/0x9c <4>[ 388.258819] LR is at usercopy_abort+0x98/0x9c <4>[ 388.263376] pc : [] lr : [] psr: 60080013 <4>[ 388.269933] sp : f2745e20 ip : 00000000 fp : f0f0f0f1 <4>[ 388.275483] r10: c19712a4 r9 : c6073c40 r8 : f2745e0c <4>[ 388.281033] r7 : 00000000 r6 : 00000020 r5 : 00000020 r4 : 00000054 <4>[ 388.287790] r3 : c6073c40 r2 : 00000000 r1 : 00000000 r0 : 00000059 <4>[ 388.294650] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 388.302015] Control: 10c5387d Table: c8a3406a DAC: 00000051 <1>[ 388.308066] Register r0 information: non-paged memory <1>[ 388.313426] Register r1 information: NULL pointer <1>[ 388.318378] Register r2 information: NULL pointer <1>[ 388.323329] Register r3 information: slab task_struct start c6073c00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 388.337104] copy_process+0x1f4/0x1f78 <6>[ 388.341362] kernel_clone+0xac/0x388 <6>[ 388.345517] sys_clone+0x78/0x9c <6>[ 388.349270] ret_fast_syscall+0x0/0x1c <4>[ 388.353521] Free path: <6>[ 388.356252] rcu_core+0x2dc/0xb14 <6>[ 388.360104] handle_softirqs+0x15c/0x430 <6>[ 388.364561] irq_exit+0xac/0xd4 <6>[ 388.368212] call_with_stack+0x18/0x20 <6>[ 388.372473] __irq_svc+0x9c/0xb8 <6>[ 388.376219] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 388.381581] kmem_cache_free+0x1a8/0x3c0 <6>[ 388.386044] xprt_release+0xac/0x14c <6>[ 388.390095] rpc_release_resources_task+0x14/0x70 <6>[ 388.395356] __rpc_execute+0x1e0/0x5d0 <6>[ 388.399712] rpc_async_schedule+0x24/0x40 <6>[ 388.404168] process_one_work+0x1b8/0x450 <6>[ 388.408723] worker_thread+0x1d4/0x3c4 <6>[ 388.413075] kthread+0xe8/0x104 <6>[ 388.416723] ret_from_fork+0x14/0x28 <1>[ 388.420772] Register r4 information: non-paged memory <1>[ 388.426128] Register r5 information: non-paged memory <1>[ 388.431482] Register r6 information: non-paged memory <1>[ 388.436835] Register r7 information: NULL pointer <1>[ 388.441785] Register r8 information: 2-page vmalloc region starting at 0xf2744000 allocated at kernel_clone+0xac/0x388 <1>[ 388.452794] Register r9 information: slab task_struct start c6073c00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 388.466556] copy_process+0x1f4/0x1f78 <6>[ 388.470812] kernel_clone+0xac/0x388 <6>[ 388.474966] sys_clone+0x78/0x9c <6>[ 388.478718] ret_fast_syscall+0x0/0x1c <4>[ 388.482967] Free path: <6>[ 388.485697] rcu_core+0x2dc/0xb14 <6>[ 388.489548] handle_softirqs+0x15c/0x430 <6>[ 388.494003] irq_exit+0xac/0xd4 <6>[ 388.497653] call_with_stack+0x18/0x20 <6>[ 388.501911] __irq_svc+0x9c/0xb8 <6>[ 388.505658] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 388.511017] kmem_cache_free+0x1a8/0x3c0 <6>[ 388.515477] xprt_release+0xac/0x14c <6>[ 388.519625] rpc_release_resources_task+0x14/0x70 <6>[ 388.524884] __rpc_execute+0x1e0/0x5d0 <6>[ 388.529139] rpc_async_schedule+0x24/0x40 <6>[ 388.533695] process_one_work+0x1b8/0x450 <6>[ 388.538249] worker_thread+0x1d4/0x3c4 <6>[ 388.542500] kthread+0xe8/0x104 <6>[ 388.546147] ret_from_fork+0x14/0x28 <1>[ 388.550295] Register r10 information: non-slab/vmalloc memory <1>[ 388.556357] Register r11 information: 0-page vmalloc region starting at 0xf0f0b000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 388.568667] Register r12 information: NULL pointer <0>[ 388.573720] Process cat (pid: 4536, stack limit = 0xf2744000) <0>[ 388.579777] Stack: (0xf2745e20 to 0xf2746000) <0>[ 388.584334] 5e20: c1e8aefc c1e8aefc c1e8aefc 00000054 00000020 c03ca338 f2745e5c c0621ed4 <0>[ 388.592808] 5e40: 00000020 c16cc10c f2745e5c 00000020 b6f99000 f2745dec 00000001 00000000 <0>[ 388.601381] 5e60: c6073c40 c0dfb534 00000022 00000000 f2745dec 00000000 00000000 00000000 <0>[ 388.609858] 5e80: 00000000 00000000 00000000 00000000 00000000 5bed9195 f2745ebc 0000001a <0>[ 388.618337] 5ea0: c52cf000 00000000 f2745f80 c26882f8 f2745f80 c5499540 0042fe38 c0df8798 <0>[ 388.626816] 5ec0: 0000001a c0df8b7c c0df8a60 c49eea40 b6e38000 0000001a c3a41d50 c0892960 <0>[ 388.635302] 5ee0: c49eea40 c0892904 f2745f80 b6e38000 c6073c40 0000001a c5499540 c0629858 <0>[ 388.643689] 5f00: c8a36db8 00000000 00000000 00000000 00000000 0000001a b6e38000 0001ffe6 <0>[ 388.652176] 5f20: 00000001 00000000 c49ee140 00000000 00000000 00000000 00000000 00000000 <0>[ 388.660665] 5f40: 00000000 00000000 00000000 00000000 40000000 5bed9195 c6073c40 c49eea40 <0>[ 388.669152] 5f60: c49eea40 00000000 00000000 c03002f0 c6073c40 00000004 0042fe38 c0629db4 <0>[ 388.677638] 5f80: 00000000 00000000 c0303920 5bed9195 b6fbaa70 0000001a 0000001a 7ff00000 <0>[ 388.686120] 5fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 <0>[ 388.694594] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 0042fe38 <0>[ 388.703069] 5fe0: 00000004 bebc9788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 388.711535] Call trace: <0>[ 388.711552] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 388.720672] __check_object_size from do_usercopy_stack+0x32c/0x380 <0>[ 388.727164] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 388.733241] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 388.739012] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 388.744683] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 388.750160] vfs_write from ksys_write+0x78/0xf8 <0>[ 388.755029] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 388.760494] Exception stack(0xf2745fa8 to 0xf2745ff0) <0>[ 388.765856] 5fa0: 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 <0>[ 388.774332] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 0042fe38 <0>[ 388.782802] 5fe0: 00000004 bebc9788 b6efe33b b6e77616 <0>[ 388.788160] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) <4>[ 388.794518] ---[ end trace 0000000000000000 ]--- <6>[ 388.799365] note: cat[4536] exited with irqs disabled # Segmentation fault # [ 388.143578] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_FROM # [ 388.149199] lkdtm: good_stack: f2745e74-f2745e94 # [ 388.153874] lkdtm: bad_stack : f2745dec-f2745e0c # [ 388.159398] lkdtm: attempting good copy_from_user of local stack # [ 388.165196] lkdtm: attempting bad copy_from_user of distant stack # [ 388.171476] usercopy: Kernel memory overwrite attempt detected to process stack (offset 84, size 32)! # [ 388.180965] ------------[ cut here ]------------ # [ 388.185725] kernel BUG at mm/usercopy.c:102! # [ 388.190281] Internal error: Oops - BUG: 0 [#23] SMP ARM # [ 388.195743] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 388.233861] CPU: 1 UID: 0 PID: 4536 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 388.243554] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 388.248699] Hardware name: STM32 (Device Tree Support) # [ 388.254147] PC is at usercopy_abort+0x98/0x9c # [ 388.258819] LR is at usercopy_abort+0x98/0x9c # [ 388.263376] pc : [] lr : [] psr: 60080013 # [ 388.269933] sp : f2745e20 ip : 00000000 fp : f0f0f0f1 # [ 388.275483] r10: c19712a4 r9 : c6073c40 r8 : f2745e0c # [ 388.281033] r7 : 00000000 r6 : 00000020 r5 : 00000020 r4 : 00000054 # [ 388.287790] r3 : c6073c40 r2 : 00000000 r1 : 00000000 r0 : 00000059 # [ 388.294650] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 388.302015] Control: 10c5387d Table: c8a3406a DAC: 00000051 # [ 388.308066] Register r0 information: non-paged memory # [ 388.313426] Register r1 information: NULL pointer # [ 388.318378] Register r2 information: NULL pointer # [ 388.323329] Register r3 information: slab task_struct start c6073c00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 388.337104] copy_process+0x1f4/0x1f78 # [ 388.341362] kernel_clone+0xac/0x388 # [ 388.345517] sys_clone+0x78/0x9c # [ 388.349270] ret_fast_syscall+0x0/0x1c # [ 388.353521] Free path: # [ 388.356252] rcu_core+0x2dc/0xb14 # [ 388.360104] handle_softirqs+0x15c/0x430 # [ 388.364561] irq_exit+0xac/0xd4 # [ 388.368212] call_with_stack+0x18/0x20 # [ 388.372473] __irq_svc+0x9c/0xb8 # [ 388.376219] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 388.381581] kmem_cache_free+0x1a8/0x3c0 # [ 388.386044] xprt_release+0xac/0x14c # [ 388.390095] rpc_release_resources_task+0x14/0x70 # [ 388.395356] __rpc_execute+0x1e0/0x5d0 # [ 388.399712] rpc_async_schedule+0x24/0x40 # [ 388.404168] process_one_work+0x1b8/0x450 # [ 388.408723] worker_thread+0x1d4/0x3c4 # [ 388.413075] kthread+0xe8/0x104 # [ 388.416723] ret_from_fork+0x14/0x28 # [ 388.420772] Register r4 information: non-paged memory # [ 388.426128] Register r5 information: non-paged memory # [ 388.431482] Register r6 information: non-paged memory # [ 388.436835] Register r7 information: NULL pointer # [ 388.441785] Register r8 information: 2-page vmalloc region starting at 0xf2744000 allocated at kernel_clone+0xac/0x388 # [ 388.452794] Register r9 information: slab task_struct start c6073c00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 388.466556] copy_process+0x1f4/0x1f78 # [ 388.470812] kernel_clone+0xac/0x388 # [ 388.474966] sys_clone+0x78/0x9c # [ 388.478718] ret_fast_syscall+0x0/0x1c # [ 388.482967] Free path: # [ 388.485697] rcu_core+0x2dc/0xb14 # [ 388.489548] handle_softirqs+0x15c/0x430 # [ 388.494003] irq_exit+0xac/0xd4 # [ 388.497653] call_with_stack+0x18/0x20 # [ 388.501911] __irq_svc+0x9c/0xb8 # [ 388.505658] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 388.511017] kmem_cache_free+0x1a8/0x3c0 # [ 388.515477] xprt_release+0xac/0x14c # [ 388.519625] rpc_release_resources_task+0x14/0x70 # [ 388.524884] __rpc_execute+0x1e0/0x5d0 # [ 388.529139] rpc_async_schedule+0x24/0x40 # [ 388.533695] process_one_work+0x1b8/0x450 # [ 388.538249] worker_thread+0x1d4/0x3c4 # [ 388.542500] kthread+0xe8/0x104 # [ 388.546147] ret_from_fork+0x14/0x28 # [ 388.550295] Register r10 information: non-slab/vmalloc memory # [ 388.556357] Register r11 information: 0-page vmalloc region starting at 0xf0f0b000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 388.568667] Register r12 information: NULL pointer # [ 388.573720] Process cat (pid: 4536, stack limit = 0xf2744000) # [ 388.579777] Stack: (0xf2745e20 to 0xf2746000) # [ 388.584334] 5e20: c1e8aefc c1e8aefc c1e8aefc 00000054 00000020 c03ca338 f2745e5c c0621ed4 # [ 388.592808] 5e40: 00000020 c16cc10c f2745e5c 00000020 b6f99000 f2745dec 00000001 00000000 # [ 388.601381] 5e60: c6073c40 c0dfb534 00000022 00000000 f2745dec 00000000 00000000 00000000 # [ 388.609858] 5e80: 00000000 00000000 00000000 00000000 00000000 5bed9195 f2745ebc 0000001a # [ 388.618337] 5ea0: c52cf000 00000000 f2745f80 c26882f8 f2745f80 c5499540 0042fe38 c0df8798 # [ 388.626816] 5ec0: 0000001a c0df8b7c c0df8a60 c49eea40 b6e38000 0000001a c3a41d50 c0892960 # [ 388.635302] 5ee0: c49eea40 c0892904 f2745f80 b6e38000 c6073c40 0000001a c5499540 c0629858 # [ 388.643689] 5f00: c8a36db8 00000000 00000000 00000000 00000000 0000001a b6e38000 0001ffe6 # [ 388.652176] 5f20: 00000001 00000000 c49ee140 00000000 00000000 00000000 00000000 00000000 # [ 388.660665] 5f40: 00000000 00000000 00000000 00000000 40000000 5bed9195 c6073c40 c49eea40 # [ 388.669152] 5f60: c49eea40 00000000 00000000 c03002f0 c6073c40 00000004 0042fe38 c0629db4 # [ 388.677638] 5f80: 00000000 00000000 c0303920 5bed9195 b6fbaa70 0000001a 0000001a 7ff00000 # [ 388.686120] 5fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 # [ 388.694594] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 0042fe38 # [ 388.703069] 5fe0: 00000004 bebc9788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 388.711535] Call trace: # [ 388.711552] usercopy_abort from __check_object_size+0x164/0x310 # [ 388.720672] __check_object_size from do_usercopy_stack+0x32c/0x380 # [ 388.727164] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 388.733241] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 388.739012] direct_entry from full_proxy_write+0x5c/0x8c # [ 388.744683] full_proxy_write from vfs_write+0xbc/0x3cc # [ 388.750160] vfs_write from ksys_write+0x78/0xf8 # [ 388.755029] ksys_write from ret_fast_syscall+0x0/0x1c # [ 388.760494] Exception stack(0xf2745fa8 to 0xf2745ff0) # [ 388.765856] 5fa0: 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 # [ 388.774332] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 0042fe38 # [ 388.782802] 5fe0: 00000004 bebc9788 b6efe33b b6e77616 # [ 388.788160] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) # [ 388.794518] ---[ end trace 0000000000000000 ]--- # [ 388.799365] note: cat[4536] exited with irqs disabled # USERCOPY_STACK_FRAME_FROM: saw 'call trace:': ok ok 74 selftests: lkdtm: USERCOPY_STACK_FRAME_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_BEYOND.sh <6>[ 391.161671] lkdtm: Performing direct entry USERCOPY_STACK_BEYOND <6>[ 391.166696] lkdtm: good_stack: f27b9e74-f27b9e94 <6>[ 391.172032] lkdtm: bad_stack : f27b9ffc-f27ba01c <6>[ 391.176654] lkdtm: attempting good copy_to_user of local stack <6>[ 391.182737] lkdtm: attempting bad copy_to_user of distant stack <0>[ 391.188818] usercopy: Kernel memory exposure attempt detected from process stack (offset 4294966852, size 32)! <4>[ 391.199150] ------------[ cut here ]------------ <2>[ 391.203911] kernel BUG at mm/usercopy.c:102! <0>[ 391.208470] Internal error: Oops - BUG: 0 [#24] SMP ARM <4>[ 391.213930] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 391.252047] CPU: 1 UID: 0 PID: 4622 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 391.261738] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 391.266884] Hardware name: STM32 (Device Tree Support) <4>[ 391.272332] PC is at usercopy_abort+0x98/0x9c <4>[ 391.277004] LR is at usercopy_abort+0x98/0x9c <4>[ 391.281663] pc : [] lr : [] psr: 60080013 <4>[ 391.288220] sp : f27b9e20 ip : 00000000 fp : f0f0f0f1 <4>[ 391.293672] r10: c19712a4 r9 : c83f1440 r8 : f27ba01c <4>[ 391.299223] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : fffffe44 <4>[ 391.305982] r3 : c83f1440 r2 : 00000000 r1 : 00000000 r0 : 00000062 <4>[ 391.312843] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 391.320209] Control: 10c5387d Table: c8b9006a DAC: 00000051 <1>[ 391.326261] Register r0 information: non-paged memory <1>[ 391.331623] Register r1 information: NULL pointer <1>[ 391.336575] Register r2 information: NULL pointer <1>[ 391.341526] Register r3 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 391.355302] copy_process+0x1f4/0x1f78 <6>[ 391.359563] kernel_clone+0xac/0x388 <6>[ 391.363718] sys_clone+0x78/0x9c <6>[ 391.367471] ret_fast_syscall+0x0/0x1c <4>[ 391.371721] Free path: <6>[ 391.374452] rcu_core+0x2dc/0xb14 <6>[ 391.378305] handle_softirqs+0x15c/0x430 <6>[ 391.382762] irq_exit+0xac/0xd4 <6>[ 391.386412] call_with_stack+0x18/0x20 <6>[ 391.390671] __irq_svc+0x9c/0xb8 <6>[ 391.394417] search_index+0x54/0xd8 <6>[ 391.398474] unwind_frame+0x94/0x92c <6>[ 391.402631] arch_stack_walk+0x84/0x100 <6>[ 391.406982] stack_trace_save+0x50/0x78 <6>[ 391.411341] set_track_prepare+0x40/0x74 <6>[ 391.415800] free_to_partial_list+0x390/0x58c <6>[ 391.420660] kmem_cache_free+0x1a8/0x3c0 <6>[ 391.425118] do_sys_openat2+0xa8/0xe4 <6>[ 391.429374] sys_openat+0x98/0xd4 <6>[ 391.433227] ret_fast_syscall+0x0/0x1c <1>[ 391.437475] Register r4 information: non-paged memory <1>[ 391.442832] Register r5 information: non-paged memory <1>[ 391.448085] Register r6 information: non-paged memory <1>[ 391.453440] Register r7 information: non-paged memory <1>[ 391.458793] Register r8 information: vmalloc memory <1>[ 391.463948] Register r9 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 391.477710] copy_process+0x1f4/0x1f78 <6>[ 391.481967] kernel_clone+0xac/0x388 <6>[ 391.486022] sys_clone+0x78/0x9c <6>[ 391.489774] ret_fast_syscall+0x0/0x1c <4>[ 391.494123] Free path: <6>[ 391.496852] rcu_core+0x2dc/0xb14 <6>[ 391.500603] handle_softirqs+0x15c/0x430 <6>[ 391.505059] irq_exit+0xac/0xd4 <6>[ 391.508809] call_with_stack+0x18/0x20 <6>[ 391.513066] __irq_svc+0x9c/0xb8 <6>[ 391.516813] search_index+0x54/0xd8 <6>[ 391.520869] unwind_frame+0x94/0x92c <6>[ 391.524924] arch_stack_walk+0x84/0x100 <6>[ 391.529275] stack_trace_save+0x50/0x78 <6>[ 391.533732] set_track_prepare+0x40/0x74 <6>[ 391.538188] free_to_partial_list+0x390/0x58c <6>[ 391.543049] kmem_cache_free+0x1a8/0x3c0 <6>[ 391.547506] do_sys_openat2+0xa8/0xe4 <6>[ 391.551660] sys_openat+0x98/0xd4 <6>[ 391.555512] ret_fast_syscall+0x0/0x1c <1>[ 391.559862] Register r10 information: non-slab/vmalloc memory <1>[ 391.565822] Register r11 information: 0-page vmalloc region starting at 0xf0f0b000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 391.578132] Register r12 information: NULL pointer <0>[ 391.583286] Process cat (pid: 4622, stack limit = 0xf27b8000) <0>[ 391.589243] Stack: (0xf27b9e20 to 0xf27ba000) <0>[ 391.593899] 9e20: c1e8aefc c1e8aefc c1e8aefc fffffe44 00000020 c03ca338 f27b9e5c c0621ed4 <0>[ 391.602374] 9e40: 00000020 c16cc10c f27b9e5c 00000020 b6f4e000 f27b9ffc 00000000 00000001 <0>[ 391.610849] 9e60: c83f1440 c0dfb560 00000022 00000000 f27b9ffc 73696854 20736920 65742061 <0>[ 391.619323] 9e80: 0a2e7473 69685400 73692073 74206120 2e747365 98f5a249 f27b9ebc 00000016 <0>[ 391.627805] 9ea0: c8ac3000 00000000 f27b9f80 c2688300 f27b9f80 c515ce00 0041fe38 c0df8798 <0>[ 391.636293] 9ec0: 00000016 c0df8b7c c0df8a60 c49ee840 b6de8000 00000016 c3a41d50 c0892960 <0>[ 391.644781] 9ee0: c49ee840 c0892904 f27b9f80 b6de8000 c83f1440 00000016 c515ce00 c0629858 <0>[ 391.653269] 9f00: c8b92db0 00000000 00000000 00000000 00000000 00000016 b6de8000 0001ffea <0>[ 391.661755] 9f20: 00000001 00000000 c49ee640 00000000 00000000 00000000 00000000 00000000 <0>[ 391.670241] 9f40: 00000000 00000000 00000000 00000000 00000022 98f5a249 00000000 c49ee840 <0>[ 391.678727] 9f60: c49ee840 00000000 00000000 c03002f0 c83f1440 00000004 0041fe38 c0629db4 <0>[ 391.687208] 9f80: 00000000 00000000 00000000 98f5a249 000000c0 00000016 00000016 7ff00000 <0>[ 391.695683] 9fa0: 00000004 c03000c0 00000016 00000016 00000001 b6de8000 00000016 00000001 <0>[ 391.704159] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6de8000 00020000 0041fe38 <0>[ 391.712633] 9fe0: 00000004 bebfd788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 <0>[ 391.721099] Call trace: <0>[ 391.721115] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 391.730136] __check_object_size from do_usercopy_stack+0x358/0x380 <0>[ 391.736724] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 391.742799] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 391.748568] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 391.754241] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 391.759718] vfs_write from ksys_write+0x78/0xf8 <0>[ 391.764588] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 391.770053] Exception stack(0xf27b9fa8 to 0xf27b9ff0) <0>[ 391.775411] 9fa0: 00000016 00000016 00000001 b6de8000 00000016 00000001 <0>[ 391.783886] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6de8000 00020000 0041fe38 <0>[ 391.792356] 9fe0: 00000004 bebfd788 b6eae33b b6e27616 <0>[ 391.797613] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) <4>[ 391.804071] ---[ end trace 0000000000000000 ]--- <6>[ 391.808918] note: cat[4622] exited with irqs disabled # Segmentation fault # [ 391.161671] lkdtm: Performing direct entry USERCOPY_STACK_BEYOND # [ 391.166696] lkdtm: good_stack: f27b9e74-f27b9e94 # [ 391.172032] lkdtm: bad_stack : f27b9ffc-f27ba01c # [ 391.176654] lkdtm: attempting good copy_to_user of local stack # [ 391.182737] lkdtm: attempting bad copy_to_user of distant stack # [ 391.188818] usercopy: Kernel memory exposure attempt detected from process stack (offset 4294966852, size 32)! # [ 391.199150] ------------[ cut here ]------------ # [ 391.203911] kernel BUG at mm/usercopy.c:102! # [ 391.208470] Internal error: Oops - BUG: 0 [#24] SMP ARM # [ 391.213930] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 391.252047] CPU: 1 UID: 0 PID: 4622 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 391.261738] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 391.266884] Hardware name: STM32 (Device Tree Support) # [ 391.272332] PC is at usercopy_abort+0x98/0x9c # [ 391.277004] LR is at usercopy_abort+0x98/0x9c # [ 391.281663] pc : [] lr : [] psr: 60080013 # [ 391.288220] sp : f27b9e20 ip : 00000000 fp : f0f0f0f1 # [ 391.293672] r10: c19712a4 r9 : c83f1440 r8 : f27ba01c # [ 391.299223] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : fffffe44 # [ 391.305982] r3 : c83f1440 r2 : 00000000 r1 : 00000000 r0 : 00000062 # [ 391.312843] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 391.320209] Control: 10c5387d Table: c8b9006a DAC: 00000051 # [ 391.326261] Register r0 information: non-paged memory # [ 391.331623] Register r1 information: NULL pointer # [ 391.336575] Register r2 information: NULL pointer # [ 391.341526] Register r3 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 391.355302] copy_process+0x1f4/0x1f78 # [ 391.359563] kernel_clone+0xac/0x388 # [ 391.363718] sys_clone+0x78/0x9c # [ 391.367471] ret_fast_syscall+0x0/0x1c # [ 391.371721] Free path: # [ 391.374452] rcu_core+0x2dc/0xb14 # [ 391.378305] handle_softirqs+0x15c/0x430 # [ 391.382762] irq_exit+0xac/0xd4 # [ 391.386412] call_with_stack+0x18/0x20 # [ 391.390671] __irq_svc+0x9c/0xb8 # [ 391.394417] search_index+0x54/0xd8 # [ 391.398474] unwind_frame+0x94/0x92c # [ 391.402631] arch_stack_walk+0x84/0x100 # [ 391.406982] stack_trace_save+0x50/0x78 # [ 391.411341] set_track_prepare+0x40/0x74 # [ 391.415800] free_to_partial_list+0x390/0x58c # [ 391.420660] kmem_cache_free+0x1a8/0x3c0 # [ 391.425118] do_sys_openat2+0xa8/0xe4 # [ 391.429374] sys_openat+0x98/0xd4 # [ 391.433227] ret_fast_syscall+0x0/0x1c # [ 391.437475] Register r4 information: non-paged memory # [ 391.442832] Register r5 information: non-paged memory # [ 391.448085] Register r6 information: non-paged memory # [ 391.453440] Register r7 information: non-paged memory # [ 391.458793] Register r8 information: vmalloc memory # [ 391.463948] Register r9 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 391.477710] copy_process+0x1f4/0x1f78 # [ 391.481967] kernel_clone+0xac/0x388 # [ 391.486022] sys_clone+0x78/0x9c # [ 391.489774] ret_fast_syscall+0x0/0x1c # [ 391.494123] Free path: # [ 391.496852] rcu_core+0x2dc/0xb14 # [ 391.500603] handle_softirqs+0x15c/0x430 # [ 391.505059] irq_exit+0xac/0xd4 # [ 391.508809] call_with_stack+0x18/0x20 # [ 391.513066] __irq_svc+0x9c/0xb8 # [ 391.516813] search_index+0x54/0xd8 # [ 391.520869] unwind_frame+0x94/0x92c # [ 391.524924] arch_stack_walk+0x84/0x100 # [ 391.529275] stack_trace_save+0x50/0x78 # [ 391.533732] set_track_prepare+0x40/0x74 # [ 391.538188] free_to_partial_list+0x390/0x58c # [ 391.543049] kmem_cache_free+0x1a8/0x3c0 # [ 391.547506] do_sys_openat2+0xa8/0xe4 # [ 391.551660] sys_openat+0x98/0xd4 # [ 391.555512] ret_fast_syscall+0x0/0x1c # [ 391.559862] Register r10 information: non-slab/vmalloc memory # [ 391.565822] Register r11 information: 0-page vmalloc region starting at 0xf0f0b000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 391.578132] Register r12 information: NULL pointer # [ 391.583286] Process cat (pid: 4622, stack limit = 0xf27b8000) # [ 391.589243] Stack: (0xf27b9e20 to 0xf27ba000) # [ 391.593899] 9e20: c1e8aefc c1e8aefc c1e8aefc fffffe44 00000020 c03ca338 f27b9e5c c0621ed4 # [ 391.602374] 9e40: 00000020 c16cc10c f27b9e5c 00000020 b6f4e000 f27b9ffc 00000000 00000001 # [ 391.610849] 9e60: c83f1440 c0dfb560 00000022 00000000 f27b9ffc 73696854 20736920 65742061 # [ 391.619323] 9e80: 0a2e7473 69685400 73692073 74206120 2e747365 98f5a249 f27b9ebc 00000016 # [ 391.627805] 9ea0: c8ac3000 00000000 f27b9f80 c2688300 f27b9f80 c515ce00 0041fe38 c0df8798 # [ 391.636293] 9ec0: 00000016 c0df8b7c c0df8a60 c49ee840 b6de8000 00000016 c3a41d50 c0892960 # [ 391.644781] 9ee0: c49ee840 c0892904 f27b9f80 b6de8000 c83f1440 00000016 c515ce00 c0629858 # [ 391.653269] 9f00: c8b92db0 00000000 00000000 00000000 00000000 00000016 b6de8000 0001ffea # [ 391.661755] 9f20: 00000001 00000000 c49ee640 00000000 00000000 00000000 00000000 00000000 # [ 391.670241] 9f40: 00000000 00000000 00000000 00000000 00000022 98f5a249 00000000 c49ee840 # [ 391.678727] 9f60: c49ee840 00000000 00000000 c03002f0 c83f1440 00000004 0041fe38 c0629db4 # [ 391.687208] 9f80: 00000000 00000000 00000000 98f5a249 000000c0 00000016 00000016 7ff00000 # [ 391.695683] 9fa0: 00000004 c03000c0 00000016 00000016 00000001 b6de8000 00000016 00000001 # [ 391.704159] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6de8000 00020000 0041fe38 # [ 391.712633] 9fe0: 00000004 bebfd788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 # [ 391.721099] Call trace: # [ 391.721115] usercopy_abort from __check_object_size+0x164/0x310 # [ 391.730136] __check_object_size from do_usercopy_stack+0x358/0x380 # [ 391.736724] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 391.742799] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 391.748568] direct_entry from full_proxy_write+0x5c/0x8c # [ 391.754241] full_proxy_write from vfs_write+0xbc/0x3cc # [ 391.759718] vfs_write from ksys_write+0x78/0xf8 # [ 391.764588] ksys_write from ret_fast_syscall+0x0/0x1c # [ 391.770053] Exception stack(0xf27b9fa8 to 0xf27b9ff0) # [ 391.775411] 9fa0: 00000016 00000016 00000001 b6de8000 00000016 00000001 # [ 391.783886] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6de8000 00020000 0041fe38 # [ 391.792356] 9fe0: 00000004 bebfd788 b6eae33b b6e27616 # [ 391.797613] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) # [ 391.804071] ---[ end trace 0000000000000000 ]--- # [ 391.808918] note: cat[4622] exited with irqs disabled # USERCOPY_STACK_BEYOND: saw 'call trace:': ok ok 75 selftests: lkdtm: USERCOPY_STACK_BEYOND.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_KERNEL.sh <6>[ 393.801552] lkdtm: Performing direct entry USERCOPY_KERNEL <6>[ 393.806268] lkdtm: attempting good copy_to_user from kernel rodata: c19712a4 <6>[ 393.813496] lkdtm: attempting bad copy_to_user from kernel text: c059e0bc <0>[ 393.820927] usercopy: Kernel memory exposure attempt detected from kernel text (offset 2744508, size 4096)! <4>[ 393.830548] ------------[ cut here ]------------ <2>[ 393.835305] kernel BUG at mm/usercopy.c:102! <0>[ 393.839863] Internal error: Oops - BUG: 0 [#25] SMP ARM <4>[ 393.845423] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 393.883443] CPU: 1 UID: 0 PID: 4708 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 393.893135] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 393.898381] Hardware name: STM32 (Device Tree Support) <4>[ 393.903728] PC is at usercopy_abort+0x98/0x9c <4>[ 393.908399] LR is at usercopy_abort+0x98/0x9c <4>[ 393.913057] pc : [] lr : [] psr: 60080013 <4>[ 393.919615] sp : f2841e60 ip : 00000000 fp : 004cfe38 <4>[ 393.925064] r10: c515ce00 r9 : f2841f80 r8 : c059f0bc <4>[ 393.930615] r7 : 00000001 r6 : 00001000 r5 : 00001000 r4 : 0029e0bc <4>[ 393.937373] r3 : c705d040 r2 : 00000000 r1 : 00000000 r0 : 0000005f <4>[ 393.944232] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 393.951698] Control: 10c5387d Table: c8a7006a DAC: 00000051 <1>[ 393.957649] Register r0 information: non-paged memory <1>[ 393.963010] Register r1 information: NULL pointer <1>[ 393.967962] Register r2 information: NULL pointer <1>[ 393.973014] Register r3 information: slab task_struct start c705d000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 393.986687] copy_process+0x1f4/0x1f78 <6>[ 393.990944] kernel_clone+0xac/0x388 <6>[ 393.995099] sys_clone+0x78/0x9c <6>[ 393.998851] ret_fast_syscall+0x0/0x1c <4>[ 394.003104] Free path: <6>[ 394.005837] rcu_core+0x2dc/0xb14 <6>[ 394.009693] handle_softirqs+0x15c/0x430 <6>[ 394.014151] irq_exit+0xac/0xd4 <6>[ 394.017802] call_with_stack+0x18/0x20 <6>[ 394.022162] __irq_svc+0x9c/0xb8 <6>[ 394.025909] unwind_frame+0x1f0/0x92c <6>[ 394.030069] arch_stack_walk+0x84/0x100 <6>[ 394.034421] stack_trace_save+0x50/0x78 <6>[ 394.038780] set_track_prepare+0x40/0x74 <6>[ 394.043238] ___slab_alloc+0xd28/0xd7c <6>[ 394.047595] kmem_cache_alloc_node_noprof+0x12c/0x3a8 <6>[ 394.053161] kmalloc_reserve+0x94/0xfc <6>[ 394.057416] __alloc_skb+0xa4/0x184 <6>[ 394.061470] tcp_stream_alloc_skb+0x24/0x130 <6>[ 394.066233] tcp_sendmsg_locked+0x40c/0xdd8 <6>[ 394.070991] tcp_sendmsg+0x30/0x44 <1>[ 394.074946] Register r4 information: non-paged memory <1>[ 394.080202] Register r5 information: non-paged memory <1>[ 394.085558] Register r6 information: non-paged memory <1>[ 394.090912] Register r7 information: non-paged memory <1>[ 394.096265] Register r8 information: non-slab/vmalloc memory <1>[ 394.102225] Register r9 information: 2-page vmalloc region starting at 0xf2840000 allocated at kernel_clone+0xac/0x388 <1>[ 394.113236] Register r10 information: slab kmalloc-192 start c515cdc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 394.127096] full_proxy_open+0x124/0x24c <6>[ 394.131558] do_dentry_open+0x144/0x4dc <6>[ 394.135927] vfs_open+0x2c/0xec <6>[ 394.139592] path_openat+0x748/0x1198 <6>[ 394.143856] do_filp_open+0x98/0x134 <6>[ 394.147917] do_sys_openat2+0xbc/0xe4 <6>[ 394.152083] sys_openat+0x98/0xd4 <6>[ 394.155948] ret_fast_syscall+0x0/0x1c <4>[ 394.160206] Free path: <6>[ 394.162943] full_proxy_release+0x78/0xc0 <6>[ 394.167502] __fput+0xdc/0x2ec <6>[ 394.171049] task_work_run+0x98/0xc8 <6>[ 394.175209] do_exit+0x374/0xa1c <6>[ 394.178962] do_group_exit+0x40/0x8c <6>[ 394.183017] pid_child_should_wake+0x0/0x94 <1>[ 394.187778] Register r11 information: non-paged memory <1>[ 394.193241] Register r12 information: NULL pointer <0>[ 394.198300] Process cat (pid: 4708, stack limit = 0xf2840000) <0>[ 394.204260] Stack: (0xf2841e60 to 0xf2842000) <0>[ 394.208919] 1e60: c1e8aefc c1e8aefc c1e8aefc 0029e0bc 00001000 c0317008 c059e0bc c0622064 <0>[ 394.217394] 1e80: 00001000 c16cc10c f2841e9c b6f7e000 00001000 00000011 f2841f80 c2688318 <0>[ 394.225868] 1ea0: f2841f80 c0dfa7a0 00000022 00000000 00000010 c8cce000 00000000 c0df8798 <0>[ 394.234344] 1ec0: 00000010 c0df8b7c c0df8a60 c49ee640 b6e18000 00000010 c3a41d50 c0892960 <0>[ 394.242822] 1ee0: c49ee640 c0892904 f2841f80 b6e18000 c705d040 00000010 c515ce00 c0629858 <0>[ 394.251297] 1f00: c8a72db8 00000000 00000000 00000000 00000000 00000010 b6e18000 0001fff0 <0>[ 394.259771] 1f20: 00000001 00000000 c49ee740 00000000 00000000 00000000 00000000 00000000 <0>[ 394.268245] 1f40: 00000000 00000000 00000000 00000000 00000022 d260b3a5 00000000 c49ee640 <0>[ 394.276819] 1f60: c49ee640 00000000 00000000 c03002f0 c705d040 00000004 004cfe38 c0629db4 <0>[ 394.285293] 1f80: 00000000 00000000 00000000 d260b3a5 000000c0 00000010 00000010 7ff00000 <0>[ 394.293766] 1fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e18000 00000010 00000001 <0>[ 394.302241] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 <0>[ 394.310714] 1fe0: 00000004 be814788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 <0>[ 394.319179] Call trace: <0>[ 394.319194] usercopy_abort from __check_object_size+0x2f4/0x310 <0>[ 394.328211] __check_object_size from lkdtm_USERCOPY_KERNEL+0x15c/0x1f8 <0>[ 394.335200] lkdtm_USERCOPY_KERNEL from lkdtm_do_action+0x24/0x4c <0>[ 394.341578] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 394.347351] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 394.353023] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 394.358502] vfs_write from ksys_write+0x78/0xf8 <0>[ 394.363370] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 394.368834] Exception stack(0xf2841fa8 to 0xf2841ff0) <0>[ 394.374192] 1fa0: 00000010 00000010 00000001 b6e18000 00000010 00000001 <0>[ 394.382666] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 <0>[ 394.391135] 1fe0: 00000004 be814788 b6ede33b b6e57616 <0>[ 394.396393] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) <4>[ 394.402850] ---[ end trace 0000000000000000 ]--- <6>[ 394.407697] note: cat[4708] exited with irqs disabled # Segmentation fault # [ 393.801552] lkdtm: Performing direct entry USERCOPY_KERNEL # [ 393.806268] lkdtm: attempting good copy_to_user from kernel rodata: c19712a4 # [ 393.813496] lkdtm: attempting bad copy_to_user from kernel text: c059e0bc # [ 393.820927] usercopy: Kernel memory exposure attempt detected from kernel text (offset 2744508, size 4096)! # [ 393.830548] ------------[ cut here ]------------ # [ 393.835305] kernel BUG at mm/usercopy.c:102! # [ 393.839863] Internal error: Oops - BUG: 0 [#25] SMP ARM # [ 393.845423] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 393.883443] CPU: 1 UID: 0 PID: 4708 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 393.893135] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 393.898381] Hardware name: STM32 (Device Tree Support) # [ 393.903728] PC is at usercopy_abort+0x98/0x9c # [ 393.908399] LR is at usercopy_abort+0x98/0x9c # [ 393.913057] pc : [] lr : [] psr: 60080013 # [ 393.919615] sp : f2841e60 ip : 00000000 fp : 004cfe38 # [ 393.925064] r10: c515ce00 r9 : f2841f80 r8 : c059f0bc # [ 393.930615] r7 : 00000001 r6 : 00001000 r5 : 00001000 r4 : 0029e0bc # [ 393.937373] r3 : c705d040 r2 : 00000000 r1 : 00000000 r0 : 0000005f # [ 393.944232] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 393.951698] Control: 10c5387d Table: c8a7006a DAC: 00000051 # [ 393.957649] Register r0 information: non-paged memory # [ 393.963010] Register r1 information: NULL pointer # [ 393.967962] Register r2 information: NULL pointer # [ 393.973014] Register r3 information: slab task_struct start c705d000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 393.986687] copy_process+0x1f4/0x1f78 # [ 393.990944] kernel_clone+0xac/0x388 # [ 393.995099] sys_clone+0x78/0x9c # [ 393.998851] ret_fast_syscall+0x0/0x1c # [ 394.003104] Free path: # [ 394.005837] rcu_core+0x2dc/0xb14 # [ 394.009693] handle_softirqs+0x15c/0x430 # [ 394.014151] irq_exit+0xac/0xd4 # [ 394.017802] call_with_stack+0x18/0x20 # [ 394.022162] __irq_svc+0x9c/0xb8 # [ 394.025909] unwind_frame+0x1f0/0x92c # [ 394.030069] arch_stack_walk+0x84/0x100 # [ 394.034421] stack_trace_save+0x50/0x78 # [ 394.038780] set_track_prepare+0x40/0x74 # [ 394.043238] ___slab_alloc+0xd28/0xd7c # [ 394.047595] kmem_cache_alloc_node_noprof+0x12c/0x3a8 # [ 394.053161] kmalloc_reserve+0x94/0xfc # [ 394.057416] __alloc_skb+0xa4/0x184 # [ 394.061470] tcp_stream_alloc_skb+0x24/0x130 # [ 394.066233] tcp_sendmsg_locked+0x40c/0xdd8 # [ 394.070991] tcp_sendmsg+0x30/0x44 # [ 394.074946] Register r4 information: non-paged memory # [ 394.080202] Register r5 information: non-paged memory # [ 394.085558] Register r6 information: non-paged memory # [ 394.090912] Register r7 information: non-paged memory # [ 394.096265] Register r8 information: non-slab/vmalloc memory # [ 394.102225] Register r9 information: 2-page vmalloc region starting at 0xf2840000 allocated at kernel_clone+0xac/0x388 # [ 394.113236] Register r10 information: slab kmalloc-192 start c515cdc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 394.127096] full_proxy_open+0x124/0x24c # [ 394.131558] do_dentry_open+0x144/0x4dc # [ 394.135927] vfs_open+0x2c/0xec # [ 394.139592] path_openat+0x748/0x1198 # [ 394.143856] do_filp_open+0x98/0x134 # [ 394.147917] do_sys_openat2+0xbc/0xe4 # [ 394.152083] sys_openat+0x98/0xd4 # [ 394.155948] ret_fast_syscall+0x0/0x1c # [ 394.160206] Free path: # [ 394.162943] full_proxy_release+0x78/0xc0 # [ 394.167502] __fput+0xdc/0x2ec # [ 394.171049] task_work_run+0x98/0xc8 # [ 394.175209] do_exit+0x374/0xa1c # [ 394.178962] do_group_exit+0x40/0x8c # [ 394.183017] pid_child_should_wake+0x0/0x94 # [ 394.187778] Register r11 information: non-paged memory # [ 394.193241] Register r12 information: NULL pointer # [ 394.198300] Process cat (pid: 4708, stack limit = 0xf2840000) # [ 394.204260] Stack: (0xf2841e60 to 0xf2842000) # [ 394.208919] 1e60: c1e8aefc c1e8aefc c1e8aefc 0029e0bc 00001000 c0317008 c059e0bc c0622064 # [ 394.217394] 1e80: 00001000 c16cc10c f2841e9c b6f7e000 00001000 00000011 f2841f80 c2688318 # [ 394.225868] 1ea0: f2841f80 c0dfa7a0 00000022 00000000 00000010 c8cce000 00000000 c0df8798 # [ 394.234344] 1ec0: 00000010 c0df8b7c c0df8a60 c49ee640 b6e18000 00000010 c3a41d50 c0892960 # [ 394.242822] 1ee0: c49ee640 c0892904 f2841f80 b6e18000 c705d040 00000010 c515ce00 c0629858 # [ 394.251297] 1f00: c8a72db8 00000000 00000000 00000000 00000000 00000010 b6e18000 0001fff0 # [ 394.259771] 1f20: 00000001 00000000 c49ee740 00000000 00000000 00000000 00000000 00000000 # [ 394.268245] 1f40: 00000000 00000000 00000000 00000000 00000022 d260b3a5 00000000 c49ee640 # [ 394.276819] 1f60: c49ee640 00000000 00000000 c03002f0 c705d040 00000004 004cfe38 c0629db4 # [ 394.285293] 1f80: 00000000 00000000 00000000 d260b3a5 000000c0 00000010 00000010 7ff00000 # [ 394.293766] 1fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e18000 00000010 00000001 # [ 394.302241] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 # [ 394.310714] 1fe0: 00000004 be814788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 # [ 394.319179] Call trace: # [ 394.319194] usercopy_abort from __check_object_size+0x2f4/0x310 # [ 394.328211] __check_object_size from lkdtm_USERCOPY_KERNEL+0x15c/0x1f8 # [ 394.335200] lkdtm_USERCOPY_KERNEL from lkdtm_do_action+0x24/0x4c # [ 394.341578] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 394.347351] direct_entry from full_proxy_write+0x5c/0x8c # [ 394.353023] full_proxy_write from vfs_write+0xbc/0x3cc # [ 394.358502] vfs_write from ksys_write+0x78/0xf8 # [ 394.363370] ksys_write from ret_fast_syscall+0x0/0x1c # [ 394.368834] Exception stack(0xf2841fa8 to 0xf2841ff0) # [ 394.374192] 1fa0: 00000010 00000010 00000001 b6e18000 00000010 00000001 # [ 394.382666] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 # [ 394.391135] 1fe0: 00000004 be814788 b6ede33b b6e57616 # [ 394.396393] Code: e98d4001 e3080f44 e34c01ea ebfff356 (e7f001f2) # [ 394.402850] ---[ end trace 0000000000000000 ]--- # [ 394.407697] note: cat[4708] exited with irqs disabled # USERCOPY_KERNEL: saw 'call trace:': ok ok 76 selftests: lkdtm: USERCOPY_KERNEL.sh # timeout set to 45 # selftests: lkdtm: STACKLEAK_ERASING.sh <6>[ 396.507009] lkdtm: Performing direct entry STACKLEAK_ERASING <3>[ 396.511771] lkdtm: XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n) # [ 396.507009] lkdtm: Performing direct entry STACKLEAK_ERASING # [ 396.511771] lkdtm: XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n) # STACKLEAK_ERASING: saw 'XFAIL': [SKIP] ok 77 selftests: lkdtm: STACKLEAK_ERASING.sh # SKIP # timeout set to 45 # selftests: lkdtm: CFI_FORWARD_PROTO.sh <6>[ 398.052456] lkdtm: Performing direct entry CFI_FORWARD_PROTO <6>[ 398.057171] lkdtm: Calling matched prototype ... <6>[ 398.062009] lkdtm: Calling mismatched prototype ... <3>[ 398.067145] lkdtm: FAIL: survived mismatched prototype function call! <4>[ 398.073873] lkdtm: This is probably expected, since this kernel (6.12.0-rc2-next-20241011 armv7l) was built *without* CONFIG_CFI_CLANG=y # [ 398.052456] lkdtm: Performing direct entry CFI_FORWARD_PROTO # [ 398.057171] lkdtm: Calling matched prototype ... # [ 398.062009] lkdtm: Calling mismatched prototype ... # [ 398.067145] lkdtm: FAIL: survived mismatched prototype function call! # [ 398.073873] lkdtm: This is probably expected, since this kernel (6.12.0-rc2-next-20241011 armv7l) was built *without* CONFIG_CFI_CLANG=y # CFI_FORWARD_PROTO: missing 'call trace:': [FAIL] not ok 78 selftests: lkdtm: CFI_FORWARD_PROTO.sh # exit=1 # timeout set to 45 # selftests: lkdtm: CFI_BACKWARD.sh <6>[ 399.704326] lkdtm: Performing direct entry CFI_BACKWARD <6>[ 399.708533] lkdtm: Attempting unchecked stack return address redirection ... <4>[ 399.715861] lkdtm: Eek: return address mismatch! 0000000d != c16dc1b4 <3>[ 399.723098] lkdtm: FAIL: stack return address manipulation failed! # [ 399.704326] lkdtm: Performing direct entry CFI_BACKWARD # [ 399.708533] lkdtm: Attempting unchecked stack return address redirection ... # [ 399.715861] lkdtm: Eek: return address mismatch! 0000000d != c16dc1b4 # [ 399.723098] lkdtm: FAIL: stack return address manipulation failed! # CFI_BACKWARD: missing 'call trace:|ok: control flow unchanged': [FAIL] not ok 79 selftests: lkdtm: CFI_BACKWARD.sh # exit=1 # timeout set to 45 # selftests: lkdtm: FORTIFY_STRSCPY.sh <6>[ 401.279943] lkdtm: Performing direct entry FORTIFY_STRSCPY <4>[ 401.284514] ------------[ cut here ]------------ <4>[ 401.289371] WARNING: CPU: 1 PID: 4930 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 401.298648] strnlen: detected buffer overflow: 6 byte read of buffer size 5 <4>[ 401.305568] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 401.343555] CPU: 1 UID: 0 PID: 4930 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 401.353067] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 401.358319] Hardware name: STM32 (Device Tree Support) <4>[ 401.363668] Call trace: <4>[ 401.363682] unwind_backtrace from show_stack+0x18/0x1c <4>[ 401.371992] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 401.377366] dump_stack_lvl from __warn+0x84/0x134 <4>[ 401.382446] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 401.387827] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 401.393917] __fortify_report from __fortify_panic+0x8/0xc <4>[ 401.399691] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <4>[ 401.406269] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c <4>[ 401.412645] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 401.418414] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 401.424085] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 401.429565] vfs_write from ksys_write+0x78/0xf8 <4>[ 401.434533] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 401.439896] Exception stack(0xf2981fa8 to 0xf2981ff0) <4>[ 401.445255] 1fa0: 00000010 00000010 00000001 b6e58000 00000010 00000001 <4>[ 401.453729] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e58000 00020000 004dfe38 <4>[ 401.462198] 1fe0: 00000004 beb86788 b6f1e33b b6e97616 <4>[ 401.467700] ---[ end trace 0000000000000000 ]--- <4>[ 401.472577] ------------[ cut here ]------------ <2>[ 401.477342] kernel BUG at lib/string_helpers.c:1040! <0>[ 401.482600] Internal error: Oops - BUG: 0 [#26] SMP ARM <4>[ 401.488070] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 401.526196] CPU: 1 UID: 0 PID: 4930 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 401.535803] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 401.541062] Hardware name: STM32 (Device Tree Support) <4>[ 401.546420] PC is at __fortify_panic+0x8/0xc <4>[ 401.550992] LR is at __fortify_report+0x8c/0xd4 <4>[ 401.555772] pc : [] lr : [] psr: 60080013 <4>[ 401.562338] sp : f2981e88 ip : 00000000 fp : 004dfe38 <4>[ 401.567897] r10: c55f7400 r9 : f2981f80 r8 : c268838c <4>[ 401.573353] r7 : f2981f80 r6 : 00000000 r5 : 00000000 r4 : c6467940 <4>[ 401.580220] r3 : c8b4d040 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 <4>[ 401.586986] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 401.594459] Control: 10c5387d Table: c8d9006a DAC: 00000051 <1>[ 401.600515] Register r0 information: non-slab/vmalloc memory <1>[ 401.606386] Register r1 information: NULL pointer <1>[ 401.611341] Register r2 information: NULL pointer <1>[ 401.616393] Register r3 information: slab task_struct start c8b4d000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 401.630071] copy_process+0x1f4/0x1f78 <6>[ 401.634335] kernel_clone+0xac/0x388 <6>[ 401.638493] sys_clone+0x78/0x9c <6>[ 401.642249] ret_fast_syscall+0x0/0x1c <4>[ 401.646506] Free path: <6>[ 401.649238] rcu_core+0x2dc/0xb14 <6>[ 401.653093] handle_softirqs+0x15c/0x430 <6>[ 401.657552] irq_exit+0xac/0xd4 <6>[ 401.661202] __irq_svc+0x8c/0xb8 <6>[ 401.664950] default_idle_call+0x20/0xc0 <6>[ 401.669412] do_idle+0x25c/0x2f4 <6>[ 401.673164] cpu_startup_entry+0x30/0x34 <6>[ 401.677617] rest_init+0xd4/0xd8 <6>[ 401.681371] start_kernel+0x744/0x764 <1>[ 401.685633] Register r4 information: slab kmalloc-64 start c6467900 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STRSCPY+0x60/0x2fc <6>[ 401.699708] kstrdup+0x38/0x64 <6>[ 401.703261] lkdtm_FORTIFY_STRSCPY+0x60/0x2fc <6>[ 401.708118] lkdtm_do_action+0x24/0x4c <6>[ 401.712469] direct_entry+0x11c/0x140 <6>[ 401.716618] full_proxy_write+0x5c/0x8c <6>[ 401.720970] vfs_write+0xbc/0x3cc <6>[ 401.724828] ksys_write+0x78/0xf8 <6>[ 401.728673] ret_fast_syscall+0x0/0x1c <4>[ 401.732923] Free path: <6>[ 401.735652] rcu_core+0x2dc/0xb14 <6>[ 401.739503] handle_softirqs+0x15c/0x430 <6>[ 401.743959] irq_exit+0xac/0xd4 <6>[ 401.747608] __irq_svc+0x8c/0xb8 <6>[ 401.751355] default_idle_call+0x20/0xc0 <6>[ 401.755813] do_idle+0x25c/0x2f4 <6>[ 401.759662] cpu_startup_entry+0x30/0x34 <6>[ 401.764115] rest_init+0xd4/0xd8 <6>[ 401.767868] start_kernel+0x744/0x764 <1>[ 401.772024] Register r5 information: NULL pointer <1>[ 401.776980] Register r6 information: NULL pointer <1>[ 401.782033] Register r7 information: 2-page vmalloc region starting at 0xf2980000 allocated at kernel_clone+0xac/0x388 <1>[ 401.793043] Register r8 information: non-slab/vmalloc memory <1>[ 401.798904] Register r9 information: 2-page vmalloc region starting at 0xf2980000 allocated at kernel_clone+0xac/0x388 <1>[ 401.810009] Register r10 information: slab kmalloc-192 start c55f73c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 401.823866] full_proxy_open+0x124/0x24c <6>[ 401.828316] do_dentry_open+0x144/0x4dc <6>[ 401.832671] vfs_open+0x2c/0xec <6>[ 401.836323] path_openat+0x748/0x1198 <6>[ 401.840575] do_filp_open+0x98/0x134 <6>[ 401.844625] do_sys_openat2+0xbc/0xe4 <6>[ 401.848879] sys_openat+0x98/0xd4 <6>[ 401.852731] ret_fast_syscall+0x0/0x1c <4>[ 401.856981] Free path: <6>[ 401.859710] nfs_pgio_header_free+0x34/0x48 <6>[ 401.864470] nfs_write_completion+0x60/0x240 <6>[ 401.869224] rpc_free_task+0x34/0x54 <6>[ 401.873381] rpc_async_release+0x24/0x40 <6>[ 401.877836] process_one_work+0x1b8/0x450 <6>[ 401.882392] worker_thread+0x1d4/0x3c4 <6>[ 401.886644] kthread+0xe8/0x104 <6>[ 401.890293] ret_from_fork+0x14/0x28 <1>[ 401.894441] Register r11 information: non-paged memory <1>[ 401.899797] Register r12 information: NULL pointer <0>[ 401.904950] Process cat (pid: 4930, stack limit = 0xf2980000) <0>[ 401.910907] Stack: (0xf2981e88 to 0xf2982000) <0>[ 401.915562] 1e80: c6467940 c0dfb8a4 004dfe38 683ca338 6f6c6c65 00000021 <0>[ 401.924037] 1ea0: 6f6f6600 00000000 00000000 6797625e f2981f80 00000010 c8c8e000 c0df8798 <0>[ 401.932512] 1ec0: 00000010 c0df8b7c c0df8a60 c8625040 b6e58000 00000010 c3a41d50 c0892960 <0>[ 401.940987] 1ee0: c8625040 c0892904 f2981f80 b6e58000 c8b4d040 00000010 c55f7400 c0629858 <0>[ 401.949460] 1f00: c8d92db8 00000000 00000000 00000000 00000000 00000010 b6e58000 0001fff0 <0>[ 401.958032] 1f20: 00000001 00000000 c8625f40 00000000 00000000 00000000 00000000 00000000 <0>[ 401.966506] 1f40: 00000000 00000000 00000000 00000000 00000022 6797625e 00000000 c8625040 <0>[ 401.974979] 1f60: c8625040 00000000 00000000 c03002f0 c8b4d040 00000004 004dfe38 c0629db4 <0>[ 401.983452] 1f80: 00000000 00000000 00000000 6797625e 000000c0 00000010 00000010 7ff00000 <0>[ 401.991926] 1fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e58000 00000010 00000001 <0>[ 402.000401] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e58000 00020000 004dfe38 <0>[ 402.008875] 1fe0: 00000004 beb86788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 <0>[ 402.017340] Call trace: <0>[ 402.017357] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <0>[ 402.026666] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c <0>[ 402.033044] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 402.038814] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 402.044585] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 402.050063] vfs_write from ksys_write+0x78/0xf8 <0>[ 402.054932] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 402.060395] Exception stack(0xf2981fa8 to 0xf2981ff0) <0>[ 402.065753] 1fa0: 00000010 00000010 00000001 b6e58000 00000010 00000001 <0>[ 402.074227] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e58000 00020000 004dfe38 <0>[ 402.082697] 1fe0: 00000004 beb86788 b6f1e33b b6e97616 <0>[ 402.088055] Code: e8bd47f0 eac97564 e92d4010 ebca0ffc (e7f001f2) <4>[ 402.094412] ---[ end trace 0000000000000000 ]--- <6>[ 402.099258] note: cat[4930] exited with irqs disabled # Segmentation fault # [ 401.279943] lkdtm: Performing direct entry FORTIFY_STRSCPY # [ 401.284514] ------------[ cut here ]------------ # [ 401.289371] WARNING: CPU: 1 PID: 4930 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 401.298648] strnlen: detected buffer overflow: 6 byte read of buffer size 5 # [ 401.305568] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 401.343555] CPU: 1 UID: 0 PID: 4930 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 401.353067] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 401.358319] Hardware name: STM32 (Device Tree Support) # [ 401.363668] Call trace: # [ 401.363682] unwind_backtrace from show_stack+0x18/0x1c # [ 401.371992] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 401.377366] dump_stack_lvl from __warn+0x84/0x134 # [ 401.382446] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 401.387827] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 401.393917] __fortify_report from __fortify_panic+0x8/0xc # [ 401.399691] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 401.406269] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c # [ 401.412645] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 401.418414] direct_entry from full_proxy_write+0x5c/0x8c # [ 401.424085] full_proxy_write from vfs_write+0xbc/0x3cc # [ 401.429565] vfs_write from ksys_write+0x78/0xf8 # [ 401.434533] ksys_write from ret_fast_syscall+0x0/0x1c # [ 401.439896] Exception stack(0xf2981fa8 to 0xf2981ff0) # [ 401.445255] 1fa0: 00000010 00000010 00000001 b6e58000 00000010 00000001 # [ 401.453729] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e58000 00020000 004dfe38 # [ 401.462198] 1fe0: 00000004 beb86788 b6f1e33b b6e97616 # [ 401.467700] ---[ end trace 0000000000000000 ]--- # [ 401.472577] ------------[ cut here ]------------ # [ 401.477342] kernel BUG at lib/string_helpers.c:1040! # [ 401.482600] Internal error: Oops - BUG: 0 [#26] SMP ARM # [ 401.488070] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 401.526196] CPU: 1 UID: 0 PID: 4930 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 401.535803] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 401.541062] Hardware name: STM32 (Device Tree Support) # [ 401.546420] PC is at __fortify_panic+0x8/0xc # [ 401.550992] LR is at __fortify_report+0x8c/0xd4 # [ 401.555772] pc : [] lr : [] psr: 60080013 # [ 401.562338] sp : f2981e88 ip : 00000000 fp : 004dfe38 # [ 401.567897] r10: c55f7400 r9 : f2981f80 r8 : c268838c # [ 401.573353] r7 : f2981f80 r6 : 00000000 r5 : 00000000 r4 : c6467940 # [ 401.580220] r3 : c8b4d040 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 # [ 401.586986] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 401.594459] Control: 10c5387d Table: c8d9006a DAC: 00000051 # [ 401.600515] Register r0 information: non-slab/vmalloc memory # [ 401.606386] Register r1 information: NULL pointer # [ 401.611341] Register r2 information: NULL pointer # [ 401.616393] Register r3 information: slab task_struct start c8b4d000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 401.630071] copy_process+0x1f4/0x1f78 # [ 401.634335] kernel_clone+0xac/0x388 # [ 401.638493] sys_clone+0x78/0x9c # [ 401.642249] ret_fast_syscall+0x0/0x1c # [ 401.646506] Free path: # [ 401.649238] rcu_core+0x2dc/0xb14 # [ 401.653093] handle_softirqs+0x15c/0x430 # [ 401.657552] irq_exit+0xac/0xd4 # [ 401.661202] __irq_svc+0x8c/0xb8 # [ 401.664950] default_idle_call+0x20/0xc0 # [ 401.669412] do_idle+0x25c/0x2f4 # [ 401.673164] cpu_startup_entry+0x30/0x34 # [ 401.677617] rest_init+0xd4/0xd8 # [ 401.681371] start_kernel+0x744/0x764 # [ 401.685633] Register r4 information: slab kmalloc-64 start c6467900 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STRSCPY+0x60/0x2fc # [ 401.699708] kstrdup+0x38/0x64 # [ 401.703261] lkdtm_FORTIFY_STRSCPY+0x60/0x2fc # [ 401.708118] lkdtm_do_action+0x24/0x4c # [ 401.712469] direct_entry+0x11c/0x140 # [ 401.716618] full_proxy_write+0x5c/0x8c # [ 401.720970] vfs_write+0xbc/0x3cc # [ 401.724828] ksys_write+0x78/0xf8 # [ 401.728673] ret_fast_syscall+0x0/0x1c # [ 401.732923] Free path: # [ 401.735652] rcu_core+0x2dc/0xb14 # [ 401.739503] handle_softirqs+0x15c/0x430 # [ 401.743959] irq_exit+0xac/0xd4 # [ 401.747608] __irq_svc+0x8c/0xb8 # [ 401.751355] default_idle_call+0x20/0xc0 # [ 401.755813] do_idle+0x25c/0x2f4 # [ 401.759662] cpu_startup_entry+0x30/0x34 # [ 401.764115] rest_init+0xd4/0xd8 # [ 401.767868] start_kernel+0x744/0x764 # [ 401.772024] Register r5 information: NULL pointer # [ 401.776980] Register r6 information: NULL pointer # [ 401.782033] Register r7 information: 2-page vmalloc region starting at 0xf2980000 allocated at kernel_clone+0xac/0x388 # [ 401.793043] Register r8 information: non-slab/vmalloc memory # [ 401.798904] Register r9 information: 2-page vmalloc region starting at 0xf2980000 allocated at kernel_clone+0xac/0x388 # [ 401.810009] Register r10 information: slab kmalloc-192 start c55f73c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 401.823866] full_proxy_open+0x124/0x24c # [ 401.828316] do_dentry_open+0x144/0x4dc # [ 401.832671] vfs_open+0x2c/0xec # [ 401.836323] path_openat+0x748/0x1198 # [ 401.840575] do_filp_open+0x98/0x134 # [ 401.844625] do_sys_openat2+0xbc/0xe4 # [ 401.848879] sys_openat+0x98/0xd4 # [ 401.852731] ret_fast_syscall+0x0/0x1c # [ 401.856981] Free path: # [ 401.859710] nfs_pgio_header_free+0x34/0x48 # [ 401.864470] nfs_write_completion+0x60/0x240 # [ 401.869224] rpc_free_task+0x34/0x54 # [ 401.873381] rpc_async_release+0x24/0x40 # [ 401.877836] process_one_work+0x1b8/0x450 # [ 401.882392] worker_thread+0x1d4/0x3c4 # [ 401.886644] kthread+0xe8/0x104 # [ 401.890293] ret_from_fork+0x14/0x28 # [ 401.894441] Register r11 information: non-paged memory # [ 401.899797] Register r12 information: NULL pointer # [ 401.904950] Process cat (pid: 4930, stack limit = 0xf2980000) # [ 401.910907] Stack: (0xf2981e88 to 0xf2982000) # [ 401.915562] 1e80: c6467940 c0dfb8a4 004dfe38 683ca338 6f6c6c65 00000021 # [ 401.924037] 1ea0: 6f6f6600 00000000 00000000 6797625e f2981f80 00000010 c8c8e000 c0df8798 # [ 401.932512] 1ec0: 00000010 c0df8b7c c0df8a60 c8625040 b6e58000 00000010 c3a41d50 c0892960 # [ 401.940987] 1ee0: c8625040 c0892904 f2981f80 b6e58000 c8b4d040 00000010 c55f7400 c0629858 # [ 401.949460] 1f00: c8d92db8 00000000 00000000 00000000 00000000 00000010 b6e58000 0001fff0 # [ 401.958032] 1f20: 00000001 00000000 c8625f40 00000000 00000000 00000000 00000000 00000000 # [ 401.966506] 1f40: 00000000 00000000 00000000 00000000 00000022 6797625e 00000000 c8625040 # [ 401.974979] 1f60: c8625040 00000000 00000000 c03002f0 c8b4d040 00000004 004dfe38 c0629db4 # [ 401.983452] 1f80: 00000000 00000000 00000000 6797625e 000000c0 00000010 00000010 7ff00000 # [ 401.991926] 1fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e58000 00000010 00000001 # [ 402.000401] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e58000 00020000 004dfe38 # [ 402.008875] 1fe0: 00000004 beb86788 b6f1e33b b6e97616 60080030 00000001 00000000 00000000 # [ 402.017340] Call trace: # [ 402.017357] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 402.026666] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c # [ 402.033044] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 402.038814] direct_entry from full_proxy_write+0x5c/0x8c # [ 402.044585] full_proxy_write from vfs_write+0xbc/0x3cc # [ 402.050063] vfs_write from ksys_write+0x78/0xf8 # [ 402.054932] ksys_write from ret_fast_syscall+0x0/0x1c # [ 402.060395] Exception stack(0xf2981fa8 to 0xf2981ff0) # [ 402.065753] 1fa0: 00000010 00000010 00000001 b6e58000 00000010 00000001 # [ 402.074227] 1fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e58000 00020000 004dfe38 # [ 402.082697] 1fe0: 00000004 beb86788 b6f1e33b b6e97616 # [ 402.088055] Code: e8bd47f0 eac97564 e92d4010 ebca0ffc (e7f001f2) # [ 402.094412] ---[ end trace 0000000000000000 ]--- # [ 402.099258] note: cat[4930] exited with irqs disabled # FORTIFY_STRSCPY: saw 'detected buffer overflow': ok ok 80 selftests: lkdtm: FORTIFY_STRSCPY.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_STR_OBJECT.sh <6>[ 404.205503] lkdtm: Performing direct entry FORTIFY_STR_OBJECT <6>[ 404.210320] lkdtm: trying to strcmp() past the end of a struct <4>[ 404.216363] ------------[ cut here ]------------ <4>[ 404.221352] WARNING: CPU: 1 PID: 5016 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 404.230112] strncpy: detected buffer overflow: 20 byte write of buffer size 10 <4>[ 404.237605] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 404.275777] CPU: 1 UID: 0 PID: 5016 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 404.285287] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 404.290541] Hardware name: STM32 (Device Tree Support) <4>[ 404.295890] Call trace: <4>[ 404.295905] unwind_backtrace from show_stack+0x18/0x1c <4>[ 404.304215] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 404.309593] dump_stack_lvl from __warn+0x84/0x134 <4>[ 404.314675] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 404.320056] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 404.326149] __fortify_report from __fortify_panic+0x8/0xc <4>[ 404.331931] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 <4>[ 404.338618] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c <4>[ 404.345204] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 404.350972] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 404.356643] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 404.362220] vfs_write from ksys_write+0x78/0xf8 <4>[ 404.367089] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 404.372453] Exception stack(0xf29f5fa8 to 0xf29f5ff0) <4>[ 404.377812] 5fa0: 00000013 00000013 00000001 b6dc8000 00000013 00000001 <4>[ 404.386287] 5fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dc8000 00020000 0050fe38 <4>[ 404.394757] 5fe0: 00000004 bed27788 b6e8e33b b6e07616 <4>[ 404.400253] ---[ end trace 0000000000000000 ]--- <4>[ 404.405162] ------------[ cut here ]------------ <2>[ 404.409930] kernel BUG at lib/string_helpers.c:1040! <0>[ 404.415189] Internal error: Oops - BUG: 0 [#27] SMP ARM <4>[ 404.420658] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 404.458784] CPU: 1 UID: 0 PID: 5016 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 404.468395] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 404.473652] Hardware name: STM32 (Device Tree Support) <4>[ 404.479111] PC is at __fortify_panic+0x8/0xc <4>[ 404.483584] LR is at __fortify_report+0x8c/0xd4 <4>[ 404.488463] pc : [] lr : [] psr: 60080013 <4>[ 404.495029] sp : f29f5e78 ip : 00000000 fp : 0050fe38 <4>[ 404.500487] r10: c55f72c0 r9 : f29f5f80 r8 : c268836c <4>[ 404.505946] r7 : f29f5f80 r6 : 00000000 r5 : c531a000 r4 : 00000013 <4>[ 404.512812] r3 : c83f1440 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 <4>[ 404.519677] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 404.527046] Control: 10c5387d Table: c8ac406a DAC: 00000051 <1>[ 404.533098] Register r0 information: non-slab/vmalloc memory <1>[ 404.539068] Register r1 information: NULL pointer <1>[ 404.544022] Register r2 information: NULL pointer <1>[ 404.548973] Register r3 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 404.562750] copy_process+0x1f4/0x1f78 <6>[ 404.567012] kernel_clone+0xac/0x388 <6>[ 404.571168] sys_clone+0x78/0x9c <6>[ 404.574921] ret_fast_syscall+0x0/0x1c <4>[ 404.579173] Free path: <6>[ 404.581903] rcu_core+0x2dc/0xb14 <6>[ 404.585757] handle_softirqs+0x15c/0x430 <6>[ 404.590215] irq_exit+0xac/0xd4 <6>[ 404.593865] call_with_stack+0x18/0x20 <6>[ 404.598125] __irq_svc+0x9c/0xb8 <6>[ 404.601872] nfs_do_lookup_revalidate+0x13c/0x2a4 <6>[ 404.607129] __nfs_lookup_revalidate+0x5c/0x138 <6>[ 404.612191] lookup_fast+0xe0/0x138 <6>[ 404.616240] walk_component+0x24/0x164 <6>[ 404.620490] path_lookupat+0x7c/0x1a4 <6>[ 404.624739] filename_lookup+0xc0/0x190 <6>[ 404.629093] vfs_statx+0x78/0xe8 <6>[ 404.632851] do_statx+0x74/0xb4 <6>[ 404.636506] sys_statx+0x78/0xf4 <6>[ 404.640258] ret_fast_syscall+0x0/0x1c <1>[ 404.644508] Register r4 information: non-paged memory <1>[ 404.649869] Register r5 information: non-slab/vmalloc memory <1>[ 404.655833] Register r6 information: NULL pointer <1>[ 404.660791] Register r7 information: 2-page vmalloc region starting at 0xf29f4000 allocated at kernel_clone+0xac/0x388 <1>[ 404.671807] Register r8 information: non-slab/vmalloc memory <1>[ 404.677769] Register r9 information: 2-page vmalloc region starting at 0xf29f4000 allocated at kernel_clone+0xac/0x388 <1>[ 404.688777] Register r10 information: slab kmalloc-192 start c55f7280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 404.702641] full_proxy_open+0x124/0x24c <6>[ 404.707193] do_dentry_open+0x144/0x4dc <6>[ 404.711550] vfs_open+0x2c/0xec <6>[ 404.715202] path_openat+0x748/0x1198 <6>[ 404.719352] do_filp_open+0x98/0x134 <6>[ 404.723503] do_sys_openat2+0xbc/0xe4 <6>[ 404.727657] sys_openat+0x98/0xd4 <6>[ 404.731509] ret_fast_syscall+0x0/0x1c <4>[ 404.735859] Free path: <6>[ 404.738488] nfs_pgio_header_free+0x34/0x48 <6>[ 404.743249] nfs_write_completion+0x60/0x240 <6>[ 404.748102] rpc_free_task+0x34/0x54 <6>[ 404.752160] rpc_async_release+0x24/0x40 <6>[ 404.756614] process_one_work+0x1b8/0x450 <6>[ 404.761172] worker_thread+0x1d4/0x3c4 <6>[ 404.765426] kthread+0xe8/0x104 <6>[ 404.769077] ret_from_fork+0x14/0x28 <1>[ 404.773228] Register r11 information: non-paged memory <1>[ 404.778687] Register r12 information: NULL pointer <0>[ 404.783739] Process cat (pid: 5016, stack limit = 0xf29f4000) <0>[ 404.789696] Stack: (0xf29f5e78 to 0xf29f6000) <0>[ 404.794347] 5e60: 00000013 c16dc3cc <0>[ 404.802822] 5e80: 00000014 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 404.811301] 5ea0: 00000000 00000000 00000000 00000000 00000000 38434e60 c1f9da10 c0df8798 <0>[ 404.819778] 5ec0: 00000013 c0df8b7c c0df8a60 c560c640 b6dc8000 00000013 c3a41d50 c0892960 <0>[ 404.828253] 5ee0: c560c640 c0892904 f29f5f80 b6dc8000 c83f1440 00000013 c55f72c0 c0629858 <0>[ 404.836826] 5f00: c8ac6db0 00000000 00000000 00000000 00000000 00000013 b6dc8000 0001ffed <0>[ 404.845300] 5f20: 00000001 00000000 c560c340 00000000 00000000 00000000 00000000 00000000 <0>[ 404.853773] 5f40: 00000000 00000000 00000000 00000000 00000022 38434e60 00000000 c560c640 <0>[ 404.862247] 5f60: c560c640 00000000 00000000 c03002f0 c83f1440 00000004 0050fe38 c0629db4 <0>[ 404.870721] 5f80: 00000000 00000000 00000000 38434e60 000000c0 00000013 00000013 7ff00000 <0>[ 404.879195] 5fa0: 00000004 c03000c0 00000013 00000013 00000001 b6dc8000 00000013 00000001 <0>[ 404.887669] 5fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dc8000 00020000 0050fe38 <0>[ 404.896142] 5fe0: 00000004 bed27788 b6e8e33b b6e07616 60080030 00000001 00000000 00000000 <0>[ 404.904608] Call trace: <0>[ 404.904623] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 <0>[ 404.914041] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c <0>[ 404.920731] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 404.926503] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 404.932175] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 404.937655] vfs_write from ksys_write+0x78/0xf8 <0>[ 404.942526] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 404.947990] Exception stack(0xf29f5fa8 to 0xf29f5ff0) <0>[ 404.953248] 5fa0: 00000013 00000013 00000001 b6dc8000 00000013 00000001 <0>[ 404.961822] 5fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dc8000 00020000 0050fe38 <0>[ 404.970292] 5fe0: 00000004 bed27788 b6e8e33b b6e07616 <0>[ 404.975551] Code: e8bd47f0 eac97564 e92d4010 ebca0ffc (e7f001f2) <4>[ 404.981909] ---[ end trace 0000000000000000 ]--- <6>[ 404.986856] note: cat[5016] exited with irqs disabled # Segmentation fault # [ 404.205503] lkdtm: Performing direct entry FORTIFY_STR_OBJECT # [ 404.210320] lkdtm: trying to strcmp() past the end of a struct # [ 404.216363] ------------[ cut here ]------------ # [ 404.221352] WARNING: CPU: 1 PID: 5016 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 404.230112] strncpy: detected buffer overflow: 20 byte write of buffer size 10 # [ 404.237605] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 404.275777] CPU: 1 UID: 0 PID: 5016 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 404.285287] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 404.290541] Hardware name: STM32 (Device Tree Support) # [ 404.295890] Call trace: # [ 404.295905] unwind_backtrace from show_stack+0x18/0x1c # [ 404.304215] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 404.309593] dump_stack_lvl from __warn+0x84/0x134 # [ 404.314675] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 404.320056] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 404.326149] __fortify_report from __fortify_panic+0x8/0xc # [ 404.331931] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 # [ 404.338618] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c # [ 404.345204] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 404.350972] direct_entry from full_proxy_write+0x5c/0x8c # [ 404.356643] full_proxy_write from vfs_write+0xbc/0x3cc # [ 404.362220] vfs_write from ksys_write+0x78/0xf8 # [ 404.367089] ksys_write from ret_fast_syscall+0x0/0x1c # [ 404.372453] Exception stack(0xf29f5fa8 to 0xf29f5ff0) # [ 404.377812] 5fa0: 00000013 00000013 00000001 b6dc8000 00000013 00000001 # [ 404.386287] 5fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dc8000 00020000 0050fe38 # [ 404.394757] 5fe0: 00000004 bed27788 b6e8e33b b6e07616 # [ 404.400253] ---[ end trace 0000000000000000 ]--- # [ 404.405162] ------------[ cut here ]------------ # [ 404.409930] kernel BUG at lib/string_helpers.c:1040! # [ 404.415189] Internal error: Oops - BUG: 0 [#27] SMP ARM # [ 404.420658] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 404.458784] CPU: 1 UID: 0 PID: 5016 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 404.468395] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 404.473652] Hardware name: STM32 (Device Tree Support) # [ 404.479111] PC is at __fortify_panic+0x8/0xc # [ 404.483584] LR is at __fortify_report+0x8c/0xd4 # [ 404.488463] pc : [] lr : [] psr: 60080013 # [ 404.495029] sp : f29f5e78 ip : 00000000 fp : 0050fe38 # [ 404.500487] r10: c55f72c0 r9 : f29f5f80 r8 : c268836c # [ 404.505946] r7 : f29f5f80 r6 : 00000000 r5 : c531a000 r4 : 00000013 # [ 404.512812] r3 : c83f1440 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 # [ 404.519677] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 404.527046] Control: 10c5387d Table: c8ac406a DAC: 00000051 # [ 404.533098] Register r0 information: non-slab/vmalloc memory # [ 404.539068] Register r1 information: NULL pointer # [ 404.544022] Register r2 information: NULL pointer # [ 404.548973] Register r3 information: slab task_struct start c83f1400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 404.562750] copy_process+0x1f4/0x1f78 # [ 404.567012] kernel_clone+0xac/0x388 # [ 404.571168] sys_clone+0x78/0x9c # [ 404.574921] ret_fast_syscall+0x0/0x1c # [ 404.579173] Free path: # [ 404.581903] rcu_core+0x2dc/0xb14 # [ 404.585757] handle_softirqs+0x15c/0x430 # [ 404.590215] irq_exit+0xac/0xd4 # [ 404.593865] call_with_stack+0x18/0x20 # [ 404.598125] __irq_svc+0x9c/0xb8 # [ 404.601872] nfs_do_lookup_revalidate+0x13c/0x2a4 # [ 404.607129] __nfs_lookup_revalidate+0x5c/0x138 # [ 404.612191] lookup_fast+0xe0/0x138 # [ 404.616240] walk_component+0x24/0x164 # [ 404.620490] path_lookupat+0x7c/0x1a4 # [ 404.624739] filename_lookup+0xc0/0x190 # [ 404.629093] vfs_statx+0x78/0xe8 # [ 404.632851] do_statx+0x74/0xb4 # [ 404.636506] sys_statx+0x78/0xf4 # [ 404.640258] ret_fast_syscall+0x0/0x1c # [ 404.644508] Register r4 information: non-paged memory # [ 404.649869] Register r5 information: non-slab/vmalloc memory # [ 404.655833] Register r6 information: NULL pointer # [ 404.660791] Register r7 information: 2-page vmalloc region starting at 0xf29f4000 allocated at kernel_clone+0xac/0x388 # [ 404.671807] Register r8 information: non-slab/vmalloc memory # [ 404.677769] Register r9 information: 2-page vmalloc region starting at 0xf29f4000 allocated at kernel_clone+0xac/0x388 # [ 404.688777] Register r10 information: slab kmalloc-192 start c55f7280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 404.702641] full_proxy_open+0x124/0x24c # [ 404.707193] do_dentry_open+0x144/0x4dc # [ 404.711550] vfs_open+0x2c/0xec # [ 404.715202] path_openat+0x748/0x1198 # [ 404.719352] do_filp_open+0x98/0x134 # [ 404.723503] do_sys_openat2+0xbc/0xe4 # [ 404.727657] sys_openat+0x98/0xd4 # [ 404.731509] ret_fast_syscall+0x0/0x1c # [ 404.735859] Free path: # [ 404.738488] nfs_pgio_header_free+0x34/0x48 # [ 404.743249] nfs_write_completion+0x60/0x240 # [ 404.748102] rpc_free_task+0x34/0x54 # [ 404.752160] rpc_async_release+0x24/0x40 # [ 404.756614] process_one_work+0x1b8/0x450 # [ 404.761172] worker_thread+0x1d4/0x3c4 # [ 404.765426] kthread+0xe8/0x104 # [ 404.769077] ret_from_fork+0x14/0x28 # [ 404.773228] Register r11 information: non-paged memory # [ 404.778687] Register r12 information: NULL pointer # [ 404.783739] Process cat (pid: 5016, stack limit = 0xf29f4000) # [ 404.789696] Stack: (0xf29f5e78 to 0xf29f6000) # [ 404.794347] 5e60: 00000013 c16dc3cc # [ 404.802822] 5e80: 00000014 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 404.811301] 5ea0: 00000000 00000000 00000000 00000000 00000000 38434e60 c1f9da10 c0df8798 # [ 404.819778] 5ec0: 00000013 c0df8b7c c0df8a60 c560c640 b6dc8000 00000013 c3a41d50 c0892960 # [ 404.828253] 5ee0: c560c640 c0892904 f29f5f80 b6dc8000 c83f1440 00000013 c55f72c0 c0629858 # [ 404.836826] 5f00: c8ac6db0 00000000 00000000 00000000 00000000 00000013 b6dc8000 0001ffed # [ 404.845300] 5f20: 00000001 00000000 c560c340 00000000 00000000 00000000 00000000 00000000 # [ 404.853773] 5f40: 00000000 00000000 00000000 00000000 00000022 38434e60 00000000 c560c640 # [ 404.862247] 5f60: c560c640 00000000 00000000 c03002f0 c83f1440 00000004 0050fe38 c0629db4 # [ 404.870721] 5f80: 00000000 00000000 00000000 38434e60 000000c0 00000013 00000013 7ff00000 # [ 404.879195] 5fa0: 00000004 c03000c0 00000013 00000013 00000001 b6dc8000 00000013 00000001 # [ 404.887669] 5fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dc8000 00020000 0050fe38 # [ 404.896142] 5fe0: 00000004 bed27788 b6e8e33b b6e07616 60080030 00000001 00000000 00000000 # [ 404.904608] Call trace: # [ 404.904623] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 # [ 404.914041] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c # [ 404.920731] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 404.926503] direct_entry from full_proxy_write+0x5c/0x8c # [ 404.932175] full_proxy_write from vfs_write+0xbc/0x3cc # [ 404.937655] vfs_write from ksys_write+0x78/0xf8 # [ 404.942526] ksys_write from ret_fast_syscall+0x0/0x1c # [ 404.947990] Exception stack(0xf29f5fa8 to 0xf29f5ff0) # [ 404.953248] 5fa0: 00000013 00000013 00000001 b6dc8000 00000013 00000001 # [ 404.961822] 5fc0: 00000013 00000013 7ff00000 00000004 00000001 b6dc8000 00020000 0050fe38 # [ 404.970292] 5fe0: 00000004 bed27788 b6e8e33b b6e07616 # [ 404.975551] Code: e8bd47f0 eac97564 e92d4010 ebca0ffc (e7f001f2) # [ 404.981909] ---[ end trace 0000000000000000 ]--- # [ 404.986856] note: cat[5016] exited with irqs disabled # FORTIFY_STR_OBJECT: saw 'detected buffer overflow': ok ok 81 selftests: lkdtm: FORTIFY_STR_OBJECT.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_STR_MEMBER.sh <6>[ 407.075700] lkdtm: Performing direct entry FORTIFY_STR_MEMBER <6>[ 407.080719] lkdtm: trying to strncpy() past the end of a struct member... <4>[ 407.087594] ------------[ cut here ]------------ <4>[ 407.092906] WARNING: CPU: 1 PID: 5103 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 407.101219] strncpy: detected buffer overflow: 15 byte write of buffer size 10 <4>[ 407.108793] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 407.146891] CPU: 1 UID: 0 PID: 5103 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 407.156396] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 407.161653] Hardware name: STM32 (Device Tree Support) <4>[ 407.167104] Call trace: <4>[ 407.167121] unwind_backtrace from show_stack+0x18/0x1c <4>[ 407.175433] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 407.180708] dump_stack_lvl from __warn+0x84/0x134 <4>[ 407.185788] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 407.191171] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 407.197364] __fortify_report from __fortify_panic+0x8/0xc <4>[ 407.203140] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 <4>[ 407.209922] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c <4>[ 407.216600] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 407.222369] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 407.228041] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 407.233519] vfs_write from ksys_write+0x78/0xf8 <4>[ 407.238387] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 407.243851] Exception stack(0xf2a79fa8 to 0xf2a79ff0) <4>[ 407.249211] 9fa0: 00000013 00000013 00000001 b6e34000 00000013 00000001 <4>[ 407.257686] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e34000 00020000 0046fe38 <4>[ 407.266160] 9fe0: 00000004 bec85788 b6efa33b b6e73616 <4>[ 407.271617] ---[ end trace 0000000000000000 ]--- <4>[ 407.276502] ------------[ cut here ]------------ <2>[ 407.281268] kernel BUG at lib/string_helpers.c:1040! <0>[ 407.286528] Internal error: Oops - BUG: 0 [#28] SMP ARM <4>[ 407.291998] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 407.330128] CPU: 1 UID: 0 PID: 5103 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 407.339736] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 407.344995] Hardware name: STM32 (Device Tree Support) <4>[ 407.350455] PC is at __fortify_panic+0x8/0xc <4>[ 407.354932] LR is at __fortify_report+0x8c/0xd4 <4>[ 407.359814] pc : [] lr : [] psr: 60080013 <4>[ 407.366383] sp : f2a79e88 ip : 00000000 fp : 0046fe38 <4>[ 407.371842] r10: c55f7180 r9 : f2a79f80 r8 : c2688374 <4>[ 407.377403] r7 : f2a79f80 r6 : c885ff40 r5 : 00000014 r4 : 0000000f <4>[ 407.384168] r3 : c6b00a40 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 <4>[ 407.391031] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 407.398401] Control: 10c5387d Table: c8d4006a DAC: 00000051 <1>[ 407.404456] Register r0 information: non-slab/vmalloc memory <1>[ 407.410432] Register r1 information: NULL pointer <1>[ 407.415390] Register r2 information: NULL pointer <1>[ 407.420343] Register r3 information: slab task_struct start c6b00a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 407.434121] copy_process+0x1f4/0x1f78 <6>[ 407.438392] kernel_clone+0xac/0x388 <6>[ 407.442451] sys_clone+0x78/0x9c <6>[ 407.446205] ret_fast_syscall+0x0/0x1c <4>[ 407.450557] Free path: <6>[ 407.453188] rcu_core+0x2dc/0xb14 <6>[ 407.457041] handle_softirqs+0x15c/0x430 <6>[ 407.461500] irq_exit+0xac/0xd4 <6>[ 407.465252] call_with_stack+0x18/0x20 <6>[ 407.469514] __irq_svc+0x9c/0xb8 <6>[ 407.473266] io_schedule+0x1c/0x4c <6>[ 407.477227] folio_wait_bit_common+0x188/0x304 <6>[ 407.482187] folio_wait_writeback+0x34/0x90 <6>[ 407.486841] __filemap_fdatawait_range+0xa4/0x10c <6>[ 407.492100] file_write_and_wait_range+0xac/0xc8 <6>[ 407.497260] nfs_file_fsync+0xa0/0x1ac <6>[ 407.501613] sys_fsync+0x48/0x7c <6>[ 407.505369] __sys_trace_return+0x0/0x10 <1>[ 407.509821] Register r4 information: non-paged memory <1>[ 407.515081] Register r5 information: non-paged memory <1>[ 407.520437] Register r6 information: slab kmalloc-64 start c885ff00 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 <6>[ 407.534809] lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 <6>[ 407.539970] lkdtm_do_action+0x24/0x4c <6>[ 407.544222] direct_entry+0x11c/0x140 <6>[ 407.548473] full_proxy_write+0x5c/0x8c <6>[ 407.552826] vfs_write+0xbc/0x3cc <6>[ 407.556686] ksys_write+0x78/0xf8 <6>[ 407.560533] ret_fast_syscall+0x0/0x1c <4>[ 407.564783] Free path: <6>[ 407.567514] rcu_core+0x2dc/0xb14 <6>[ 407.571367] handle_softirqs+0x15c/0x430 <6>[ 407.575824] irq_exit+0xac/0xd4 <6>[ 407.579477] call_with_stack+0x18/0x20 <6>[ 407.583740] __irq_svc+0x9c/0xb8 <6>[ 407.587491] console_flush_all+0x2b4/0x53c <6>[ 407.592148] console_unlock+0xb8/0x1c0 <6>[ 407.596402] vprintk_emit+0x240/0x40c <6>[ 407.600654] vprintk_default+0x28/0x30 <6>[ 407.604905] _printk+0x34/0x60 <6>[ 407.608457] direct_entry+0x114/0x140 <6>[ 407.612710] full_proxy_write+0x5c/0x8c <6>[ 407.617065] vfs_write+0xbc/0x3cc <6>[ 407.620923] ksys_write+0x78/0xf8 <6>[ 407.624770] ret_fast_syscall+0x0/0x1c <1>[ 407.629022] Register r7 information: 2-page vmalloc region starting at 0xf2a78000 allocated at kernel_clone+0xac/0x388 <1>[ 407.640034] Register r8 information: non-slab/vmalloc memory <1>[ 407.645997] Register r9 information: 2-page vmalloc region starting at 0xf2a78000 allocated at kernel_clone+0xac/0x388 <1>[ 407.657004] Register r10 information: slab kmalloc-192 start c55f7140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 407.670863] full_proxy_open+0x124/0x24c <6>[ 407.675320] do_dentry_open+0x144/0x4dc <6>[ 407.679786] vfs_open+0x2c/0xec <6>[ 407.683442] path_openat+0x748/0x1198 <6>[ 407.687596] do_filp_open+0x98/0x134 <6>[ 407.691748] do_sys_openat2+0xbc/0xe4 <6>[ 407.695903] sys_openat+0x98/0xd4 <6>[ 407.699756] ret_fast_syscall+0x0/0x1c <4>[ 407.704008] Free path: <6>[ 407.706740] nfs_pgio_header_free+0x34/0x48 <6>[ 407.711501] nfs_write_completion+0x60/0x240 <6>[ 407.716256] rpc_free_task+0x34/0x54 <6>[ 407.720415] rpc_async_release+0x24/0x40 <6>[ 407.724872] process_one_work+0x1b8/0x450 <6>[ 407.729430] worker_thread+0x1d4/0x3c4 <6>[ 407.733684] kthread+0xe8/0x104 <6>[ 407.737334] ret_from_fork+0x14/0x28 <1>[ 407.741484] Register r11 information: non-paged memory <1>[ 407.746845] Register r12 information: NULL pointer <0>[ 407.751898] Process cat (pid: 5103, stack limit = 0xf2a78000) <0>[ 407.757958] Stack: (0xf2a79e88 to 0xf2a7a000) <0>[ 407.762614] 9e80: 0000000f c0dfba14 0046fe38 0000000f 00000000 00000000 <0>[ 407.771089] 9ea0: 00000000 00000000 00000000 4674c401 00000013 c8966000 00000000 c0df8798 <0>[ 407.779565] 9ec0: 00000013 c0df8b7c c0df8a60 c8625240 b6e34000 00000013 c3a41d50 c0892960 <0>[ 407.788041] 9ee0: c8625240 c0892904 f2a79f80 b6e34000 c6b00a40 00000013 c55f7180 c0629858 <0>[ 407.796516] 9f00: c8d42db8 00000000 00000000 00000000 00000000 00000013 b6e34000 0001ffed <0>[ 407.804990] 9f20: 00000001 00000000 c8625740 00000000 00000000 00000000 00000000 00000000 <0>[ 407.813465] 9f40: 00000000 00000000 00000000 00000000 00000022 4674c401 00000000 c8625240 <0>[ 407.821939] 9f60: c8625240 00000000 00000000 c03002f0 c6b00a40 00000004 0046fe38 c0629db4 <0>[ 407.830413] 9f80: 00000000 00000000 00000000 4674c401 000000c0 00000013 00000013 7ff00000 <0>[ 407.838987] 9fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e34000 00000013 00000001 <0>[ 407.847462] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e34000 00020000 0046fe38 <0>[ 407.855937] 9fe0: 00000004 bec85788 b6efa33b b6e73616 60080030 00000001 00000000 00000000 <0>[ 407.864403] Call trace: <0>[ 407.864421] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 <0>[ 407.874033] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c <0>[ 407.880615] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 407.886385] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 407.892057] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 407.897638] vfs_write from ksys_write+0x78/0xf8 <0>[ 407.902508] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 407.907871] Exception stack(0xf2a79fa8 to 0xf2a79ff0) <0>[ 407.913229] 9fa0: 00000013 00000013 00000001 b6e34000 00000013 00000001 <0>[ 407.921707] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e34000 00020000 0046fe38 <0>[ 407.930182] 9fe0: 00000004 bec85788 b6efa33b b6e73616 <0>[ 407.935544] Code: e8bd47f0 eac97564 e92d4010 ebca0ffc (e7f001f2) <4>[ 407.941901] ---[ end trace 0000000000000000 ]--- <6>[ 407.946850] note: cat[5103] exited with irqs disabled # Segmentation fault # [ 407.075700] lkdtm: Performing direct entry FORTIFY_STR_MEMBER # [ 407.080719] lkdtm: trying to strncpy() past the end of a struct member... # [ 407.087594] ------------[ cut here ]------------ # [ 407.092906] WARNING: CPU: 1 PID: 5103 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 407.101219] strncpy: detected buffer overflow: 15 byte write of buffer size 10 # [ 407.108793] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 407.146891] CPU: 1 UID: 0 PID: 5103 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 407.156396] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 407.161653] Hardware name: STM32 (Device Tree Support) # [ 407.167104] Call trace: # [ 407.167121] unwind_backtrace from show_stack+0x18/0x1c # [ 407.175433] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 407.180708] dump_stack_lvl from __warn+0x84/0x134 # [ 407.185788] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 407.191171] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 407.197364] __fortify_report from __fortify_panic+0x8/0xc # [ 407.203140] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 # [ 407.209922] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c # [ 407.216600] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 407.222369] direct_entry from full_proxy_write+0x5c/0x8c # [ 407.228041] full_proxy_write from vfs_write+0xbc/0x3cc # [ 407.233519] vfs_write from ksys_write+0x78/0xf8 # [ 407.238387] ksys_write from ret_fast_syscall+0x0/0x1c # [ 407.243851] Exception stack(0xf2a79fa8 to 0xf2a79ff0) # [ 407.249211] 9fa0: 00000013 00000013 00000001 b6e34000 00000013 00000001 # [ 407.257686] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e34000 00020000 0046fe38 # [ 407.266160] 9fe0: 00000004 bec85788 b6efa33b b6e73616 # [ 407.271617] ---[ end trace 0000000000000000 ]--- # [ 407.276502] ------------[ cut here ]------------ # [ 407.281268] kernel BUG at lib/string_helpers.c:1040! # [ 407.286528] Internal error: Oops - BUG: 0 [#28] SMP ARM # [ 407.291998] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 407.330128] CPU: 1 UID: 0 PID: 5103 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 407.339736] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 407.344995] Hardware name: STM32 (Device Tree Support) # [ 407.350455] PC is at __fortify_panic+0x8/0xc # [ 407.354932] LR is at __fortify_report+0x8c/0xd4 # [ 407.359814] pc : [] lr : [] psr: 60080013 # [ 407.366383] sp : f2a79e88 ip : 00000000 fp : 0046fe38 # [ 407.371842] r10: c55f7180 r9 : f2a79f80 r8 : c2688374 # [ 407.377403] r7 : f2a79f80 r6 : c885ff40 r5 : 00000014 r4 : 0000000f # [ 407.384168] r3 : c6b00a40 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 # [ 407.391031] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 407.398401] Control: 10c5387d Table: c8d4006a DAC: 00000051 # [ 407.404456] Register r0 information: non-slab/vmalloc memory # [ 407.410432] Register r1 information: NULL pointer # [ 407.415390] Register r2 information: NULL pointer # [ 407.420343] Register r3 information: slab task_struct start c6b00a00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 407.434121] copy_process+0x1f4/0x1f78 # [ 407.438392] kernel_clone+0xac/0x388 # [ 407.442451] sys_clone+0x78/0x9c # [ 407.446205] ret_fast_syscall+0x0/0x1c # [ 407.450557] Free path: # [ 407.453188] rcu_core+0x2dc/0xb14 # [ 407.457041] handle_softirqs+0x15c/0x430 # [ 407.461500] irq_exit+0xac/0xd4 # [ 407.465252] call_with_stack+0x18/0x20 # [ 407.469514] __irq_svc+0x9c/0xb8 # [ 407.473266] io_schedule+0x1c/0x4c # [ 407.477227] folio_wait_bit_common+0x188/0x304 # [ 407.482187] folio_wait_writeback+0x34/0x90 # [ 407.486841] __filemap_fdatawait_range+0xa4/0x10c # [ 407.492100] file_write_and_wait_range+0xac/0xc8 # [ 407.497260] nfs_file_fsync+0xa0/0x1ac # [ 407.501613] sys_fsync+0x48/0x7c # [ 407.505369] __sys_trace_return+0x0/0x10 # [ 407.509821] Register r4 information: non-paged memory # [ 407.515081] Register r5 information: non-paged memory # [ 407.520437] Register r6 information: slab kmalloc-64 start c885ff00 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 # [ 407.534809] lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 # [ 407.539970] lkdtm_do_action+0x24/0x4c # [ 407.544222] direct_entry+0x11c/0x140 # [ 407.548473] full_proxy_write+0x5c/0x8c # [ 407.552826] vfs_write+0xbc/0x3cc # [ 407.556686] ksys_write+0x78/0xf8 # [ 407.560533] ret_fast_syscall+0x0/0x1c # [ 407.564783] Free path: # [ 407.567514] rcu_core+0x2dc/0xb14 # [ 407.571367] handle_softirqs+0x15c/0x430 # [ 407.575824] irq_exit+0xac/0xd4 # [ 407.579477] call_with_stack+0x18/0x20 # [ 407.583740] __irq_svc+0x9c/0xb8 # [ 407.587491] console_flush_all+0x2b4/0x53c # [ 407.592148] console_unlock+0xb8/0x1c0 # [ 407.596402] vprintk_emit+0x240/0x40c # [ 407.600654] vprintk_default+0x28/0x30 # [ 407.604905] _printk+0x34/0x60 # [ 407.608457] direct_entry+0x114/0x140 # [ 407.612710] full_proxy_write+0x5c/0x8c # [ 407.617065] vfs_write+0xbc/0x3cc # [ 407.620923] ksys_write+0x78/0xf8 # [ 407.624770] ret_fast_syscall+0x0/0x1c # [ 407.629022] Register r7 information: 2-page vmalloc region starting at 0xf2a78000 allocated at kernel_clone+0xac/0x388 # [ 407.640034] Register r8 information: non-slab/vmalloc memory # [ 407.645997] Register r9 information: 2-page vmalloc region starting at 0xf2a78000 allocated at kernel_clone+0xac/0x388 # [ 407.657004] Register r10 information: slab kmalloc-192 start c55f7140 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 407.670863] full_proxy_open+0x124/0x24c # [ 407.675320] do_dentry_open+0x144/0x4dc # [ 407.679786] vfs_open+0x2c/0xec # [ 407.683442] path_openat+0x748/0x1198 # [ 407.687596] do_filp_open+0x98/0x134 # [ 407.691748] do_sys_openat2+0xbc/0xe4 # [ 407.695903] sys_openat+0x98/0xd4 # [ 407.699756] ret_fast_syscall+0x0/0x1c # [ 407.704008] Free path: # [ 407.706740] nfs_pgio_header_free+0x34/0x48 # [ 407.711501] nfs_write_completion+0x60/0x240 # [ 407.716256] rpc_free_task+0x34/0x54 # [ 407.720415] rpc_async_release+0x24/0x40 # [ 407.724872] process_one_work+0x1b8/0x450 # [ 407.729430] worker_thread+0x1d4/0x3c4 # [ 407.733684] kthread+0xe8/0x104 # [ 407.737334] ret_from_fork+0x14/0x28 # [ 407.741484] Register r11 information: non-paged memory # [ 407.746845] Register r12 information: NULL pointer # [ 407.751898] Process cat (pid: 5103, stack limit = 0xf2a78000) # [ 407.757958] Stack: (0xf2a79e88 to 0xf2a7a000) # [ 407.762614] 9e80: 0000000f c0dfba14 0046fe38 0000000f 00000000 00000000 # [ 407.771089] 9ea0: 00000000 00000000 00000000 4674c401 00000013 c8966000 00000000 c0df8798 # [ 407.779565] 9ec0: 00000013 c0df8b7c c0df8a60 c8625240 b6e34000 00000013 c3a41d50 c0892960 # [ 407.788041] 9ee0: c8625240 c0892904 f2a79f80 b6e34000 c6b00a40 00000013 c55f7180 c0629858 # [ 407.796516] 9f00: c8d42db8 00000000 00000000 00000000 00000000 00000013 b6e34000 0001ffed # [ 407.804990] 9f20: 00000001 00000000 c8625740 00000000 00000000 00000000 00000000 00000000 # [ 407.813465] 9f40: 00000000 00000000 00000000 00000000 00000022 4674c401 00000000 c8625240 # [ 407.821939] 9f60: c8625240 00000000 00000000 c03002f0 c6b00a40 00000004 0046fe38 c0629db4 # [ 407.830413] 9f80: 00000000 00000000 00000000 4674c401 000000c0 00000013 00000013 7ff00000 # [ 407.838987] 9fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e34000 00000013 00000001 # [ 407.847462] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e34000 00020000 0046fe38 # [ 407.855937] 9fe0: 00000004 bec85788 b6efa33b b6e73616 60080030 00000001 00000000 00000000 # [ 407.864403] Call trace: # [ 407.864421] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 # [ 407.874033] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c # [ 407.880615] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 407.886385] direct_entry from full_proxy_write+0x5c/0x8c # [ 407.892057] full_proxy_write from vfs_write+0xbc/0x3cc # [ 407.897638] vfs_write from ksys_write+0x78/0xf8 # [ 407.902508] ksys_write from ret_fast_syscall+0x0/0x1c # [ 407.907871] Exception stack(0xf2a79fa8 to 0xf2a79ff0) # [ 407.913229] 9fa0: 00000013 00000013 00000001 b6e34000 00000013 00000001 # [ 407.921707] 9fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e34000 00020000 0046fe38 # [ 407.930182] 9fe0: 00000004 bec85788 b6efa33b b6e73616 # [ 407.935544] Code: e8bd47f0 eac97564 e92d4010 ebca0ffc (e7f001f2) # [ 407.941901] ---[ end trace 0000000000000000 ]--- # [ 407.946850] note: cat[5103] exited with irqs disabled # FORTIFY_STR_MEMBER: saw 'detected buffer overflow': ok ok 82 selftests: lkdtm: FORTIFY_STR_MEMBER.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_MEM_OBJECT.sh <6>[ 409.924434] lkdtm: Performing direct entry FORTIFY_MEM_OBJECT <6>[ 409.929250] lkdtm: trying to memcpy() past the end of a struct <6>[ 409.935829] lkdtm: 0: 16 <6>[ 409.938105] lkdtm: 1: 16 <6>[ 409.940930] lkdtm: s: 20 <4>[ 409.943655] ------------[ cut here ]------------ <4>[ 409.948591] WARNING: CPU: 0 PID: 5189 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 409.957401] memcpy: detected buffer overflow: 20 byte write of buffer size 16 <4>[ 409.965092] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 410.003105] CPU: 0 UID: 0 PID: 5189 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 410.012514] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 410.017767] Hardware name: STM32 (Device Tree Support) <4>[ 410.023218] Call trace: <4>[ 410.023233] unwind_backtrace from show_stack+0x18/0x1c <4>[ 410.031544] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 410.036818] dump_stack_lvl from __warn+0x84/0x134 <4>[ 410.041898] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 410.047282] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 410.053472] __fortify_report from __fortify_panic+0x8/0xc <4>[ 410.059250] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c <4>[ 410.065938] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c <4>[ 410.072628] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 410.078397] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 410.084068] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 410.089547] vfs_write from ksys_write+0x78/0xf8 <4>[ 410.094417] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 410.099881] Exception stack(0xf2b01fa8 to 0xf2b01ff0) <4>[ 410.105241] 1fa0: 00000013 00000013 00000001 b6e68000 00000013 00000001 <4>[ 410.113716] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0050fe38 <4>[ 410.122187] 1fe0: 00000004 be891788 b6f2e33b b6ea7616 <4>[ 410.128019] ---[ end trace 0000000000000000 ]--- <4>[ 410.132547] ------------[ cut here ]------------ <2>[ 410.137312] kernel BUG at lib/string_helpers.c:1040! <0>[ 410.142575] Internal error: Oops - BUG: 0 [#29] SMP ARM <4>[ 410.148048] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 410.186178] CPU: 0 UID: 0 PID: 5189 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 410.195785] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 410.201033] Hardware name: STM32 (Device Tree Support) <4>[ 410.206483] PC is at __fortify_panic+0x8/0xc <4>[ 410.210948] LR is at __fortify_report+0x8c/0xd4 <4>[ 410.215814] pc : [] lr : [] psr: 60080013 <4>[ 410.222371] sp : f2b01e48 ip : 00000000 fp : 0050fe38 <4>[ 410.227822] r10: c55f7040 r9 : f2b01f80 r8 : c268837c <4>[ 410.233372] r7 : f2b01f80 r6 : 00000000 r5 : c89bf000 r4 : c2804378 <4>[ 410.240131] r3 : c6b03240 r2 : 00000000 r1 : 00000000 r0 : ef6a5484 <4>[ 410.246992] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 410.254458] Control: 10c5387d Table: c8f8c06a DAC: 00000051 <1>[ 410.260409] Register r0 information: non-slab/vmalloc memory <1>[ 410.266377] Register r1 information: NULL pointer <1>[ 410.271332] Register r2 information: NULL pointer <1>[ 410.276385] Register r3 information: slab task_struct start c6b03200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 <6>[ 410.290058] copy_process+0x1f4/0x1f78 <6>[ 410.294416] kernel_clone+0xac/0x388 <6>[ 410.298471] sys_clone+0x78/0x9c <6>[ 410.302225] ret_fast_syscall+0x0/0x1c <4>[ 410.306477] Free path: <6>[ 410.309207] rcu_core+0x2dc/0xb14 <6>[ 410.313062] handle_softirqs+0x15c/0x430 <6>[ 410.317520] irq_exit+0xac/0xd4 <6>[ 410.321171] call_with_stack+0x18/0x20 <6>[ 410.325531] __irq_svc+0x9c/0xb8 <6>[ 410.329278] tcp_sock_set_cork+0x0/0x50 <6>[ 410.333638] xs_tcp_send_request+0x1e0/0x288 <6>[ 410.338396] xprt_transmit+0x1a0/0x4a0 <6>[ 410.342746] call_transmit+0x80/0x8c <6>[ 410.346803] __rpc_execute+0xc8/0x5d0 <6>[ 410.351060] rpc_async_schedule+0x24/0x40 <6>[ 410.355516] process_one_work+0x1b8/0x450 <6>[ 410.360073] worker_thread+0x1d4/0x3c4 <6>[ 410.364425] kthread+0xe8/0x104 <6>[ 410.368074] ret_from_fork+0x14/0x28 <1>[ 410.372123] Register r4 information: non-slab/vmalloc memory <1>[ 410.378085] Register r5 information: non-slab/vmalloc memory <1>[ 410.384051] Register r6 information: NULL pointer <1>[ 410.389006] Register r7 information: 2-page vmalloc region starting at 0xf2b00000 allocated at kernel_clone+0xac/0x388 <1>[ 410.400023] Register r8 information: non-slab/vmalloc memory <1>[ 410.405982] Register r9 information: 2-page vmalloc region starting at 0xf2b00000 allocated at kernel_clone+0xac/0x388 <1>[ 410.416988] Register r10 information: slab kmalloc-192 start c55f7000 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 410.430950] full_proxy_open+0x124/0x24c <6>[ 410.435402] do_dentry_open+0x144/0x4dc <6>[ 410.439759] vfs_open+0x2c/0xec <6>[ 410.443412] path_openat+0x748/0x1198 <6>[ 410.447564] do_filp_open+0x98/0x134 <6>[ 410.451715] do_sys_openat2+0xbc/0xe4 <6>[ 410.455870] sys_openat+0x98/0xd4 <6>[ 410.459723] ret_fast_syscall+0x0/0x1c <4>[ 410.464073] Free path: <6>[ 410.466703] nfs_pgio_header_free+0x34/0x48 <6>[ 410.471465] nfs_write_completion+0x60/0x240 <6>[ 410.476220] rpc_free_task+0x34/0x54 <6>[ 410.480379] rpc_async_release+0x24/0x40 <6>[ 410.484834] process_one_work+0x1b8/0x450 <6>[ 410.489389] worker_thread+0x1d4/0x3c4 <6>[ 410.493642] kthread+0xe8/0x104 <6>[ 410.497289] ret_from_fork+0x14/0x28 <1>[ 410.501438] Register r11 information: non-paged memory <1>[ 410.506895] Register r12 information: NULL pointer <0>[ 410.511948] Process cat (pid: 5189, stack limit = 0xf2b00000) <0>[ 410.518006] Stack: (0xf2b01e48 to 0xf2b02000) <0>[ 410.522562] 1e40: c2804378 c16dc314 00000014 00000000 00000000 00000000 <0>[ 410.531035] 1e60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 410.539508] 1e80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 410.547983] 1ea0: 00000000 00000000 00000000 00000000 00000000 1cc3a3d6 00000013 c0df8798 <0>[ 410.556558] 1ec0: 00000013 c0df8b7c c0df8a60 c49eea40 b6e68000 00000013 c3a41d50 c0892960 <0>[ 410.565033] 1ee0: c49eea40 c0892904 f2b01f80 b6e68000 c6b03240 00000013 c55f7040 c0629858 <0>[ 410.573508] 1f00: c8f8edb8 00000000 00000000 00000000 00000000 00000013 b6e68000 0001ffed <0>[ 410.581981] 1f20: 00000001 00000000 c49eef40 00000000 00000000 00000000 00000000 00000000 <0>[ 410.590455] 1f40: 00000000 00000000 00000000 00000000 00000022 1cc3a3d6 00000000 c49eea40 <0>[ 410.598929] 1f60: c49eea40 00000000 00000000 c03002f0 c6b03240 00000004 0050fe38 c0629db4 <0>[ 410.607404] 1f80: 00000000 00000000 00000000 1cc3a3d6 000000c0 00000013 00000013 7ff00000 <0>[ 410.615878] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e68000 00000013 00000001 <0>[ 410.624353] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0050fe38 <0>[ 410.632827] 1fe0: 00000004 be891788 b6f2e33b b6ea7616 60080030 00000001 00000000 00000000 <0>[ 410.641293] Call trace: <0>[ 410.641310] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c <0>[ 410.650824] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c <0>[ 410.657412] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 410.663183] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 410.668854] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 410.674432] vfs_write from ksys_write+0x78/0xf8 <0>[ 410.679301] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 410.684664] Exception stack(0xf2b01fa8 to 0xf2b01ff0) <0>[ 410.690022] 1fa0: 00000013 00000013 00000001 b6e68000 00000013 00000001 <0>[ 410.698496] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0050fe38 <0>[ 410.706967] 1fe0: 00000004 be891788 b6f2e33b b6ea7616 <0>[ 410.712326] Code: e8bd47f0 eac97564 e92d4010 ebca0ffc (e7f001f2) <4>[ 410.718683] ---[ end trace 0000000000000000 ]--- <6>[ 410.723629] note: cat[5189] exited with irqs disabled # Segmentation fault # [ 409.924434] lkdtm: Performing direct entry FORTIFY_MEM_OBJECT # [ 409.929250] lkdtm: trying to memcpy() past the end of a struct # [ 409.935829] lkdtm: 0: 16 # [ 409.938105] lkdtm: 1: 16 # [ 409.940930] lkdtm: s: 20 # [ 409.943655] ------------[ cut here ]------------ # [ 409.948591] WARNING: CPU: 0 PID: 5189 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 409.957401] memcpy: detected buffer overflow: 20 byte write of buffer size 16 # [ 409.965092] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 410.003105] CPU: 0 UID: 0 PID: 5189 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 410.012514] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 410.017767] Hardware name: STM32 (Device Tree Support) # [ 410.023218] Call trace: # [ 410.023233] unwind_backtrace from show_stack+0x18/0x1c # [ 410.031544] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 410.036818] dump_stack_lvl from __warn+0x84/0x134 # [ 410.041898] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 410.047282] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 410.053472] __fortify_report from __fortify_panic+0x8/0xc # [ 410.059250] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c # [ 410.065938] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c # [ 410.072628] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 410.078397] direct_entry from full_proxy_write+0x5c/0x8c # [ 410.084068] full_proxy_write from vfs_write+0xbc/0x3cc # [ 410.089547] vfs_write from ksys_write+0x78/0xf8 # [ 410.094417] ksys_write from ret_fast_syscall+0x0/0x1c # [ 410.099881] Exception stack(0xf2b01fa8 to 0xf2b01ff0) # [ 410.105241] 1fa0: 00000013 00000013 00000001 b6e68000 00000013 00000001 # [ 410.113716] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0050fe38 # [ 410.122187] 1fe0: 00000004 be891788 b6f2e33b b6ea7616 # [ 410.128019] ---[ end trace 0000000000000000 ]--- # [ 410.132547] ------------[ cut here ]------------ # [ 410.137312] kernel BUG at lib/string_helpers.c:1040! # [ 410.142575] Internal error: Oops - BUG: 0 [#29] SMP ARM # [ 410.148048] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 410.186178] CPU: 0 UID: 0 PID: 5189 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 410.195785] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 410.201033] Hardware name: STM32 (Device Tree Support) # [ 410.206483] PC is at __fortify_panic+0x8/0xc # [ 410.210948] LR is at __fortify_report+0x8c/0xd4 # [ 410.215814] pc : [] lr : [] psr: 60080013 # [ 410.222371] sp : f2b01e48 ip : 00000000 fp : 0050fe38 # [ 410.227822] r10: c55f7040 r9 : f2b01f80 r8 : c268837c # [ 410.233372] r7 : f2b01f80 r6 : 00000000 r5 : c89bf000 r4 : c2804378 # [ 410.240131] r3 : c6b03240 r2 : 00000000 r1 : 00000000 r0 : ef6a5484 # [ 410.246992] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 410.254458] Control: 10c5387d Table: c8f8c06a DAC: 00000051 # [ 410.260409] Register r0 information: non-slab/vmalloc memory # [ 410.266377] Register r1 information: NULL pointer # [ 410.271332] Register r2 information: NULL pointer # [ 410.276385] Register r3 information: slab task_struct start c6b03200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f78 # [ 410.290058] copy_process+0x1f4/0x1f78 # [ 410.294416] kernel_clone+0xac/0x388 # [ 410.298471] sys_clone+0x78/0x9c # [ 410.302225] ret_fast_syscall+0x0/0x1c # [ 410.306477] Free path: # [ 410.309207] rcu_core+0x2dc/0xb14 # [ 410.313062] handle_softirqs+0x15c/0x430 # [ 410.317520] irq_exit+0xac/0xd4 # [ 410.321171] call_with_stack+0x18/0x20 # [ 410.325531] __irq_svc+0x9c/0xb8 # [ 410.329278] tcp_sock_set_cork+0x0/0x50 # [ 410.333638] xs_tcp_send_request+0x1e0/0x288 # [ 410.338396] xprt_transmit+0x1a0/0x4a0 # [ 410.342746] call_transmit+0x80/0x8c # [ 410.346803] __rpc_execute+0xc8/0x5d0 # [ 410.351060] rpc_async_schedule+0x24/0x40 # [ 410.355516] process_one_work+0x1b8/0x450 # [ 410.360073] worker_thread+0x1d4/0x3c4 # [ 410.364425] kthread+0xe8/0x104 # [ 410.368074] ret_from_fork+0x14/0x28 # [ 410.372123] Register r4 information: non-slab/vmalloc memory # [ 410.378085] Register r5 information: non-slab/vmalloc memory # [ 410.384051] Register r6 information: NULL pointer # [ 410.389006] Register r7 information: 2-page vmalloc region starting at 0xf2b00000 allocated at kernel_clone+0xac/0x388 # [ 410.400023] Register r8 information: non-slab/vmalloc memory # [ 410.405982] Register r9 information: 2-page vmalloc region starting at 0xf2b00000 allocated at kernel_clone+0xac/0x388 # [ 410.416988] Register r10 information: slab kmalloc-192 start c55f7000 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 410.430950] full_proxy_open+0x124/0x24c # [ 410.435402] do_dentry_open+0x144/0x4dc # [ 410.439759] vfs_open+0x2c/0xec # [ 410.443412] path_openat+0x748/0x1198 # [ 410.447564] do_filp_open+0x98/0x134 # [ 410.451715] do_sys_openat2+0xbc/0xe4 # [ 410.455870] sys_openat+0x98/0xd4 # [ 410.459723] ret_fast_syscall+0x0/0x1c # [ 410.464073] Free path: # [ 410.466703] nfs_pgio_header_free+0x34/0x48 # [ 410.471465] nfs_write_completion+0x60/0x240 # [ 410.476220] rpc_free_task+0x34/0x54 # [ 410.480379] rpc_async_release+0x24/0x40 # [ 410.484834] process_one_work+0x1b8/0x450 # [ 410.489389] worker_thread+0x1d4/0x3c4 # [ 410.493642] kthread+0xe8/0x104 # [ 410.497289] ret_from_fork+0x14/0x28 # [ 410.501438] Register r11 information: non-paged memory # [ 410.506895] Register r12 information: NULL pointer # [ 410.511948] Process cat (pid: 5189, stack limit = 0xf2b00000) # [ 410.518006] Stack: (0xf2b01e48 to 0xf2b02000) # [ 410.522562] 1e40: c2804378 c16dc314 00000014 00000000 00000000 00000000 # [ 410.531035] 1e60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 410.539508] 1e80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 410.547983] 1ea0: 00000000 00000000 00000000 00000000 00000000 1cc3a3d6 00000013 c0df8798 # [ 410.556558] 1ec0: 00000013 c0df8b7c c0df8a60 c49eea40 b6e68000 00000013 c3a41d50 c0892960 # [ 410.565033] 1ee0: c49eea40 c0892904 f2b01f80 b6e68000 c6b03240 00000013 c55f7040 c0629858 # [ 410.573508] 1f00: c8f8edb8 00000000 00000000 00000000 00000000 00000013 b6e68000 0001ffed # [ 410.581981] 1f20: 00000001 00000000 c49eef40 00000000 00000000 00000000 00000000 00000000 # [ 410.590455] 1f40: 00000000 00000000 00000000 00000000 00000022 1cc3a3d6 00000000 c49eea40 # [ 410.598929] 1f60: c49eea40 00000000 00000000 c03002f0 c6b03240 00000004 0050fe38 c0629db4 # [ 410.607404] 1f80: 00000000 00000000 00000000 1cc3a3d6 000000c0 00000013 00000013 7ff00000 # [ 410.615878] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e68000 00000013 00000001 # [ 410.624353] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0050fe38 # [ 410.632827] 1fe0: 00000004 be891788 b6f2e33b b6ea7616 60080030 00000001 00000000 00000000 # [ 410.641293] Call trace: # [ 410.641310] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c # [ 410.650824] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c # [ 410.657412] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 410.663183] direct_entry from full_proxy_write+0x5c/0x8c # [ 410.668854] full_proxy_write from vfs_write+0xbc/0x3cc # [ 410.674432] vfs_write from ksys_write+0x78/0xf8 # [ 410.679301] ksys_write from ret_fast_syscall+0x0/0x1c # [ 410.684664] Exception stack(0xf2b01fa8 to 0xf2b01ff0) # [ 410.690022] 1fa0: 00000013 00000013 00000001 b6e68000 00000013 00000001 # [ 410.698496] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0050fe38 # [ 410.706967] 1fe0: 00000004 be891788 b6f2e33b b6ea7616 # [ 410.712326] Code: e8bd47f0 eac97564 e92d4010 ebca0ffc (e7f001f2) # [ 410.718683] ---[ end trace 0000000000000000 ]--- # [ 410.723629] note: cat[5189] exited with irqs disabled # FORTIFY_MEM_OBJECT: saw 'detected buffer overflow': ok ok 83 selftests: lkdtm: FORTIFY_MEM_OBJECT.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_MEM_MEMBER.sh <6>[ 413.873175] lkdtm: Performing direct entry FORTIFY_MEM_MEMBER <6>[ 413.878010] lkdtm: trying to memcpy() past the end of a struct member... <4>[ 413.884933] ------------[ cut here ]------------ <4>[ 413.889766] WARNING: CPU: 1 PID: 5277 at drivers/misc/lkdtm/fortify.c:122 lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 <4>[ 413.900196] memcpy: detected field-spanning write (size 15) of single field "target.a" at drivers/misc/lkdtm/fortify.c:122 (size 10) <4>[ 413.912587] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 413.950612] CPU: 1 UID: 0 PID: 5277 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 <4>[ 413.960025] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 413.965279] Hardware name: STM32 (Device Tree Support) <4>[ 413.970629] Call trace: <4>[ 413.970644] unwind_backtrace from show_stack+0x18/0x1c <4>[ 413.978954] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 413.984330] dump_stack_lvl from __warn+0x84/0x134 <4>[ 413.989410] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 413.994792] warn_slowpath_fmt from lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 <4>[ 414.001784] lkdtm_FORTIFY_MEM_MEMBER from lkdtm_do_action+0x24/0x4c <4>[ 414.008462] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 414.014232] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 414.019903] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 414.025382] vfs_write from ksys_write+0x78/0xf8 <4>[ 414.030250] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 414.035714] Exception stack(0xf2b9dfa8 to 0xf2b9dff0) <4>[ 414.041074] dfa0: 00000013 00000013 00000001 b6e14000 00000013 00000001 <4>[ 414.049549] dfc0: 00000013 00000013 7ff00000 00000004 00000001 b6e14000 00020000 0043fe38 <4>[ 414.058020] dfe0: 00000004 bed3c788 b6eda33b b6e53616 <4>[ 414.063509] ---[ end trace 0000000000000000 ]--- <3>[ 414.068349] lkdtm: FAIL: fortify did not block a memcpy() struct member write overflow! <3>[ 414.076643] lkdtm: Unexpected! This kernel (6.12.0-rc2-next-20241011 armv7l) was built with CONFIG_FORTIFY_SOURCE=y # [ 413.873175] lkdtm: Performing direct entry FORTIFY_MEM_MEMBER # [ 413.878010] lkdtm: trying to memcpy() past the end of a struct member... # [ 413.884933] ------------[ cut here ]------------ # [ 413.889766] WARNING: CPU: 1 PID: 5277 at drivers/misc/lkdtm/fortify.c:122 lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 # [ 413.900196] memcpy: detected field-spanning write (size 15) of single field "target.a" at drivers/misc/lkdtm/fortify.c:122 (size 10) # [ 413.912587] Modules linked in: fuse ip_tables x_tables snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm snd_timer snd soundcore brcmfmac brcmutil adv7511 cfg80211 hci_uart btbcm stm32_adc_core bluetooth ecdh_generic ecc snd_soc_stm32_sai etnaviv stm_drm nvmem_stm32_romem drm_dma_helper gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 413.950612] CPU: 1 UID: 0 PID: 5277 Comm: cat Tainted: G B D W 6.12.0-rc2-next-20241011 #1 # [ 413.960025] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 413.965279] Hardware name: STM32 (Device Tree Support) # [ 413.970629] Call trace: # [ 413.970644] unwind_backtrace from show_stack+0x18/0x1c # [ 413.978954] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 413.984330] dump_stack_lvl from __warn+0x84/0x134 # [ 413.989410] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 413.994792] warn_slowpath_fmt from lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 # [ 414.001784] lkdtm_FORTIFY_MEM_MEMBER from lkdtm_do_action+0x24/0x4c # [ 414.008462] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 414.014232] direct_entry from full_proxy_write+0x5c/0x8c # [ 414.019903] full_proxy_write from vfs_write+0xbc/0x3cc # [ 414.025382] vfs_write from ksys_write+0x78/0xf8 # [ 414.030250] ksys_write from ret_fast_syscall+0x0/0x1c # [ 414.035714] Exception stack(0xf2b9dfa8 to 0xf2b9dff0) # [ 414.041074] dfa0: 00000013 00000013 00000001 b6e14000 00000013 00000001 # [ 414.049549] dfc0: 00000013 00000013 7ff00000 00000004 00000001 b6e14000 00020000 0043fe38 # [ 414.058020] dfe0: 00000004 bed3c788 b6eda33b b6e53616 # [ 414.063509] ---[ end trace 0000000000000000 ]--- # [ 414.068349] lkdtm: FAIL: fortify did not block a memcpy() struct member write overflow! # [ 414.076643] lkdtm: Unexpected! This kernel (6.12.0-rc2-next-20241011 armv7l) was built with CONFIG_FORTIFY_SOURCE=y # FORTIFY_MEM_MEMBER: saw 'detected field-spanning write': ok ok 84 selftests: lkdtm: FORTIFY_MEM_MEMBER.sh # timeout set to 45 # selftests: lkdtm: PPC_SLB_MULTIHIT.sh # Skipped: test 'PPC_SLB_MULTIHIT' missing in /sys/kernel/debug/provoke-crash/DIRECT! ok 85 selftests: lkdtm: PPC_SLB_MULTIHIT.sh # SKIP # timeout set to 45 # selftests: lkdtm: stack-entropy.sh <6>[ 415.473956] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.478350] lkdtm: Starting stack offset tracking for pid 5322 <6>[ 415.484367] lkdtm: Stack offset: 0 <6>[ 415.503870] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.508089] lkdtm: Stack offset: 0 <6>[ 415.520895] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.525141] lkdtm: Stack offset: 0 <6>[ 415.537865] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.542159] lkdtm: Stack offset: 0 <6>[ 415.554782] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.558976] lkdtm: Stack offset: 0 <6>[ 415.571835] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.575974] lkdtm: Stack offset: 0 <6>[ 415.581802] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.586124] lkdtm: Stack offset: 0 <6>[ 415.591538] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.595678] lkdtm: Stack offset: 0 <6>[ 415.601255] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.605427] lkdtm: Stack offset: 0 <6>[ 415.610935] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.615093] lkdtm: Stack offset: 0 <6>[ 415.620648] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.624781] lkdtm: Stack offset: 0 <6>[ 415.630324] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.634453] lkdtm: Stack offset: 0 <6>[ 415.639965] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.644105] lkdtm: Stack offset: 0 <6>[ 415.649671] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.653804] lkdtm: Stack offset: 0 <6>[ 415.659377] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.663506] lkdtm: Stack offset: 0 <6>[ 415.669027] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.673207] lkdtm: Stack offset: 0 <6>[ 415.678682] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.682815] lkdtm: Stack offset: 0 <6>[ 415.688414] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.692546] lkdtm: Stack offset: 0 <6>[ 415.698134] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.702253] lkdtm: Stack offset: 0 <6>[ 415.707751] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.711890] lkdtm: Stack offset: 0 <6>[ 415.717411] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.721546] lkdtm: Stack offset: 0 <6>[ 415.727143] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.731308] lkdtm: Stack offset: 0 <6>[ 415.749804] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.754088] lkdtm: Stack offset: 0 <6>[ 415.758982] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.763237] lkdtm: Stack offset: 0 <6>[ 415.768178] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.772472] lkdtm: Stack offset: 0 <6>[ 415.777439] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.781694] lkdtm: Stack offset: 0 <6>[ 415.786601] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.790913] lkdtm: Stack offset: 0 <6>[ 415.795682] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.800107] lkdtm: Stack offset: 0 <6>[ 415.804798] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.809191] lkdtm: Stack offset: 0 <6>[ 415.813962] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.818325] lkdtm: Stack offset: 0 <6>[ 415.822989] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.827507] lkdtm: Stack offset: 0 <6>[ 415.831829] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.836736] lkdtm: Stack offset: 0 <6>[ 415.840924] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.845972] lkdtm: Stack offset: 0 <6>[ 415.850495] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.855071] lkdtm: Stack offset: 0 <6>[ 415.859704] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.864276] lkdtm: Stack offset: 0 <6>[ 415.868855] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.873636] lkdtm: Stack offset: 0 <6>[ 415.878152] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.882751] lkdtm: Stack offset: 0 <6>[ 415.887387] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.891734] lkdtm: Stack offset: 0 <6>[ 415.896529] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.901090] lkdtm: Stack offset: 0 <6>[ 415.905818] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.910220] lkdtm: Stack offset: 0 <6>[ 415.915778] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.919951] lkdtm: Stack offset: 0 <6>[ 415.924803] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.929191] lkdtm: Stack offset: 0 <6>[ 415.933782] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.938360] lkdtm: Stack offset: 0 <6>[ 415.942892] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.947602] lkdtm: Stack offset: 0 <6>[ 415.952161] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.956709] lkdtm: Stack offset: 0 <6>[ 415.961400] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.965850] lkdtm: Stack offset: 0 <6>[ 415.970585] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.975069] lkdtm: Stack offset: 0 <6>[ 415.979679] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.984258] lkdtm: Stack offset: 0 <6>[ 415.988803] lkdtm: Performing direct entry REPORT_STACK <6>[ 415.993377] lkdtm: Stack offset: 0 <6>[ 415.997999] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.002573] lkdtm: Stack offset: 0 <6>[ 416.007184] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.011753] lkdtm: Stack offset: 0 <6>[ 416.016520] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.021073] lkdtm: Stack offset: 0 <6>[ 416.025653] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.030196] lkdtm: Stack offset: 0 <6>[ 416.036834] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.041008] lkdtm: Stack offset: 0 <6>[ 416.045712] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.050195] lkdtm: Stack offset: 0 <6>[ 416.054877] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.059455] lkdtm: Stack offset: 0 <6>[ 416.063974] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.068588] lkdtm: Stack offset: 0 <6>[ 416.072788] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.077799] lkdtm: Stack offset: 0 <6>[ 416.081978] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.086960] lkdtm: Stack offset: 0 <6>[ 416.091251] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.096108] lkdtm: Stack offset: 0 <6>[ 416.100424] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.105319] lkdtm: Stack offset: 0 <6>[ 416.109630] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.114525] lkdtm: Stack offset: 0 <6>[ 416.118774] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.123689] lkdtm: Stack offset: 0 <6>[ 416.127932] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.132845] lkdtm: Stack offset: 0 <6>[ 416.137178] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.142106] lkdtm: Stack offset: 0 <6>[ 416.146492] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.151179] lkdtm: Stack offset: 0 <6>[ 416.155493] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.160365] lkdtm: Stack offset: 0 <6>[ 416.164668] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.169526] lkdtm: Stack offset: 0 <6>[ 416.173914] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.178713] lkdtm: Stack offset: 0 <6>[ 416.183848] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.188082] lkdtm: Stack offset: 0 <6>[ 416.192840] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.197277] lkdtm: Stack offset: 0 <6>[ 416.201928] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.206411] lkdtm: Stack offset: 0 <6>[ 416.211164] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.215627] lkdtm: Stack offset: 0 <6>[ 416.220305] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.224785] lkdtm: Stack offset: 0 <6>[ 416.229516] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.233972] lkdtm: Stack offset: 0 <6>[ 416.238628] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.243111] lkdtm: Stack offset: 0 <6>[ 416.247696] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.252278] lkdtm: Stack offset: 0 <6>[ 416.256978] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.261463] lkdtm: Stack offset: 0 <6>[ 416.266009] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.270708] lkdtm: Stack offset: 0 <6>[ 416.275400] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.279849] lkdtm: Stack offset: 0 <6>[ 416.284596] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.289077] lkdtm: Stack offset: 0 <6>[ 416.293701] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.298179] lkdtm: Stack offset: 0 <6>[ 416.302750] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.307421] lkdtm: Stack offset: 0 <6>[ 416.311984] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.316610] lkdtm: Stack offset: 0 <6>[ 416.321278] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.325720] lkdtm: Stack offset: 0 <6>[ 416.330355] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.334947] lkdtm: Stack offset: 0 <6>[ 416.339604] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.344091] lkdtm: Stack offset: 0 <6>[ 416.348785] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.353262] lkdtm: Stack offset: 0 <6>[ 416.357858] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.362437] lkdtm: Stack offset: 0 <6>[ 416.366993] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.371568] lkdtm: Stack offset: 0 <6>[ 416.376375] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.380724] lkdtm: Stack offset: 0 <6>[ 416.385487] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.389955] lkdtm: Stack offset: 0 <6>[ 416.394618] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.399185] lkdtm: Stack offset: 0 <6>[ 416.403796] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.408262] lkdtm: Stack offset: 0 <6>[ 416.412959] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.417546] lkdtm: Stack offset: 0 <6>[ 416.422159] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.426609] lkdtm: Stack offset: 0 <6>[ 416.430886] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.435878] lkdtm: Stack offset: 0 <6>[ 416.440161] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.445000] lkdtm: Stack offset: 0 <6>[ 416.449278] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.454252] lkdtm: Stack offset: 0 <6>[ 416.458458] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.463481] lkdtm: Stack offset: 0 <6>[ 416.467682] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.472569] lkdtm: Stack offset: 0 <6>[ 416.476795] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.481772] lkdtm: Stack offset: 0 <6>[ 416.486027] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.490864] lkdtm: Stack offset: 0 <6>[ 416.495284] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.500094] lkdtm: Stack offset: 0 <6>[ 416.504441] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.509303] lkdtm: Stack offset: 0 <6>[ 416.513615] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.518489] lkdtm: Stack offset: 0 <6>[ 416.522749] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.527786] lkdtm: Stack offset: 0 <6>[ 416.534517] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.538717] lkdtm: Stack offset: 0 <6>[ 416.543596] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.547954] lkdtm: Stack offset: 0 <6>[ 416.552753] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.557425] lkdtm: Stack offset: 0 <6>[ 416.561982] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.566215] lkdtm: Stack offset: 0 <6>[ 416.570995] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.575433] lkdtm: Stack offset: 0 <6>[ 416.580031] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.584618] lkdtm: Stack offset: 0 <6>[ 416.589346] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.593861] lkdtm: Stack offset: 0 <6>[ 416.598581] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.602963] lkdtm: Stack offset: 0 <6>[ 416.607707] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.612182] lkdtm: Stack offset: 0 <6>[ 416.616759] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.621528] lkdtm: Stack offset: 0 <6>[ 416.625938] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.630662] lkdtm: Stack offset: 0 <6>[ 416.635284] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.639743] lkdtm: Stack offset: 0 <6>[ 416.644450] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.648902] lkdtm: Stack offset: 0 <6>[ 416.653542] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.658142] lkdtm: Stack offset: 0 <6>[ 416.662685] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.667260] lkdtm: Stack offset: 0 <6>[ 416.671810] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.676381] lkdtm: Stack offset: 0 <6>[ 416.681014] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.685598] lkdtm: Stack offset: 0 <6>[ 416.690279] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.694728] lkdtm: Stack offset: 0 <6>[ 416.699484] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.703949] lkdtm: Stack offset: 0 <6>[ 416.708609] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.713180] lkdtm: Stack offset: 0 <6>[ 416.717738] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.722339] lkdtm: Stack offset: 0 <6>[ 416.726908] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.731497] lkdtm: Stack offset: 0 <6>[ 416.735989] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.740701] lkdtm: Stack offset: 0 <6>[ 416.745381] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.749829] lkdtm: Stack offset: 0 <6>[ 416.754565] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.759031] lkdtm: Stack offset: 0 <6>[ 416.763716] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.768182] lkdtm: Stack offset: 0 <6>[ 416.772803] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.777375] lkdtm: Stack offset: 0 <6>[ 416.781953] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.786612] lkdtm: Stack offset: 0 <6>[ 416.791370] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.795717] lkdtm: Stack offset: 0 <6>[ 416.800512] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.804874] lkdtm: Stack offset: 0 <6>[ 416.809646] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.814118] lkdtm: Stack offset: 0 <6>[ 416.818701] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.823274] lkdtm: Stack offset: 0 <6>[ 416.827858] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.832434] lkdtm: Stack offset: 0 <6>[ 416.836949] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.841676] lkdtm: Stack offset: 0 <6>[ 416.846482] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.850807] lkdtm: Stack offset: 0 <6>[ 416.855668] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.859969] lkdtm: Stack offset: 0 <6>[ 416.864777] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.869168] lkdtm: Stack offset: 0 <6>[ 416.873918] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.878308] lkdtm: Stack offset: 0 <6>[ 416.883118] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.887477] lkdtm: Stack offset: 0 <6>[ 416.892569] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.896759] lkdtm: Stack offset: 0 <6>[ 416.901605] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.906008] lkdtm: Stack offset: 0 <6>[ 416.910763] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.915263] lkdtm: Stack offset: 0 <6>[ 416.921961] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.926196] lkdtm: Stack offset: 0 <6>[ 416.931590] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.935912] lkdtm: Stack offset: 0 <6>[ 416.940590] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.944960] lkdtm: Stack offset: 0 <6>[ 416.949756] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.954139] lkdtm: Stack offset: 0 <6>[ 416.958906] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.963390] lkdtm: Stack offset: 0 <6>[ 416.967970] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.972586] lkdtm: Stack offset: 0 <6>[ 416.977255] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.981699] lkdtm: Stack offset: 0 <6>[ 416.986356] lkdtm: Performing direct entry REPORT_STACK <6>[ 416.990915] lkdtm: Stack offset: 0 <6>[ 416.995622] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.000136] lkdtm: Stack offset: 0 <6>[ 417.004744] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.009218] lkdtm: Stack offset: 0 <6>[ 417.013839] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.018420] lkdtm: Stack offset: 0 <6>[ 417.022927] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.027639] lkdtm: Stack offset: 0 <6>[ 417.032307] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.036754] lkdtm: Stack offset: 0 <6>[ 417.041519] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.045992] lkdtm: Stack offset: 0 <6>[ 417.050663] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.055134] lkdtm: Stack offset: 0 <6>[ 417.059691] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.064263] lkdtm: Stack offset: 0 <6>[ 417.068925] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.073507] lkdtm: Stack offset: 0 <6>[ 417.078143] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.082597] lkdtm: Stack offset: 0 <6>[ 417.086859] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.091858] lkdtm: Stack offset: 0 <6>[ 417.096139] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.101011] lkdtm: Stack offset: 0 <6>[ 417.105315] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.110164] lkdtm: Stack offset: 0 <6>[ 417.114398] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.119364] lkdtm: Stack offset: 0 <6>[ 417.123557] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.128531] lkdtm: Stack offset: 0 <6>[ 417.132684] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.137781] lkdtm: Stack offset: 0 <6>[ 417.142197] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.146845] lkdtm: Stack offset: 0 <6>[ 417.151143] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.156123] lkdtm: Stack offset: 0 <6>[ 417.160341] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.165312] lkdtm: Stack offset: 0 <6>[ 417.169544] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.174432] lkdtm: Stack offset: 0 <6>[ 417.178626] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.183591] lkdtm: Stack offset: 0 <6>[ 417.187848] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.192832] lkdtm: Stack offset: 0 <6>[ 417.197007] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.201940] lkdtm: Stack offset: 0 <6>[ 417.206291] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.211154] lkdtm: Stack offset: 0 <6>[ 417.215498] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.220286] lkdtm: Stack offset: 0 <6>[ 417.224660] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.229523] lkdtm: Stack offset: 0 <6>[ 417.233764] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.238667] lkdtm: Stack offset: 0 <6>[ 417.242912] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.247977] lkdtm: Stack offset: 0 <6>[ 417.252482] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.257108] lkdtm: Stack offset: 0 <6>[ 417.261349] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.266221] lkdtm: Stack offset: 0 <6>[ 417.272937] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.277184] lkdtm: Stack offset: 0 <6>[ 417.282282] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.286515] lkdtm: Stack offset: 0 <6>[ 417.291447] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.295798] lkdtm: Stack offset: 0 <6>[ 417.301149] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.305345] lkdtm: Stack offset: 0 <6>[ 417.313875] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.318186] lkdtm: Stack offset: 0 <6>[ 417.323462] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.327632] lkdtm: Stack offset: 0 <6>[ 417.332472] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.336863] lkdtm: Stack offset: 0 <6>[ 417.341624] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.346003] lkdtm: Stack offset: 0 <6>[ 417.350731] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.355203] lkdtm: Stack offset: 0 <6>[ 417.359741] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.364411] lkdtm: Stack offset: 0 <6>[ 417.368952] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.373603] lkdtm: Stack offset: 0 <6>[ 417.378339] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.382701] lkdtm: Stack offset: 0 <6>[ 417.387533] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.391897] lkdtm: Stack offset: 0 <6>[ 417.396670] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.401152] lkdtm: Stack offset: 0 <6>[ 417.405749] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.410327] lkdtm: Stack offset: 0 <6>[ 417.414863] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.419439] lkdtm: Stack offset: 0 <6>[ 417.423975] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.428692] lkdtm: Stack offset: 0 <6>[ 417.433363] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.437812] lkdtm: Stack offset: 0 <6>[ 417.442468] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.447029] lkdtm: Stack offset: 0 <6>[ 417.451620] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.456178] lkdtm: Stack offset: 0 <6>[ 417.460756] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.465325] lkdtm: Stack offset: 0 <6>[ 417.469885] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.474562] lkdtm: Stack offset: 0 <6>[ 417.479164] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.483723] lkdtm: Stack offset: 0 <6>[ 417.488424] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.492874] lkdtm: Stack offset: 0 <6>[ 417.497535] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.502127] lkdtm: Stack offset: 0 <6>[ 417.506714] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.511290] lkdtm: Stack offset: 0 <6>[ 417.515829] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.520394] lkdtm: Stack offset: 0 <6>[ 417.525013] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.529587] lkdtm: Stack offset: 0 <6>[ 417.534299] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.538743] lkdtm: Stack offset: 0 <6>[ 417.543504] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.547967] lkdtm: Stack offset: 0 <6>[ 417.552654] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.557124] lkdtm: Stack offset: 0 <6>[ 417.561713] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.566285] lkdtm: Stack offset: 0 <6>[ 417.570850] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.575528] lkdtm: Stack offset: 0 <6>[ 417.580026] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.584677] lkdtm: Stack offset: 0 <6>[ 417.589397] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.593863] lkdtm: Stack offset: 0 <6>[ 417.598642] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.603074] lkdtm: Stack offset: 0 <6>[ 417.607901] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.612195] lkdtm: Stack offset: 0 <6>[ 417.616954] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.621346] lkdtm: Stack offset: 0 <6>[ 417.626118] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.630592] lkdtm: Stack offset: 0 <6>[ 417.635422] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.639718] lkdtm: Stack offset: 0 <6>[ 417.644569] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.648958] lkdtm: Stack offset: 0 <6>[ 417.653971] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.658184] lkdtm: Stack offset: 0 <6>[ 417.664913] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.669150] lkdtm: Stack offset: 0 <6>[ 417.674115] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.678658] lkdtm: Stack offset: 0 <6>[ 417.683248] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.687562] lkdtm: Stack offset: 0 <6>[ 417.692414] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.696680] lkdtm: Stack offset: 0 <6>[ 417.701408] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.705878] lkdtm: Stack offset: 0 <6>[ 417.710480] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.715076] lkdtm: Stack offset: 0 <6>[ 417.719538] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.724183] lkdtm: Stack offset: 0 <6>[ 417.728443] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.733393] lkdtm: Stack offset: 0 <6>[ 417.737567] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.742629] lkdtm: Stack offset: 0 <6>[ 417.746702] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.751760] lkdtm: Stack offset: 0 <6>[ 417.755812] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.760976] lkdtm: Stack offset: 0 <6>[ 417.765113] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.770031] lkdtm: Stack offset: 0 <6>[ 417.774262] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.779327] lkdtm: Stack offset: 0 <6>[ 417.783418] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.788513] lkdtm: Stack offset: 0 <6>[ 417.792714] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.797713] lkdtm: Stack offset: 0 <6>[ 417.801919] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.806847] lkdtm: Stack offset: 0 <6>[ 417.811230] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.816013] lkdtm: Stack offset: 0 <6>[ 417.820315] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.825169] lkdtm: Stack offset: 0 <6>[ 417.829526] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.834612] lkdtm: Stack offset: 0 <6>[ 417.838625] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.843790] lkdtm: Stack offset: 0 <6>[ 417.847764] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.852760] lkdtm: Stack offset: 0 <6>[ 417.856952] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.861975] lkdtm: Stack offset: 0 <6>[ 417.866260] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.871110] lkdtm: Stack offset: 0 <6>[ 417.875261] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.880227] lkdtm: Stack offset: 0 <6>[ 417.884532] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.889406] lkdtm: Stack offset: 0 <6>[ 417.893661] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.898657] lkdtm: Stack offset: 0 <6>[ 417.902991] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.907766] lkdtm: Stack offset: 0 <6>[ 417.912031] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.916961] lkdtm: Stack offset: 0 <6>[ 417.921232] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.926201] lkdtm: Stack offset: 0 <6>[ 417.930420] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.935293] lkdtm: Stack offset: 0 <6>[ 417.939579] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.944556] lkdtm: Stack offset: 0 <6>[ 417.949255] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.953708] lkdtm: Stack offset: 0 <6>[ 417.957838] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.962941] lkdtm: Stack offset: 0 <6>[ 417.967183] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.972097] lkdtm: Stack offset: 0 <6>[ 417.976320] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.981188] lkdtm: Stack offset: 0 <6>[ 417.985500] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.990375] lkdtm: Stack offset: 0 <6>[ 417.994637] lkdtm: Performing direct entry REPORT_STACK <6>[ 417.999654] lkdtm: Stack offset: 0 <6>[ 418.003812] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.008804] lkdtm: Stack offset: 0 <6>[ 418.012987] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.017974] lkdtm: Stack offset: 0 <6>[ 418.022242] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.027105] lkdtm: Stack offset: 0 <6>[ 418.031253] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.036350] lkdtm: Stack offset: 0 <6>[ 418.040560] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.045438] lkdtm: Stack offset: 0 <6>[ 418.049707] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.054696] lkdtm: Stack offset: 0 <6>[ 418.058930] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.063839] lkdtm: Stack offset: 0 <6>[ 418.068171] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.073078] lkdtm: Stack offset: 0 <6>[ 418.077287] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.082165] lkdtm: Stack offset: 0 <6>[ 418.086503] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.091408] lkdtm: Stack offset: 0 <6>[ 418.095697] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.100693] lkdtm: Stack offset: 0 <6>[ 418.105331] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.109726] lkdtm: Stack offset: 0 <6>[ 418.114615] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.118938] lkdtm: Stack offset: 0 <6>[ 418.123780] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.128112] lkdtm: Stack offset: 0 <6>[ 418.133733] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.137949] lkdtm: Stack offset: 0 <6>[ 418.143759] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.147994] lkdtm: Stack offset: 0 <6>[ 418.153800] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.158009] lkdtm: Stack offset: 0 <6>[ 418.169462] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.174012] lkdtm: Stack offset: 0 <6>[ 418.178437] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.183657] lkdtm: Stack offset: 0 <6>[ 418.187608] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.192119] lkdtm: Stack offset: 0 <6>[ 418.196707] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.201183] lkdtm: Stack offset: 0 <6>[ 418.205908] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.210384] lkdtm: Stack offset: 0 <6>[ 418.214935] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.219621] lkdtm: Stack offset: 0 <6>[ 418.224346] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.228930] lkdtm: Stack offset: 0 <6>[ 418.233565] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.238099] lkdtm: Stack offset: 0 <6>[ 418.242685] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.247077] lkdtm: Stack offset: 0 <6>[ 418.251752] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.256328] lkdtm: Stack offset: 0 <6>[ 418.260897] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.265477] lkdtm: Stack offset: 0 <6>[ 418.269991] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.274711] lkdtm: Stack offset: 0 <6>[ 418.278914] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.283797] lkdtm: Stack offset: 0 <6>[ 418.288148] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.293070] lkdtm: Stack offset: 0 <6>[ 418.297261] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.302137] lkdtm: Stack offset: 0 <6>[ 418.306457] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.311335] lkdtm: Stack offset: 0 <6>[ 418.315539] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.320555] lkdtm: Stack offset: 0 <6>[ 418.324801] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.329697] lkdtm: Stack offset: 0 <6>[ 418.334015] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.338863] lkdtm: Stack offset: 0 <6>[ 418.343025] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.348065] lkdtm: Stack offset: 0 <6>[ 418.352289] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.357283] lkdtm: Stack offset: 0 <6>[ 418.361493] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.366494] lkdtm: Stack offset: 0 <6>[ 418.370588] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.375639] lkdtm: Stack offset: 0 <6>[ 418.379872] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.384779] lkdtm: Stack offset: 0 <6>[ 418.388973] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.393974] lkdtm: Stack offset: 0 <6>[ 418.398266] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.403113] lkdtm: Stack offset: 0 <6>[ 418.407357] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.412335] lkdtm: Stack offset: 0 <6>[ 418.416542] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.421540] lkdtm: Stack offset: 0 <6>[ 418.425695] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.430688] lkdtm: Stack offset: 0 <6>[ 418.434873] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.439862] lkdtm: Stack offset: 0 <6>[ 418.444127] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.448991] lkdtm: Stack offset: 0 <6>[ 418.453288] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.458169] lkdtm: Stack offset: 0 <6>[ 418.462516] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.467407] lkdtm: Stack offset: 0 <6>[ 418.471749] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.476540] lkdtm: Stack offset: 0 <6>[ 418.480796] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.485818] lkdtm: Stack offset: 0 <6>[ 418.490425] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.494926] lkdtm: Stack offset: 0 <6>[ 418.499263] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.504079] lkdtm: Stack offset: 0 <6>[ 418.508407] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.513296] lkdtm: Stack offset: 0 <6>[ 418.518824] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.523117] lkdtm: Stack offset: 0 <6>[ 418.528374] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.532560] lkdtm: Stack offset: 0 <6>[ 418.537518] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.541933] lkdtm: Stack offset: 0 <6>[ 418.546665] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.551102] lkdtm: Stack offset: 0 <6>[ 418.558640] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.562893] lkdtm: Stack offset: 0 <6>[ 418.567610] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.572261] lkdtm: Stack offset: 0 <6>[ 418.576738] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.581247] lkdtm: Stack offset: 0 <6>[ 418.585902] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.590373] lkdtm: Stack offset: 0 <6>[ 418.595163] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.599528] lkdtm: Stack offset: 0 <6>[ 418.604314] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.608758] lkdtm: Stack offset: 0 <6>[ 418.613431] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.617895] lkdtm: Stack offset: 0 <6>[ 418.622741] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.627133] lkdtm: Stack offset: 0 <6>[ 418.631720] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.636293] lkdtm: Stack offset: 0 <6>[ 418.640868] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.645486] lkdtm: Stack offset: 0 <6>[ 418.650005] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.654656] lkdtm: Stack offset: 0 <6>[ 418.658819] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.663915] lkdtm: Stack offset: 0 <6>[ 418.668185] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.673023] lkdtm: Stack offset: 0 <6>[ 418.677313] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.682159] lkdtm: Stack offset: 0 <6>[ 418.686405] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.691377] lkdtm: Stack offset: 0 <6>[ 418.695566] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.700555] lkdtm: Stack offset: 0 <6>[ 418.704710] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.709827] lkdtm: Stack offset: 0 <6>[ 418.713888] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.718986] lkdtm: Stack offset: 0 <6>[ 418.723263] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.728108] lkdtm: Stack offset: 0 <6>[ 418.732266] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.737236] lkdtm: Stack offset: 0 <6>[ 418.741536] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.746507] lkdtm: Stack offset: 0 <6>[ 418.750660] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.755663] lkdtm: Stack offset: 0 <6>[ 418.759816] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.764842] lkdtm: Stack offset: 0 <6>[ 418.769029] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.773998] lkdtm: Stack offset: 0 <6>[ 418.778244] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.783216] lkdtm: Stack offset: 0 <6>[ 418.787434] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.792308] lkdtm: Stack offset: 0 <6>[ 418.796595] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.801572] lkdtm: Stack offset: 0 <6>[ 418.805736] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.810742] lkdtm: Stack offset: 0 <6>[ 418.814891] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.819885] lkdtm: Stack offset: 0 <6>[ 418.824152] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.829027] lkdtm: Stack offset: 0 <6>[ 418.833423] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.838251] lkdtm: Stack offset: 0 <6>[ 418.842596] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.847401] lkdtm: Stack offset: 0 <6>[ 418.851705] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.856579] lkdtm: Stack offset: 0 <6>[ 418.860803] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.865825] lkdtm: Stack offset: 0 <6>[ 418.870148] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.874924] lkdtm: Stack offset: 0 <6>[ 418.879290] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.884169] lkdtm: Stack offset: 0 <6>[ 418.888522] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.893321] lkdtm: Stack offset: 0 <6>[ 418.897630] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.902552] lkdtm: Stack offset: 0 <6>[ 418.906745] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.911645] lkdtm: Stack offset: 0 <6>[ 418.915887] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.920907] lkdtm: Stack offset: 0 <6>[ 418.925183] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.930091] lkdtm: Stack offset: 0 <6>[ 418.936015] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.940342] lkdtm: Stack offset: 0 <6>[ 418.944822] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.949552] lkdtm: Stack offset: 0 <6>[ 418.953902] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.958681] lkdtm: Stack offset: 0 <6>[ 418.962827] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.967931] lkdtm: Stack offset: 0 <6>[ 418.972429] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.977070] lkdtm: Stack offset: 0 <6>[ 418.981636] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.986197] lkdtm: Stack offset: 0 <6>[ 418.990558] lkdtm: Performing direct entry REPORT_STACK <6>[ 418.995432] lkdtm: Stack offset: 0 <6>[ 418.999571] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.004560] lkdtm: Stack offset: 0 <6>[ 419.008955] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.013887] lkdtm: Stack offset: 0 <6>[ 419.017996] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.022945] lkdtm: Stack offset: 0 <6>[ 419.027172] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.032157] lkdtm: Stack offset: 0 <6>[ 419.036375] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.041246] lkdtm: Stack offset: 0 <6>[ 419.045542] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.050523] lkdtm: Stack offset: 0 <6>[ 419.054707] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.059700] lkdtm: Stack offset: 0 <6>[ 419.063884] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.068869] lkdtm: Stack offset: 0 <6>[ 419.073142] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.077983] lkdtm: Stack offset: 0 <6>[ 419.082156] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.087121] lkdtm: Stack offset: 0 <6>[ 419.091438] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.096331] lkdtm: Stack offset: 0 <6>[ 419.102156] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.106307] lkdtm: Stack offset: 0 <6>[ 419.110586] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.115558] lkdtm: Stack offset: 0 <6>[ 419.119715] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.124719] lkdtm: Stack offset: 0 <6>[ 419.128884] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.133985] lkdtm: Stack offset: 0 <6>[ 419.138160] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.143098] lkdtm: Stack offset: 0 <6>[ 419.147283] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.152259] lkdtm: Stack offset: 0 <6>[ 419.156548] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.161445] lkdtm: Stack offset: 0 <6>[ 419.165620] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.170611] lkdtm: Stack offset: 0 <6>[ 419.174828] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.179823] lkdtm: Stack offset: 0 <6>[ 419.184008] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.188944] lkdtm: Stack offset: 0 <6>[ 419.193252] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.198122] lkdtm: Stack offset: 0 <6>[ 419.202444] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.207318] lkdtm: Stack offset: 0 <6>[ 419.211529] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.216504] lkdtm: Stack offset: 0 <6>[ 419.220651] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.225773] lkdtm: Stack offset: 0 <6>[ 419.229865] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.234877] lkdtm: Stack offset: 0 <6>[ 419.239198] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.244099] lkdtm: Stack offset: 0 <6>[ 419.248441] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.253237] lkdtm: Stack offset: 0 <6>[ 419.257571] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.262362] lkdtm: Stack offset: 0 <6>[ 419.266724] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.271622] lkdtm: Stack offset: 0 <6>[ 419.275879] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.280785] lkdtm: Stack offset: 0 <6>[ 419.285147] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.289975] lkdtm: Stack offset: 0 <6>[ 419.294556] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.299141] lkdtm: Stack offset: 0 <6>[ 419.303509] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.308305] lkdtm: Stack offset: 0 <6>[ 419.312624] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.317496] lkdtm: Stack offset: 0 <6>[ 419.321765] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.326671] lkdtm: Stack offset: 0 <6>[ 419.330926] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.335851] lkdtm: Stack offset: 0 <6>[ 419.340347] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.345097] lkdtm: Stack offset: 0 <6>[ 419.349346] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.354208] lkdtm: Stack offset: 0 <6>[ 419.358774] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.363391] lkdtm: Stack offset: 0 <6>[ 419.367681] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.372567] lkdtm: Stack offset: 0 <6>[ 419.376789] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.381665] lkdtm: Stack offset: 0 <6>[ 419.386508] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.390900] lkdtm: Stack offset: 0 <6>[ 419.395601] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.400106] lkdtm: Stack offset: 0 <6>[ 419.404723] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.409204] lkdtm: Stack offset: 0 <6>[ 419.413887] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.418486] lkdtm: Stack offset: 0 <6>[ 419.422956] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.427633] lkdtm: Stack offset: 0 <6>[ 419.432398] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.436768] lkdtm: Stack offset: 0 <6>[ 419.441448] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.445906] lkdtm: Stack offset: 0 <6>[ 419.450163] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.455130] lkdtm: Stack offset: 0 <6>[ 419.459342] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.464314] lkdtm: Stack offset: 0 <6>[ 419.468526] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.473501] lkdtm: Stack offset: 0 <6>[ 419.477656] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.482669] lkdtm: Stack offset: 0 <6>[ 419.486839] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.491842] lkdtm: Stack offset: 0 <6>[ 419.495999] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.501013] lkdtm: Stack offset: 0 <6>[ 419.505319] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.510174] lkdtm: Stack offset: 0 <6>[ 419.514321] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.519388] lkdtm: Stack offset: 0 <6>[ 419.523575] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.528552] lkdtm: Stack offset: 0 <6>[ 419.532705] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.537699] lkdtm: Stack offset: 0 <6>[ 419.541979] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.547001] lkdtm: Stack offset: 0 <6>[ 419.551165] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.556003] lkdtm: Stack offset: 0 <6>[ 419.560265] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.565297] lkdtm: Stack offset: 0 <6>[ 419.569573] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.574455] lkdtm: Stack offset: 0 <6>[ 419.578624] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.583644] lkdtm: Stack offset: 0 <6>[ 419.587814] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.592808] lkdtm: Stack offset: 0 <6>[ 419.596994] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.601935] lkdtm: Stack offset: 0 <6>[ 419.606250] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.611144] lkdtm: Stack offset: 0 <6>[ 419.615363] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.620328] lkdtm: Stack offset: 0 <6>[ 419.624532] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.629514] lkdtm: Stack offset: 0 <6>[ 419.633679] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.638674] lkdtm: Stack offset: 0 <6>[ 419.642895] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.647902] lkdtm: Stack offset: 0 <6>[ 419.652263] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.657034] lkdtm: Stack offset: 0 <6>[ 419.661382] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.666264] lkdtm: Stack offset: 0 <6>[ 419.670581] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.675418] lkdtm: Stack offset: 0 <6>[ 419.679703] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.684594] lkdtm: Stack offset: 0 <6>[ 419.688868] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.693781] lkdtm: Stack offset: 0 <6>[ 419.698133] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.702903] lkdtm: Stack offset: 0 <6>[ 419.707242] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.712121] lkdtm: Stack offset: 0 <6>[ 419.716421] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.721301] lkdtm: Stack offset: 0 <6>[ 419.725593] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.730468] lkdtm: Stack offset: 0 <6>[ 419.734761] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.739774] lkdtm: Stack offset: 0 <6>[ 419.744671] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.748891] lkdtm: Stack offset: 0 <6>[ 419.753732] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.758188] lkdtm: Stack offset: 0 <6>[ 419.762886] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.767288] lkdtm: Stack offset: 0 <6>[ 419.771954] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.776426] lkdtm: Stack offset: 0 <6>[ 419.780993] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.785562] lkdtm: Stack offset: 0 <6>[ 419.790390] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.794769] lkdtm: Stack offset: 0 <6>[ 419.799501] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.803976] lkdtm: Stack offset: 0 <6>[ 419.808671] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.813148] lkdtm: Stack offset: 0 <6>[ 419.817720] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.822499] lkdtm: Stack offset: 0 <6>[ 419.826908] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.831630] lkdtm: Stack offset: 0 <6>[ 419.836307] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.840680] lkdtm: Stack offset: 0 <6>[ 419.845438] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.849804] lkdtm: Stack offset: 0 <6>[ 419.854002] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.859027] lkdtm: Stack offset: 0 <6>[ 419.863334] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.868184] lkdtm: Stack offset: 0 <6>[ 419.872332] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.877399] lkdtm: Stack offset: 0 <6>[ 419.881579] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.886554] lkdtm: Stack offset: 0 <6>[ 419.890744] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.895741] lkdtm: Stack offset: 0 <6>[ 419.899952] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.904944] lkdtm: Stack offset: 0 <6>[ 419.909254] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.914102] lkdtm: Stack offset: 0 <6>[ 419.918257] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.923228] lkdtm: Stack offset: 0 <6>[ 419.927534] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.932406] lkdtm: Stack offset: 0 <6>[ 419.936653] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.941647] lkdtm: Stack offset: 0 <6>[ 419.945838] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.950817] lkdtm: Stack offset: 0 <6>[ 419.954998] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.959948] lkdtm: Stack offset: 0 <6>[ 419.964211] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.969174] lkdtm: Stack offset: 0 <6>[ 419.973379] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.978353] lkdtm: Stack offset: 0 <6>[ 419.982569] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.987548] lkdtm: Stack offset: 0 <6>[ 419.991706] lkdtm: Performing direct entry REPORT_STACK <6>[ 419.996740] lkdtm: Stack offset: 0 <6>[ 420.001416] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.005886] lkdtm: Stack offset: 0 <6>[ 420.009997] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.015022] lkdtm: Stack offset: 0 <6>[ 420.019328] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.024179] lkdtm: Stack offset: 0 <6>[ 420.028459] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.033430] lkdtm: Stack offset: 0 <6>[ 420.037600] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.042593] lkdtm: Stack offset: 0 <6>[ 420.046815] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.051739] lkdtm: Stack offset: 0 <6>[ 420.055990] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.060844] lkdtm: Stack offset: 0 <6>[ 420.065245] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.070127] lkdtm: Stack offset: 0 <6>[ 420.074449] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.079229] lkdtm: Stack offset: 0 <6>[ 420.083578] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.088474] lkdtm: Stack offset: 0 <6>[ 420.094651] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.098882] lkdtm: Stack offset: 0 <6>[ 420.103772] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.108139] lkdtm: Stack offset: 0 <6>[ 420.112842] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.117260] lkdtm: Stack offset: 0 <6>[ 420.122005] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.126476] lkdtm: Stack offset: 0 <6>[ 420.132107] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.136312] lkdtm: Stack offset: 0 <6>[ 420.141152] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.145569] lkdtm: Stack offset: 0 <6>[ 420.150542] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.154756] lkdtm: Stack offset: 0 <6>[ 420.159742] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.163998] lkdtm: Stack offset: 0 <6>[ 420.168738] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.173218] lkdtm: Stack offset: 0 <6>[ 420.177742] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.182403] lkdtm: Stack offset: 0 <6>[ 420.186984] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.191619] lkdtm: Stack offset: 0 <6>[ 420.196235] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.200713] lkdtm: Stack offset: 0 <6>[ 420.205453] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.209946] lkdtm: Stack offset: 0 <6>[ 420.214632] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.219123] lkdtm: Stack offset: 0 <6>[ 420.223730] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.228315] lkdtm: Stack offset: 0 <6>[ 420.232856] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.237430] lkdtm: Stack offset: 0 <6>[ 420.242016] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.246741] lkdtm: Stack offset: 0 <6>[ 420.250833] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.255855] lkdtm: Stack offset: 0 <6>[ 420.260018] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.264947] lkdtm: Stack offset: 0 <6>[ 420.269166] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.274128] lkdtm: Stack offset: 0 <6>[ 420.278345] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.283312] lkdtm: Stack offset: 0 <6>[ 420.287514] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.292485] lkdtm: Stack offset: 0 <6>[ 420.296627] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.301719] lkdtm: Stack offset: 0 <6>[ 420.305906] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.310895] lkdtm: Stack offset: 0 <6>[ 420.315144] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.320076] lkdtm: Stack offset: 0 <6>[ 420.324367] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.329245] lkdtm: Stack offset: 0 <6>[ 420.333461] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.338443] lkdtm: Stack offset: 0 <6>[ 420.342641] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.347636] lkdtm: Stack offset: 0 <6>[ 420.351915] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.356797] lkdtm: Stack offset: 0 <6>[ 420.360978] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.365979] lkdtm: Stack offset: 0 <6>[ 420.370259] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.375105] lkdtm: Stack offset: 0 <6>[ 420.379249] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.384347] lkdtm: Stack offset: 0 <6>[ 420.388591] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.393466] lkdtm: Stack offset: 0 <6>[ 420.397651] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.402652] lkdtm: Stack offset: 0 <6>[ 420.406841] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.411829] lkdtm: Stack offset: 0 <6>[ 420.416002] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.420974] lkdtm: Stack offset: 0 <6>[ 420.425205] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.430172] lkdtm: Stack offset: 0 <6>[ 420.434379] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.439350] lkdtm: Stack offset: 0 <6>[ 420.443548] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.448543] lkdtm: Stack offset: 0 <6>[ 420.452713] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.457705] lkdtm: Stack offset: 0 <6>[ 420.461933] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.466938] lkdtm: Stack offset: 0 <6>[ 420.471263] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.476075] lkdtm: Stack offset: 0 <6>[ 420.480431] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.485192] lkdtm: Stack offset: 0 <6>[ 420.489610] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.494393] lkdtm: Stack offset: 0 <6>[ 420.498679] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.503570] lkdtm: Stack offset: 0 <6>[ 420.507820] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.512936] lkdtm: Stack offset: 0 <6>[ 420.517450] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.521966] lkdtm: Stack offset: 0 <6>[ 420.526317] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.531116] lkdtm: Stack offset: 0 <6>[ 420.535436] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.540330] lkdtm: Stack offset: 0 <6>[ 420.545576] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.549839] lkdtm: Stack offset: 0 <6>[ 420.554708] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.559026] lkdtm: Stack offset: 0 <6>[ 420.563787] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.568260] lkdtm: Stack offset: 0 <6>[ 420.572945] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.577438] lkdtm: Stack offset: 0 <6>[ 420.582507] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.586736] lkdtm: Stack offset: 0 <6>[ 420.591556] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.596024] lkdtm: Stack offset: 0 <6>[ 420.600687] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.605143] lkdtm: Stack offset: 0 <6>[ 420.609851] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.614326] lkdtm: Stack offset: 0 <6>[ 420.618955] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.623514] lkdtm: Stack offset: 0 <6>[ 420.628161] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.632620] lkdtm: Stack offset: 0 <6>[ 420.637406] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.641859] lkdtm: Stack offset: 0 <6>[ 420.646540] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.651009] lkdtm: Stack offset: 0 <6>[ 420.655713] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.660179] lkdtm: Stack offset: 0 <6>[ 420.664704] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.669385] lkdtm: Stack offset: 0 <6>[ 420.673995] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.678575] lkdtm: Stack offset: 0 <6>[ 420.682739] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.687734] lkdtm: Stack offset: 0 <6>[ 420.691924] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.696913] lkdtm: Stack offset: 0 <6>[ 420.701180] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.706022] lkdtm: Stack offset: 0 <6>[ 420.710313] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.715262] lkdtm: Stack offset: 0 <6>[ 420.719398] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.724479] lkdtm: Stack offset: 0 <6>[ 420.728637] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.733632] lkdtm: Stack offset: 0 <6>[ 420.737844] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.742827] lkdtm: Stack offset: 0 <6>[ 420.746993] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.751928] lkdtm: Stack offset: 0 <6>[ 420.756247] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.761110] lkdtm: Stack offset: 0 <6>[ 420.765423] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.770303] lkdtm: Stack offset: 0 <6>[ 420.774510] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.779494] lkdtm: Stack offset: 0 <6>[ 420.783647] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.788793] lkdtm: Stack offset: 0 <6>[ 420.792880] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.797880] lkdtm: Stack offset: 0 <6>[ 420.802192] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.807079] lkdtm: Stack offset: 0 <6>[ 420.811240] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.816214] lkdtm: Stack offset: 0 <6>[ 420.820428] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.825405] lkdtm: Stack offset: 0 <6>[ 420.829578] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.834563] lkdtm: Stack offset: 0 <6>[ 420.838709] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.843789] lkdtm: Stack offset: 0 <6>[ 420.847969] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.852983] lkdtm: Stack offset: 0 <6>[ 420.857267] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.862011] lkdtm: Stack offset: 0 <6>[ 420.866301] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.871282] lkdtm: Stack offset: 0 <6>[ 420.875583] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.880458] lkdtm: Stack offset: 0 <6>[ 420.884716] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.889638] lkdtm: Stack offset: 0 <6>[ 420.893863] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.898849] lkdtm: Stack offset: 0 <6>[ 420.903182] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.907975] lkdtm: Stack offset: 0 <6>[ 420.912319] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.917197] lkdtm: Stack offset: 0 <6>[ 420.921540] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.926342] lkdtm: Stack offset: 0 <6>[ 420.932395] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.936607] lkdtm: Stack offset: 0 <6>[ 420.941514] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.945893] lkdtm: Stack offset: 0 <6>[ 420.950629] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.955098] lkdtm: Stack offset: 0 <6>[ 420.959754] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.964221] lkdtm: Stack offset: 0 <6>[ 420.969156] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.973371] lkdtm: Stack offset: 0 <6>[ 420.978339] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.982558] lkdtm: Stack offset: 0 <6>[ 420.987454] lkdtm: Performing direct entry REPORT_STACK <6>[ 420.991790] lkdtm: Stack offset: 0 <6>[ 420.998305] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.002514] lkdtm: Stack offset: 0 <6>[ 421.007449] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.011817] lkdtm: Stack offset: 0 <6>[ 421.016440] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.020947] lkdtm: Stack offset: 0 <6>[ 421.025734] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.030141] lkdtm: Stack offset: 0 <6>[ 421.034766] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.039245] lkdtm: Stack offset: 0 <6>[ 421.043894] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.048475] lkdtm: Stack offset: 0 <6>[ 421.053023] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.057590] lkdtm: Stack offset: 0 <6>[ 421.062285] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.066726] lkdtm: Stack offset: 0 <6>[ 421.071488] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.075942] lkdtm: Stack offset: 0 <6>[ 421.080655] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.085268] lkdtm: Stack offset: 0 <6>[ 421.089780] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.094409] lkdtm: Stack offset: 0 <6>[ 421.098887] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.103471] lkdtm: Stack offset: 0 <6>[ 421.107990] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.112697] lkdtm: Stack offset: 0 <6>[ 421.116905] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.121883] lkdtm: Stack offset: 0 <6>[ 421.126141] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.130982] lkdtm: Stack offset: 0 <6>[ 421.135261] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.140236] lkdtm: Stack offset: 0 <6>[ 421.144455] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.149341] lkdtm: Stack offset: 0 <6>[ 421.153615] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.158633] lkdtm: Stack offset: 0 <6>[ 421.162705] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.167701] lkdtm: Stack offset: 0 <6>[ 421.171892] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.176873] lkdtm: Stack offset: 0 <6>[ 421.181246] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.186101] lkdtm: Stack offset: 0 <6>[ 421.190255] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.195233] lkdtm: Stack offset: 0 <6>[ 421.199553] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.204496] lkdtm: Stack offset: 0 <6>[ 421.208713] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.213631] lkdtm: Stack offset: 0 <6>[ 421.217805] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.222805] lkdtm: Stack offset: 0 <6>[ 421.226993] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.231929] lkdtm: Stack offset: 0 <6>[ 421.236249] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.241112] lkdtm: Stack offset: 0 <6>[ 421.245398] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.250376] lkdtm: Stack offset: 0 <6>[ 421.254572] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.259555] lkdtm: Stack offset: 0 <6>[ 421.263713] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.268709] lkdtm: Stack offset: 0 <6>[ 421.272890] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.277897] lkdtm: Stack offset: 0 <6>[ 421.282162] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.287021] lkdtm: Stack offset: 0 <6>[ 421.291337] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.296217] lkdtm: Stack offset: 0 <6>[ 421.300512] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.305378] lkdtm: Stack offset: 0 <6>[ 421.309659] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.314547] lkdtm: Stack offset: 0 <6>[ 421.318783] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.323784] lkdtm: Stack offset: 0 <6>[ 421.328032] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.332874] lkdtm: Stack offset: 0 <6>[ 421.337308] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.342180] lkdtm: Stack offset: 0 <6>[ 421.346662] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.351349] lkdtm: Stack offset: 0 <6>[ 421.355585] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.360472] lkdtm: Stack offset: 0 <6>[ 421.364736] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.369657] lkdtm: Stack offset: 0 <6>[ 421.373902] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.378815] lkdtm: Stack offset: 0 <6>[ 421.383652] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.387970] lkdtm: Stack offset: 0 <6>[ 421.392327] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.397124] lkdtm: Stack offset: 0 <6>[ 421.401437] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.406325] lkdtm: Stack offset: 0 <6>[ 421.410626] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.415533] lkdtm: Stack offset: 0 <6>[ 421.419750] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.424747] lkdtm: Stack offset: 0 <6>[ 421.428949] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.433857] lkdtm: Stack offset: 0 <6>[ 421.438129] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.442992] lkdtm: Stack offset: 0 <6>[ 421.447332] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.452186] lkdtm: Stack offset: 0 <6>[ 421.456511] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.461441] lkdtm: Stack offset: 0 <6>[ 421.465640] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.470620] lkdtm: Stack offset: 0 <6>[ 421.474792] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.479870] lkdtm: Stack offset: 0 <6>[ 421.484381] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.488950] lkdtm: Stack offset: 0 <6>[ 421.493630] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.498118] lkdtm: Stack offset: 0 <6>[ 421.502783] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.507246] lkdtm: Stack offset: 0 <6>[ 421.511936] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.516418] lkdtm: Stack offset: 0 <6>[ 421.521190] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.525638] lkdtm: Stack offset: 0 <6>[ 421.529768] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.534869] lkdtm: Stack offset: 0 <6>[ 421.539139] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.543985] lkdtm: Stack offset: 0 <6>[ 421.548170] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.553137] lkdtm: Stack offset: 0 <6>[ 421.557449] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.562320] lkdtm: Stack offset: 0 <6>[ 421.566533] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.571511] lkdtm: Stack offset: 0 <6>[ 421.575699] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.580694] lkdtm: Stack offset: 0 <6>[ 421.584883] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.589877] lkdtm: Stack offset: 0 <6>[ 421.594137] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.598982] lkdtm: Stack offset: 0 <6>[ 421.603263] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.608239] lkdtm: Stack offset: 0 <6>[ 421.612493] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.617366] lkdtm: Stack offset: 0 <6>[ 421.621627] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.626623] lkdtm: Stack offset: 0 <6>[ 421.630831] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.635717] lkdtm: Stack offset: 0 <6>[ 421.640012] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.644871] lkdtm: Stack offset: 0 <6>[ 421.649177] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.654139] lkdtm: Stack offset: 0 <6>[ 421.658345] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.663392] lkdtm: Stack offset: 0 <6>[ 421.667735] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.672419] lkdtm: Stack offset: 0 <6>[ 421.676677] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.681666] lkdtm: Stack offset: 0 <6>[ 421.685930] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.690856] lkdtm: Stack offset: 0 <6>[ 421.695177] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.699960] lkdtm: Stack offset: 0 <6>[ 421.706463] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.710648] lkdtm: Stack offset: 0 <6>[ 421.715033] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.719989] lkdtm: Stack offset: 0 <6>[ 421.724228] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.729016] lkdtm: Stack offset: 0 <6>[ 421.733338] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.738336] lkdtm: Stack offset: 0 <6>[ 421.743836] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.748071] lkdtm: Stack offset: 0 <6>[ 421.752851] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.757254] lkdtm: Stack offset: 0 <6>[ 421.761989] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.766430] lkdtm: Stack offset: 0 <6>[ 421.771448] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.775633] lkdtm: Stack offset: 0 <6>[ 421.780585] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.784873] lkdtm: Stack offset: 0 <6>[ 421.789734] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.794067] lkdtm: Stack offset: 0 <6>[ 421.798787] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.803181] lkdtm: Stack offset: 0 <6>[ 421.807821] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.812391] lkdtm: Stack offset: 0 <6>[ 421.816873] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.821524] lkdtm: Stack offset: 0 <6>[ 421.825884] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.830752] lkdtm: Stack offset: 0 <6>[ 421.837685] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.841912] lkdtm: Stack offset: 0 <6>[ 421.846785] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.851441] lkdtm: Stack offset: 0 <6>[ 421.858866] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.863115] lkdtm: Stack offset: 0 <6>[ 421.867768] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.872210] lkdtm: Stack offset: 0 <6>[ 421.876908] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.881478] lkdtm: Stack offset: 0 <6>[ 421.885982] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.890721] lkdtm: Stack offset: 0 <6>[ 421.895141] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.899951] lkdtm: Stack offset: 0 <6>[ 421.904141] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.909000] lkdtm: Stack offset: 0 <6>[ 421.913227] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.918196] lkdtm: Stack offset: 0 <6>[ 421.922424] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.927393] lkdtm: Stack offset: 0 <6>[ 421.931587] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.936564] lkdtm: Stack offset: 0 <6>[ 421.940734] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.945733] lkdtm: Stack offset: 0 <6>[ 421.949926] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.954953] lkdtm: Stack offset: 0 <6>[ 421.959238] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.964100] lkdtm: Stack offset: 0 <6>[ 421.968283] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.973252] lkdtm: Stack offset: 0 <6>[ 421.977474] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.982474] lkdtm: Stack offset: 0 <6>[ 421.986663] lkdtm: Performing direct entry REPORT_STACK <6>[ 421.991652] lkdtm: Stack offset: 0 <6>[ 421.995848] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.000827] lkdtm: Stack offset: 0 <6>[ 422.005011] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.009964] lkdtm: Stack offset: 0 <6>[ 422.014192] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.019180] lkdtm: Stack offset: 0 <6>[ 422.023399] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.028371] lkdtm: Stack offset: 0 <6>[ 422.032576] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.037555] lkdtm: Stack offset: 0 <6>[ 422.041719] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.046755] lkdtm: Stack offset: 0 <6>[ 422.051422] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.055898] lkdtm: Stack offset: 0 <6>[ 422.060018] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.065067] lkdtm: Stack offset: 0 <6>[ 422.069303] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.074270] lkdtm: Stack offset: 0 <6>[ 422.078494] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.083393] lkdtm: Stack offset: 0 <6>[ 422.087596] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.092577] lkdtm: Stack offset: 0 <6>[ 422.096746] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.101837] lkdtm: Stack offset: 0 <6>[ 422.106031] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.111018] lkdtm: Stack offset: 0 <6>[ 422.115358] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.120179] lkdtm: Stack offset: 0 <6>[ 422.124566] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.129403] lkdtm: Stack offset: 0 <6>[ 422.133681] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.138516] lkdtm: Stack offset: 0 <6>[ 422.142857] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.147839] lkdtm: Stack offset: 0 <6>[ 422.152702] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.156916] lkdtm: Stack offset: 0 <6>[ 422.161744] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.166133] lkdtm: Stack offset: 0 <6>[ 422.170925] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.175320] lkdtm: Stack offset: 0 <6>[ 422.180590] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.184798] lkdtm: Stack offset: 0 <6>[ 422.189638] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.194072] lkdtm: Stack offset: 0 <6>[ 422.198786] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.203231] lkdtm: Stack offset: 0 <6>[ 422.207995] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.212426] lkdtm: Stack offset: 0 <6>[ 422.218144] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.222306] lkdtm: Stack offset: 0 <6>[ 422.227242] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.231606] lkdtm: Stack offset: 0 <6>[ 422.236373] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.240720] lkdtm: Stack offset: 0 <6>[ 422.245357] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.249915] lkdtm: Stack offset: 0 <6>[ 422.254589] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.259113] lkdtm: Stack offset: 0 <6>[ 422.263731] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.268318] lkdtm: Stack offset: 0 <6>[ 422.272932] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.277413] lkdtm: Stack offset: 0 <6>[ 422.282026] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.286585] lkdtm: Stack offset: 0 <6>[ 422.290907] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.295827] lkdtm: Stack offset: 0 <6>[ 422.300138] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.304997] lkdtm: Stack offset: 0 <6>[ 422.309264] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.314143] lkdtm: Stack offset: 0 <6>[ 422.318367] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.323340] lkdtm: Stack offset: 0 <6>[ 422.327554] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.332527] lkdtm: Stack offset: 0 <6>[ 422.336694] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.341692] lkdtm: Stack offset: 0 <6>[ 422.345890] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.350872] lkdtm: Stack offset: 0 <6>[ 422.355146] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.360001] lkdtm: Stack offset: 0 <6>[ 422.364435] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.369198] lkdtm: Stack offset: 0 <6>[ 422.373485] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.378367] lkdtm: Stack offset: 0 <6>[ 422.382653] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.387647] lkdtm: Stack offset: 0 <6>[ 422.391843] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.396723] lkdtm: Stack offset: 0 <6>[ 422.401009] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.405947] lkdtm: Stack offset: 0 <6>[ 422.410182] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.415149] lkdtm: Stack offset: 0 <6>[ 422.419377] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.424375] lkdtm: Stack offset: 0 <6>[ 422.428531] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.433509] lkdtm: Stack offset: 0 <6>[ 422.437700] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.442696] lkdtm: Stack offset: 0 <6>[ 422.446894] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.451878] lkdtm: Stack offset: 0 <6>[ 422.456150] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.461030] lkdtm: Stack offset: 0 <6>[ 422.465333] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.470191] lkdtm: Stack offset: 0 <6>[ 422.474358] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.479337] lkdtm: Stack offset: 0 <6>[ 422.483618] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.488621] lkdtm: Stack offset: 0 <6>[ 422.492821] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.497701] lkdtm: Stack offset: 0 <6>[ 422.502133] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.506890] lkdtm: Stack offset: 0 <6>[ 422.511131] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.516128] lkdtm: Stack offset: 0 <6>[ 422.520465] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.525224] lkdtm: Stack offset: 0 <6>[ 422.529635] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.534417] lkdtm: Stack offset: 0 <6>[ 422.538682] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.543652] lkdtm: Stack offset: 0 <6>[ 422.547908] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.552825] lkdtm: Stack offset: 0 <6>[ 422.557177] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.561976] lkdtm: Stack offset: 0 <6>[ 422.566508] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.571170] lkdtm: Stack offset: 0 <6>[ 422.575882] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.580388] lkdtm: Stack offset: 0 <6>[ 422.584676] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.589568] lkdtm: Stack offset: 0 <6>[ 422.593839] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.598849] lkdtm: Stack offset: 0 <6>[ 422.603287] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.607969] lkdtm: Stack offset: 0 <6>[ 422.612252] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.617069] lkdtm: Stack offset: 0 <6>[ 422.621389] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.626149] lkdtm: Stack offset: 0 <6>[ 422.631895] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.636139] lkdtm: Stack offset: 0 <6>[ 422.640891] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.645350] lkdtm: Stack offset: 0 <6>[ 422.650009] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.654435] lkdtm: Stack offset: 0 <6>[ 422.659249] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.663733] lkdtm: Stack offset: 0 <6>[ 422.668466] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.672842] lkdtm: Stack offset: 0 <6>[ 422.677562] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.682074] lkdtm: Stack offset: 0 <6>[ 422.686741] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.691224] lkdtm: Stack offset: 0 <6>[ 422.695823] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.700599] lkdtm: Stack offset: 0 <6>[ 422.705002] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.709623] lkdtm: Stack offset: 0 <6>[ 422.713737] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.718738] lkdtm: Stack offset: 0 <6>[ 422.722938] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.727918] lkdtm: Stack offset: 0 <6>[ 422.732205] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.737066] lkdtm: Stack offset: 0 <6>[ 422.741228] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.746295] lkdtm: Stack offset: 0 <6>[ 422.750525] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.755397] lkdtm: Stack offset: 0 <6>[ 422.759699] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.764603] lkdtm: Stack offset: 0 <6>[ 422.768813] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.773811] lkdtm: Stack offset: 0 <6>[ 422.778001] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.782935] lkdtm: Stack offset: 0 <6>[ 422.787269] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.792134] lkdtm: Stack offset: 0 <6>[ 422.796355] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.801327] lkdtm: Stack offset: 0 <6>[ 422.805538] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.810515] lkdtm: Stack offset: 0 <6>[ 422.814673] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.819669] lkdtm: Stack offset: 0 <6>[ 422.823893] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.828882] lkdtm: Stack offset: 0 <6>[ 422.833166] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.838008] lkdtm: Stack offset: 0 <6>[ 422.842293] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.847326] lkdtm: Stack offset: 0 <6>[ 422.851541] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.856424] lkdtm: Stack offset: 0 <6>[ 422.860598] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.865586] lkdtm: Stack offset: 0 <6>[ 422.869810] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.874794] lkdtm: Stack offset: 0 <6>[ 422.879021] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.883873] lkdtm: Stack offset: 0 <6>[ 422.888230] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.893115] lkdtm: Stack offset: 0 <6>[ 422.897343] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.902314] lkdtm: Stack offset: 0 <6>[ 422.906520] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.911503] lkdtm: Stack offset: 0 <6>[ 422.915671] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.920671] lkdtm: Stack offset: 0 <6>[ 422.924914] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.929813] lkdtm: Stack offset: 0 <6>[ 422.934197] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.938982] lkdtm: Stack offset: 0 <6>[ 422.943294] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.948173] lkdtm: Stack offset: 0 <6>[ 422.952612] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.957401] lkdtm: Stack offset: 0 <6>[ 422.961694] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.966582] lkdtm: Stack offset: 0 <6>[ 422.970826] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.975741] lkdtm: Stack offset: 0 <6>[ 422.980014] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.984964] lkdtm: Stack offset: 0 <6>[ 422.990285] lkdtm: Performing direct entry REPORT_STACK <6>[ 422.994478] lkdtm: Stack offset: 0 <6>[ 422.998850] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.003759] lkdtm: Stack offset: 0 <6>[ 423.008106] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.012886] lkdtm: Stack offset: 0 <6>[ 423.017993] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.022347] lkdtm: Stack offset: 0 <6>[ 423.027220] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.031629] lkdtm: Stack offset: 0 <6>[ 423.041558] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.045784] lkdtm: Stack offset: 0 <6>[ 423.050689] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.055312] lkdtm: Stack offset: 0 <6>[ 423.059760] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.064127] lkdtm: Stack offset: 0 <6>[ 423.069133] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.073260] lkdtm: Stack offset: 0 <6>[ 423.077616] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.082501] lkdtm: Stack offset: 0 <6>[ 423.086692] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.091751] lkdtm: Stack offset: 0 <6>[ 423.096269] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.100910] lkdtm: Stack offset: 0 <6>[ 423.104975] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.110108] lkdtm: Stack offset: 0 <6>[ 423.114259] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.119195] lkdtm: Stack offset: 0 <6>[ 423.123395] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.128430] lkdtm: Stack offset: 0 <6>[ 423.132534] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.137594] lkdtm: Stack offset: 0 <6>[ 423.141690] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.146747] lkdtm: Stack offset: 0 <6>[ 423.150915] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.155969] lkdtm: Stack offset: 0 <6>[ 423.160022] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.165114] lkdtm: Stack offset: 0 <6>[ 423.169322] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.174293] lkdtm: Stack offset: 0 <6>[ 423.178484] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.183529] lkdtm: Stack offset: 0 <6>[ 423.187575] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.192634] lkdtm: Stack offset: 0 <6>[ 423.196785] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.201836] lkdtm: Stack offset: 0 <6>[ 423.206030] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.211022] lkdtm: Stack offset: 0 <6>[ 423.215176] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.220202] lkdtm: Stack offset: 0 <6>[ 423.224385] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.229428] lkdtm: Stack offset: 0 <6>[ 423.233504] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.238578] lkdtm: Stack offset: 0 <6>[ 423.242640] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.247825] lkdtm: Stack offset: 0 <6>[ 423.251889] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.256980] lkdtm: Stack offset: 0 <6>[ 423.261148] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.266096] lkdtm: Stack offset: 0 <6>[ 423.270298] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.275239] lkdtm: Stack offset: 0 <6>[ 423.279429] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.284478] lkdtm: Stack offset: 0 <6>[ 423.288542] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.293596] lkdtm: Stack offset: 0 <6>[ 423.297739] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.302834] lkdtm: Stack offset: 0 <6>[ 423.306895] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.312078] lkdtm: Stack offset: 0 <6>[ 423.316207] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.321140] lkdtm: Stack offset: 0 <6>[ 423.325592] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.330351] lkdtm: Stack offset: 0 <6>[ 423.334574] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.339544] lkdtm: Stack offset: 0 <6>[ 423.343620] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.348692] lkdtm: Stack offset: 0 <6>[ 423.352853] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.357916] lkdtm: Stack offset: 0 <6>[ 423.361960] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.367149] lkdtm: Stack offset: 0 <6>[ 423.371284] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.376225] lkdtm: Stack offset: 0 <6>[ 423.380485] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.385438] lkdtm: Stack offset: 0 <6>[ 423.389525] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.394591] lkdtm: Stack offset: 0 <6>[ 423.398974] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.403849] lkdtm: Stack offset: 0 <6>[ 423.407938] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.413006] lkdtm: Stack offset: 0 <6>[ 423.417135] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.422162] lkdtm: Stack offset: 0 <6>[ 423.426281] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.431343] lkdtm: Stack offset: 0 <6>[ 423.435436] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.440479] lkdtm: Stack offset: 0 <6>[ 423.444636] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.449685] lkdtm: Stack offset: 0 <6>[ 423.453766] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.458815] lkdtm: Stack offset: 0 <6>[ 423.462969] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.468032] lkdtm: Stack offset: 0 <6>[ 423.472157] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.477180] lkdtm: Stack offset: 0 <6>[ 423.481372] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.486417] lkdtm: Stack offset: 0 <6>[ 423.490496] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.495571] lkdtm: Stack offset: 0 <6>[ 423.499628] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.504786] lkdtm: Stack offset: 0 <6>[ 423.508844] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.513894] lkdtm: Stack offset: 0 <6>[ 423.518141] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.523081] lkdtm: Stack offset: 0 <6>[ 423.527975] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.532357] lkdtm: Stack offset: 0 <6>[ 423.536500] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.541449] lkdtm: Stack offset: 0 <6>[ 423.545613] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.550670] lkdtm: Stack offset: 0 <6>[ 423.554721] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.559927] lkdtm: Stack offset: 0 <6>[ 423.563904] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.569081] lkdtm: Stack offset: 0 <6>[ 423.573208] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.578142] lkdtm: Stack offset: 0 <6>[ 423.582336] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.587381] lkdtm: Stack offset: 0 <6>[ 423.591461] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.596506] lkdtm: Stack offset: 0 <6>[ 423.600649] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.605704] lkdtm: Stack offset: 0 <6>[ 423.609851] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.614900] lkdtm: Stack offset: 0 <6>[ 423.618949] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.624160] lkdtm: Stack offset: 0 <6>[ 423.628289] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.633224] lkdtm: Stack offset: 0 <6>[ 423.637399] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.642439] lkdtm: Stack offset: 0 <6>[ 423.646508] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.651660] lkdtm: Stack offset: 0 <6>[ 423.655700] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.660769] lkdtm: Stack offset: 0 <6>[ 423.664918] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.669970] lkdtm: Stack offset: 0 <6>[ 423.674196] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.679128] lkdtm: Stack offset: 0 <6>[ 423.683317] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.688375] lkdtm: Stack offset: 0 <6>[ 423.692456] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.697502] lkdtm: Stack offset: 0 <6>[ 423.701649] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.706703] lkdtm: Stack offset: 0 <6>[ 423.710752] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.715898] lkdtm: Stack offset: 0 <6>[ 423.719947] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.725123] lkdtm: Stack offset: 0 <6>[ 423.729233] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.734163] lkdtm: Stack offset: 0 <6>[ 423.738352] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.743386] lkdtm: Stack offset: 0 <6>[ 423.747549] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.752633] lkdtm: Stack offset: 0 <6>[ 423.756697] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.761749] lkdtm: Stack offset: 0 <6>[ 423.765917] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.770967] lkdtm: Stack offset: 0 <6>[ 423.775020] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.780125] lkdtm: Stack offset: 0 <6>[ 423.784241] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.789275] lkdtm: Stack offset: 0 <6>[ 423.793449] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.798477] lkdtm: Stack offset: 0 <6>[ 423.802537] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.807688] lkdtm: Stack offset: 0 <6>[ 423.811733] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.816819] lkdtm: Stack offset: 0 <6>[ 423.820885] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.826069] lkdtm: Stack offset: 0 <6>[ 423.830227] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.835163] lkdtm: Stack offset: 0 <6>[ 423.839347] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.844390] lkdtm: Stack offset: 0 <6>[ 423.848500] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.853527] lkdtm: Stack offset: 0 <6>[ 423.857564] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.862717] lkdtm: Stack offset: 0 <6>[ 423.866768] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.871933] lkdtm: Stack offset: 0 <6>[ 423.875993] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.881098] lkdtm: Stack offset: 0 <6>[ 423.885273] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.890208] lkdtm: Stack offset: 0 <6>[ 423.894406] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.899449] lkdtm: Stack offset: 0 <6>[ 423.903522] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.908572] lkdtm: Stack offset: 0 <6>[ 423.912755] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.917815] lkdtm: Stack offset: 0 <6>[ 423.921883] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.926933] lkdtm: Stack offset: 0 <6>[ 423.931162] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.936090] lkdtm: Stack offset: 0 <6>[ 423.940309] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.945275] lkdtm: Stack offset: 0 <6>[ 423.949474] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.954520] lkdtm: Stack offset: 0 <6>[ 423.958566] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.963714] lkdtm: Stack offset: 0 <6>[ 423.967786] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.972852] lkdtm: Stack offset: 0 <6>[ 423.976910] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.982087] lkdtm: Stack offset: 0 <6>[ 423.986200] lkdtm: Performing direct entry REPORT_STACK <6>[ 423.991231] lkdtm: Stack offset: 0 <6>[ 423.995316] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.000355] lkdtm: Stack offset: 0 <6>[ 424.004524] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.009597] lkdtm: Stack offset: 0 <6>[ 424.013667] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.018723] lkdtm: Stack offset: 0 <6>[ 424.022867] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.027917] lkdtm: Stack offset: 0 <6>[ 424.032143] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.037081] lkdtm: Stack offset: 0 <6>[ 424.041299] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.046238] lkdtm: Stack offset: 0 <6>[ 424.050427] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.055475] lkdtm: Stack offset: 0 <6>[ 424.059530] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.064680] lkdtm: Stack offset: 0 <6>[ 424.068723] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.073904] lkdtm: Stack offset: 0 <6>[ 424.077991] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.083066] lkdtm: Stack offset: 0 <6>[ 424.087190] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.092166] lkdtm: Stack offset: 0 <6>[ 424.096718] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.101369] lkdtm: Stack offset: 0 <6>[ 424.105473] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.110524] lkdtm: Stack offset: 0 <6>[ 424.114675] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.119730] lkdtm: Stack offset: 0 <6>[ 424.123789] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.128939] lkdtm: Stack offset: 0 <6>[ 424.132989] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.138094] lkdtm: Stack offset: 0 <6>[ 424.142214] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.147243] lkdtm: Stack offset: 0 <6>[ 424.151438] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.156385] lkdtm: Stack offset: 0 <6>[ 424.160540] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.165594] lkdtm: Stack offset: 0 <6>[ 424.169740] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.174790] lkdtm: Stack offset: 0 <6>[ 424.178829] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.184005] lkdtm: Stack offset: 0 <6>[ 424.188143] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.193167] lkdtm: Stack offset: 0 <6>[ 424.197270] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.202329] lkdtm: Stack offset: 0 <6>[ 424.206415] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.211456] lkdtm: Stack offset: 0 <6>[ 424.215602] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.220677] lkdtm: Stack offset: 0 <6>[ 424.224832] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.229881] lkdtm: Stack offset: 0 <6>[ 424.233926] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.239103] lkdtm: Stack offset: 0 <6>[ 424.243213] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.248243] lkdtm: Stack offset: 0 <6>[ 424.252328] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.257368] lkdtm: Stack offset: 0 <6>[ 424.261530] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.266615] lkdtm: Stack offset: 0 <6>[ 424.270672] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.275719] lkdtm: Stack offset: 0 <6>[ 424.279863] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.284933] lkdtm: Stack offset: 0 <6>[ 424.289157] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.294103] lkdtm: Stack offset: 0 <6>[ 424.298316] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.303262] lkdtm: Stack offset: 0 <6>[ 424.307468] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.312514] lkdtm: Stack offset: 0 <6>[ 424.316561] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.321716] lkdtm: Stack offset: 0 <6>[ 424.325759] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.330839] lkdtm: Stack offset: 0 <6>[ 424.334998] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.339990] lkdtm: Stack offset: 0 <6>[ 424.344209] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.349279] lkdtm: Stack offset: 0 <6>[ 424.353609] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.358369] lkdtm: Stack offset: 0 <6>[ 424.362594] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.367555] lkdtm: Stack offset: 0 <6>[ 424.371719] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.376768] lkdtm: Stack offset: 0 <6>[ 424.380814] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.385962] lkdtm: Stack offset: 0 <6>[ 424.390110] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.395159] lkdtm: Stack offset: 0 <6>[ 424.399310] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.404245] lkdtm: Stack offset: 0 <6>[ 424.408440] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.413688] lkdtm: Stack offset: 0 <6>[ 424.417608] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.422674] lkdtm: Stack offset: 0 <6>[ 424.426737] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.431892] lkdtm: Stack offset: 0 <6>[ 424.435951] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.441005] lkdtm: Stack offset: 0 <6>[ 424.445229] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.450158] lkdtm: Stack offset: 0 <6>[ 424.454348] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.459422] lkdtm: Stack offset: 0 <6>[ 424.463510] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.468554] lkdtm: Stack offset: 0 <6>[ 424.472704] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.477755] lkdtm: Stack offset: 0 <6>[ 424.481808] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.486957] lkdtm: Stack offset: 0 <6>[ 424.491006] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.496118] lkdtm: Stack offset: 0 <6>[ 424.500239] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.505269] lkdtm: Stack offset: 0 <6>[ 424.509440] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.514483] lkdtm: Stack offset: 0 <6>[ 424.518555] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.523619] lkdtm: Stack offset: 0 <6>[ 424.527794] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.532843] lkdtm: Stack offset: 0 <6>[ 424.536891] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.542069] lkdtm: Stack offset: 0 <6>[ 424.546185] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.551812] lkdtm: Stack offset: 0 <6>[ 424.555441] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.560394] lkdtm: Stack offset: 0 <6>[ 424.564516] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.569567] lkdtm: Stack offset: 0 <6>[ 424.573619] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.578773] lkdtm: Stack offset: 0 <6>[ 424.582832] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.587919] lkdtm: Stack offset: 0 <6>[ 424.591982] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.597152] lkdtm: Stack offset: 0 <6>[ 424.601288] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.606242] lkdtm: Stack offset: 0 <6>[ 424.610437] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.615481] lkdtm: Stack offset: 0 <6>[ 424.619540] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.624595] lkdtm: Stack offset: 0 <6>[ 424.628738] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.633783] lkdtm: Stack offset: 0 <6>[ 424.637933] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.642984] lkdtm: Stack offset: 0 <6>[ 424.647035] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.652168] lkdtm: Stack offset: 0 <6>[ 424.656305] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.661330] lkdtm: Stack offset: 0 <6>[ 424.665498] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.670541] lkdtm: Stack offset: 0 <6>[ 424.674582] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.679733] lkdtm: Stack offset: 0 <6>[ 424.683806] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.688862] lkdtm: Stack offset: 0 <6>[ 424.692921] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.698103] lkdtm: Stack offset: 0 <6>[ 424.702261] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.707199] lkdtm: Stack offset: 0 <6>[ 424.711405] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.716370] lkdtm: Stack offset: 0 <6>[ 424.720550] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.725605] lkdtm: Stack offset: 0 <6>[ 424.729658] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.734805] lkdtm: Stack offset: 0 <6>[ 424.738859] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.743906] lkdtm: Stack offset: 0 <6>[ 424.748133] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.753071] lkdtm: Stack offset: 0 <6>[ 424.757279] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.762491] lkdtm: Stack offset: 0 <6>[ 424.766434] lkdtm: Performing direct entry REPORT_STACK <6>[ 424.771468] lkdtm: Stack offset: 0 # Bits of stack entropy: 1 # Stack entropy is low! Booted without 'randomize_kstack_offset=y'? not ok 86 selftests: lkdtm: stack-entropy.sh # exit=1 lkdtm_PANIC_sh skip lkdtm_PANIC_STOP_IRQOFF_sh skip lkdtm_BUG_sh pass lkdtm_WARNING_sh pass lkdtm_WARNING_MESSAGE_sh pass lkdtm_EXCEPTION_sh pass lkdtm_LOOP_sh skip lkdtm_EXHAUST_STACK_sh skip lkdtm_CORRUPT_STACK_sh skip lkdtm_CORRUPT_STACK_STRONG_sh skip lkdtm_ARRAY_BOUNDS_sh pass lkdtm_CORRUPT_LIST_ADD_sh pass lkdtm_CORRUPT_LIST_DEL_sh pass lkdtm_STACK_GUARD_PAGE_LEADING_sh pass lkdtm_STACK_GUARD_PAGE_TRAILING_sh pass lkdtm_REPORT_STACK_CANARY_sh pass lkdtm_UNSET_SMEP_sh skip lkdtm_DOUBLE_FAULT_sh skip lkdtm_CORRUPT_PAC_sh skip lkdtm_UNALIGNED_LOAD_STORE_WRITE_sh skip lkdtm_SLAB_LINEAR_OVERFLOW_sh pass lkdtm_VMALLOC_LINEAR_OVERFLOW_sh pass lkdtm_WRITE_AFTER_FREE_sh skip lkdtm_READ_AFTER_FREE_sh pass lkdtm_WRITE_BUDDY_AFTER_FREE_sh skip lkdtm_READ_BUDDY_AFTER_FREE_sh pass lkdtm_SLAB_INIT_ON_ALLOC_sh pass lkdtm_BUDDY_INIT_ON_ALLOC_sh pass lkdtm_SLAB_FREE_DOUBLE_sh pass lkdtm_SLAB_FREE_CROSS_sh pass lkdtm_SLAB_FREE_PAGE_sh pass lkdtm_SOFTLOCKUP_sh skip lkdtm_HARDLOCKUP_sh skip lkdtm_SMP_CALL_LOCKUP_sh skip lkdtm_SPINLOCKUP_sh skip lkdtm_HUNG_TASK_sh skip lkdtm_EXEC_DATA_sh pass lkdtm_EXEC_STACK_sh pass lkdtm_EXEC_KMALLOC_sh pass lkdtm_EXEC_VMALLOC_sh pass lkdtm_EXEC_RODATA_sh pass lkdtm_EXEC_USERSPACE_sh pass lkdtm_EXEC_NULL_sh pass lkdtm_ACCESS_USERSPACE_sh pass lkdtm_ACCESS_NULL_sh pass lkdtm_WRITE_RO_sh pass lkdtm_WRITE_RO_AFTER_INIT_sh pass lkdtm_WRITE_KERN_sh pass lkdtm_WRITE_OPD_sh skip lkdtm_REFCOUNT_INC_OVERFLOW_sh pass lkdtm_REFCOUNT_ADD_OVERFLOW_sh pass lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW_sh pass lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW_sh pass lkdtm_REFCOUNT_DEC_ZERO_sh pass lkdtm_REFCOUNT_DEC_NEGATIVE_sh pass lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE_sh pass lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE_sh pass lkdtm_REFCOUNT_INC_ZERO_sh pass lkdtm_REFCOUNT_ADD_ZERO_sh pass lkdtm_REFCOUNT_INC_SATURATED_sh pass lkdtm_REFCOUNT_DEC_SATURATED_sh pass lkdtm_REFCOUNT_ADD_SATURATED_sh pass lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED_sh pass lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED_sh pass lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED_sh pass lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED_sh pass lkdtm_REFCOUNT_TIMING_sh skip lkdtm_ATOMIC_TIMING_sh skip lkdtm_USERCOPY_SLAB_SIZE_TO_sh pass lkdtm_USERCOPY_SLAB_SIZE_FROM_sh pass lkdtm_USERCOPY_SLAB_WHITELIST_TO_sh pass lkdtm_USERCOPY_SLAB_WHITELIST_FROM_sh pass lkdtm_USERCOPY_STACK_FRAME_TO_sh pass lkdtm_USERCOPY_STACK_FRAME_FROM_sh pass lkdtm_USERCOPY_STACK_BEYOND_sh pass lkdtm_USERCOPY_KERNEL_sh pass lkdtm_STACKLEAK_ERASING_sh skip lkdtm_CFI_FORWARD_PROTO_sh fail lkdtm_CFI_BACKWARD_sh fail lkdtm_FORTIFY_STRSCPY_sh pass lkdtm_FORTIFY_STR_OBJECT_sh pass lkdtm_FORTIFY_STR_MEMBER_sh pass lkdtm_FORTIFY_MEM_OBJECT_sh pass lkdtm_FORTIFY_MEM_MEMBER_sh pass lkdtm_PPC_SLB_MULTIHIT_sh skip lkdtm_stack-entropy_sh fail + ../../utils/send-to-lava.sh ./output/result.txt + set +x / #