Trying 192.168.56.4... Connected to moya.mayfield.sirena.org.uk. Escape character is '^]'. ser2net port telnet,3000 device serialdev, /dev/serial/by-path/pci-0000:00:14.0-usb-0:3.4:1.0-port0, 115200n81, local=false [,115200N81] (Debian GNU/Linux) U-Boot SPL 2023.07.02-dh-stm32mp1-dhcor-avenger96-20230727.02 (Jul 11 2023 - 15:20:44 +0000) Model: Arrow Electronics STM32MP15xx Avenger96 board Code: SoM:rev=0,ddr3=3 Board:rev=1 RAM: DDR3L 32bits 2x4Gb 533MHz WDT: Started watchdog@5a002000 with servicing every 1000ms (32s timeout) Trying to boot from MMC1 image entry point: 0xc0100000 U-Boot 2023.07.02-dh-stm32mp1-dhcor-avenger96-20230727.02 (Jul 11 2023 - 15:20:44 +0000) CPU: STM32MP157AAC Rev.B Model: Arrow Electronics STM32MP15xx Avenger96 board Board: stm32mp1 in basic mode (arrow,stm32mp15xx-avenger96) DRAM: 1 GiB Clocks: - MPU : 650 MHz - MCU : 208.878 MHz - AXI : 266.500 MHz - PER : 24 MHz - DDR : 533 MHz Core: 285 devices, 34 uclasses, devicetree: separate WDT: Started watchdog@5a002000 with servicing every 1000ms (32s timeout) MMC: STM32 SD/MMC: 2, STM32 SD/MMC: 0, STM32 SD/MMC: 1 Loading Environment from SPIFlash... SF: Detected w25q16dw with page size 256 Bytes, erase size 4 KiB, total 2 MiB OK In: serial Out: serial Err: serial Net: eth0: ethernet@5800a000 Hit any key to stop autoboot: 3  0 STM32MP> setenv autoload no setenv autoload no STM32MP> setenv initrd_high 0xffffffff setenv initrd_high 0xffffffff STM32MP> setenv fdt_high 0xffffffff setenv fdt_high 0xffffffff STM32MP> dhcp dhcp ethernet@5800a000 Waiting for PHY auto negotiation to complete............... done BOOTP broadcast 1 BOOTP broadcast 2 BOOTP broadcast 3 DHCP client bound to address 192.168.6.45 (811 ms) STM32MP> setenv serverip 192.168.6.3 setenv serverip 192.168.6.3 STM32MP> tftp 0xc2000000 855183/tftp-deploy-_8ek0du3/kernel/uImage tftp 0xc2000000 855183/tftp-deploy-_8ek0du3/kernel/uImage Using ethernet@5800a000 device TFTP from server 192.168.6.3; our IP address is 192.168.6.45 Filename '855183/tftp-deploy-_8ek0du3/kernel/uImage'. Load address: 0xc2000000 Loading: *################################################## 15.5 MiB 15.2 MiB/s done Bytes transferred = 16220736 (f78240 hex) STM32MP> tftp 0xc4400000 855183/tftp-deploy-_8ek0du3/ramdisk/ramdisk.cpio.gz.uboot tftp 0xc4400000 855183/tftp-deploy-_8ek0du3/ramdisk/ramdisk.cpio.gz.uboot Using ethernet@5800a000 device TFTP from server 192.168.6.3; our IP address is 192.168.6.45 Filename '855183/tftp-deploy-_8ek0du3/ramdisk/ramdisk.cpio.gz.uboot'. Load address: 0xc4400000 Loading: *################################################## 20.6 MiB 14.3 MiB/s done Bytes transferred = 21644910 (14a466e hex) STM32MP> setenv initrd_size ${filesize} setenv initrd_size ${filesize} STM32MP> tftp 0xc4000000 855183/tftp-deploy-_8ek0du3/dtb/stm32mp157a-dhcor-avenger96.dtb tftp 0xc4000000 855183/tftp-deploy-_8ek0du3/dtb/stm32mp157a-dhcor-avenger96.dtb Using ethernet@5800a000 device TFTP from server 192.168.6.3; our IP address is 192.168.6.45 Filename '855183/tftp-deploy-_8ek0du3/dtb/stm32mp157a-dhcor-avenger96.dtb'. Load address: 0xc4000000 Loading: *################################################## 51.6 KiB 7.2 MiB/s done Bytes transferred = 52850 (ce72 hex) STM32MP> setenv bootargs 'console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.6.3:/var/lib/lava/dispatcher/tmp/855183/extract-nfsrootfs-nl_jgwvz,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp' setenv bootargs 'console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.6.3:/var/lib/lava/dispatcher/tmp/855183/extract-nfsrootfs-nl_jgwvz,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp' STM32MP> bootm 0xc2000000 0xc4400000 0xc4000000 bootm 0xc2000000 0xc4400000 0xc4000000 ## Booting kernel from Legacy Image at c2000000 ... Image Name: Created: 2024-10-17 12:10:37 UTC Image Type: ARM Linux Kernel Image (uncompressed) Data Size: 16220672 Bytes = 15.5 MiB Load Address: c2000000 Entry Point: c2000000 Verifying Checksum ... OK ## Loading init Ramdisk from Legacy Image at c4400000 ... Image Name: Created: 2024-10-17 12:10:46 UTC Image Type: ARM Linux RAMDisk Image (uncompressed) Data Size: 21644846 Bytes = 20.6 MiB Load Address: 00000000 Entry Point: 00000000 Verifying Checksum ... OK ## Flattened Device Tree blob at c4000000 Booting using the fdt blob at 0xc4000000 Working FDT set to c4000000 Loading Kernel Image Using Device Tree in place at c4000000, end c400fe71 Working FDT set to c4000000 Starting kernel ... [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 6.12.0-rc3-next-20241017 (KernelCI@build-j344913-arm-gcc-12-multi-v7-defconfig-kselftest-brstk) (arm-linux-gnueabihf-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP Thu Oct 17 10:35:46 UTC 2024 [ 0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c5387d [ 0.000000] CPU: div instructions available: patching division code [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache [ 0.000000] OF: fdt: Machine model: Arrow Electronics STM32MP157A Avenger96 board [ 0.000000] earlycon: stm32 at MMIO 0x40010000 (options '115200n8') [ 0.000000] printk: legacy bootconsole [stm32] enabled [ 0.000000] Memory policy: Data cache writealloc [ 0.000000] efi: UEFI not found. [ 0.000000] cma: Reserved 64 MiB at 0xfb800000 on node -1 [ 0.000000] Zone ranges: [ 0.000000] DMA [mem 0x00000000c0000000-0x00000000efffffff] [ 0.000000] Normal empty [ 0.000000] HighMem [mem 0x00000000f0000000-0x00000000ffffefff] [ 0.000000] Movable zone start for each node [ 0.000000] Early memory node ranges [ 0.000000] node 0: [mem 0x00000000c0000000-0x00000000ffffefff] [ 0.000000] Initmem setup node 0 [mem 0x00000000c0000000-0x00000000ffffefff] [ 0.000000] Reserved memory: created DMA memory pool at 0x10000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node mcuram2@10000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10000000..0x1003ffff (256 KiB) nomap non-reusable mcuram2@10000000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10040000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0vring0@10040000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10040000..0x10040fff (4 KiB) nomap non-reusable vdev0vring0@10040000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10041000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0vring1@10041000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10041000..0x10041fff (4 KiB) nomap non-reusable vdev0vring1@10041000 [ 0.000000] Reserved memory: created DMA memory pool at 0x10042000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node vdev0buffer@10042000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x10042000..0x10045fff (16 KiB) nomap non-reusable vdev0buffer@10042000 [ 0.000000] Reserved memory: created DMA memory pool at 0x30000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node mcuram@30000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x30000000..0x3003ffff (256 KiB) nomap non-reusable mcuram@30000000 [ 0.000000] Reserved memory: created DMA memory pool at 0x38000000, size 0 MiB [ 0.000000] OF: reserved mem: initialized node retram@38000000, compatible id shared-dma-pool [ 0.000000] OF: reserved mem: 0x38000000..0x3800ffff (64 KiB) nomap non-reusable retram@38000000 [ 0.000000] psci: probing for conduit method from DT. [ 0.000000] psci: PSCIv1.0 detected in firmware. [ 0.000000] psci: Using standard PSCI v0.2 function IDs [ 0.000000] psci: Trusted OS migration not required [ 0.000000] psci: SMC Calling Convention v1.0 [ 0.000000] percpu: Embedded 19 pages/cpu s48652 r8192 d20980 u77824 [ 0.000000] Kernel command line: console=ttySTM0,115200n8 root=/dev/nfs rw nfsroot=192.168.6.3:/var/lib/lava/dispatcher/tmp/855183/extract-nfsrootfs-nl_jgwvz,tcp,hard console_msg_format=syslog earlycon deferred_probe_timeout=60 ip=dhcp <6>[ 0.000000] printk: log buffer data + meta data: 131072 + 409600 = 540672 bytes <6>[ 0.000000] Dentry cache hash table entries: 131072 (order: 7, 524288 bytes, linear) <6>[ 0.000000] Inode-cache hash table entries: 65536 (order: 6, 262144 bytes, linear) <6>[ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 262143 <6>[ 0.000000] allocated 1056764 bytes of page_ext <6>[ 0.000000] mem auto-init: stack:all(zero), heap alloc:on, heap free:on <6>[ 0.000000] mem auto-init: clearing system memory may take some time... <6>[ 0.000000] stackdepot: allocating hash table via alloc_large_system_hash <6>[ 0.000000] stackdepot hash table entries: 65536 (order: 7, 524288 bytes, linear) <4>[ 0.000000] ********************************************************** <4>[ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** This system shows unhashed kernel memory addresses ** <4>[ 0.000000] ** via the console, logs, and other interfaces. This ** <4>[ 0.000000] ** might reduce the security of your system. ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** If you see this message and you are not debugging ** <4>[ 0.000000] ** the kernel, report this immediately to your system ** <4>[ 0.000000] ** administrator! ** <4>[ 0.000000] ** ** <4>[ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** <4>[ 0.000000] ********************************************************** <6>[ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1 <6>[ 0.000000] ftrace: allocating 70997 entries in 209 pages <6>[ 0.000000] ftrace: allocated 209 pages with 4 groups <6>[ 0.000000] trace event string verifier disabled <6>[ 0.000000] rcu: Hierarchical RCU implementation. <6>[ 0.000000] rcu: RCU event tracing is enabled. <6>[ 0.000000] rcu: RCU restricting CPUs from NR_CPUS=16 to nr_cpu_ids=2. <6>[ 0.000000] Rude variant of Tasks RCU enabled. <6>[ 0.000000] Tracing variant of Tasks RCU enabled. <6>[ 0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. <6>[ 0.000000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2 <6>[ 0.000000] RCU Tasks Rude: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. <6>[ 0.000000] RCU Tasks Trace: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2. <6>[ 0.000000] NR_IRQS: 16, nr_irqs: 16, preallocated irqs: 16 <6>[ 0.000000] rcu: srcu_init: Setting srcu_struct sizes based on contention. <6>[ 0.000000] arch_timer: cp15 timer(s) running at 24.00MHz (virt). <6>[ 0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x588fe9dc0, max_idle_ns: 440795202592 ns <6>[ 0.000003] sched_clock: 56 bits at 24MHz, resolution 41ns, wraps every 4398046511097ns <6>[ 0.008288] Switching to timer-based delay loop, resolution 41ns <6>[ 0.025299] Console: colour dummy device 80x30 <6>[ 0.028747] Calibrating delay loop (skipped), value calculated using timer frequency.. 48.00 BogoMIPS (lpj=24000) <6>[ 0.039175] CPU: Testing write buffer coherency: ok <6>[ 0.044325] pid_max: default: 32768 minimum: 301 <6>[ 0.050401] LSM: initializing lsm=capability,landlock,bpf,ima <6>[ 0.055512] landlock: Up and running. <6>[ 0.059268] LSM support for eBPF active <6>[ 0.064360] Mount-cache hash table entries: 2048 (order: 1, 8192 bytes, linear) <6>[ 0.070859] Mountpoint-cache hash table entries: 2048 (order: 1, 8192 bytes, linear) <6>[ 0.086720] CPU0: update cpu_capacity 1024 <6>[ 0.089709] CPU0: thread -1, cpu 0, socket 0, mpidr 80000000 <6>[ 0.103716] Setting up static identity map for 0xc0300000 - 0xc03000ac <6>[ 0.112816] rcu: Hierarchical SRCU implementation. <6>[ 0.116478] rcu: Max phase no-delay instances is 400. <6>[ 0.123758] Timer migration: 1 hierarchy levels; 8 children per group; 1 crossnode level <6>[ 0.155808] EFI services will not be available. <6>[ 0.160600] smp: Bringing up secondary CPUs ... <6>[ 0.168173] CPU1: update cpu_capacity 1024 <6>[ 0.168211] CPU1: thread -1, cpu 1, socket 0, mpidr 80000001 <6>[ 0.168550] smp: Brought up 1 node, 2 CPUs <6>[ 0.181796] SMP: Total of 2 processors activated (96.00 BogoMIPS). <6>[ 0.188262] CPU: All CPU(s) started in SVC mode. <6>[ 0.195819] Memory: 905596K/1048572K available (21504K kernel code, 3739K rwdata, 10400K rodata, 2048K init, 514K bss, 72176K reserved, 65536K cma-reserved, 196604K highmem) <6>[ 0.213063] devtmpfs: initialized <6>[ 0.444017] VFP support v0.3: implementor 41 architecture 2 part 30 variant 7 rev 5 <6>[ 0.452750] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns <6>[ 0.461397] futex hash table entries: 512 (order: 3, 32768 bytes, linear) <6>[ 0.532935] pinctrl core: initialized pinctrl subsystem <6>[ 0.554549] DMI not present or invalid. <6>[ 0.565266] NET: Registered PF_NETLINK/PF_ROUTE protocol family <6>[ 0.582291] DMA: preallocated 256 KiB pool for atomic coherent allocations <6>[ 0.597545] audit: initializing netlink subsys (disabled) <5>[ 0.606123] audit: type=2000 audit(0.430:1): state=initialized audit_enabled=0 res=1 <6>[ 0.618891] thermal_sys: Registered thermal governor 'step_wise' <6>[ 0.619359] cpuidle: using governor menu <6>[ 0.631372] No ATAGs? <6>[ 0.632658] hw-breakpoint: found 5 (+1 reserved) breakpoint and 4 watchpoint registers. <6>[ 0.640777] hw-breakpoint: maximum watchpoint size is 8 bytes. <6>[ 0.668046] Serial: AMBA PL011 UART driver <6>[ 0.768254] platform 5a001000.display-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 0.895517] platform hdmi-out: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 0.915710] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. <6>[ 0.985399] stm32-mdma 58000000.dma-controller: STM32 MDMA driver registered <6>[ 1.005559] iommu: Default domain type: Translated <6>[ 1.009385] iommu: DMA domain TLB invalidation policy: strict mode <5>[ 1.028241] SCSI subsystem initialized <6>[ 1.036402] usbcore: registered new interface driver usbfs <6>[ 1.041253] usbcore: registered new interface driver hub <6>[ 1.046800] usbcore: registered new device driver usb <6>[ 1.059869] pps_core: LinuxPPS API ver. 1 registered <6>[ 1.063699] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <6>[ 1.073388] PTP clock support registered <6>[ 1.078260] EDAC MC: Ver: 3.0.0 <6>[ 1.084967] scmi_core: SCMI protocol bus registered <6>[ 1.107803] NET: Registered PF_ATMPVC protocol family <6>[ 1.111733] NET: Registered PF_ATMSVC protocol family <6>[ 1.119191] nfc: nfc_init: NFC Core ver 0.1 <6>[ 1.123070] NET: Registered PF_NFC protocol family <6>[ 1.128789] vgaarb: loaded <6>[ 1.135580] clocksource: Switched to clocksource arch_sys_counter <6>[ 1.243459] NET: Registered PF_INET protocol family <6>[ 1.247889] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear) <6>[ 1.262113] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear) <6>[ 1.269394] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) <6>[ 1.277614] TCP established hash table entries: 8192 (order: 3, 32768 bytes, linear) <6>[ 1.285572] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear) <6>[ 1.293227] TCP: Hash tables configured (established 8192 bind 8192) <6>[ 1.301437] MPTCP token hash table entries: 1024 (order: 2, 16384 bytes, linear) <6>[ 1.308137] UDP hash table entries: 512 (order: 2, 16384 bytes, linear) <6>[ 1.314724] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear) <6>[ 1.323201] NET: Registered PF_UNIX/PF_LOCAL protocol family <6>[ 1.334468] RPC: Registered named UNIX socket transport module. <6>[ 1.339308] RPC: Registered udp transport module. <6>[ 1.344274] RPC: Registered tcp transport module. <6>[ 1.349243] RPC: Registered tcp-with-tls transport module. <6>[ 1.355001] RPC: Registered tcp NFSv4.1 backchannel transport module. <6>[ 1.361749] NET: Registered PF_XDP protocol family <6>[ 1.366847] PCI: CLS 0 bytes, default 64 <5>[ 1.383818] Initialise system trusted keyrings <6>[ 1.389828] Trying to unpack rootfs image as initramfs... <6>[ 1.429219] workingset: timestamp_bits=14 max_order=18 bucket_order=4 <6>[ 1.525556] squashfs: version 4.0 (2009/01/31) Phillip Lougher <5>[ 1.547297] NFS: Registering the id_resolver key type <5>[ 1.551432] Key type id_resolver registered <5>[ 1.555678] Key type id_legacy registered <6>[ 1.560284] nfs4filelayout_init: NFSv4 File Layout Driver Registering... <6>[ 1.567007] nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering... <6>[ 1.976605] NET: Registered PF_ALG protocol family <5>[ 1.980390] Key type asymmetric registered <5>[ 1.984645] Asymmetric key parser 'x509' registered <6>[ 1.990742] bounce: pool size: 64 pages <6>[ 1.994770] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 243) <6>[ 2.001605] io scheduler mq-deadline registered <6>[ 2.006386] io scheduler kyber registered <6>[ 2.010992] io scheduler bfq registered <4>[ 2.017728] test_firmware: interface ready <6>[ 2.032423] /soc/interrupt-controller@5000d000: bank0 <6>[ 2.036381] /soc/interrupt-controller@5000d000: bank1 <6>[ 2.041719] /soc/interrupt-controller@5000d000: bank2 <6>[ 2.076720] Registering stm32-etzpc firewall controller <6>[ 2.227947] ledtrig-cpu: registered to indicate activity on CPUs <6>[ 3.482780] Serial: 8250/16550 driver, 5 ports, IRQ sharing enabled <6>[ 3.535591] msm_serial: driver initialized <6>[ 3.540452] SuperH (H)SCI(F) driver initialized <6>[ 3.544903] STMicroelectronics ASC driver initialized <6>[ 3.550347] STM32 USART driver initialized <5>[ 3.586082] random: crng init done <6>[ 3.606571] [drm] Initialized vgem 1.0.0 for vgem on minor 0 <6>[ 3.732817] brd: module loaded <6>[ 3.811782] loop: module loaded <6>[ 3.816331] lkdtm: No crash points registered, enable through debugfs <6>[ 3.964578] bgmac_bcma: Broadcom 47xx GBit MAC driver loaded <6>[ 3.974791] e1000e: Intel(R) PRO/1000 Network Driver <6>[ 3.978639] e1000e: Copyright(c) 1999 - 2015 Intel Corporation. <6>[ 3.985346] igb: Intel(R) Gigabit Ethernet Network Driver <6>[ 3.990531] igb: Copyright (c) 2007-2014 Intel Corporation. <6>[ 4.019764] pegasus: Pegasus/Pegasus II USB Ethernet driver <6>[ 4.024772] usbcore: registered new interface driver pegasus <6>[ 4.030738] usbcore: registered new interface driver asix <6>[ 4.036372] usbcore: registered new interface driver ax88179_178a <6>[ 4.042766] usbcore: registered new interface driver cdc_ether <6>[ 4.048828] usbcore: registered new interface driver smsc75xx <6>[ 4.054911] usbcore: registered new interface driver smsc95xx <6>[ 4.060887] usbcore: registered new interface driver net1080 <6>[ 4.066889] usbcore: registered new interface driver cdc_subset <6>[ 4.073065] usbcore: registered new interface driver zaurus <6>[ 4.078858] usbcore: registered new interface driver cdc_ncm <6>[ 4.108167] usbcore: registered new interface driver usb-storage <6>[ 4.150942] stm32_rtc 5c004000.rtc: registered as rtc0 <6>[ 4.155019] stm32_rtc 5c004000.rtc: setting system clock to 2000-01-01T00:00:22 UTC (946684822) <4>[ 4.166815] stm32_rtc 5c004000.rtc: Date/Time must be initialized <6>[ 4.171855] stm32_rtc 5c004000.rtc: registered rev:1.2 <6>[ 4.183928] i2c_dev: i2c /dev entries driver <6>[ 4.241224] stm_thermal 50028000.thermal: stm_thermal_probe: Driver initialized successfully <6>[ 4.295757] sdhci: Secure Digital Host Controller Interface driver <6>[ 4.300830] sdhci: Copyright(c) Pierre Ossman <6>[ 4.314404] Synopsys Designware Multimedia Card Interface Driver <6>[ 4.327982] sdhci-pltfm: SDHCI platform and OF driver helper <6>[ 4.354566] hid: raw HID events driver (C) Jiri Kosina <6>[ 4.363692] usbcore: registered new interface driver usbhid <6>[ 4.368158] usbhid: USB HID core driver <6>[ 4.405867] hw perfevents: enabled with armv7_cortex_a7 PMU driver, 5 (8000000f) counters available <6>[ 4.425067] ipip: IPv4 and MPLS over IPv4 tunneling driver <6>[ 4.435807] IPv4 over IPsec tunneling driver <6>[ 4.445075] IPsec XFRM device driver <6>[ 4.448329] NET: Registered PF_INET6 protocol family <6>[ 4.464415] Segment Routing with IPv6 <6>[ 4.467787] In-situ OAM (IOAM) with IPv6 <6>[ 4.478849] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver <6>[ 4.497468] NET: Registered PF_PACKET protocol family <6>[ 4.501781] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. <5>[ 4.518281] Key type dns_resolver registered <6>[ 4.523848] NET: Registered PF_VSOCK protocol family <6>[ 4.527827] mpls_gso: MPLS GSO support <6>[ 4.536130] ThumbEE CPU extension supported. <5>[ 4.539368] Registering SWP/SWPB emulation handler <4>[ 4.844789] unwind: Index not found bf0034c0 <4>[ 4.848039] unwind: Index not found bf0034c0 <4>[ 4.852589] unwind: Index not found bf0034c0 <4>[ 4.857091] unwind: Index not found bf0034c0 <4>[ 4.861636] unwind: Index not found bf0034c0 <4>[ 4.866135] unwind: Index not found bf0034c0 <4>[ 4.870700] unwind: Index not found bf0034c0 <4>[ 4.875208] unwind: Index not found bf0034c0 <4>[ 4.879780] unwind: Index not found bf0034c0 <4>[ 4.884282] unwind: Index not found bf0034c0 <4>[ 4.888854] unwind: Index not found bf0034c0 <4>[ 4.893445] unwind: Index not found bf0034c0 <4>[ 4.897925] unwind: Index not found bf0034c0 <4>[ 4.902666] unwind: Index not found bf0034c0 <4>[ 4.907062] unwind: Index not found bf0034c0 <4>[ 4.911630] unwind: Index not found bf0034c0 <4>[ 4.916062] unwind: Index not found bf0034c0 <4>[ 4.920645] unwind: Index not found bf0034c0 <4>[ 4.925176] unwind: Index not found bf0034c0 <4>[ 4.929689] unwind: Index not found bf0034c0 <4>[ 4.934224] unwind: Index not found bf0034c0 <4>[ 4.938783] unwind: Index not found bf003584 <4>[ 4.943346] unwind: Index not found bf003584 <4>[ 4.947848] unwind: Index not found bf003584 <4>[ 4.952377] unwind: Index not found bf003584 <4>[ 4.956923] unwind: Index not found bf00373c <4>[ 4.961453] unwind: Index not found bf00373c <4>[ 4.965990] unwind: Index not found bf00373c <4>[ 4.970548] unwind: Index not found bf00373c <5>[ 4.975298] Loading compiled-in X.509 certificates <6>[ 5.978917] Freeing initrd memory: 21140K <5>[ 6.067988] Loaded X.509 cert 'Build time autogenerated kernel key: 04f46207ac8c245ed7b6ff04786d75ad3d8df8ad' <6>[ 6.259073] ima: No TPM chip found, activating TPM-bypass! <6>[ 6.263522] ima: Allocated hash algorithm: sha1 <6>[ 6.268452] ima: No architecture policies found <6>[ 6.537372] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOA bank added <6>[ 6.547499] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOB bank added <6>[ 6.557760] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOC bank added <6>[ 6.568008] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOD bank added <6>[ 6.578293] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOE bank added <6>[ 6.589596] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOF bank added <6>[ 6.601859] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOG bank added <6>[ 6.612143] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOH bank added <6>[ 6.624483] stm32mp157-pinctrl soc:pinctrl@50002000: GPIOI bank added <6>[ 6.629984] stm32mp157-pinctrl soc:pinctrl@50002000: Pinctrl STM32 initialized <6>[ 6.667237] stm32mp157-pinctrl soc:pinctrl@54004000: GPIOZ bank added <6>[ 6.672625] stm32mp157-pinctrl soc:pinctrl@54004000: Pinctrl STM32 initialized <6>[ 6.699138] stm32-dma 48000000.dma-controller: STM32 DMA driver registered <6>[ 6.722557] stm32-dma 48001000.dma-controller: STM32 DMA driver registered <6>[ 6.781922] stm32-usart 4000e000.serial: interrupt mode for rx (no dma) <6>[ 6.787471] stm32-usart 4000e000.serial: interrupt mode for tx (no dma) <6>[ 6.797766] 4000e000.serial: ttySTM2 at MMIO 0x4000e000 (irq = 49, base_baud = 4000000) is a stm32-usart <6>[ 6.809919] serial serial0: tty port ttySTM2 registered <6>[ 6.823195] stm32-usart 40010000.serial: interrupt mode for rx (no dma) <6>[ 6.828713] stm32-usart 40010000.serial: interrupt mode for tx (no dma) <6>[ 6.838545] 40010000.serial: ttySTM0 at MMIO 0x40010000 (irq = 50, base_baud = 4000000) is a stm32-usart <6>[ 6.848431] printk: legacy console [ttySTM0] enabled <6>[ 6.848431] printk: legacy console [ttySTM0] enabled <6>[ 6.857499] printk: legacy bootconsole [stm32] disabled <6>[ 6.857499] printk: legacy bootconsole [stm32] disabled <6>[ 6.886938] stm32-usart 40018000.serial: interrupt mode for rx (no dma) <6>[ 6.892545] stm32-usart 40018000.serial: interrupt mode for tx (no dma) <6>[ 6.902395] 40018000.serial: ttySTM1 at MMIO 0x40018000 (irq = 51, base_baud = 4000000) is a stm32-usart <6>[ 6.971744] stm32-dwmac 5800a000.ethernet: IRQ eth_wake_irq not found <6>[ 6.977289] stm32-dwmac 5800a000.ethernet: IRQ eth_lpi not found <6>[ 6.983484] stm32-dwmac 5800a000.ethernet: IRQ sfty not found <6>[ 6.993410] stm32-dwmac 5800a000.ethernet: User ID: 0x40, Synopsys ID: 0x42 <6>[ 6.999481] stm32-dwmac 5800a000.ethernet: DWMAC4/5 <6>[ 7.004706] stm32-dwmac 5800a000.ethernet: DMA HW capability register supported <6>[ 7.012153] stm32-dwmac 5800a000.ethernet: RX Checksum Offload Engine supported <6>[ 7.019767] stm32-dwmac 5800a000.ethernet: TX Checksum insertion supported <6>[ 7.026872] stm32-dwmac 5800a000.ethernet: Wake-Up On Lan supported <6>[ 7.034093] stm32-dwmac 5800a000.ethernet: TSO supported <6>[ 7.039043] stm32-dwmac 5800a000.ethernet: Enable RX Mitigation via HW Watchdog Timer <6>[ 7.047212] stm32-dwmac 5800a000.ethernet: Enabled L3L4 Flow TC (entries=2) <6>[ 7.054481] stm32-dwmac 5800a000.ethernet: Enabled RFS Flow TC (entries=10) <6>[ 7.061617] stm32-dwmac 5800a000.ethernet: TSO feature enabled <6>[ 7.067824] stm32-dwmac 5800a000.ethernet: Using 32/32 bits DMA host/device width <6>[ 7.187669] stm32f7-i2c 40012000.i2c: STM32F7 I2C-0 bus adapter <6>[ 7.226357] stm32f7-i2c 40013000.i2c: STM32F7 I2C-1 bus adapter <6>[ 7.270336] stpmic1 2-0033: PMIC Chip Version: 0x10 <6>[ 7.283105] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/boost <6>[ 7.295149] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/buck2 <6>[ 7.308332] platform 5c002000.i2c:stpmic@33:regulators: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/stpmic@33/regulators/buck4 <6>[ 7.335063] platform hdmi-out: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 7.346475] platform 5a001000.display-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 7.358369] i2c 2-003d: Fixed dependency cycle(s) with /soc/bus@5c007000/sai@4400b000/audio-controller@4400b004 <6>[ 7.367769] i2c 2-003d: Fixed dependency cycle(s) with /hdmi-out <6>[ 7.375088] i2c 2-003d: Fixed dependency cycle(s) with /soc/display-controller@5a001000 <4>[ 7.387031] at24 2-0053: supply vcc not found, using dummy regulator <6>[ 7.397051] at24 2-0053: 256 byte 24c02 EEPROM, writable, 16 bytes/write <6>[ 7.403094] stm32f7-i2c 5c002000.i2c: STM32F7 I2C-2 bus adapter <6>[ 7.426069] mmci-pl18x 48004000.mmc: mmc1: PL180 manf 53 rev2 at 0x48004000 irq 61,0 (pio) <6>[ 7.449936] input: pmic_onkey as /devices/platform/soc/5c007000.bus/5c002000.i2c/i2c-2/2-0033/5c002000.i2c:stpmic@33:onkey/input/input0 <6>[ 7.470605] vdda: Bringing 1800000uV into 2900000-2900000uV <6>[ 7.484190] v2v8: Bringing 1800000uV into 2800000-2800000uV <6>[ 7.521015] v1v8: Bringing 1000000uV into 1800000-1800000uV <6>[ 7.589080] mmci-pl18x 58005000.mmc: Got CD GPIO <6>[ 7.602577] stm32-dwmac 5800a000.ethernet eth0: Register MEM_TYPE_PAGE_POOL RxQ-0 <6>[ 7.613236] mmci-pl18x 58005000.mmc: mmc0: PL180 manf 53 rev2 at 0x58005000 irq 72,0 (pio) <6>[ 7.618046] stm32-usbphyc 5a006000.usbphyc: registered rev:1.0 <4>[ 7.634367] dwc2 49000000.usb-otg: supply vusb_d not found, using dummy regulator <4>[ 7.642834] dwc2 49000000.usb-otg: supply vusb_a not found, using dummy regulator <6>[ 7.677310] stm32-dwmac 5800a000.ethernet eth0: PHY [stmmac-0:07] driver [Micrel KSZ9031 Gigabit PHY] (irq=POLL) <6>[ 7.678021] mmc1: new high speed SDIO card at address 0001 <6>[ 7.686528] dwmac4: Master AXI performs any burst length <6>[ 7.697878] stm32-dwmac 5800a000.ethernet eth0: No Safety Features support found <6>[ 7.750924] mmc0: new high speed SDXC card at address e624 <6>[ 7.769378] mmcblk0: mmc0:e624 SD64G 59.5 GiB <4>[ 7.811010] GPT:Primary header thinks Alt. header is not at the end of the disk. <4>[ 7.817382] GPT:3204245 != 124735487 <4>[ 7.821166] GPT:Alternate GPT header not at the end of the disk. <4>[ 7.827439] GPT:3204245 != 124735487 <4>[ 7.831304] GPT: Use GNU Parted to correct GPT errors. <6>[ 7.836860] mmcblk0: p1 p2 p3 p4 <6>[ 7.865103] dwc2 49000000.usb-otg: EPs: 9, dedicated fifos, 952 entries in SPRAM <6>[ 7.908555] stm32-dwmac 5800a000.ethernet eth0: IEEE 1588-2008 Advanced Timestamp supported <6>[ 7.918339] stm32-dwmac 5800a000.ethernet eth0: registered PTP clock <6>[ 7.930410] stm32-dwmac 5800a000.ethernet eth0: configuring for phy/rgmii link mode <6>[ 7.949647] dwc2 49000000.usb-otg: DWC OTG Controller <6>[ 7.953937] dwc2 49000000.usb-otg: new USB bus registered, assigned bus number 1 <6>[ 7.961618] dwc2 49000000.usb-otg: irq 73, io mem 0x49000000 <6>[ 7.975722] hub 1-0:1.0: USB hub found <6>[ 7.978930] hub 1-0:1.0: 1 port detected <6>[ 8.005025] ehci-platform 5800d000.usb: EHCI Host Controller <6>[ 8.009863] ehci-platform 5800d000.usb: new USB bus registered, assigned bus number 2 <6>[ 8.019907] mmci-pl18x 58007000.mmc: mmc2: PL180 manf 53 rev2 at 0x58007000 irq 76,0 (pio) <6>[ 8.031049] ehci-platform 5800d000.usb: irq 75, io mem 0x5800d000 <6>[ 8.041598] ehci-platform 5800d000.usb: USB 2.0 started, EHCI 1.00 <6>[ 8.055493] hub 2-0:1.0: USB hub found <6>[ 8.058800] hub 2-0:1.0: 2 ports detected <6>[ 8.168441] mmc2: new high speed DDR MMC card at address 0001 <6>[ 8.187866] mmcblk2: mmc2:0001 DG4008 7.28 GiB <4>[ 8.228122] GPT:Primary header thinks Alt. header is not at the end of the disk. <4>[ 8.234466] GPT:3145727 != 15273599 <4>[ 8.238270] GPT:Alternate GPT header not at the end of the disk. <4>[ 8.244467] GPT:3145727 != 15273599 <4>[ 8.248254] GPT: Use GNU Parted to correct GPT errors. <6>[ 8.253816] mmcblk2: p1 p2 p3 p4 <6>[ 8.275953] mmcblk2boot0: mmc2:0001 DG4008 4.00 MiB <6>[ 8.305628] usb 2-1: new high-speed USB device number 2 using ehci-platform <6>[ 8.322148] mmcblk2boot1: mmc2:0001 DG4008 4.00 MiB <6>[ 8.358145] mmcblk2rpmb: mmc2:0001 DG4008 4.00 MiB, chardev (510:0) <6>[ 8.443470] hub 2-1:1.0: USB hub found <6>[ 8.446830] hub 2-1:1.0: 3 ports detected <6>[ 18.268616] stm32-dwmac 5800a000.ethernet eth0: Link is Up - 1Gbps/Full - flow control off <5>[ 18.286658] Sending DHCP requests ., OK <6>[ 18.366086] IP-Config: Got DHCP answer from 192.168.6.1, my address is 192.168.6.45 <6>[ 18.373363] IP-Config: Complete: <6>[ 18.376751] device=eth0, hwaddr=80:1f:12:cc:2a:a4, ipaddr=192.168.6.45, mask=255.255.255.0, gw=192.168.6.1 <6>[ 18.387256] host=192.168.6.45, domain=, nis-domain=(none) <6>[ 18.393263] bootserver=192.168.6.1, rootserver=192.168.6.3, rootpath= <6>[ 18.393284] nameserver0=192.168.6.1 <6>[ 18.410646] clk: Disabling unused clocks <6>[ 18.414409] PM: genpd: Disabling unused power domains <6>[ 18.597963] Freeing unused kernel image (initmem) memory: 2048K <6>[ 18.603891] Run /init as init process Loading, please wait... Starting systemd-udevd version 252.22-1~deb12u1 <6>[ 29.700160] stm32-ipcc 4c001000.mailbox: ipcc rev:1.0 enabled, 6 chans, proc 0 <6>[ 29.908857] stm32-crc32 58009000.crc: Initialized <6>[ 30.250903] etnaviv etnaviv: bound 59000000.gpu (ops gpu_ops [etnaviv]) <6>[ 30.256632] etnaviv-gpu 59000000.gpu: model: GC400, revision: 4652 <6>[ 30.353398] [drm] Initialized etnaviv 1.4.0 for etnaviv on minor 1 <6>[ 30.709429] i2c 2-003d: Fixed dependency cycle(s) with /soc/bus@5c007000/sai@4400b000/audio-controller@4400b004 <6>[ 30.719955] platform 4400b004.audio-controller: Fixed dependency cycle(s) with /soc/bus@5c007000/i2c@5c002000/hdmi-transmitter@3d <6>[ 31.092839] Bluetooth: Core ver 2.22 <6>[ 31.096114] NET: Registered PF_BLUETOOTH protocol family <6>[ 31.100936] Bluetooth: HCI device and connection manager initialized <6>[ 31.107622] Bluetooth: HCI socket layer initialized <6>[ 31.112818] Bluetooth: L2CAP socket layer initialized <6>[ 31.118219] Bluetooth: SCO socket layer initialized <6>[ 31.299440] stm32-dwmac 5800a000.ethernet end0: renamed from eth0 (while UP) <5>[ 31.498730] cfg80211: Loading compiled-in X.509 certificates for regulatory database <6>[ 31.528310] Bluetooth: HCI UART driver ver 2.3 <6>[ 31.531778] Bluetooth: HCI UART protocol H4 registered <6>[ 31.539578] Bluetooth: HCI UART protocol Broadcom registered <4>[ 31.547315] hci_uart_bcm serial0-0: supply vbat not found, using dummy regulator <4>[ 31.578113] hci_uart_bcm serial0-0: supply vddio not found, using dummy regulator <6>[ 31.762087] [drm] Initialized stm 1.0.0 for 5a001000.display-controller on minor 2 <6>[ 31.811756] stm32-display 5a001000.display-controller: [drm] Cannot find any crtc or sizes <6>[ 31.822969] stm32-display 5a001000.display-controller: [drm] Cannot find any crtc or sizes <5>[ 31.828699] Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' <5>[ 31.898828] Loaded X.509 cert 'wens: 61c038651aabdcf94bd0ac7ff06c7248db18c600' <4>[ 31.907224] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 <6>[ 31.914947] cfg80211: failed to load regulatory.db <6>[ 32.017673] Bluetooth: hci0: BCM: chip id 107 <6>[ 32.030194] Bluetooth: hci0: BCM: features 0x2f <6>[ 32.039585] Bluetooth: hci0: BCM4345C0 <6>[ 32.042378] Bluetooth: hci0: BCM4345C0 (003.001.025) build 0000 <3>[ 32.056706] Bluetooth: hci0: BCM: firmware Patch file not found, tried: <3>[ 32.062265] Bluetooth: hci0: BCM: 'brcm/BCM4345C0.arrow,stm32mp157a-avenger96.hcd' <3>[ 32.070100] Bluetooth: hci0: BCM: 'brcm/BCM4345C0.hcd' <3>[ 32.075526] Bluetooth: hci0: BCM: 'brcm/BCM.arrow,stm32mp157a-avenger96.hcd' <3>[ 32.082831] Bluetooth: hci0: BCM: 'brcm/BCM.hcd' <6>[ 32.226790] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6 <4>[ 32.291112] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.arrow,stm32mp157a-avenger96.bin failed with error -2 <4>[ 32.328586] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2 <3>[ 33.416712] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50 <3>[ 33.888281] debugfs: File 'Capture' in directory 'dapm' already present! Begin: Loading essential drivers ... done. Begin: Running /scripts/init-premount ... done. Begin: Mounting root file system ... Begin: Running /scripts/nfs-top ... done. Begin: Running /scripts/nfs-premount ... Waiting up to 60 secs for any ethernet to become available Device /sys/class/net/bond0 found done. Begin: Waiting up to 180 secs for any network device to become available ... done. IP-Config: end0 hardware address 80:1f:12:cc:2a:a4 mtu 1500 DHCP IP-Config: bond0 hardware address ea:70:2d:e9:76:4c mtu 1500 DHCP /sys/class/net/bonding_masters/flags: Not a directory IP-Config: end0 complete (dhcp from 192.168.6.1): address: 192.168.6.45 broadcast: 192.168.6.255 netmask: 255.255.255.0 gateway: 192.168.6.1 dns0 : 192.168.6.1 dns1 : 0.0.0.0 rootserver: 192.168.6.1 rootpath: filename : done. Begin: Running /scripts/nfs-bottom ... done. Begin: Running /scripts/init-bottom ... done. <30>[ 37.438981] systemd[1]: System time before build time, advancing clock. <30>[ 37.729408] systemd[1]: systemd 252.22-1~deb12u1 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) <30>[ 37.761565] systemd[1]: Detected architecture arm. Welcome to [1mDebian GNU/Linux 12 (bookworm)[0m! <30>[ 37.804042] systemd[1]: Hostname set to . <30>[ 41.803798] systemd[1]: Queued start job for default target graphical.target. <30>[ 41.854731] systemd[1]: Created slice system-getty.slice - Slice /system/getty. [[0;32m OK [0m] Created slice [0;1;39msystem-getty.slice[0m - Slice /system/getty. <30>[ 41.884635] systemd[1]: Created slice system-modprobe.slice - Slice /system/modprobe. [[0;32m OK [0m] Created slice [0;1;39msystem-modpr…lice[0m - Slice /system/modprobe. <30>[ 41.913276] systemd[1]: Created slice system-serial\x2dgetty.slice - Slice /system/serial-getty. [[0;32m OK [0m] Created slice [0;1;39msystem-seria…[0m - Slice /system/serial-getty. <30>[ 41.943170] systemd[1]: Created slice user.slice - User and Session Slice. [[0;32m OK [0m] Created slice [0;1;39muser.slice[0m - User and Session Slice. <30>[ 41.961662] systemd[1]: Started systemd-ask-password-console.path - Dispatch Password Requests to Console Directory Watch. [[0;32m OK [0m] Started [0;1;39msystemd-ask-passwo…quests to Console Directory Watch. <30>[ 41.984396] systemd[1]: Started systemd-ask-password-wall.path - Forward Password Requests to Wall Directory Watch. [[0;32m OK [0m] Started [0;1;39msystemd-ask-passwo… Requests to Wall Directory Watch. <30>[ 42.005139] systemd[1]: proc-sys-fs-binfmt_misc.automount - Arbitrary Executable File Formats File System Automount Point was skipped because of an unmet condition check (ConditionPathExists=/proc/sys/fs/binfmt_misc). <30>[ 42.024252] systemd[1]: Expecting device dev-ttySTM0.device - /dev/ttySTM0... Expecting device [0;1;39mdev-ttySTM0.device[0m - /dev/ttySTM0... <30>[ 42.040348] systemd[1]: Reached target cryptsetup.target - Local Encrypted Volumes. [[0;32m OK [0m] Reached target [0;1;39mcryptsetup.…get[0m - Local Encrypted Volumes. <30>[ 42.059629] systemd[1]: Reached target integritysetup.target - Local Integrity Protected Volumes. [[0;32m OK [0m] Reached target [0;1;39mintegrityse…Local Integrity Protected Volumes. <30>[ 42.078798] systemd[1]: Reached target paths.target - Path Units. [[0;32m OK [0m] Reached target [0;1;39mpaths.target[0m - Path Units. <30>[ 42.093452] systemd[1]: Reached target remote-fs.target - Remote File Systems. [[0;32m OK [0m] Reached target [0;1;39mremote-fs.target[0m - Remote File Systems. <30>[ 42.110314] systemd[1]: Reached target slices.target - Slice Units. [[0;32m OK [0m] Reached target [0;1;39mslices.target[0m - Slice Units. <30>[ 42.126625] systemd[1]: Reached target swap.target - Swaps. [[0;32m OK [0m] Reached target [0;1;39mswap.target[0m - Swaps. <30>[ 42.141595] systemd[1]: Reached target veritysetup.target - Local Verity Protected Volumes. [[0;32m OK [0m] Reached target [0;1;39mveritysetup… - Local Verity Protected Volumes. <30>[ 42.163580] systemd[1]: Listening on systemd-initctl.socket - initctl Compatibility Named Pipe. [[0;32m OK [0m] Listening on [0;1;39msystemd-initc… initctl Compatibility Named Pipe. <30>[ 42.190723] systemd[1]: Listening on systemd-journald-audit.socket - Journal Audit Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-journ…socket[0m - Journal Audit Socket. <30>[ 42.216207] systemd[1]: Listening on systemd-journald-dev-log.socket - Journal Socket (/dev/log). [[0;32m OK [0m] Listening on [0;1;39msystemd-journ…t[0m - Journal Socket (/dev/log). <30>[ 42.239978] systemd[1]: Listening on systemd-journald.socket - Journal Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-journald.socket[0m - Journal Socket. <30>[ 42.263618] systemd[1]: Listening on systemd-networkd.socket - Network Service Netlink Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-netwo… - Network Service Netlink Socket. <30>[ 42.294227] systemd[1]: Listening on systemd-udevd-control.socket - udev Control Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-udevd….socket[0m - udev Control Socket. <30>[ 42.316103] systemd[1]: Listening on systemd-udevd-kernel.socket - udev Kernel Socket. [[0;32m OK [0m] Listening on [0;1;39msystemd-udevd…l.socket[0m - udev Kernel Socket. <30>[ 42.338201] systemd[1]: dev-hugepages.mount - Huge Pages File System was skipped because of an unmet condition check (ConditionPathExists=/sys/kernel/mm/hugepages). <30>[ 42.353809] systemd[1]: dev-mqueue.mount - POSIX Message Queue File System was skipped because of an unmet condition check (ConditionPathExists=/proc/sys/fs/mqueue). <30>[ 42.400658] systemd[1]: Mounting sys-kernel-debug.mount - Kernel Debug File System... Mounting [0;1;39msys-kernel-debug.…[0m - Kernel Debug File System... <30>[ 42.462060] systemd[1]: Mounting sys-kernel-tracing.mount - Kernel Trace File System... Mounting [0;1;39msys-kernel-tracin…[0m - Kernel Trace File System... <30>[ 42.546234] systemd[1]: Starting kmod-static-nodes.service - Create List of Static Device Nodes... Starting [0;1;39mkmod-static-nodes…ate List of Static Device Nodes... <30>[ 42.663677] systemd[1]: Starting modprobe@configfs.service - Load Kernel Module configfs... Starting [0;1;39mmodprobe@configfs…m - Load Kernel Module configfs... <30>[ 42.739474] systemd[1]: Starting modprobe@dm_mod.service - Load Kernel Module dm_mod... Starting [0;1;39mmodprobe@dm_mod.s…[0m - Load Kernel Module dm_mod... <30>[ 42.810922] systemd[1]: Starting modprobe@drm.service - Load Kernel Module drm... Starting [0;1;39mmodprobe@drm.service[0m - Load Kernel Module drm... <30>[ 42.876801] systemd[1]: Starting modprobe@efi_pstore.service - Load Kernel Module efi_pstore... Starting [0;1;39mmodprobe@efi_psto…- Load Kernel Module efi_pstore... <30>[ 42.944027] systemd[1]: Starting modprobe@fuse.service - Load Kernel Module fuse... Starting [0;1;39mmodprobe@fuse.ser…e[0m - Load Kernel Module fuse... <30>[ 43.023226] systemd[1]: Starting modprobe@loop.service - Load Kernel Module loop... Starting [0;1;39mmodprobe@loop.ser…e[0m - Load Kernel Module loop... <30>[ 43.121845] systemd[1]: Starting systemd-journald.service - Journal Service... Starting [0;1;39msystemd-journald.service[0m - Journal Service... <6>[ 43.205981] fuse: init (API version 7.41) <30>[ 43.247931] systemd[1]: Starting systemd-modules-load.service - Load Kernel Modules... Starting [0;1;39msystemd-modules-l…rvice[0m - Load Kernel Modules... <30>[ 43.329796] systemd[1]: Starting systemd-network-generator.service - Generate network units from Kernel command line... Starting [0;1;39msystemd-network-g… units from Kernel command line... <30>[ 43.424270] systemd[1]: Starting systemd-remount-fs.service - Remount Root and Kernel File Systems... Starting [0;1;39msystemd-remount-f…nt Root and Kernel File Systems... <30>[ 43.568710] systemd[1]: Starting systemd-udev-trigger.service - Coldplug All udev Devices... Starting [0;1;39msystemd-udev-trig…[0m - Coldplug All udev Devices... <30>[ 43.798952] systemd[1]: Mounted sys-kernel-debug.mount - Kernel Debug File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-debug.m…nt[0m - Kernel Debug File System. <30>[ 43.846481] systemd[1]: Mounted sys-kernel-tracing.mount - Kernel Trace File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-tracing…nt[0m - Kernel Trace File System. <30>[ 43.907133] systemd[1]: Finished kmod-static-nodes.service - Create List of Static Device Nodes. [[0;32m OK [0m] Finished [0;1;39mkmod-static-nodes…reate List of Static Device Nodes. <30>[ 43.958070] systemd[1]: modprobe@configfs.service: Deactivated successfully. <30>[ 43.978699] systemd[1]: Finished modprobe@configfs.service - Load Kernel Module configfs. [[0;32m OK [0m] Finished [0;1;39mmodprobe@configfs…[0m - Load Kernel Module configfs. <30>[ 44.034071] systemd[1]: modprobe@dm_mod.service: Deactivated successfully. <30>[ 44.054723] systemd[1]: Finished modprobe@dm_mod.service - Load Kernel Module dm_mod. [[0;32m OK [0m] Finished [0;1;39mmodprobe@dm_mod.s…e[0m - Load Kernel Module dm_mod. <30>[ 44.105101] systemd[1]: modprobe@drm.service: Deactivated successfully. <30>[ 44.128809] systemd[1]: Finished modprobe@drm.service - Load Kernel Module drm. [[0;32m OK [0m] Finished [0;1;39mmodprobe@drm.service[0m - Load Kernel Module drm. <30>[ 44.175163] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. <30>[ 44.197580] systemd[1]: Finished modprobe@efi_pstore.service - Load Kernel Module efi_pstore. [[0;32m OK [0m] Finished [0;1;39mmodprobe@efi_psto…m - Load Kernel Module efi_pstore. <30>[ 44.243697] systemd[1]: modprobe@fuse.service: Deactivated successfully. <30>[ 44.265314] systemd[1]: Finished modprobe@fuse.service - Load Kernel Module fuse. [[0;32m OK [0m] Finished [0;1;39mmodprobe@fuse.service[0m - Load Kernel Module fuse. <30>[ 44.306706] systemd[1]: modprobe@loop.service: Deactivated successfully. <30>[ 44.329600] systemd[1]: Finished modprobe@loop.service - Load Kernel Module loop. [[0;32m OK [0m] Finished [0;1;39mmodprobe@loop.service[0m - Load Kernel Module loop. <30>[ 44.373865] systemd[1]: Finished systemd-modules-load.service - Load Kernel Modules. [[0;32m OK [0m] Finished [0;1;39msystemd-modules-l…service[0m - Load Kernel Modules. <30>[ 44.416384] systemd[1]: Finished systemd-network-generator.service - Generate network units from Kernel command line. [[0;32m OK [0m] Finished [0;1;39msystemd-network-g…rk units from Kernel command line. <30>[ 44.464113] systemd[1]: Finished systemd-remount-fs.service - Remount Root and Kernel File Systems. [[0;32m OK [0m] Finished [0;1;39msystemd-remount-f…ount Root and Kernel File Systems. <30>[ 44.508282] systemd[1]: Reached target network-pre.target - Preparation for Network. [[0;32m OK [0m] Reached target [0;1;39mnetwork-pre…get[0m - Preparation for Network. <30>[ 44.601945] systemd[1]: Mounting sys-fs-fuse-connections.mount - FUSE Control File System... Mounting [0;1;39msys-fs-fuse-conne…[0m - FUSE Control File System... <30>[ 44.703724] systemd[1]: Mounting sys-kernel-config.mount - Kernel Configuration File System... Mounting [0;1;39msys-kernel-config…ernel Configuration File System... <30>[ 44.742652] systemd[1]: systemd-firstboot.service - First Boot Wizard was skipped because of an unmet condition check (ConditionFirstBoot=yes). <30>[ 44.773768] systemd[1]: systemd-pstore.service - Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). <30>[ 44.880171] systemd[1]: Starting systemd-random-seed.service - Load/Save Random Seed... Starting [0;1;39msystemd-random-se…ice[0m - Load/Save Random Seed... <30>[ 44.922711] systemd[1]: systemd-repart.service - Repartition Root Disk was skipped because no trigger condition checks were met. <30>[ 45.016886] systemd[1]: Starting systemd-sysctl.service - Apply Kernel Variables... Starting [0;1;39msystemd-sysctl.se…ce[0m - Apply Kernel Variables... <30>[ 45.152767] systemd[1]: Starting systemd-sysusers.service - Create System Users... Starting [0;1;39msystemd-sysusers.…rvice[0m - Create System Users... <30>[ 45.353405] systemd[1]: Started systemd-journald.service - Journal Service. [[0;32m OK [0m] Started [0;1;39msystemd-journald.service[0m - Journal Service. [[0;32m OK [0m] Mounted [0;1;39msys-fs-fuse-connec…nt[0m - FUSE Control File System. [[0;32m OK [0m] Mounted [0;1;39msys-kernel-config.… Kernel Configuration File System. [[0;32m OK [0m] Finished [0;1;39msystemd-random-se…rvice[0m - Load/Save Random Seed. Starting [0;1;39msystemd-journal-f…h Journal to Persistent Storage... [[0;32m OK [0m] Finished [0;1;39msystemd-sysctl.service[0m - Apply Kernel Variables. [[0;32m OK [0m] Finished [0;1;39msystemd-sysusers.service[0m - Create System Users. <46>[ 45.982305] systemd-journald[208]: Received client request to flush runtime journal. Starting [0;1;39msystemd-tmpfiles-…ate Static Device Nodes in /dev... [[0;32m OK [0m] Finished [0;1;39msystemd-tmpfiles-…reate Static Device Nodes in /dev. [[0;32m OK [0m] Reached target [0;1;39mlocal-fs-pr…reparation for Local File Systems. [[0;32m OK [0m] Reached target [0;1;39mlocal-fs.target[0m - Local File Systems. Starting [0;1;39msystemd-udevd.ser…ger for Device Events and Files... [[0;32m OK [0m] Finished [0;1;39msystemd-journal-f…ush Journal to Persistent Storage. Starting [0;1;39msystemd-tmpfiles-… Volatile Files and Directories... [[0;32m OK [0m] Started [0;1;39msystemd-udevd.serv…nager for Device Events and Files. Starting [0;1;39msystemd-networkd.…ice[0m - Network Configuration... [[0;32m OK [0m] Finished [0;1;39msystemd-tmpfiles-…te Volatile Files and Directories. Starting [0;1;39msystemd-timesyncd… - Network Time Synchronization... Starting [0;1;39msystemd-update-ut…rd System Boot/Shutdown in UTMP... [[0;32m OK [0m] Finished [0;1;39msystemd-update-ut…cord System Boot/Shutdown in UTMP. [[0;32m OK [0m] Started [0;1;39msystemd-networkd.service[0m - Network Configuration. [[0;32m OK [0m] Reached target [0;1;39mnetwork.target[0m - Network. [[0;32m OK [0m] Started [0;1;39msystemd-timesyncd.…0m - Network Time Synchronization. [[0;32m OK [0m] Reached target [0;1;39mtime-set.target[0m - System Time Set. <46>[ 51.812624] systemd-journald[208]: Oldest entry in /var/log/journal/658c871cd7314ccea6115dc5728f8992/system.journal is older than the configured file retention duration (1month), suggesting rotation. <46>[ 51.831555] systemd-journald[208]: /var/log/journal/658c871cd7314ccea6115dc5728f8992/system.journal: Journal header limits reached or header out-of-date, rotating. [[0m[0;31m* [0m] (1 of 2) Job dev-ttySTM0.device/start running (11s / 1min 30s) M [K[[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job dev-ttySTM0.device/start running (12s / 1min 30s) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job dev-ttySTM0.device/start running (12s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (13s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (13s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m*[0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (14s / no limit) M [K[ [0;31m*[0;1;31m*[0m] (1 of 2) Job dev-ttySTM0.device/start running (14s / 1min 30s) M [K[ [0;31m*[0m] (1 of 2) Job dev-ttySTM0.device/start running (15s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m] (1 of 2) Job dev-ttySTM0.device/start running (15s / 1min 30s) M [K[ [0;31m*[0;1;31m*[0m[0;31m*[0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (16s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (16s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (17s / no limit) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job dev-ttySTM0.device/start running (18s / 1min 30s) M [K[[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job dev-ttySTM0.device/start running (19s / 1min 30s) M [K[[0m[0;31m* [0m] (1 of 2) Job dev-ttySTM0.device/start running (20s / 1min 30s) M [K[[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (21s / no limit) M [K[[0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (22s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (2 of 2) Job systemd-udev-trigger.s…ice/start running (23s / no limit) M [K[ [0;31m*[0;1;31m*[0m[0;31m* [0m] (1 of 2) Job dev-ttySTM0.device/start running (24s / 1min 30s) M [K[[0;32m OK [0m] Found device [0;1;39mdev-ttySTM0.device[0m - /dev/ttySTM0. [K[[0;32m OK [0m] Finished [0;1;39msystemd-udev-trig…e[0m - Coldplug All udev Devices. [[0;32m OK [0m] Reached target [0;1;39mbluetooth.target[0m - Bluetooth Support. [[0;32m OK [0m] Reached target [0;1;39musb-gadget.…m - Hardware activated USB gadget. [[0;32m OK [0m] Listening on [0;1;39msystemd-rfkil…l Switch Status /dev/rfkill Watch. Starting [0;1;39mmodprobe@dm_mod.s…[0m - Load Kernel Module dm_mod... Starting [0;1;39mmodprobe@efi_psto…- Load Kernel Module efi_pstore... Starting [0;1;39mmodprobe@loop.ser…e[0m - Load Kernel Module loop... [[0;32m OK [0m] Finished [0;1;39mmodprobe@dm_mod.s…e[0m - Load Kernel Module dm_mod. [[0;32m OK [0m] Finished [0;1;39mmodprobe@efi_psto…m - Load Kernel Module efi_pstore. Starting [0;1;39msystemd-rfkill.se…Load/Save RF Kill Switch Status... [[0;32m OK [0m] Finished [0;1;39mmodprobe@loop.service[0m - Load Kernel Module loop. [[0;32m OK [0m] Reached target [0;1;39msysinit.target[0m - System Initialization. [[0;32m OK [0m] Started [0;1;39mapt-daily.timer[0m - Daily apt download activities. [[0;32m OK [0m] Started [0;1;39mapt-daily-upgrade.… apt upgrade and clean activities. [[0;32m OK [0m] Started [0;1;39mdpkg-db-backup.tim… Daily dpkg database backup timer. [[0;32m OK [0m] Started [0;1;39me2scrub_all.timer…etadata Check for All Filesystems. [[0;32m OK [0m] Started [0;1;39mfstrim.timer[0m - Discard unused blocks once a week. [[0;32m OK [0m] Started [0;1;39msystemd-tmpfiles-c… Cleanup of Temporary Directories. [[0;32m OK [0m] Reached target [0;1;39mtimers.target[0m - Timer Units. [[0;32m OK [0m] Listening on [0;1;39mdbus.socket[…- D-Bus System Message Bus Socket. [[0;32m OK [0m] Reached target [0;1;39msockets.target[0m - Socket Units. [[0;32m OK [0m] Reached target [0;1;39mbasic.target[0m - Basic System. Starting [0;1;39malsa-restore.serv…- Save/Restore Sound Card State... Starting [0;1;39mdbus.service[0m - D-Bus System Message Bus... Starting [0;1;39me2scrub_reap.serv…e ext4 Metadata Check Snapshots... Starting [0;1;39msystemd-logind.se…ice[0m - User Login Management... Starting [0;1;39msystemd-user-sess…vice[0m - Permit User Sessions... [[0;32m OK [0m] Started [0;1;39msystemd-rfkill.ser…- Load/Save RF Kill Switch Status. [[0;32m OK [0m] Finished [0;1;39malsa-restore.serv…m - Save/Restore Sound Card State. [[0;32m OK [0m] Reached target [0;1;39msound.target[0m - Sound Card. [[0;32m OK [0m] Finished [0;1;39msystemd-user-sess…ervice[0m - Permit User Sessions. [[0;32m OK [0m] Started [0;1;39mgetty@tty1.service[0m - Getty on tty1. [[0;32m OK [0m] Started [0;1;39mserial-getty@ttyST…ice[0m - Serial Getty on ttySTM0. [[0;32m OK [0m] Reached target [0;1;39mgetty.target[0m - Login Prompts. [[0;32m OK [0m] Started [0;1;39mdbus.service[0m - D-Bus System Message Bus. Starting [0;1;39msystemd-hostnamed.service[0m - Hostname Service... [[0;32m OK [0m] Started [0;1;39msystemd-logind.service[0m - User Login Management. [[0;32m OK [0m] Finished [0;1;39me2scrub_reap.serv…ine ext4 Metadata Check Snapshots. [[0;32m OK [0m] Reached target [0;1;39mmulti-user.target[0m - Multi-User System. [[0;32m OK [0m] Reached target [0;1;39mgraphical.target[0m - Graphical Interface. Starting [0;1;39msystemd-update-ut… Record Runlevel Change in UTMP... [[0;32m OK [0m] Started [0;1;39msystemd-hostnamed.service[0m - Hostname Service. [[0;32m OK [0m] Finished [0;1;39msystemd-update-ut… - Record Runlevel Change in UTMP. Debian GNU/Linux 12 debian-bookworm-armhf ttySTM0 debian-bookworm-armhf login: root (automatic login) Linux debian-bookworm-armhf 6.12.0-rc3-next-20241017 #1 SMP Thu Oct 17 10:35:46 UTC 2024 armv7l The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. / # / # export NFS_ROOTFS='/var/lib/lava/dispatcher/tmp/855183/extract-nfsrootfs-nl_jgwvz' export NFS_ROOTFS='/var/lib/lava/dispatcher/tmp/855183/extract-nfsrootfs-nl_jgwvz' / # export NFS_SERVER_IP='192.168.6.3' export NFS_SERVER_IP='192.168.6.3' / # # # / # export SHELL=/bin/bash export SHELL=/bin/bash / # . /lava-855183/environment . /lava-855183/environment / # /lava-855183/bin/lava-test-runner /lava-855183/0 /lava-855183/bin/lava-test-runner /lava-855183/0 + export TESTRUN_ID=0_timesync-off + TESTRUN_ID=0_timesync-off + cd /lava-855183/0/tests/0_timesync-off ++ cat uuid + UUID=855183_1.6.2.4.1 + set +x + systemctl stop systemd-timesyncd + set +x + export TESTRUN_ID=1_kselftest-lkdtm + TESTRUN_ID=1_kselftest-lkdtm + cd /lava-855183/0/tests/1_kselftest-lkdtm ++ cat uuid + UUID=855183_1.6.2.4.5 + set +x + cd ./automated/linux/kselftest/ + ./kselftest.sh -c lkdtm -T '' -t kselftest_armhf.tar.gz -s True -u http://storage.kernelci.org/next/master/next-20241017/arm/multi_v7_defconfig+kselftest/gcc-12/kselftest.tar.xz -L '' -S /dev/null -b stm32mp157a-dhcor-avenger96 -g next -e '' -p /opt/kselftests/mainline/ -n 1 -i 1 -E '' INFO: install_deps skipped --2024-10-17 12:12:46-- http://storage.kernelci.org/next/master/next-20241017/arm/multi_v7_defconfig+kselftest/gcc-12/kselftest.tar.xz Resolving storage.kernelci.org (storage.kernelci.org)... 20.171.243.82 Connecting to storage.kernelci.org (storage.kernelci.org)|20.171.243.82|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 4128148 (3.9M) [application/octet-stream] Saving to: 'kselftest_armhf.tar.gz' kselftest_armhf.tar 0%[ ] 0 --.-KB/s kselftest_armhf.tar 1%[ ] 49.92K 160KB/s kselftest_armhf.tar 5%[> ] 218.67K 349KB/s kselftest_armhf.tar 22%[===> ] 889.89K 947KB/s kselftest_armhf.tar 63%[===========> ] 2.50M 2.19MB/s kselftest_armhf.tar 100%[===================>] 3.94M 3.09MB/s in 1.3s 2024-10-17 12:12:47 (3.09 MB/s) - 'kselftest_armhf.tar.gz' saved [4128148/4128148] skiplist: ======================================== ======================================== lkdtm:PANIC.sh lkdtm:PANIC_STOP_IRQOFF.sh lkdtm:BUG.sh lkdtm:WARNING.sh lkdtm:WARNING_MESSAGE.sh lkdtm:EXCEPTION.sh lkdtm:LOOP.sh lkdtm:EXHAUST_STACK.sh lkdtm:CORRUPT_STACK.sh lkdtm:CORRUPT_STACK_STRONG.sh lkdtm:ARRAY_BOUNDS.sh lkdtm:CORRUPT_LIST_ADD.sh lkdtm:CORRUPT_LIST_DEL.sh lkdtm:STACK_GUARD_PAGE_LEADING.sh lkdtm:STACK_GUARD_PAGE_TRAILING.sh lkdtm:REPORT_STACK_CANARY.sh lkdtm:UNSET_SMEP.sh lkdtm:DOUBLE_FAULT.sh lkdtm:CORRUPT_PAC.sh lkdtm:UNALIGNED_LOAD_STORE_WRITE.sh lkdtm:SLAB_LINEAR_OVERFLOW.sh lkdtm:VMALLOC_LINEAR_OVERFLOW.sh lkdtm:WRITE_AFTER_FREE.sh lkdtm:READ_AFTER_FREE.sh lkdtm:WRITE_BUDDY_AFTER_FREE.sh lkdtm:READ_BUDDY_AFTER_FREE.sh lkdtm:SLAB_INIT_ON_ALLOC.sh lkdtm:BUDDY_INIT_ON_ALLOC.sh lkdtm:SLAB_FREE_DOUBLE.sh lkdtm:SLAB_FREE_CROSS.sh lkdtm:SLAB_FREE_PAGE.sh lkdtm:SOFTLOCKUP.sh lkdtm:HARDLOCKUP.sh lkdtm:SMP_CALL_LOCKUP.sh lkdtm:SPINLOCKUP.sh lkdtm:HUNG_TASK.sh lkdtm:EXEC_DATA.sh lkdtm:EXEC_STACK.sh lkdtm:EXEC_KMALLOC.sh lkdtm:EXEC_VMALLOC.sh lkdtm:EXEC_RODATA.sh lkdtm:EXEC_USERSPACE.sh lkdtm:EXEC_NULL.sh lkdtm:ACCESS_USERSPACE.sh lkdtm:ACCESS_NULL.sh lkdtm:WRITE_RO.sh lkdtm:WRITE_RO_AFTER_INIT.sh lkdtm:WRITE_KERN.sh lkdtm:WRITE_OPD.sh lkdtm:REFCOUNT_INC_OVERFLOW.sh lkdtm:REFCOUNT_ADD_OVERFLOW.sh lkdtm:REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_DEC_ZERO.sh lkdtm:REFCOUNT_DEC_NEGATIVE.sh lkdtm:REFCOUNT_DEC_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_SUB_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_INC_ZERO.sh lkdtm:REFCOUNT_ADD_ZERO.sh lkdtm:REFCOUNT_INC_SATURATED.sh lkdtm:REFCOUNT_DEC_SATURATED.sh lkdtm:REFCOUNT_ADD_SATURATED.sh lkdtm:REFCOUNT_INC_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_DEC_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_SUB_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_TIMING.sh lkdtm:ATOMIC_TIMING.sh lkdtm:USERCOPY_SLAB_SIZE_TO.sh lkdtm:USERCOPY_SLAB_SIZE_FROM.sh lkdtm:USERCOPY_SLAB_WHITELIST_TO.sh lkdtm:USERCOPY_SLAB_WHITELIST_FROM.sh lkdtm:USERCOPY_STACK_FRAME_TO.sh lkdtm:USERCOPY_STACK_FRAME_FROM.sh lkdtm:USERCOPY_STACK_BEYOND.sh lkdtm:USERCOPY_KERNEL.sh lkdtm:STACKLEAK_ERASING.sh lkdtm:CFI_FORWARD_PROTO.sh lkdtm:CFI_BACKWARD.sh lkdtm:FORTIFY_STRSCPY.sh lkdtm:FORTIFY_STR_OBJECT.sh lkdtm:FORTIFY_STR_MEMBER.sh lkdtm:FORTIFY_MEM_OBJECT.sh lkdtm:FORTIFY_MEM_MEMBER.sh lkdtm:PPC_SLB_MULTIHIT.sh lkdtm:stack-entropy.sh ============== Tests to run =============== lkdtm:PANIC.sh lkdtm:PANIC_STOP_IRQOFF.sh lkdtm:BUG.sh lkdtm:WARNING.sh lkdtm:WARNING_MESSAGE.sh lkdtm:EXCEPTION.sh lkdtm:LOOP.sh lkdtm:EXHAUST_STACK.sh lkdtm:CORRUPT_STACK.sh lkdtm:CORRUPT_STACK_STRONG.sh lkdtm:ARRAY_BOUNDS.sh lkdtm:CORRUPT_LIST_ADD.sh lkdtm:CORRUPT_LIST_DEL.sh lkdtm:STACK_GUARD_PAGE_LEADING.sh lkdtm:STACK_GUARD_PAGE_TRAILING.sh lkdtm:REPORT_STACK_CANARY.sh lkdtm:UNSET_SMEP.sh lkdtm:DOUBLE_FAULT.sh lkdtm:CORRUPT_PAC.sh lkdtm:UNALIGNED_LOAD_STORE_WRITE.sh lkdtm:SLAB_LINEAR_OVERFLOW.sh lkdtm:VMALLOC_LINEAR_OVERFLOW.sh lkdtm:WRITE_AFTER_FREE.sh lkdtm:READ_AFTER_FREE.sh lkdtm:WRITE_BUDDY_AFTER_FREE.sh lkdtm:READ_BUDDY_AFTER_FREE.sh lkdtm:SLAB_INIT_ON_ALLOC.sh lkdtm:BUDDY_INIT_ON_ALLOC.sh lkdtm:SLAB_FREE_DOUBLE.sh lkdtm:SLAB_FREE_CROSS.sh lkdtm:SLAB_FREE_PAGE.sh lkdtm:SOFTLOCKUP.sh lkdtm:HARDLOCKUP.sh lkdtm:SMP_CALL_LOCKUP.sh lkdtm:SPINLOCKUP.sh lkdtm:HUNG_TASK.sh lkdtm:EXEC_DATA.sh lkdtm:EXEC_STACK.sh lkdtm:EXEC_KMALLOC.sh lkdtm:EXEC_VMALLOC.sh lkdtm:EXEC_RODATA.sh lkdtm:EXEC_USERSPACE.sh lkdtm:EXEC_NULL.sh lkdtm:ACCESS_USERSPACE.sh lkdtm:ACCESS_NULL.sh lkdtm:WRITE_RO.sh lkdtm:WRITE_RO_AFTER_INIT.sh lkdtm:WRITE_KERN.sh lkdtm:WRITE_OPD.sh lkdtm:REFCOUNT_INC_OVERFLOW.sh lkdtm:REFCOUNT_ADD_OVERFLOW.sh lkdtm:REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh lkdtm:REFCOUNT_DEC_ZERO.sh lkdtm:REFCOUNT_DEC_NEGATIVE.sh lkdtm:REFCOUNT_DEC_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_SUB_AND_TEST_NEGATIVE.sh lkdtm:REFCOUNT_INC_ZERO.sh lkdtm:REFCOUNT_ADD_ZERO.sh lkdtm:REFCOUNT_INC_SATURATED.sh lkdtm:REFCOUNT_DEC_SATURATED.sh lkdtm:REFCOUNT_ADD_SATURATED.sh lkdtm:REFCOUNT_INC_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_ADD_NOT_ZERO_SATURATED.sh lkdtm:REFCOUNT_DEC_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_SUB_AND_TEST_SATURATED.sh lkdtm:REFCOUNT_TIMING.sh lkdtm:ATOMIC_TIMING.sh lkdtm:USERCOPY_SLAB_SIZE_TO.sh lkdtm:USERCOPY_SLAB_SIZE_FROM.sh lkdtm:USERCOPY_SLAB_WHITELIST_TO.sh lkdtm:USERCOPY_SLAB_WHITELIST_FROM.sh lkdtm:USERCOPY_STACK_FRAME_TO.sh lkdtm:USERCOPY_STACK_FRAME_FROM.sh lkdtm:USERCOPY_STACK_BEYOND.sh lkdtm:USERCOPY_KERNEL.sh lkdtm:STACKLEAK_ERASING.sh lkdtm:CFI_FORWARD_PROTO.sh lkdtm:CFI_BACKWARD.sh lkdtm:FORTIFY_STRSCPY.sh lkdtm:FORTIFY_STR_OBJECT.sh lkdtm:FORTIFY_STR_MEMBER.sh lkdtm:FORTIFY_MEM_OBJECT.sh lkdtm:FORTIFY_MEM_MEMBER.sh lkdtm:PPC_SLB_MULTIHIT.sh lkdtm:stack-entropy.sh ===========End Tests to run =============== shardfile-lkdtm pass <12>[ 115.853942] kselftest: Running tests in lkdtm TAP version 13 1..86 # timeout set to 45 # selftests: lkdtm: PANIC.sh # Skipping PANIC: crashes entire system ok 1 selftests: lkdtm: PANIC.sh # SKIP # timeout set to 45 # selftests: lkdtm: PANIC_STOP_IRQOFF.sh # Skipping PANIC_STOP_IRQOFF: Crashes entire system ok 2 selftests: lkdtm: PANIC_STOP_IRQOFF.sh # SKIP # timeout set to 45 # selftests: lkdtm: BUG.sh <6>[ 118.370184] lkdtm: Performing direct entry BUG <4>[ 118.373771] ------------[ cut here ]------------ <2>[ 118.378527] kernel BUG at drivers/misc/lkdtm/bugs.c:105! <0>[ 118.384080] Internal error: Oops - BUG: 0 [#1] SMP ARM <4>[ 118.389535] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 118.425913] CPU: 0 UID: 0 PID: 744 Comm: cat Not tainted 6.12.0-rc3-next-20241017 #1 <4>[ 118.433985] Hardware name: STM32 (Device Tree Support) <4>[ 118.439433] PC is at lkdtm_BUG+0x8/0xc <4>[ 118.443392] LR is at lkdtm_do_action+0x24/0x4c <4>[ 118.448144] pc : [] lr : [] psr: a0080013 <4>[ 118.454700] sp : f1261ec0 ip : 00000000 fp : 004cfe38 <4>[ 118.460150] r10: c91a4400 r9 : f1261f80 r8 : c278939c <4>[ 118.465700] r7 : f1261f80 r6 : 00000000 r5 : c693f000 r4 : 00000004 <4>[ 118.472558] r3 : c0e04a90 r2 : 00000000 r1 : 00000000 r0 : c278939c <4>[ 118.479317] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 118.486781] Control: 10c5387d Table: c58d406a DAC: 00000051 <1>[ 118.492731] Register r0 information: non-slab/vmalloc memory <1>[ 118.498695] Register r1 information: NULL pointer <1>[ 118.503750] Register r2 information: NULL pointer <1>[ 118.508701] Register r3 information: non-slab/vmalloc memory <1>[ 118.514658] Register r4 information: non-paged memory <1>[ 118.519912] Register r5 information: non-slab/vmalloc memory <1>[ 118.525869] Register r6 information: NULL pointer <1>[ 118.530921] Register r7 information: 2-page vmalloc region starting at 0xf1260000 allocated at kernel_clone+0xac/0x388 <1>[ 118.541835] Register r8 information: non-slab/vmalloc memory <1>[ 118.547794] Register r9 information: 2-page vmalloc region starting at 0xf1260000 allocated at kernel_clone+0xac/0x388 <1>[ 118.558800] Register r10 information: slab kmalloc-192 start c91a43c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 118.572766] full_proxy_open+0x124/0x24c <6>[ 118.577217] do_dentry_open+0x144/0x4dc <6>[ 118.581575] vfs_open+0x2c/0xec <6>[ 118.585226] path_openat+0x748/0x1198 <6>[ 118.589379] do_filp_open+0x98/0x134 <6>[ 118.593529] do_sys_openat2+0xbc/0xe4 <6>[ 118.597684] sys_openat+0x98/0xd4 <6>[ 118.601537] ret_fast_syscall+0x0/0x1c <4>[ 118.605787] Free path: <6>[ 118.608518] xdr_free_bvec+0x18/0x24 <6>[ 118.612672] xprt_complete_rqst+0x30/0x8c <6>[ 118.617229] xs_stream_data_receive_workfn+0x4c8/0x594 <6>[ 118.622886] process_one_work+0x1b8/0x450 <6>[ 118.627443] worker_thread+0x1d4/0x3c4 <6>[ 118.631695] kthread+0xe8/0x104 <6>[ 118.635342] ret_from_fork+0x14/0x28 <1>[ 118.639490] Register r11 information: non-paged memory <1>[ 118.644847] Register r12 information: NULL pointer <0>[ 118.650000] Process cat (pid: 744, stack limit = 0xf1260000) <0>[ 118.655855] Stack: (0xf1261ec0 to 0xf1262000) <0>[ 118.660512] 1ec0: 00000004 c0e043a4 c0e04288 c8de1a40 b6e78000 00000004 c3983a30 c0893830 <0>[ 118.668986] 1ee0: c8de1a40 c08937d4 f1261f80 b6e78000 c5889e40 00000004 c91a4400 c062a2a0 <0>[ 118.677458] 1f00: c58d6db8 00000000 00000000 00000000 00000000 00000004 b6e78000 0001fffc <0>[ 118.685930] 1f20: 00000001 00000000 c94af640 00000000 00000000 00000000 00000000 00000000 <0>[ 118.694403] 1f40: 00000000 00000000 00000000 00000000 00000022 7992fac2 00000000 c8de1a40 <0>[ 118.702876] 1f60: c8de1a40 00000000 00000000 c03002f0 c5889e40 00000004 004cfe38 c062a7fc <0>[ 118.711349] 1f80: 00000000 00000000 00000000 7992fac2 000000c0 00000004 00000004 7ff00000 <0>[ 118.719822] 1fa0: 00000004 c03000c0 00000004 00000004 00000001 b6e78000 00000004 00000001 <0>[ 118.728295] 1fc0: 00000004 00000004 7ff00000 00000004 00000001 b6e78000 00020000 004cfe38 <0>[ 118.736768] 1fe0: 00000004 bee41788 b6f3e33b b6eb7616 60080030 00000001 00000000 00000000 <0>[ 118.745232] Call trace: <0>[ 118.745247] lkdtm_BUG from lkdtm_do_action+0x24/0x4c <0>[ 118.753436] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 118.759201] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 118.764868] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 118.770334] vfs_write from ksys_write+0x78/0xf8 <0>[ 118.775193] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 118.780655] Exception stack(0xf1261fa8 to 0xf1261ff0) <0>[ 118.786011] 1fa0: 00000004 00000004 00000001 b6e78000 00000004 00000001 <0>[ 118.794484] 1fc0: 00000004 00000004 7ff00000 00000004 00000001 b6e78000 00020000 004cfe38 <0>[ 118.802954] 1fe0: 00000004 bee41788 b6f3e33b b6eb7616 <0>[ 118.808311] Code: c2789338 c278934c e52de004 e28dd004 (e7f001f2) <4>[ 118.814667] ---[ end trace 0000000000000000 ]--- <6>[ 118.819514] note: cat[744] exited with irqs disabled # Segmentation fault # [ 118.370184] lkdtm: Performing direct entry BUG # [ 118.373771] ------------[ cut here ]------------ # [ 118.378527] kernel BUG at drivers/misc/lkdtm/bugs.c:105! # [ 118.384080] Internal error: Oops - BUG: 0 [#1] SMP ARM # [ 118.389535] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 118.425913] CPU: 0 UID: 0 PID: 744 Comm: cat Not tainted 6.12.0-rc3-next-20241017 #1 # [ 118.433985] Hardware name: STM32 (Device Tree Support) # [ 118.439433] PC is at lkdtm_BUG+0x8/0xc # [ 118.443392] LR is at lkdtm_do_action+0x24/0x4c # [ 118.448144] pc : [] lr : [] psr: a0080013 # [ 118.454700] sp : f1261ec0 ip : 00000000 fp : 004cfe38 # [ 118.460150] r10: c91a4400 r9 : f1261f80 r8 : c278939c # [ 118.465700] r7 : f1261f80 r6 : 00000000 r5 : c693f000 r4 : 00000004 # [ 118.472558] r3 : c0e04a90 r2 : 00000000 r1 : 00000000 r0 : c278939c # [ 118.479317] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 118.486781] Control: 10c5387d Table: c58d406a DAC: 00000051 # [ 118.492731] Register r0 information: non-slab/vmalloc memory # [ 118.498695] Register r1 information: NULL pointer # [ 118.503750] Register r2 information: NULL pointer # [ 118.508701] Register r3 information: non-slab/vmalloc memory # [ 118.514658] Register r4 information: non-paged memory # [ 118.519912] Register r5 information: non-slab/vmalloc memory # [ 118.525869] Register r6 information: NULL pointer # [ 118.530921] Register r7 information: 2-page vmalloc region starting at 0xf1260000 allocated at kernel_clone+0xac/0x388 # [ 118.541835] Register r8 information: non-slab/vmalloc memory # [ 118.547794] Register r9 information: 2-page vmalloc region starting at 0xf1260000 allocated at kernel_clone+0xac/0x388 # [ 118.558800] Register r10 information: slab kmalloc-192 start c91a43c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 118.572766] full_proxy_open+0x124/0x24c # [ 118.577217] do_dentry_open+0x144/0x4dc # [ 118.581575] vfs_open+0x2c/0xec # [ 118.585226] path_openat+0x748/0x1198 # [ 118.589379] do_filp_open+0x98/0x134 # [ 118.593529] do_sys_openat2+0xbc/0xe4 # [ 118.597684] sys_openat+0x98/0xd4 # [ 118.601537] ret_fast_syscall+0x0/0x1c # [ 118.605787] Free path: # [ 118.608518] xdr_free_bvec+0x18/0x24 # [ 118.612672] xprt_complete_rqst+0x30/0x8c # [ 118.617229] xs_stream_data_receive_workfn+0x4c8/0x594 # [ 118.622886] process_one_work+0x1b8/0x450 # [ 118.627443] worker_thread+0x1d4/0x3c4 # [ 118.631695] kthread+0xe8/0x104 # [ 118.635342] ret_from_fork+0x14/0x28 # [ 118.639490] Register r11 information: non-paged memory # [ 118.644847] Register r12 information: NULL pointer # [ 118.650000] Process cat (pid: 744, stack limit = 0xf1260000) # [ 118.655855] Stack: (0xf1261ec0 to 0xf1262000) # [ 118.660512] 1ec0: 00000004 c0e043a4 c0e04288 c8de1a40 b6e78000 00000004 c3983a30 c0893830 # [ 118.668986] 1ee0: c8de1a40 c08937d4 f1261f80 b6e78000 c5889e40 00000004 c91a4400 c062a2a0 # [ 118.677458] 1f00: c58d6db8 00000000 00000000 00000000 00000000 00000004 b6e78000 0001fffc # [ 118.685930] 1f20: 00000001 00000000 c94af640 00000000 00000000 00000000 00000000 00000000 # [ 118.694403] 1f40: 00000000 00000000 00000000 00000000 00000022 7992fac2 00000000 c8de1a40 # [ 118.702876] 1f60: c8de1a40 00000000 00000000 c03002f0 c5889e40 00000004 004cfe38 c062a7fc # [ 118.711349] 1f80: 00000000 00000000 00000000 7992fac2 000000c0 00000004 00000004 7ff00000 # [ 118.719822] 1fa0: 00000004 c03000c0 00000004 00000004 00000001 b6e78000 00000004 00000001 # [ 118.728295] 1fc0: 00000004 00000004 7ff00000 00000004 00000001 b6e78000 00020000 004cfe38 # [ 118.736768] 1fe0: 00000004 bee41788 b6f3e33b b6eb7616 60080030 00000001 00000000 00000000 # [ 118.745232] Call trace: # [ 118.745247] lkdtm_BUG from lkdtm_do_action+0x24/0x4c # [ 118.753436] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 118.759201] direct_entry from full_proxy_write+0x5c/0x8c # [ 118.764868] full_proxy_write from vfs_write+0xbc/0x3cc # [ 118.770334] vfs_write from ksys_write+0x78/0xf8 # [ 118.775193] ksys_write from ret_fast_syscall+0x0/0x1c # [ 118.780655] Exception stack(0xf1261fa8 to 0xf1261ff0) # [ 118.786011] 1fa0: 00000004 00000004 00000001 b6e78000 00000004 00000001 # [ 118.794484] 1fc0: 00000004 00000004 7ff00000 00000004 00000001 b6e78000 00020000 004cfe38 # [ 118.802954] 1fe0: 00000004 bee41788 b6f3e33b b6eb7616 # [ 118.808311] Code: c2789338 c278934c e52de004 e28dd004 (e7f001f2) # [ 118.814667] ---[ end trace 0000000000000000 ]--- # [ 118.819514] note: cat[744] exited with irqs disabled # BUG: saw 'kernel BUG at': ok ok 3 selftests: lkdtm: BUG.sh # timeout set to 45 # selftests: lkdtm: WARNING.sh <6>[ 120.217004] lkdtm: Performing direct entry WARNING <4>[ 120.220811] ------------[ cut here ]------------ <4>[ 120.225626] WARNING: CPU: 1 PID: 827 at drivers/misc/lkdtm/bugs.c:112 lkdtm_do_action+0x24/0x4c <4>[ 120.235158] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 120.271142] CPU: 1 UID: 0 PID: 827 Comm: cat Tainted: G D 6.12.0-rc3-next-20241017 #1 <4>[ 120.280545] Tainted: [D]=DIE <4>[ 120.283686] Hardware name: STM32 (Device Tree Support) <4>[ 120.289135] Call trace: <4>[ 120.289150] unwind_backtrace from show_stack+0x18/0x1c <4>[ 120.297459] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 120.302731] dump_stack_lvl from __warn+0x84/0x134 <4>[ 120.307808] __warn from warn_slowpath_fmt+0x190/0x198 <4>[ 120.313189] warn_slowpath_fmt from lkdtm_do_action+0x24/0x4c <4>[ 120.319266] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 120.325030] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 120.330698] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 120.336165] vfs_write from ksys_write+0x78/0xf8 <4>[ 120.341123] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 120.346486] Exception stack(0xf12d5fa8 to 0xf12d5ff0) <4>[ 120.351845] 5fa0: 00000008 00000008 00000001 b6dd8000 00000008 00000001 <4>[ 120.360318] 5fc0: 00000008 00000008 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 <4>[ 120.368787] 5fe0: 00000004 bea9e788 b6e9e33b b6e17616 <4>[ 120.374312] ---[ end trace 0000000000000000 ]--- # [ 120.217004] lkdtm: Performing direct entry WARNING # [ 120.220811] ------------[ cut here ]------------ # [ 120.225626] WARNING: CPU: 1 PID: 827 at drivers/misc/lkdtm/bugs.c:112 lkdtm_do_action+0x24/0x4c # [ 120.235158] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 120.271142] CPU: 1 UID: 0 PID: 827 Comm: cat Tainted: G D 6.12.0-rc3-next-20241017 #1 # [ 120.280545] Tainted: [D]=DIE # [ 120.283686] Hardware name: STM32 (Device Tree Support) # [ 120.289135] Call trace: # [ 120.289150] unwind_backtrace from show_stack+0x18/0x1c # [ 120.297459] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 120.302731] dump_stack_lvl from __warn+0x84/0x134 # [ 120.307808] __warn from warn_slowpath_fmt+0x190/0x198 # [ 120.313189] warn_slowpath_fmt from lkdtm_do_action+0x24/0x4c # [ 120.319266] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 120.325030] direct_entry from full_proxy_write+0x5c/0x8c # [ 120.330698] full_proxy_write from vfs_write+0xbc/0x3cc # [ 120.336165] vfs_write from ksys_write+0x78/0xf8 # [ 120.341123] ksys_write from ret_fast_syscall+0x0/0x1c # [ 120.346486] Exception stack(0xf12d5fa8 to 0xf12d5ff0) # [ 120.351845] 5fa0: 00000008 00000008 00000001 b6dd8000 00000008 00000001 # [ 120.360318] 5fc0: 00000008 00000008 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 # [ 120.368787] 5fe0: 00000004 bea9e788 b6e9e33b b6e17616 # [ 120.374312] ---[ end trace 0000000000000000 ]--- # WARNING: saw 'WARNING:': ok ok 4 selftests: lkdtm: WARNING.sh # timeout set to 45 # selftests: lkdtm: WARNING_MESSAGE.sh <6>[ 121.507457] lkdtm: Performing direct entry WARNING_MESSAGE <4>[ 121.511951] ------------[ cut here ]------------ <4>[ 121.517373] WARNING: CPU: 1 PID: 871 at drivers/misc/lkdtm/bugs.c:117 lkdtm_WARNING_MESSAGE+0x44/0x4c <4>[ 121.526472] Warning message trigger count: 2 <4>[ 121.530906] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 121.567564] CPU: 1 UID: 0 PID: 871 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 <4>[ 121.576772] Tainted: [D]=DIE, [W]=WARN <4>[ 121.580812] Hardware name: STM32 (Device Tree Support) <4>[ 121.586162] Call trace: <4>[ 121.586175] unwind_backtrace from show_stack+0x18/0x1c <4>[ 121.594480] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 121.599852] dump_stack_lvl from __warn+0x84/0x134 <4>[ 121.604931] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 121.610319] warn_slowpath_fmt from lkdtm_WARNING_MESSAGE+0x44/0x4c <4>[ 121.616903] lkdtm_WARNING_MESSAGE from lkdtm_do_action+0x24/0x4c <4>[ 121.623275] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 121.629040] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 121.634709] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 121.640175] vfs_write from ksys_write+0x78/0xf8 <4>[ 121.645133] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 121.650495] Exception stack(0xf1315fa8 to 0xf1315ff0) <4>[ 121.655855] 5fa0: 00000010 00000010 00000001 b6d94000 00000010 00000001 <4>[ 121.664330] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6d94000 00020000 0048fe38 <4>[ 121.672799] 5fe0: 00000004 bee88788 b6e5a33b b6dd3616 <4>[ 121.678273] ---[ end trace 0000000000000000 ]--- # [ 121.507457] lkdtm: Performing direct entry WARNING_MESSAGE # [ 121.511951] ------------[ cut here ]------------ # [ 121.517373] WARNING: CPU: 1 PID: 871 at drivers/misc/lkdtm/bugs.c:117 lkdtm_WARNING_MESSAGE+0x44/0x4c # [ 121.526472] Warning message trigger count: 2 # [ 121.530906] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 121.567564] CPU: 1 UID: 0 PID: 871 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 # [ 121.576772] Tainted: [D]=DIE, [W]=WARN # [ 121.580812] Hardware name: STM32 (Device Tree Support) # [ 121.586162] Call trace: # [ 121.586175] unwind_backtrace from show_stack+0x18/0x1c # [ 121.594480] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 121.599852] dump_stack_lvl from __warn+0x84/0x134 # [ 121.604931] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 121.610319] warn_slowpath_fmt from lkdtm_WARNING_MESSAGE+0x44/0x4c # [ 121.616903] lkdtm_WARNING_MESSAGE from lkdtm_do_action+0x24/0x4c # [ 121.623275] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 121.629040] direct_entry from full_proxy_write+0x5c/0x8c # [ 121.634709] full_proxy_write from vfs_write+0xbc/0x3cc # [ 121.640175] vfs_write from ksys_write+0x78/0xf8 # [ 121.645133] ksys_write from ret_fast_syscall+0x0/0x1c # [ 121.650495] Exception stack(0xf1315fa8 to 0xf1315ff0) # [ 121.655855] 5fa0: 00000010 00000010 00000001 b6d94000 00000010 00000001 # [ 121.664330] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6d94000 00020000 0048fe38 # [ 121.672799] 5fe0: 00000004 bee88788 b6e5a33b b6dd3616 # [ 121.678273] ---[ end trace 0000000000000000 ]--- # WARNING_MESSAGE: saw 'message trigger': ok ok 5 selftests: lkdtm: WARNING_MESSAGE.sh # timeout set to 45 # selftests: lkdtm: EXCEPTION.sh <6>[ 122.728157] lkdtm: Performing direct entry EXCEPTION <1>[ 122.732204] 8<--- cut here --- <1>[ 122.735478] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when write <1>[ 122.747525] [00000000] *pgd=00000000 <0>[ 122.751135] Internal error: Oops: 805 [#2] SMP ARM <4>[ 122.755116] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 122.791500] CPU: 0 UID: 0 PID: 910 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 <4>[ 122.800990] Tainted: [D]=DIE, [W]=WARN <4>[ 122.805029] Hardware name: STM32 (Device Tree Support) <4>[ 122.810476] PC is at lkdtm_EXCEPTION+0xc/0x14 <4>[ 122.815141] LR is at lkdtm_do_action+0x24/0x4c <4>[ 122.819793] pc : [] lr : [] psr: a0080013 <4>[ 122.826349] sp : f1341ec0 ip : 00000000 fp : 004afe38 <4>[ 122.831899] r10: c91a4400 r9 : f1341f80 r8 : c27893b4 <4>[ 122.837348] r7 : f1341f80 r6 : 00000000 r5 : c9459000 r4 : 0000000a <4>[ 122.844207] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : c27893b4 <4>[ 122.850965] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 122.858430] Control: 10c5387d Table: c587c06a DAC: 00000051 <1>[ 122.864480] Register r0 information: non-slab/vmalloc memory <1>[ 122.870445] Register r1 information: NULL pointer <1>[ 122.875398] Register r2 information: NULL pointer <1>[ 122.880350] Register r3 information: NULL pointer <1>[ 122.885302] Register r4 information: non-paged memory <1>[ 122.890655] Register r5 information: non-slab/vmalloc memory <1>[ 122.896613] Register r6 information: NULL pointer <1>[ 122.901565] Register r7 information: 2-page vmalloc region starting at 0xf1340000 allocated at kernel_clone+0xac/0x388 <1>[ 122.912580] Register r8 information: non-slab/vmalloc memory <1>[ 122.918541] Register r9 information: 2-page vmalloc region starting at 0xf1340000 allocated at kernel_clone+0xac/0x388 <1>[ 122.929549] Register r10 information: slab kmalloc-192 start c91a43c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 122.943415] full_proxy_open+0x124/0x24c <6>[ 122.947868] do_dentry_open+0x144/0x4dc <6>[ 122.952225] vfs_open+0x2c/0xec <6>[ 122.955878] path_openat+0x748/0x1198 <6>[ 122.960132] do_filp_open+0x98/0x134 <6>[ 122.964183] do_sys_openat2+0xbc/0xe4 <6>[ 122.968440] sys_openat+0x98/0xd4 <6>[ 122.972293] ret_fast_syscall+0x0/0x1c <4>[ 122.976544] Free path: <6>[ 122.979276] __free_slab+0xdc/0xec <6>[ 122.983132] kmem_cache_free_bulk.part.0+0x2e0/0x364 <6>[ 122.988698] kvfree_rcu_bulk+0x208/0x284 <6>[ 122.993152] kfree_rcu_monitor+0x1e0/0x2cc <6>[ 122.997706] process_one_work+0x1b8/0x450 <6>[ 123.002262] worker_thread+0x1d4/0x3c4 <6>[ 123.006615] kthread+0xe8/0x104 <6>[ 123.010262] ret_from_fork+0x14/0x28 <1>[ 123.014310] Register r11 information: non-paged memory <1>[ 123.019768] Register r12 information: NULL pointer <0>[ 123.024822] Process cat (pid: 910, stack limit = 0xf1340000) <0>[ 123.030778] Stack: (0xf1341ec0 to 0xf1342000) <0>[ 123.035435] 1ec0: 0000000a c0e043a4 c0e04288 c91b6e40 b6db8000 0000000a c3983a30 c0893830 <0>[ 123.043910] 1ee0: c91b6e40 c08937d4 f1341f80 b6db8000 c58a8040 0000000a c91a4400 c062a2a0 <0>[ 123.052382] 1f00: c587edb0 00000000 00000000 00000000 00000000 0000000a b6db8000 0001fff6 <0>[ 123.060854] 1f20: 00000001 00000000 c91b6c40 00000000 00000000 00000000 00000000 00000000 <0>[ 123.069327] 1f40: 00000000 00000000 00000000 00000000 00000022 f4d4e1ff 00000000 c91b6e40 <0>[ 123.077800] 1f60: c91b6e40 00000000 00000000 c03002f0 c58a8040 00000004 004afe38 c062a7fc <0>[ 123.086273] 1f80: 00000000 00000000 00000000 f4d4e1ff 000000c0 0000000a 0000000a 7ff00000 <0>[ 123.094746] 1fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6db8000 0000000a 00000001 <0>[ 123.103219] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6db8000 00020000 004afe38 <0>[ 123.111692] 1fe0: 00000004 bee8b788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 <0>[ 123.120156] Call trace: <0>[ 123.120171] lkdtm_EXCEPTION from lkdtm_do_action+0x24/0x4c <0>[ 123.128764] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 123.134528] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 123.140197] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 123.145763] vfs_write from ksys_write+0x78/0xf8 <0>[ 123.150622] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 123.155983] Exception stack(0xf1341fa8 to 0xf1341ff0) <0>[ 123.161339] 1fa0: 0000000a 0000000a 00000001 b6db8000 0000000a 00000001 <0>[ 123.169813] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6db8000 00020000 004afe38 <0>[ 123.178285] 1fe0: 00000004 bee8b788 b6e7e33b b6df7616 <0>[ 123.183644] Code: eb2423a8 e52de004 e28dd004 e3a03000 (e5833000) <4>[ 123.191389] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 122.728157] lkdtm: Performing direct entry EXCEPTION # [ 122.732204] 8<--- cut here --- # [ 122.735478] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when write # [ 122.747525] [00000000] *pgd=00000000 # [ 122.751135] Internal error: Oops: 805 [#2] SMP ARM # [ 122.755116] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 122.791500] CPU: 0 UID: 0 PID: 910 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 # [ 122.800990] Tainted: [D]=DIE, [W]=WARN # [ 122.805029] Hardware name: STM32 (Device Tree Support) # [ 122.810476] PC is at lkdtm_EXCEPTION+0xc/0x14 # [ 122.815141] LR is at lkdtm_do_action+0x24/0x4c # [ 122.819793] pc : [] lr : [] psr: a0080013 # [ 122.826349] sp : f1341ec0 ip : 00000000 fp : 004afe38 # [ 122.831899] r10: c91a4400 r9 : f1341f80 r8 : c27893b4 # [ 122.837348] r7 : f1341f80 r6 : 00000000 r5 : c9459000 r4 : 0000000a # [ 122.844207] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : c27893b4 # [ 122.850965] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 122.858430] Control: 10c5387d Table: c587c06a DAC: 00000051 # [ 122.864480] Register r0 information: non-slab/vmalloc memory # [ 122.870445] Register r1 information: NULL pointer # [ 122.875398] Register r2 information: NULL pointer # [ 122.880350] Register r3 information: NULL pointer # [ 122.885302] Register r4 information: non-paged memory # [ 122.890655] Register r5 information: non-slab/vmalloc memory # [ 122.896613] Register r6 information: NULL pointer # [ 122.901565] Register r7 information: 2-page vmalloc region starting at 0xf1340000 allocated at kernel_clone+0xac/0x388 # [ 122.912580] Register r8 information: non-slab/vmalloc memory # [ 122.918541] Register r9 information: 2-page vmalloc region starting at 0xf1340000 allocated at kernel_clone+0xac/0x388 # [ 122.929549] Register r10 information: slab kmalloc-192 start c91a43c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 122.943415] full_proxy_open+0x124/0x24c # [ 122.947868] do_dentry_open+0x144/0x4dc # [ 122.952225] vfs_open+0x2c/0xec # [ 122.955878] path_openat+0x748/0x1198 # [ 122.960132] do_filp_open+0x98/0x134 # [ 122.964183] do_sys_openat2+0xbc/0xe4 # [ 122.968440] sys_openat+0x98/0xd4 # [ 122.972293] ret_fast_syscall+0x0/0x1c # [ 122.976544] Free path: # [ 122.979276] __free_slab+0xdc/0xec # [ 122.983132] kmem_cache_free_bulk.part.0+0x2e0/0x364 # [ 122.988698] kvfree_rcu_bulk+0x208/0x284 # [ 122.993152] kfree_rcu_monitor+0x1e0/0x2cc # [ 122.997706] process_one_work+0x1b8/0x450 # [ 123.002262] worker_thread+0x1d4/0x3c4 # [ 123.006615] kthread+0xe8/0x104 # [ 123.010262] ret_from_fork+0x14/0x28 # [ 123.014310] Register r11 information: non-paged memory # [ 123.019768] Register r12 information: NULL pointer # [ 123.024822] Process cat (pid: 910, stack limit = 0xf1340000) # [ 123.030778] Stack: (0xf1341ec0 to 0xf1342000) # [ 123.035435] 1ec0: 0000000a c0e043a4 c0e04288 c91b6e40 b6db8000 0000000a c3983a30 c0893830 # [ 123.043910] 1ee0: c91b6e40 c08937d4 f1341f80 b6db8000 c58a8040 0000000a c91a4400 c062a2a0 # [ 123.052382] 1f00: c587edb0 00000000 00000000 00000000 00000000 0000000a b6db8000 0001fff6 # [ 123.060854] 1f20: 00000001 00000000 c91b6c40 00000000 00000000 00000000 00000000 00000000 # [ 123.069327] 1f40: 00000000 00000000 00000000 00000000 00000022 f4d4e1ff 00000000 c91b6e40 # [ 123.077800] 1f60: c91b6e40 00000000 00000000 c03002f0 c58a8040 00000004 004afe38 c062a7fc # [ 123.086273] 1f80: 00000000 00000000 00000000 f4d4e1ff 000000c0 0000000a 0000000a 7ff00000 # [ 123.094746] 1fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6db8000 0000000a 00000001 # [ 123.103219] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6db8000 00020000 004afe38 # [ 123.111692] 1fe0: 00000004 bee8b788 b6e7e33b b6df7616 60080030 00000001 00000000 00000000 # [ 123.120156] Call trace: # [ 123.120171] lkdtm_EXCEPTION from lkdtm_do_action+0x24/0x4c # [ 123.128764] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 123.134528] direct_entry from full_proxy_write+0x5c/0x8c # [ 123.140197] full_proxy_write from vfs_write+0xbc/0x3cc # [ 123.145763] vfs_write from ksys_write+0x78/0xf8 # [ 123.150622] ksys_write from ret_fast_syscall+0x0/0x1c # [ 123.155983] Exception stack(0xf1341fa8 to 0xf1341ff0) # [ 123.161339] 1fa0: 0000000a 0000000a 00000001 b6db8000 0000000a 00000001 # [ 123.169813] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6db8000 00020000 004afe38 # [ 123.178285] 1fe0: 00000004 bee8b788 b6e7e33b b6df7616 # [ 123.183644] Code: eb2423a8 e52de004 e28dd004 e3a03000 (e5833000) # [ 123.191389] ---[ end trace 0000000000000000 ]--- # EXCEPTION: saw 'call trace:': ok ok 6 selftests: lkdtm: EXCEPTION.sh # timeout set to 45 # selftests: lkdtm: LOOP.sh # Skipping LOOP: Hangs the system ok 7 selftests: lkdtm: LOOP.sh # SKIP # timeout set to 45 # selftests: lkdtm: EXHAUST_STACK.sh # Skipping EXHAUST_STACK: Corrupts memory on failure ok 8 selftests: lkdtm: EXHAUST_STACK.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_STACK.sh # Skipping CORRUPT_STACK: Crashes entire system on success ok 9 selftests: lkdtm: CORRUPT_STACK.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_STACK_STRONG.sh # Skipping CORRUPT_STACK_STRONG: Crashes entire system on success ok 10 selftests: lkdtm: CORRUPT_STACK_STRONG.sh # SKIP # timeout set to 45 # selftests: lkdtm: ARRAY_BOUNDS.sh <6>[ 127.208062] lkdtm: Performing direct entry ARRAY_BOUNDS <6>[ 127.212379] lkdtm: Array access within bounds ... <6>[ 127.217241] lkdtm: Array access beyond bounds ... <4>[ 127.222386] ------------[ cut here ]------------ <3>[ 127.227129] UBSAN: array-index-out-of-bounds in ../drivers/misc/lkdtm/bugs.c:406:16 <3>[ 127.235107] index 8 is out of range for type 'char [8]' <4>[ 127.240572] CPU: 1 UID: 0 PID: 1135 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 <4>[ 127.250083] Tainted: [D]=DIE, [W]=WARN <4>[ 127.254127] Hardware name: STM32 (Device Tree Support) <4>[ 127.259578] Call trace: <4>[ 127.259593] unwind_backtrace from show_stack+0x18/0x1c <4>[ 127.267901] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 127.273173] dump_stack_lvl from ubsan_epilogue+0x8/0x34 <4>[ 127.278753] ubsan_epilogue from __ubsan_handle_out_of_bounds+0x88/0x8c <4>[ 127.285648] __ubsan_handle_out_of_bounds from lkdtm_ARRAY_BOUNDS+0x13c/0x198 <4>[ 127.293136] lkdtm_ARRAY_BOUNDS from lkdtm_do_action+0x24/0x4c <4>[ 127.299204] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 127.304968] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 127.310636] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 127.316202] vfs_write from ksys_write+0x78/0xf8 <4>[ 127.321063] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 127.326425] Exception stack(0xf1465fa8 to 0xf1465ff0) <4>[ 127.331784] 5fa0: 0000000d 0000000d 00000001 b6e28000 0000000d 00000001 <4>[ 127.340258] 5fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 <4>[ 127.348728] 5fe0: 00000004 bec69788 b6eee33b b6e67616 <4>[ 127.354414] ---[ end trace ]--- <3>[ 127.357620] lkdtm: FAIL: survived array bounds overflow! <4>[ 127.363325] lkdtm: This is probably expected, since this kernel (6.12.0-rc3-next-20241017 armv7l) was built *without* CONFIG_UBSAN_TRAP=y # [ 127.208062] lkdtm: Performing direct entry ARRAY_BOUNDS # [ 127.212379] lkdtm: Array access within bounds ... # [ 127.217241] lkdtm: Array access beyond bounds ... # [ 127.222386] ------------[ cut here ]------------ # [ 127.227129] UBSAN: array-index-out-of-bounds in ../drivers/misc/lkdtm/bugs.c:406:16 # [ 127.235107] index 8 is out of range for type 'char [8]' # [ 127.240572] CPU: 1 UID: 0 PID: 1135 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 # [ 127.250083] Tainted: [D]=DIE, [W]=WARN # [ 127.254127] Hardware name: STM32 (Device Tree Support) # [ 127.259578] Call trace: # [ 127.259593] unwind_backtrace from show_stack+0x18/0x1c # [ 127.267901] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 127.273173] dump_stack_lvl from ubsan_epilogue+0x8/0x34 # [ 127.278753] ubsan_epilogue from __ubsan_handle_out_of_bounds+0x88/0x8c # [ 127.285648] __ubsan_handle_out_of_bounds from lkdtm_ARRAY_BOUNDS+0x13c/0x198 # [ 127.293136] lkdtm_ARRAY_BOUNDS from lkdtm_do_action+0x24/0x4c # [ 127.299204] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 127.304968] direct_entry from full_proxy_write+0x5c/0x8c # [ 127.310636] full_proxy_write from vfs_write+0xbc/0x3cc # [ 127.316202] vfs_write from ksys_write+0x78/0xf8 # [ 127.321063] ksys_write from ret_fast_syscall+0x0/0x1c # [ 127.326425] Exception stack(0xf1465fa8 to 0xf1465ff0) # [ 127.331784] 5fa0: 0000000d 0000000d 00000001 b6e28000 0000000d 00000001 # [ 127.340258] 5fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6e28000 00020000 0050fe38 # [ 127.348728] 5fe0: 00000004 bec69788 b6eee33b b6e67616 # [ 127.354414] ---[ end trace ]--- # [ 127.357620] lkdtm: FAIL: survived array bounds overflow! # [ 127.363325] lkdtm: This is probably expected, since this kernel (6.12.0-rc3-next-20241017 armv7l) was built *without* CONFIG_UBSAN_TRAP=y # ARRAY_BOUNDS: saw 'call trace:|UBSAN: array-index-out-of-bounds': ok ok 11 selftests: lkdtm: ARRAY_BOUNDS.sh # timeout set to 45 # selftests: lkdtm: CORRUPT_LIST_ADD.sh <6>[ 128.531104] lkdtm: Performing direct entry CORRUPT_LIST_ADD <6>[ 128.535716] lkdtm: attempting good list addition <6>[ 128.540664] lkdtm: attempting corrupted list addition <4>[ 128.545953] ------------[ cut here ]------------ <4>[ 128.550818] WARNING: CPU: 1 PID: 1180 at lib/list_debug.c:29 __list_add_valid_or_report+0xb0/0x104 <4>[ 128.560009] list_add corruption. next->prev should be prev (f148de80), but was 00000000. (next=f148de9c). <4>[ 128.570072] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 128.606511] CPU: 1 UID: 0 PID: 1180 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 <4>[ 128.615916] Tainted: [D]=DIE, [W]=WARN <4>[ 128.619863] Hardware name: STM32 (Device Tree Support) <4>[ 128.625313] Call trace: <4>[ 128.625327] unwind_backtrace from show_stack+0x18/0x1c <4>[ 128.633633] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 128.638906] dump_stack_lvl from __warn+0x84/0x134 <4>[ 128.643984] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 128.649364] warn_slowpath_fmt from __list_add_valid_or_report+0xb0/0x104 <4>[ 128.656456] __list_add_valid_or_report from lkdtm_CORRUPT_LIST_ADD+0xa0/0x124 <4>[ 128.663947] lkdtm_CORRUPT_LIST_ADD from lkdtm_do_action+0x24/0x4c <4>[ 128.670425] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 128.676189] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 128.681857] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 128.687423] vfs_write from ksys_write+0x78/0xf8 <4>[ 128.692282] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 128.697744] Exception stack(0xf148dfa8 to 0xf148dff0) <4>[ 128.703004] dfa0: 00000011 00000011 00000001 b6e38000 00000011 00000001 <4>[ 128.711478] dfc0: 00000011 00000011 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 <4>[ 128.719947] dfe0: 00000004 bebd8788 b6efe33b b6e77616 <4>[ 128.725422] ---[ end trace 0000000000000000 ]--- <3>[ 128.730272] lkdtm: Overwrite did not happen, but no BUG?! # [ 128.531104] lkdtm: Performing direct entry CORRUPT_LIST_ADD # [ 128.535716] lkdtm: attempting good list addition # [ 128.540664] lkdtm: attempting corrupted list addition # [ 128.545953] ------------[ cut here ]------------ # [ 128.550818] WARNING: CPU: 1 PID: 1180 at lib/list_debug.c:29 __list_add_valid_or_report+0xb0/0x104 # [ 128.560009] list_add corruption. next->prev should be prev (f148de80), but was 00000000. (next=f148de9c). # [ 128.570072] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 128.606511] CPU: 1 UID: 0 PID: 1180 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 # [ 128.615916] Tainted: [D]=DIE, [W]=WARN # [ 128.619863] Hardware name: STM32 (Device Tree Support) # [ 128.625313] Call trace: # [ 128.625327] unwind_backtrace from show_stack+0x18/0x1c # [ 128.633633] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 128.638906] dump_stack_lvl from __warn+0x84/0x134 # [ 128.643984] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 128.649364] warn_slowpath_fmt from __list_add_valid_or_report+0xb0/0x104 # [ 128.656456] __list_add_valid_or_report from lkdtm_CORRUPT_LIST_ADD+0xa0/0x124 # [ 128.663947] lkdtm_CORRUPT_LIST_ADD from lkdtm_do_action+0x24/0x4c # [ 128.670425] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 128.676189] direct_entry from full_proxy_write+0x5c/0x8c # [ 128.681857] full_proxy_write from vfs_write+0xbc/0x3cc # [ 128.687423] vfs_write from ksys_write+0x78/0xf8 # [ 128.692282] ksys_write from ret_fast_syscall+0x0/0x1c # [ 128.697744] Exception stack(0xf148dfa8 to 0xf148dff0) # [ 128.703004] dfa0: 00000011 00000011 00000001 b6e38000 00000011 00000001 # [ 128.711478] dfc0: 00000011 00000011 7ff00000 00000004 00000001 b6e38000 00020000 004afe38 # [ 128.719947] dfe0: 00000004 bebd8788 b6efe33b b6e77616 # [ 128.725422] ---[ end trace 0000000000000000 ]--- # [ 128.730272] lkdtm: Overwrite did not happen, but no BUG?! # CORRUPT_LIST_ADD: saw 'list_add corruption': ok ok 12 selftests: lkdtm: CORRUPT_LIST_ADD.sh # timeout set to 45 # selftests: lkdtm: CORRUPT_LIST_DEL.sh <6>[ 129.889159] lkdtm: Performing direct entry CORRUPT_LIST_DEL <6>[ 129.893809] lkdtm: attempting good list removal <6>[ 129.898630] lkdtm: attempting corrupted list removal <4>[ 129.903891] ------------[ cut here ]------------ <4>[ 129.908746] WARNING: CPU: 1 PID: 1224 at lib/list_debug.c:65 __list_del_entry_valid_or_report+0x140/0x144 <4>[ 129.918641] list_del corruption. next->prev should be f14d9ea0, but was 00000000. (next=f14d9eac) <4>[ 129.927820] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 129.964290] CPU: 1 UID: 0 PID: 1224 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 <4>[ 129.973801] Tainted: [D]=DIE, [W]=WARN <4>[ 129.977748] Hardware name: STM32 (Device Tree Support) <4>[ 129.983198] Call trace: <4>[ 129.983214] unwind_backtrace from show_stack+0x18/0x1c <4>[ 129.991521] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 129.996793] dump_stack_lvl from __warn+0x84/0x134 <4>[ 130.001875] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 130.007255] warn_slowpath_fmt from __list_del_entry_valid_or_report+0x140/0x144 <4>[ 130.014952] __list_del_entry_valid_or_report from lkdtm_CORRUPT_LIST_DEL+0xd4/0x160 <4>[ 130.023041] lkdtm_CORRUPT_LIST_DEL from lkdtm_do_action+0x24/0x4c <4>[ 130.029511] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 130.035275] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 130.040944] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 130.046410] vfs_write from ksys_write+0x78/0xf8 <4>[ 130.051368] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 130.056731] Exception stack(0xf14d9fa8 to 0xf14d9ff0) <4>[ 130.062091] 9fa0: 00000011 00000011 00000001 b6e78000 00000011 00000001 <4>[ 130.070565] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e78000 00020000 0047fe38 <4>[ 130.079034] 9fe0: 00000004 bec4c788 b6f3e33b b6eb7616 <4>[ 130.084511] ---[ end trace 0000000000000000 ]--- <3>[ 130.089342] lkdtm: Overwrite did not happen, but no BUG?! # [ 129.889159] lkdtm: Performing direct entry CORRUPT_LIST_DEL # [ 129.893809] lkdtm: attempting good list removal # [ 129.898630] lkdtm: attempting corrupted list removal # [ 129.903891] ------------[ cut here ]------------ # [ 129.908746] WARNING: CPU: 1 PID: 1224 at lib/list_debug.c:65 __list_del_entry_valid_or_report+0x140/0x144 # [ 129.918641] list_del corruption. next->prev should be f14d9ea0, but was 00000000. (next=f14d9eac) # [ 129.927820] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 129.964290] CPU: 1 UID: 0 PID: 1224 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 # [ 129.973801] Tainted: [D]=DIE, [W]=WARN # [ 129.977748] Hardware name: STM32 (Device Tree Support) # [ 129.983198] Call trace: # [ 129.983214] unwind_backtrace from show_stack+0x18/0x1c # [ 129.991521] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 129.996793] dump_stack_lvl from __warn+0x84/0x134 # [ 130.001875] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 130.007255] warn_slowpath_fmt from __list_del_entry_valid_or_report+0x140/0x144 # [ 130.014952] __list_del_entry_valid_or_report from lkdtm_CORRUPT_LIST_DEL+0xd4/0x160 # [ 130.023041] lkdtm_CORRUPT_LIST_DEL from lkdtm_do_action+0x24/0x4c # [ 130.029511] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 130.035275] direct_entry from full_proxy_write+0x5c/0x8c # [ 130.040944] full_proxy_write from vfs_write+0xbc/0x3cc # [ 130.046410] vfs_write from ksys_write+0x78/0xf8 # [ 130.051368] ksys_write from ret_fast_syscall+0x0/0x1c # [ 130.056731] Exception stack(0xf14d9fa8 to 0xf14d9ff0) # [ 130.062091] 9fa0: 00000011 00000011 00000001 b6e78000 00000011 00000001 # [ 130.070565] 9fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e78000 00020000 0047fe38 # [ 130.079034] 9fe0: 00000004 bec4c788 b6f3e33b b6eb7616 # [ 130.084511] ---[ end trace 0000000000000000 ]--- # [ 130.089342] lkdtm: Overwrite did not happen, but no BUG?! # CORRUPT_LIST_DEL: saw 'list_del corruption': ok ok 13 selftests: lkdtm: CORRUPT_LIST_DEL.sh # timeout set to 45 # selftests: lkdtm: STACK_GUARD_PAGE_LEADING.sh <6>[ 131.178035] lkdtm: Performing direct entry STACK_GUARD_PAGE_LEADING <6>[ 131.183357] lkdtm: attempting bad read from page below current stack <1>[ 131.189942] 8<--- cut here --- <1>[ 131.193286] Unable to handle kernel paging request at virtual address f1513fff when read <1>[ 131.201653] [f1513fff] *pgd=c9093811, *pte=00000000, *ppte=00000000 <0>[ 131.208148] Internal error: Oops: 7 [#3] SMP ARM <4>[ 131.213030] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 131.249431] CPU: 1 UID: 0 PID: 1263 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 <4>[ 131.259027] Tainted: [D]=DIE, [W]=WARN <4>[ 131.263068] Hardware name: STM32 (Device Tree Support) <4>[ 131.268516] PC is at lkdtm_STACK_GUARD_PAGE_LEADING+0x34/0x4c <4>[ 131.274498] LR is at lkdtm_STACK_GUARD_PAGE_LEADING+0x2c/0x4c <4>[ 131.280562] pc : [] lr : [] psr: 60080013 <4>[ 131.287119] sp : f1515eb0 ip : 00000000 fp : 004bfe38 <4>[ 131.292569] r10: c5a2e040 r9 : f1515f80 r8 : c278944c <4>[ 131.298119] r7 : f1515f80 r6 : 00000000 r5 : c97c7000 r4 : f1514000 <4>[ 131.304877] r3 : c9321440 r2 : 00000000 r1 : 00000000 r0 : c20a6828 <4>[ 131.311736] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 131.319201] Control: 10c5387d Table: c913406a DAC: 00000051 <1>[ 131.325151] Register r0 information: non-slab/vmalloc memory <1>[ 131.331121] Register r1 information: NULL pointer <1>[ 131.336076] Register r2 information: NULL pointer <1>[ 131.341128] Register r3 information: slab task_struct start c9321400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 131.354802] copy_process+0x1f4/0x1f84 <6>[ 131.359059] kernel_clone+0xac/0x388 <6>[ 131.363214] sys_clone+0x78/0x9c <6>[ 131.366967] ret_fast_syscall+0x0/0x1c <4>[ 131.371218] Free path: <6>[ 131.373948] rcu_core+0x2dc/0xb14 <6>[ 131.377801] handle_softirqs+0x15c/0x430 <6>[ 131.382259] irq_exit+0xac/0xd4 <6>[ 131.385909] __irq_svc+0x8c/0xb8 <6>[ 131.389655] default_idle_call+0x20/0xc0 <6>[ 131.394112] do_idle+0x25c/0x2f4 <6>[ 131.397863] cpu_startup_entry+0x30/0x34 <6>[ 131.402320] rest_init+0xd4/0xd8 <6>[ 131.406074] start_kernel+0x744/0x764 <1>[ 131.410236] Register r4 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 <1>[ 131.421251] Register r5 information: non-slab/vmalloc memory <1>[ 131.427213] Register r6 information: NULL pointer <1>[ 131.432167] Register r7 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 <1>[ 131.443174] Register r8 information: non-slab/vmalloc memory <1>[ 131.449132] Register r9 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 <1>[ 131.460138] Register r10 information: slab kmalloc-192 start c5a2e000 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 131.474001] full_proxy_open+0x124/0x24c <6>[ 131.478553] do_dentry_open+0x144/0x4dc <6>[ 131.482911] vfs_open+0x2c/0xec <6>[ 131.486562] path_openat+0x748/0x1198 <6>[ 131.490714] do_filp_open+0x98/0x134 <6>[ 131.494865] do_sys_openat2+0xbc/0xe4 <6>[ 131.499020] sys_openat+0x98/0xd4 <6>[ 131.502873] ret_fast_syscall+0x0/0x1c <4>[ 131.507122] Free path: <6>[ 131.509852] xdr_free_bvec+0x18/0x24 <6>[ 131.514006] xprt_transmit+0x29c/0x4a0 <6>[ 131.518266] call_transmit+0x80/0x8c <6>[ 131.522318] __rpc_execute+0xc8/0x5d0 <6>[ 131.526570] rpc_async_schedule+0x24/0x40 <6>[ 131.531123] process_one_work+0x1b8/0x450 <6>[ 131.535679] worker_thread+0x1d4/0x3c4 <6>[ 131.539930] kthread+0xe8/0x104 <6>[ 131.543579] ret_from_fork+0x14/0x28 <1>[ 131.547728] Register r11 information: non-paged memory <1>[ 131.553086] Register r12 information: NULL pointer <0>[ 131.558139] Process cat (pid: 1263, stack limit = 0xf1514000) <0>[ 131.564196] Stack: (0xf1515eb0 to 0xf1516000) <0>[ 131.568849] 5ea0: f1515f80 00e0439c 00000019 c0e03fc0 <0>[ 131.577323] 5ec0: 00000019 c0e043a4 c0e04288 c9651640 b6e34000 00000019 c3983a30 c0893830 <0>[ 131.585798] 5ee0: c9651640 c08937d4 f1515f80 b6e34000 c9321440 00000019 c5a2e040 c062a2a0 <0>[ 131.594273] 5f00: c9136db8 00000000 00000000 00000000 00000000 00000019 b6e34000 0001ffe7 <0>[ 131.602756] 5f20: 00000001 00000000 c9651c40 00000000 00000000 00000000 00000000 00000000 <0>[ 131.611240] 5f40: 00000000 00000000 00000000 00000000 00000022 592e9f59 00000000 c9651640 <0>[ 131.619725] 5f60: c9651640 00000000 00000000 c03002f0 c9321440 00000004 004bfe38 c062a7fc <0>[ 131.628207] 5f80: 00000000 00000000 00000000 592e9f59 000000c0 00000019 00000019 7ff00000 <0>[ 131.636686] 5fa0: 00000004 c03000c0 00000019 00000019 00000001 b6e34000 00000019 00000001 <0>[ 131.645162] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6e34000 00020000 004bfe38 <0>[ 131.653636] 5fe0: 00000004 befa3788 b6efa33b b6e73616 60080030 00000001 00000000 00000000 <0>[ 131.662101] Call trace: <0>[ 131.662115] lkdtm_STACK_GUARD_PAGE_LEADING from lkdtm_do_action+0x24/0x4c <0>[ 131.672036] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 131.677805] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 131.683477] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 131.688944] vfs_write from ksys_write+0x78/0xf8 <0>[ 131.693804] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 131.699266] Exception stack(0xf1515fa8 to 0xf1515ff0) <0>[ 131.704623] 5fa0: 00000019 00000019 00000001 b6e34000 00000019 00000001 <0>[ 131.713097] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6e34000 00020000 004bfe38 <0>[ 131.721567] 5fe0: 00000004 befa3788 b6efa33b b6e73616 <0>[ 131.726924] Code: e5934208 ebffc4be e3060828 e34c020a (e5543001) <4>[ 131.733552] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 131.178035] lkdtm: Performing direct entry STACK_GUARD_PAGE_LEADING # [ 131.183357] lkdtm: attempting bad read from page below current stack # [ 131.189942] 8<--- cut here --- # [ 131.193286] Unable to handle kernel paging request at virtual address f1513fff when read # [ 131.201653] [f1513fff] *pgd=c9093811, *pte=00000000, *ppte=00000000 # [ 131.208148] Internal error: Oops: 7 [#3] SMP ARM # [ 131.213030] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 131.249431] CPU: 1 UID: 0 PID: 1263 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 # [ 131.259027] Tainted: [D]=DIE, [W]=WARN # [ 131.263068] Hardware name: STM32 (Device Tree Support) # [ 131.268516] PC is at lkdtm_STACK_GUARD_PAGE_LEADING+0x34/0x4c # [ 131.274498] LR is at lkdtm_STACK_GUARD_PAGE_LEADING+0x2c/0x4c # [ 131.280562] pc : [] lr : [] psr: 60080013 # [ 131.287119] sp : f1515eb0 ip : 00000000 fp : 004bfe38 # [ 131.292569] r10: c5a2e040 r9 : f1515f80 r8 : c278944c # [ 131.298119] r7 : f1515f80 r6 : 00000000 r5 : c97c7000 r4 : f1514000 # [ 131.304877] r3 : c9321440 r2 : 00000000 r1 : 00000000 r0 : c20a6828 # [ 131.311736] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 131.319201] Control: 10c5387d Table: c913406a DAC: 00000051 # [ 131.325151] Register r0 information: non-slab/vmalloc memory # [ 131.331121] Register r1 information: NULL pointer # [ 131.336076] Register r2 information: NULL pointer # [ 131.341128] Register r3 information: slab task_struct start c9321400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 131.354802] copy_process+0x1f4/0x1f84 # [ 131.359059] kernel_clone+0xac/0x388 # [ 131.363214] sys_clone+0x78/0x9c # [ 131.366967] ret_fast_syscall+0x0/0x1c # [ 131.371218] Free path: # [ 131.373948] rcu_core+0x2dc/0xb14 # [ 131.377801] handle_softirqs+0x15c/0x430 # [ 131.382259] irq_exit+0xac/0xd4 # [ 131.385909] __irq_svc+0x8c/0xb8 # [ 131.389655] default_idle_call+0x20/0xc0 # [ 131.394112] do_idle+0x25c/0x2f4 # [ 131.397863] cpu_startup_entry+0x30/0x34 # [ 131.402320] rest_init+0xd4/0xd8 # [ 131.406074] start_kernel+0x744/0x764 # [ 131.410236] Register r4 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 # [ 131.421251] Register r5 information: non-slab/vmalloc memory # [ 131.427213] Register r6 information: NULL pointer # [ 131.432167] Register r7 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 # [ 131.443174] Register r8 information: non-slab/vmalloc memory # [ 131.449132] Register r9 information: 2-page vmalloc region starting at 0xf1514000 allocated at kernel_clone+0xac/0x388 # [ 131.460138] Register r10 information: slab kmalloc-192 start c5a2e000 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 131.474001] full_proxy_open+0x124/0x24c # [ 131.478553] do_dentry_open+0x144/0x4dc # [ 131.482911] vfs_open+0x2c/0xec # [ 131.486562] path_openat+0x748/0x1198 # [ 131.490714] do_filp_open+0x98/0x134 # [ 131.494865] do_sys_openat2+0xbc/0xe4 # [ 131.499020] sys_openat+0x98/0xd4 # [ 131.502873] ret_fast_syscall+0x0/0x1c # [ 131.507122] Free path: # [ 131.509852] xdr_free_bvec+0x18/0x24 # [ 131.514006] xprt_transmit+0x29c/0x4a0 # [ 131.518266] call_transmit+0x80/0x8c # [ 131.522318] __rpc_execute+0xc8/0x5d0 # [ 131.526570] rpc_async_schedule+0x24/0x40 # [ 131.531123] process_one_work+0x1b8/0x450 # [ 131.535679] worker_thread+0x1d4/0x3c4 # [ 131.539930] kthread+0xe8/0x104 # [ 131.543579] ret_from_fork+0x14/0x28 # [ 131.547728] Register r11 information: non-paged memory # [ 131.553086] Register r12 information: NULL pointer # [ 131.558139] Process cat (pid: 1263, stack limit = 0xf1514000) # [ 131.564196] Stack: (0xf1515eb0 to 0xf1516000) # [ 131.568849] 5ea0: f1515f80 00e0439c 00000019 c0e03fc0 # [ 131.577323] 5ec0: 00000019 c0e043a4 c0e04288 c9651640 b6e34000 00000019 c3983a30 c0893830 # [ 131.585798] 5ee0: c9651640 c08937d4 f1515f80 b6e34000 c9321440 00000019 c5a2e040 c062a2a0 # [ 131.594273] 5f00: c9136db8 00000000 00000000 00000000 00000000 00000019 b6e34000 0001ffe7 # [ 131.602756] 5f20: 00000001 00000000 c9651c40 00000000 00000000 00000000 00000000 00000000 # [ 131.611240] 5f40: 00000000 00000000 00000000 00000000 00000022 592e9f59 00000000 c9651640 # [ 131.619725] 5f60: c9651640 00000000 00000000 c03002f0 c9321440 00000004 004bfe38 c062a7fc # [ 131.628207] 5f80: 00000000 00000000 00000000 592e9f59 000000c0 00000019 00000019 7ff00000 # [ 131.636686] 5fa0: 00000004 c03000c0 00000019 00000019 00000001 b6e34000 00000019 00000001 # [ 131.645162] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6e34000 00020000 004bfe38 # [ 131.653636] 5fe0: 00000004 befa3788 b6efa33b b6e73616 60080030 00000001 00000000 00000000 # [ 131.662101] Call trace: # [ 131.662115] lkdtm_STACK_GUARD_PAGE_LEADING from lkdtm_do_action+0x24/0x4c # [ 131.672036] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 131.677805] direct_entry from full_proxy_write+0x5c/0x8c # [ 131.683477] full_proxy_write from vfs_write+0xbc/0x3cc # [ 131.688944] vfs_write from ksys_write+0x78/0xf8 # [ 131.693804] ksys_write from ret_fast_syscall+0x0/0x1c # [ 131.699266] Exception stack(0xf1515fa8 to 0xf1515ff0) # [ 131.704623] 5fa0: 00000019 00000019 00000001 b6e34000 00000019 00000001 # [ 131.713097] 5fc0: 00000019 00000019 7ff00000 00000004 00000001 b6e34000 00020000 004bfe38 # [ 131.721567] 5fe0: 00000004 befa3788 b6efa33b b6e73616 # [ 131.726924] Code: e5934208 ebffc4be e3060828 e34c020a (e5543001) # [ 131.733552] ---[ end trace 0000000000000000 ]--- # STACK_GUARD_PAGE_LEADING: saw 'call trace:': ok ok 14 selftests: lkdtm: STACK_GUARD_PAGE_LEADING.sh # timeout set to 45 # selftests: lkdtm: STACK_GUARD_PAGE_TRAILING.sh <6>[ 133.227018] lkdtm: Performing direct entry STACK_GUARD_PAGE_TRAILING <6>[ 133.232436] lkdtm: attempting bad read from page above current stack <1>[ 133.239009] 8<--- cut here --- <1>[ 133.242442] Unable to handle kernel paging request at virtual address f1592000 when read <1>[ 133.250732] [f1592000] *pgd=c9093811, *pte=00000000, *ppte=00000000 <0>[ 133.257263] Internal error: Oops: 7 [#4] SMP ARM <4>[ 133.262049] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 133.298551] CPU: 1 UID: 0 PID: 1344 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 <4>[ 133.308150] Tainted: [D]=DIE, [W]=WARN <4>[ 133.312091] Hardware name: STM32 (Device Tree Support) <4>[ 133.317541] PC is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x38/0x50 <4>[ 133.323624] LR is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x2c/0x50 <4>[ 133.329790] pc : [] lr : [] psr: 60080013 <4>[ 133.336347] sp : f1591eb0 ip : 00000000 fp : 0042fe38 <4>[ 133.341796] r10: c5a2e040 r9 : f1591f80 r8 : c2789454 <4>[ 133.347346] r7 : f1591f80 r6 : 00000000 r5 : c5a61000 r4 : f1592000 <4>[ 133.354204] r3 : c9325040 r2 : 00000000 r1 : 00000000 r0 : c20a67b4 <4>[ 133.360963] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 133.368428] Control: 10c5387d Table: c5a0806a DAC: 00000051 <1>[ 133.374478] Register r0 information: non-slab/vmalloc memory <1>[ 133.380348] Register r1 information: NULL pointer <1>[ 133.385403] Register r2 information: NULL pointer <1>[ 133.390354] Register r3 information: slab task_struct start c9325000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 133.404028] copy_process+0x1f4/0x1f84 <6>[ 133.408285] kernel_clone+0xac/0x388 <6>[ 133.412440] sys_clone+0x78/0x9c <6>[ 133.416193] ret_fast_syscall+0x0/0x1c <4>[ 133.420444] Free path: <6>[ 133.423174] rcu_core+0x2dc/0xb14 <6>[ 133.427028] handle_softirqs+0x15c/0x430 <6>[ 133.431485] irq_exit+0xac/0xd4 <6>[ 133.435135] call_with_stack+0x18/0x20 <6>[ 133.439393] __irq_svc+0x9c/0xb8 <6>[ 133.443240] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 133.448498] ___slab_alloc+0x778/0xd7c <6>[ 133.452758] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 133.457921] anon_vma_clone+0x84/0x214 <6>[ 133.462276] anon_vma_fork+0x2c/0x174 <6>[ 133.466428] copy_process+0x1d60/0x1f84 <6>[ 133.470785] kernel_clone+0xac/0x388 <6>[ 133.474939] sys_clone+0x78/0x9c <6>[ 133.478691] ret_fast_syscall+0x0/0x1c <1>[ 133.482939] Register r4 information: 2-page vmalloc region starting at 0xf1590000 allocated at kernel_clone+0xac/0x388 <1>[ 133.493952] Register r5 information: non-slab/vmalloc memory <1>[ 133.499913] Register r6 information: NULL pointer <1>[ 133.504866] Register r7 information: 2-page vmalloc region starting at 0xf1590000 allocated at kernel_clone+0xac/0x388 <1>[ 133.515872] Register r8 information: non-slab/vmalloc memory <1>[ 133.521831] Register r9 information: 2-page vmalloc region starting at 0xf1590000 allocated at kernel_clone+0xac/0x388 <1>[ 133.532836] Register r10 information: slab kmalloc-192 start c5a2e000 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 133.546698] full_proxy_open+0x124/0x24c <6>[ 133.551150] do_dentry_open+0x144/0x4dc <6>[ 133.555507] vfs_open+0x2c/0xec <6>[ 133.559260] path_openat+0x748/0x1198 <6>[ 133.563413] do_filp_open+0x98/0x134 <6>[ 133.567463] do_sys_openat2+0xbc/0xe4 <6>[ 133.571717] sys_openat+0x98/0xd4 <6>[ 133.575570] ret_fast_syscall+0x0/0x1c <4>[ 133.579818] Free path: <6>[ 133.582548] xdr_free_bvec+0x18/0x24 <6>[ 133.586601] xprt_transmit+0x29c/0x4a0 <6>[ 133.590958] call_transmit+0x80/0x8c <6>[ 133.595011] __rpc_execute+0xc8/0x5d0 <6>[ 133.599271] rpc_async_schedule+0x24/0x40 <6>[ 133.603736] process_one_work+0x1b8/0x450 <6>[ 133.608306] worker_thread+0x1d4/0x3c4 <6>[ 133.612575] kthread+0xe8/0x104 <6>[ 133.616236] ret_from_fork+0x14/0x28 <1>[ 133.620394] Register r11 information: non-paged memory <1>[ 133.625763] Register r12 information: NULL pointer <0>[ 133.630828] Process cat (pid: 1344, stack limit = 0xf1590000) <0>[ 133.636889] Stack: (0xf1591eb0 to 0xf1592000) <0>[ 133.641546] 1ea0: f1591f80 00e0439c 0000001a c0e03fc0 <0>[ 133.650021] 1ec0: 0000001a c0e043a4 c0e04288 c9651140 b6e38000 0000001a c3983a30 c0893830 <0>[ 133.658494] 1ee0: c9651140 c08937d4 f1591f80 b6e38000 c9325040 0000001a c5a2e040 c062a2a0 <0>[ 133.666970] 1f00: c5a0adb8 00000000 00000000 00000000 00000000 0000001a b6e38000 0001ffe6 <0>[ 133.675443] 1f20: 00000001 00000000 c9651c40 00000000 00000000 00000000 00000000 00000000 <0>[ 133.683916] 1f40: 00000000 00000000 00000000 00000000 00000022 757b4c8e 00000000 c9651140 <0>[ 133.692390] 1f60: c9651140 00000000 00000000 c03002f0 c9325040 00000004 0042fe38 c062a7fc <0>[ 133.700863] 1f80: 00000000 00000000 00000000 757b4c8e 000000c0 0000001a 0000001a 7ff00000 <0>[ 133.709337] 1fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 <0>[ 133.717810] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 0042fe38 <0>[ 133.726283] 1fe0: 00000004 bea62788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 133.734748] Call trace: <0>[ 133.734762] lkdtm_STACK_GUARD_PAGE_TRAILING from lkdtm_do_action+0x24/0x4c <0>[ 133.744779] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 133.750546] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 133.756215] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 133.761682] vfs_write from ksys_write+0x78/0xf8 <0>[ 133.766642] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 133.772003] Exception stack(0xf1591fa8 to 0xf1591ff0) <0>[ 133.777360] 1fa0: 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 <0>[ 133.785835] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 0042fe38 <0>[ 133.794304] 1fe0: 00000004 bea62788 b6efe33b b6e77616 <0>[ 133.799662] Code: ebffc4d2 e30607b4 e34c020a e2844a02 (e5d43000) <4>[ 133.806323] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 133.227018] lkdtm: Performing direct entry STACK_GUARD_PAGE_TRAILING # [ 133.232436] lkdtm: attempting bad read from page above current stack # [ 133.239009] 8<--- cut here --- # [ 133.242442] Unable to handle kernel paging request at virtual address f1592000 when read # [ 133.250732] [f1592000] *pgd=c9093811, *pte=00000000, *ppte=00000000 # [ 133.257263] Internal error: Oops: 7 [#4] SMP ARM # [ 133.262049] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 133.298551] CPU: 1 UID: 0 PID: 1344 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 # [ 133.308150] Tainted: [D]=DIE, [W]=WARN # [ 133.312091] Hardware name: STM32 (Device Tree Support) # [ 133.317541] PC is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x38/0x50 # [ 133.323624] LR is at lkdtm_STACK_GUARD_PAGE_TRAILING+0x2c/0x50 # [ 133.329790] pc : [] lr : [] psr: 60080013 # [ 133.336347] sp : f1591eb0 ip : 00000000 fp : 0042fe38 # [ 133.341796] r10: c5a2e040 r9 : f1591f80 r8 : c2789454 # [ 133.347346] r7 : f1591f80 r6 : 00000000 r5 : c5a61000 r4 : f1592000 # [ 133.354204] r3 : c9325040 r2 : 00000000 r1 : 00000000 r0 : c20a67b4 # [ 133.360963] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 133.368428] Control: 10c5387d Table: c5a0806a DAC: 00000051 # [ 133.374478] Register r0 information: non-slab/vmalloc memory # [ 133.380348] Register r1 information: NULL pointer # [ 133.385403] Register r2 information: NULL pointer # [ 133.390354] Register r3 information: slab task_struct start c9325000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 133.404028] copy_process+0x1f4/0x1f84 # [ 133.408285] kernel_clone+0xac/0x388 # [ 133.412440] sys_clone+0x78/0x9c # [ 133.416193] ret_fast_syscall+0x0/0x1c # [ 133.420444] Free path: # [ 133.423174] rcu_core+0x2dc/0xb14 # [ 133.427028] handle_softirqs+0x15c/0x430 # [ 133.431485] irq_exit+0xac/0xd4 # [ 133.435135] call_with_stack+0x18/0x20 # [ 133.439393] __irq_svc+0x9c/0xb8 # [ 133.443240] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 133.448498] ___slab_alloc+0x778/0xd7c # [ 133.452758] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 133.457921] anon_vma_clone+0x84/0x214 # [ 133.462276] anon_vma_fork+0x2c/0x174 # [ 133.466428] copy_process+0x1d60/0x1f84 # [ 133.470785] kernel_clone+0xac/0x388 # [ 133.474939] sys_clone+0x78/0x9c # [ 133.478691] ret_fast_syscall+0x0/0x1c # [ 133.482939] Register r4 information: 2-page vmalloc region starting at 0xf1590000 allocated at kernel_clone+0xac/0x388 # [ 133.493952] Register r5 information: non-slab/vmalloc memory # [ 133.499913] Register r6 information: NULL pointer # [ 133.504866] Register r7 information: 2-page vmalloc region starting at 0xf1590000 allocated at kernel_clone+0xac/0x388 # [ 133.515872] Register r8 information: non-slab/vmalloc memory # [ 133.521831] Register r9 information: 2-page vmalloc region starting at 0xf1590000 allocated at kernel_clone+0xac/0x388 # [ 133.532836] Register r10 information: slab kmalloc-192 start c5a2e000 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 133.546698] full_proxy_open+0x124/0x24c # [ 133.551150] do_dentry_open+0x144/0x4dc # [ 133.555507] vfs_open+0x2c/0xec # [ 133.559260] path_openat+0x748/0x1198 # [ 133.563413] do_filp_open+0x98/0x134 # [ 133.567463] do_sys_openat2+0xbc/0xe4 # [ 133.571717] sys_openat+0x98/0xd4 # [ 133.575570] ret_fast_syscall+0x0/0x1c # [ 133.579818] Free path: # [ 133.582548] xdr_free_bvec+0x18/0x24 # [ 133.586601] xprt_transmit+0x29c/0x4a0 # [ 133.590958] call_transmit+0x80/0x8c # [ 133.595011] __rpc_execute+0xc8/0x5d0 # [ 133.599271] rpc_async_schedule+0x24/0x40 # [ 133.603736] process_one_work+0x1b8/0x450 # [ 133.608306] worker_thread+0x1d4/0x3c4 # [ 133.612575] kthread+0xe8/0x104 # [ 133.616236] ret_from_fork+0x14/0x28 # [ 133.620394] Register r11 information: non-paged memory # [ 133.625763] Register r12 information: NULL pointer # [ 133.630828] Process cat (pid: 1344, stack limit = 0xf1590000) # [ 133.636889] Stack: (0xf1591eb0 to 0xf1592000) # [ 133.641546] 1ea0: f1591f80 00e0439c 0000001a c0e03fc0 # [ 133.650021] 1ec0: 0000001a c0e043a4 c0e04288 c9651140 b6e38000 0000001a c3983a30 c0893830 # [ 133.658494] 1ee0: c9651140 c08937d4 f1591f80 b6e38000 c9325040 0000001a c5a2e040 c062a2a0 # [ 133.666970] 1f00: c5a0adb8 00000000 00000000 00000000 00000000 0000001a b6e38000 0001ffe6 # [ 133.675443] 1f20: 00000001 00000000 c9651c40 00000000 00000000 00000000 00000000 00000000 # [ 133.683916] 1f40: 00000000 00000000 00000000 00000000 00000022 757b4c8e 00000000 c9651140 # [ 133.692390] 1f60: c9651140 00000000 00000000 c03002f0 c9325040 00000004 0042fe38 c062a7fc # [ 133.700863] 1f80: 00000000 00000000 00000000 757b4c8e 000000c0 0000001a 0000001a 7ff00000 # [ 133.709337] 1fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 # [ 133.717810] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 0042fe38 # [ 133.726283] 1fe0: 00000004 bea62788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 133.734748] Call trace: # [ 133.734762] lkdtm_STACK_GUARD_PAGE_TRAILING from lkdtm_do_action+0x24/0x4c # [ 133.744779] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 133.750546] direct_entry from full_proxy_write+0x5c/0x8c # [ 133.756215] full_proxy_write from vfs_write+0xbc/0x3cc # [ 133.761682] vfs_write from ksys_write+0x78/0xf8 # [ 133.766642] ksys_write from ret_fast_syscall+0x0/0x1c # [ 133.772003] Exception stack(0xf1591fa8 to 0xf1591ff0) # [ 133.777360] 1fa0: 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 # [ 133.785835] 1fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 0042fe38 # [ 133.794304] 1fe0: 00000004 bea62788 b6efe33b b6e77616 # [ 133.799662] Code: ebffc4d2 e30607b4 e34c020a e2844a02 (e5d43000) # [ 133.806323] ---[ end trace 0000000000000000 ]--- # STACK_GUARD_PAGE_TRAILING: saw 'call trace:': ok ok 15 selftests: lkdtm: STACK_GUARD_PAGE_TRAILING.sh # timeout set to 45 # selftests: lkdtm: REPORT_STACK_CANARY.sh <6>[ 135.497976] lkdtm: Performing direct entry REPORT_STACK_CANARY <6>[ 135.502892] lkdtm: Recorded stack canary for pid 1437 at offset 2 <6>[ 135.542637] lkdtm: Performing direct entry REPORT_STACK_CANARY <6>[ 135.547921] lkdtm: ok: stack canaries differ between pid 1437 and pid 1439 at offset 2. # [ 135.497976] lkdtm: Performing direct entry REPORT_STACK_CANARY # [ 135.502892] lkdtm: Recorded stack canary for pid 1437 at offset 2 # [ 135.542637] lkdtm: Performing direct entry REPORT_STACK_CANARY # [ 135.547921] lkdtm: ok: stack canaries differ between pid 1437 and pid 1439 at offset 2. # REPORT_STACK_CANARY: saw 'ok: stack canaries differ': ok ok 16 selftests: lkdtm: REPORT_STACK_CANARY.sh # timeout set to 45 # selftests: lkdtm: UNSET_SMEP.sh <6>[ 136.712649] lkdtm: Performing direct entry UNSET_SMEP <3>[ 136.716742] lkdtm: XFAIL: this test is x86_64-only # [ 136.712649] lkdtm: Performing direct entry UNSET_SMEP # [ 136.716742] lkdtm: XFAIL: this test is x86_64-only # UNSET_SMEP: saw 'XFAIL': [SKIP] ok 17 selftests: lkdtm: UNSET_SMEP.sh # SKIP # timeout set to 45 # selftests: lkdtm: DOUBLE_FAULT.sh <6>[ 137.842523] lkdtm: Performing direct entry DOUBLE_FAULT <3>[ 137.846720] lkdtm: XFAIL: this test is ia32-only # [ 137.842523] lkdtm: Performing direct entry DOUBLE_FAULT # [ 137.846720] lkdtm: XFAIL: this test is ia32-only # DOUBLE_FAULT: saw 'XFAIL': [SKIP] ok 18 selftests: lkdtm: DOUBLE_FAULT.sh # SKIP # timeout set to 45 # selftests: lkdtm: CORRUPT_PAC.sh <6>[ 138.981724] lkdtm: Performing direct entry CORRUPT_PAC <3>[ 138.985926] lkdtm: XFAIL: this test is arm64-only # [ 138.981724] lkdtm: Performing direct entry CORRUPT_PAC # [ 138.985926] lkdtm: XFAIL: this test is arm64-only # CORRUPT_PAC: saw 'XFAIL': [SKIP] ok 19 selftests: lkdtm: CORRUPT_PAC.sh # SKIP # timeout set to 45 # selftests: lkdtm: UNALIGNED_LOAD_STORE_WRITE.sh <6>[ 140.134265] lkdtm: Performing direct entry UNALIGNED_LOAD_STORE_WRITE <3>[ 140.139756] lkdtm: XFAIL: arch has CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS # [ 140.134265] lkdtm: Performing direct entry UNALIGNED_LOAD_STORE_WRITE # [ 140.139756] lkdtm: XFAIL: arch has CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS # UNALIGNED_LOAD_STORE_WRITE: saw 'XFAIL': [SKIP] ok 20 selftests: lkdtm: UNALIGNED_LOAD_STORE_WRITE.sh # SKIP # timeout set to 45 # selftests: lkdtm: SLAB_LINEAR_OVERFLOW.sh <6>[ 141.281292] lkdtm: Performing direct entry SLAB_LINEAR_OVERFLOW <6>[ 141.286289] lkdtm: Attempting slab linear overflow ... <3>[ 141.291616] ============================================================================= <3>[ 141.299987] BUG kmalloc-1k (Tainted: G D W ): Right Redzone overwritten <3>[ 141.308056] ----------------------------------------------------------------------------- <3>[ 141.308056] <3>[ 141.318327] 0xc9284400-0xc9284403 @offset=17408. First byte 0x78 instead of 0xcc <3>[ 141.325997] FIX kmalloc-1k: Restoring Right Redzone 0xc9284400-0xc9284403=0xcc <3>[ 141.333468] Allocated in lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 age=5 cpu=0 pid=1647 <4>[ 141.341357] lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 <4>[ 141.346313] lkdtm_do_action+0x24/0x4c <4>[ 141.350362] direct_entry+0x11c/0x140 <4>[ 141.354310] full_proxy_write+0x5c/0x8c <4>[ 141.358361] vfs_write+0xbc/0x3cc <4>[ 141.362008] ksys_write+0x78/0xf8 <4>[ 141.365552] ret_fast_syscall+0x0/0x1c <3>[ 141.369602] Freed in nfs3_proc_create+0x1b4/0x2c4 age=214 cpu=1 pid=1643 <4>[ 141.376586] nfs3_proc_create+0x1b4/0x2c4 <4>[ 141.380843] nfs_do_create+0xa8/0x178 <4>[ 141.384802] nfs_atomic_open_v23+0x84/0xd4 <4>[ 141.389153] path_openat+0xb18/0x1198 <4>[ 141.393105] do_filp_open+0x98/0x134 <4>[ 141.396954] do_sys_openat2+0xbc/0xe4 <4>[ 141.400811] sys_openat+0x98/0xd4 <4>[ 141.404463] ret_fast_syscall+0x0/0x1c <3>[ 141.408411] Slab 0xef842a00 objects=10 used=8 fp=0xc9282800 flags=0x240(workingset|head|zone=0) <3>[ 141.417493] Object 0xc9284000 @offset=16384 fp=0xc9282800 <3>[ 141.417493] <3>[ 141.424861] Redzone c9283c00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.433931] Redzone c9283c10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.443001] Redzone c9283c20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.452171] Redzone c9283c30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.461240] Redzone c9283c40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.470309] Redzone c9283c50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.479378] Redzone c9283c60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.488447] Redzone c9283c70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.497517] Redzone c9283c80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.506686] Redzone c9283c90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.515755] Redzone c9283ca0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.524825] Redzone c9283cb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.533894] Redzone c9283cc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.542963] Redzone c9283cd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.552033] Redzone c9283ce0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.561202] Redzone c9283cf0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.570271] Redzone c9283d00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.579341] Redzone c9283d10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.588410] Redzone c9283d20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.597479] Redzone c9283d30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.606549] Redzone c9283d40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.615718] Redzone c9283d50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.624788] Redzone c9283d60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.633857] Redzone c9283d70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.642926] Redzone c9283d80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.651995] Redzone c9283d90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.661065] Redzone c9283da0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.670234] Redzone c9283db0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.679304] Redzone c9283dc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.688373] Redzone c9283dd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.697442] Redzone c9283de0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.706511] Redzone c9283df0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.715581] Redzone c9283e00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.724750] Redzone c9283e10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.733820] Redzone c9283e20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.742889] Redzone c9283e30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.751958] Redzone c9283e40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.761027] Redzone c9283e50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.770097] Redzone c9283e60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.779266] Redzone c9283e70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.788335] Redzone c9283e80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.797405] Redzone c9283e90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.806474] Redzone c9283ea0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.815543] Redzone c9283eb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.824612] Redzone c9283ec0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.833782] Redzone c9283ed0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.842851] Redzone c9283ee0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.851920] Redzone c9283ef0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.860990] Redzone c9283f00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.870059] Redzone c9283f10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.879129] Redzone c9283f20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.888298] Redzone c9283f30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.897367] Redzone c9283f40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.906436] Redzone c9283f50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.915505] Redzone c9283f60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.924575] Redzone c9283f70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.933644] Redzone c9283f80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.942814] Redzone c9283f90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.951883] Redzone c9283fa0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.960952] Redzone c9283fb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.970021] Redzone c9283fc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.979091] Redzone c9283fd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.988260] Redzone c9283fe0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 141.997329] Redzone c9283ff0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ <3>[ 142.006399] Object c9284000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.015469] Object c9284010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.024538] Object c9284020: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.033607] Object c9284030: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.042777] Object c9284040: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.051846] Object c9284050: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.060915] Object c9284060: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.069984] Object c9284070: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.079053] Object c9284080: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.088122] Object c9284090: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.097292] Object c92840a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.106361] Object c92840b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.115430] Object c92840c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.124499] Object c92840d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.133569] Object c92840e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.142638] Object c92840f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.151808] Object c9284100: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.160877] Object c9284110: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.169946] Object c9284120: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.179016] Object c9284130: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.188085] Object c9284140: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.197154] Object c9284150: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.206223] Object c9284160: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.215393] Object c9284170: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.224462] Object c9284180: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.233532] Object c9284190: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.242601] Object c92841a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.251670] Object c92841b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.260739] Object c92841c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.269909] Object c92841d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.278978] Object c92841e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.288047] Object c92841f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.297116] Object c9284200: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.306186] Object c9284210: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.315255] Object c9284220: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.324324] Object c9284230: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.333493] Object c9284240: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.342563] Object c9284250: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.351632] Object c9284260: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.360701] Object c9284270: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.369771] Object c9284280: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.378840] Object c9284290: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.388009] Object c92842a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.397079] Object c92842b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.406148] Object c92842c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.415217] Object c92842d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.424286] Object c92842e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.433356] Object c92842f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.442425] Object c9284300: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.451595] Object c9284310: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.460664] Object c9284320: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.469734] Object c9284330: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.478803] Object c9284340: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.487872] Object c9284350: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.496941] Object c9284360: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.506111] Object c9284370: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.515180] Object c9284380: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.524250] Object c9284390: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.533319] Object c92843a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.542388] Object c92843b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.551457] Object c92843c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.560526] Object c92843d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.569696] Object c92843e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk <3>[ 142.578765] Object c92843f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 cc cc cc cc kkkkkkkkkkk..... <3>[ 142.587835] Redzone c9284400: cc cc cc cc .... <3>[ 142.595898] Padding c9284434: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.604968] Padding c9284444: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.614037] Padding c9284454: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.623106] Padding c9284464: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.632176] Padding c9284474: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.641245] Padding c9284484: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.650414] Padding c9284494: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.659484] Padding c92844a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.668553] Padding c92844b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.677622] Padding c92844c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.686692] Padding c92844d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.695761] Padding c92844e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.704931] Padding c92844f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.714000] Padding c9284504: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.723069] Padding c9284514: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.732138] Padding c9284524: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.741208] Padding c9284534: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.750277] Padding c9284544: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.759447] Padding c9284554: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.768516] Padding c9284564: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.777585] Padding c9284574: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.786654] Padding c9284584: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.795723] Padding c9284594: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.804793] Padding c92845a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.813962] Padding c92845b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.823032] Padding c92845c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.832101] Padding c92845d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.841170] Padding c92845e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.850240] Padding c92845f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.859309] Padding c9284604: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.868478] Padding c9284614: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.877548] Padding c9284624: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.886617] Padding c9284634: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.895687] Padding c9284644: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.904756] Padding c9284654: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.913825] Padding c9284664: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.922995] Padding c9284674: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.932064] Padding c9284684: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.941133] Padding c9284694: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.950203] Padding c92846a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.959272] Padding c92846b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.968341] Padding c92846c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.977511] Padding c92846d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.986580] Padding c92846e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 142.995650] Padding c92846f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.004719] Padding c9284704: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.013788] Padding c9284714: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.022858] Padding c9284724: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.032028] Padding c9284734: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.041097] Padding c9284744: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.050166] Padding c9284754: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.059235] Padding c9284764: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.068304] Padding c9284774: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.077374] Padding c9284784: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.086543] Padding c9284794: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.095612] Padding c92847a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.104682] Padding c92847b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.113751] Padding c92847c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.122820] Padding c92847d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.131990] Padding c92847e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ <3>[ 143.141059] Padding c92847f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ <4>[ 143.149831] CPU: 0 UID: 0 PID: 1647 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 <4>[ 143.159415] Tainted: [D]=DIE, [W]=WARN <4>[ 143.163453] Hardware name: STM32 (Device Tree Support) <4>[ 143.168801] Call trace: <4>[ 143.168814] unwind_backtrace from show_stack+0x18/0x1c <4>[ 143.177113] show_stack from dump_stack_lvl+0x88/0xb8 <4>[ 143.182484] dump_stack_lvl from check_object+0x1c0/0x474 <4>[ 143.188165] check_object from free_to_partial_list+0x178/0x58c <4>[ 143.194348] free_to_partial_list from kfree+0x224/0x2dc <4>[ 143.199927] kfree from lkdtm_do_action+0x24/0x4c <4>[ 143.204894] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 143.210659] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 143.216325] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 143.221889] vfs_write from ksys_write+0x78/0xf8 <4>[ 143.226747] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 143.232209] Exception stack(0xf174dfa8 to 0xf174dff0) <4>[ 143.237468] dfa0: 00000015 00000015 00000001 b6dd8000 00000015 00000001 <4>[ 143.245941] dfc0: 00000015 00000015 7ff00000 00000004 00000001 b6dd8000 00020000 0043fe38 <4>[ 143.254410] dfe0: 00000004 be97a788 b6e9e33b b6e17616 <3>[ 143.259759] FIX kmalloc-1k: Object at 0xc9284000 not freed # [ 141.281292] lkdtm: Performing direct entry SLAB_LINEAR_OVERFLOW # [ 141.286289] lkdtm: Attempting slab linear overflow ... # [ 141.291616] ============================================================================= # [ 141.299987] BUG kmalloc-1k (Tainted: G D W ): Right Redzone overwritten # [ 141.308056] ----------------------------------------------------------------------------- # # [ 141.318327] 0xc9284400-0xc9284403 @offset=17408. First byte 0x78 instead of 0xcc # [ 141.325997] FIX kmalloc-1k: Restoring Right Redzone 0xc9284400-0xc9284403=0xcc # [ 141.333468] Allocated in lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 age=5 cpu=0 pid=1647 # [ 141.341357] lkdtm_SLAB_LINEAR_OVERFLOW+0x24/0x50 # [ 141.346313] lkdtm_do_action+0x24/0x4c # [ 141.350362] direct_entry+0x11c/0x140 # [ 141.354310] full_proxy_write+0x5c/0x8c # [ 141.358361] vfs_write+0xbc/0x3cc # [ 141.362008] ksys_write+0x78/0xf8 # [ 141.365552] ret_fast_syscall+0x0/0x1c # [ 141.369602] Freed in nfs3_proc_create+0x1b4/0x2c4 age=214 cpu=1 pid=1643 # [ 141.376586] nfs3_proc_create+0x1b4/0x2c4 # [ 141.380843] nfs_do_create+0xa8/0x178 # [ 141.384802] nfs_atomic_open_v23+0x84/0xd4 # [ 141.389153] path_openat+0xb18/0x1198 # [ 141.393105] do_filp_open+0x98/0x134 # [ 141.396954] do_sys_openat2+0xbc/0xe4 # [ 141.400811] sys_openat+0x98/0xd4 # [ 141.404463] ret_fast_syscall+0x0/0x1c # [ 141.408411] Slab 0xef842a00 objects=10 used=8 fp=0xc9282800 flags=0x240(workingset|head|zone=0) # [ 141.417493] Object 0xc9284000 @offset=16384 fp=0xc9282800 # # [ 141.424861] Redzone c9283c00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.433931] Redzone c9283c10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.443001] Redzone c9283c20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.452171] Redzone c9283c30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.461240] Redzone c9283c40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.470309] Redzone c9283c50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.479378] Redzone c9283c60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.488447] Redzone c9283c70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.497517] Redzone c9283c80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.506686] Redzone c9283c90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.515755] Redzone c9283ca0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.524825] Redzone c9283cb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.533894] Redzone c9283cc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.542963] Redzone c9283cd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.552033] Redzone c9283ce0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.561202] Redzone c9283cf0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.570271] Redzone c9283d00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.579341] Redzone c9283d10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.588410] Redzone c9283d20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.597479] Redzone c9283d30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.606549] Redzone c9283d40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.615718] Redzone c9283d50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.624788] Redzone c9283d60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.633857] Redzone c9283d70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.642926] Redzone c9283d80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.651995] Redzone c9283d90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.661065] Redzone c9283da0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.670234] Redzone c9283db0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.679304] Redzone c9283dc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.688373] Redzone c9283dd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.697442] Redzone c9283de0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.706511] Redzone c9283df0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.715581] Redzone c9283e00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.724750] Redzone c9283e10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.733820] Redzone c9283e20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.742889] Redzone c9283e30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.751958] Redzone c9283e40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.761027] Redzone c9283e50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.770097] Redzone c9283e60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.779266] Redzone c9283e70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.788335] Redzone c9283e80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.797405] Redzone c9283e90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.806474] Redzone c9283ea0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.815543] Redzone c9283eb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.824612] Redzone c9283ec0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.833782] Redzone c9283ed0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.842851] Redzone c9283ee0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.851920] Redzone c9283ef0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.860990] Redzone c9283f00: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.870059] Redzone c9283f10: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.879129] Redzone c9283f20: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.888298] Redzone c9283f30: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.897367] Redzone c9283f40: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.906436] Redzone c9283f50: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.915505] Redzone c9283f60: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.924575] Redzone c9283f70: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.933644] Redzone c9283f80: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.942814] Redzone c9283f90: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.951883] Redzone c9283fa0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.960952] Redzone c9283fb0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.970021] Redzone c9283fc0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.979091] Redzone c9283fd0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.988260] Redzone c9283fe0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 141.997329] Redzone c9283ff0: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ # [ 142.006399] Object c9284000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.015469] Object c9284010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.024538] Object c9284020: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.033607] Object c9284030: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.042777] Object c9284040: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.051846] Object c9284050: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.060915] Object c9284060: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.069984] Object c9284070: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.079053] Object c9284080: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.088122] Object c9284090: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.097292] Object c92840a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.106361] Object c92840b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.115430] Object c92840c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.124499] Object c92840d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.133569] Object c92840e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.142638] Object c92840f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.151808] Object c9284100: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.160877] Object c9284110: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.169946] Object c9284120: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.179016] Object c9284130: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.188085] Object c9284140: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.197154] Object c9284150: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.206223] Object c9284160: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.215393] Object c9284170: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.224462] Object c9284180: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.233532] Object c9284190: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.242601] Object c92841a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.251670] Object c92841b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.260739] Object c92841c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.269909] Object c92841d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.278978] Object c92841e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.288047] Object c92841f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.297116] Object c9284200: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.306186] Object c9284210: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.315255] Object c9284220: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.324324] Object c9284230: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.333493] Object c9284240: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.342563] Object c9284250: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.351632] Object c9284260: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.360701] Object c9284270: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.369771] Object c9284280: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.378840] Object c9284290: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.388009] Object c92842a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.397079] Object c92842b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.406148] Object c92842c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.415217] Object c92842d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.424286] Object c92842e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.433356] Object c92842f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.442425] Object c9284300: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.451595] Object c9284310: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.460664] Object c9284320: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.469734] Object c9284330: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.478803] Object c9284340: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.487872] Object c9284350: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.496941] Object c9284360: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.506111] Object c9284370: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.515180] Object c9284380: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.524250] Object c9284390: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.533319] Object c92843a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.542388] Object c92843b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.551457] Object c92843c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.560526] Object c92843d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.569696] Object c92843e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk # [ 142.578765] Object c92843f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 cc cc cc cc kkkkkkkkkkk..... # [ 142.587835] Redzone c9284400: cc cc cc cc .... # [ 142.595898] Padding c9284434: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.604968] Padding c9284444: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.614037] Padding c9284454: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.623106] Padding c9284464: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.632176] Padding c9284474: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.641245] Padding c9284484: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.650414] Padding c9284494: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.659484] Padding c92844a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.668553] Padding c92844b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ #<6>[ 144.937341] lkdtm: Performing direct entry VMALLOC_LINEAR_OVERFLOW <6>[ 144.944009] lkdtm: Attempting vmalloc linear overflow ... <1>[ 144.949366] 8<--- cut here --- <1>[ 144.952810] Unable to handle kernel paging request at virtual address f0950000 when write <1>[ 144.961229] [f0950000] *pgd=c3235811, *pte=00000000, *ppte=00000000 <0>[ 144.967729] Internal error: Oops: 807 [#5] SMP ARM <4>[ 144.972717] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 145.009117] CPU: 1 UID: 0 PID: 1686 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 145.018816] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 145.023964] Hardware name: STM32 (Device Tree Support) <4>[ 145.029413] PC is at mmioset+0x84/0xac <4>[ 145.033487] LR is at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 <4>[ 145.039351] pc : [] lr : [] psr: 00080013 <4>[ 145.045908] sp : f1781eb0 ip : f0950000 fp : 0042fe38 <4>[ 145.051458] r10: c91a42c0 r9 : f1781f80 r8 : c2789488 <4>[ 145.056908] r7 : f1781f80 r6 : 00000000 r5 : f0951000 r4 : f094f000 <4>[ 145.063766] r3 : aaaaaaaa r2 : ffffffc1 r1 : aaaaaaaa r0 : f094f000 <4>[ 145.070524] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 145.077990] Control: 10c5387d Table: c592006a DAC: 00000051 <1>[ 145.084041] Register r0 information: 1-page vmalloc region starting at 0xf094f000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <1>[ 145.096462] Register r1 information: non-paged memory <1>[ 145.101720] Register r2 information: non-paged memory <1>[ 145.107076] Register r3 information: non-paged memory <1>[ 145.112430] Register r4 information: 1-page vmalloc region starting at 0xf094f000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <1>[ 145.124839] Register r5 information: 1-page vmalloc region starting at 0xf0951000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x20/0x60 <1>[ 145.137250] Register r6 information: NULL pointer <1>[ 145.142202] Register r7 information: 2-page vmalloc region starting at 0xf1780000 allocated at kernel_clone+0xac/0x388 <1>[ 145.153214] Register r8 information: non-slab/vmalloc memory <1>[ 145.159177] Register r9 information: 2-page vmalloc region starting at 0xf1780000 allocated at kernel_clone+0xac/0x388 <1>[ 145.170183] Register r10 information: slab kmalloc-192 start c91a4280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 145.184048] full_proxy_open+0x124/0x24c <6>[ 145.188499] do_dentry_open+0x144/0x4dc <6>[ 145.192857] vfs_open+0x2c/0xec <6>[ 145.196509] path_openat+0x748/0x1198 <6>[ 145.200762] do_filp_open+0x98/0x134 <6>[ 145.204813] do_sys_openat2+0xbc/0xe4 <6>[ 145.209068] sys_openat+0x98/0xd4 <6>[ 145.212921] ret_fast_syscall+0x0/0x1c <4>[ 145.217172] Free path: <6>[ 145.219902] full_proxy_release+0x78/0xc0 <6>[ 145.224454] __fput+0xdc/0x2ec <6>[ 145.228000] task_work_run+0x98/0xc8 <6>[ 145.232158] do_exit+0x374/0xa1c <6>[ 145.235908] do_group_exit+0x40/0x8c <6>[ 145.239957] pid_child_should_wake+0x0/0x94 <1>[ 145.244712] Register r11 information: non-paged memory <1>[ 145.250069] Register r12 information: 1-page vmalloc region starting at 0xf094f000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 <0>[ 145.262580] Process cat (pid: 1686, stack limit = 0xf1780000) <0>[ 145.268636] Stack: (0xf1781eb0 to 0xf1782000) <0>[ 145.273290] 1ea0: 00000018 c5c7c000 00000000 c0e03fc0 <0>[ 145.281765] 1ec0: 00000018 c0e043a4 c0e04288 c66d0940 b6da4000 00000018 c3983a30 c0893830 <0>[ 145.290239] 1ee0: c66d0940 c08937d4 f1781f80 b6da4000 c9325040 00000018 c91a42c0 c062a2a0 <0>[ 145.298712] 1f00: c5922db0 00000000 00000000 00000000 00000000 00000018 b6da4000 0001ffe8 <0>[ 145.307184] 1f20: 00000001 00000000 c8de1a40 00000000 00000000 00000000 00000000 00000000 <0>[ 145.315659] 1f40: 00000000 00000000 00000000 00000000 00000022 4af9f06b 00000000 c66d0940 <0>[ 145.324132] 1f60: c66d0940 00000000 00000000 c03002f0 c9325040 00000004 0042fe38 c062a7fc <0>[ 145.332606] 1f80: 00000000 00000000 00000000 4af9f06b 000000c0 00000018 00000018 7ff00000 <0>[ 145.341079] 1fa0: 00000004 c03000c0 00000018 00000018 00000001 b6da4000 00000018 00000001 <0>[ 145.349560] 1fc0: 00000018 00000018 7ff00000 00000004 00000001 b6da4000 00020000 0042fe38 <0>[ 145.358042] 1fe0: 00000004 bebfd788 b6e6a33b b6de3616 60080030 00000001 00000000 00000000 <0>[ 145.366516] Call trace: <0>[ 145.366532] mmioset from lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 <0>[ 145.375661] lkdtm_VMALLOC_LINEAR_OVERFLOW from lkdtm_do_action+0x24/0x4c <0>[ 145.382753] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 145.388527] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 145.394198] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 145.399664] vfs_write from ksys_write+0x78/0xf8 <0>[ 145.404523] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 145.409986] Exception stack(0xf1781fa8 to 0xf1781ff0) <0>[ 145.415346] 1fa0: 00000018 00000018 00000001 b6da4000 00000018 00000001 <0>[ 145.423822] 1fc0: 00000018 00000018 7ff00000 00000004 00000001 b6da4000 00020000 0042fe38 <0>[ 145.432293] 1fe0: 00000004 bebfd788 b6e6a33b b6de3616 <0>[ 145.437551] Code: e3120002 14cc1001 14cc1001 e3120001 (14cc1001) <4>[ 145.444343] ---[ end trace 0000000000000000 ]--- [ 142.677622] Padding c92844c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.686692] Padding c92844d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.695761] Padding c92844e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.704931] Padding c92844f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.714000] Padding c9284504: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.723069] Padding c9284514: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.732138] Padding c9284524: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.741208] Padding c9284534: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.750277] Padding c9284544: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.759447] Padding c9284554: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.768516] Padding c9284564: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.777585] Padding c9284574: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.786654] Padding c9284584: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.795723] Padding c9284594: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.804793] Padding c92845a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.813962] Padding c92845b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.823032] Padding c92845c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.832101] Padding c92845d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.841170] Padding c92845e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.850240] Padding c92845f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.859309] Padding c9284604: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.868478] Padding c9284614: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.877548] Padding c9284624: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.886617] Padding c9284634: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.895687] Padding c9284644: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.904756] Padding c9284654: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.913825] Padding c9284664: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.922995] Padding c9284674: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.932064] Padding c9284684: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.941133] Padding c9284694: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.950203] Padding c92846a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.959272] Padding c92846b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.968341] Padding c92846c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.977511] Padding c92846d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.986580] Padding c92846e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 142.995650] Padding c92846f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.004719] Padding c9284704: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.013788] Padding c9284714: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.022858] Padding c9284724: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.032028] Padding c9284734: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.041097] Padding c9284744: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.050166] Padding c9284754: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.059235] Padding c9284764: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.068304] Padding c9284774: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.077374] Padding c9284784: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.086543] Padding c9284794: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.095612] Padding c92847a4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.104682] Padding c92847b4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.113751] Padding c92847c4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.122820] Padding c92847d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.131990] Padding c92847e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ # [ 143.141059] Padding c92847f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ # [ 143.149831] CPU: 0 UID: 0 PID: 1647 Comm: cat Tainted: G D W 6.12.0-rc3-next-20241017 #1 # [ 143.159415] Tainted: [D]=DIE, [W]=WARN # [ 143.163453] Hardware name: STM32 (Device Tree Support) # [ 143.168801] Call trace: # [ 143.168814] unwind_backtrace from show_stack+0x18/0x1c # [ 143.177113] show_stack from dump_stack_lvl+0x88/0xb8 # [ 143.182484] dump_stack_lvl from check_object+0x1c0/0x474 # [ 143.188165] check_object from free_to_partial_list+0x178/0x58c # [ 143.194348] free_to_partial_list from kfree+0x224/0x2dc # [ 143.199927] kfree from lkdtm_do_action+0x24/0x4c # [ 143.204894] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 143.210659] direct_entry from full_proxy_write+0x5c/0x8c # [ 143.216325] full_proxy_write from vfs_write+0xbc/0x3cc # [ 143.221889] vfs_write from ksys_write+0x78/0xf8 # [ 143.226747] ksys_write from ret_fast_syscall+0x0/0x1c # [ 143.232209] Exception stack(0xf174dfa8 to 0xf174dff0) # [ 143.237468] dfa0: 00000015 00000015 00000001 b6dd8000 00000015 00000001 # [ 143.245941] dfc0: 00000015 00000015 7ff00000 00000004 00000001 b6dd8000 00020000 0043fe38 # [ 143.254410] dfe0: 00000004 be97a788 b6e9e33b b6e17616 # [ 143.259759] FIX kmalloc-1k: Object at 0xc9284000 not freed # SLAB_LINEAR_OVERFLOW: saw 'call trace:': ok ok 21 selftests: lkdtm: SLAB_LINEAR_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: VMALLOC_LINEAR_OVERFLOW.sh # Segmentation fault # [ 144.937341] lkdtm: Performing direct entry VMALLOC_LINEAR_OVERFLOW # [ 144.944009] lkdtm: Attempting vmalloc linear overflow ... # [ 144.949366] 8<--- cut here --- # [ 144.952810] Unable to handle kernel paging request at virtual address f0950000 when write # [ 144.961229] [f0950000] *pgd=c3235811, *pte=00000000, *ppte=00000000 # [ 144.967729] Internal error: Oops: 807 [#5] SMP ARM # [ 144.972717] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 145.009117] CPU: 1 UID: 0 PID: 1686 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 145.018816] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 145.023964] Hardware name: STM32 (Device Tree Support) # [ 145.029413] PC is at mmioset+0x84/0xac # [ 145.033487] LR is at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 # [ 145.039351] pc : [] lr : [] psr: 00080013 # [ 145.045908] sp : f1781eb0 ip : f0950000 fp : 0042fe38 # [ 145.051458] r10: c91a42c0 r9 : f1781f80 r8 : c2789488 # [ 145.056908] r7 : f1781f80 r6 : 00000000 r5 : f0951000 r4 : f094f000 # [ 145.063766] r3 : aaaaaaaa r2 : ffffffc1 r1 : aaaaaaaa r0 : f094f000 # [ 145.070524] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 145.077990] Control: 10c5387d Table: c592006a DAC: 00000051 # [ 145.084041] Register r0 information: 1-page vmalloc region starting at 0xf094f000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 145.096462] Register r1 information: non-paged memory # [ 145.101720] Register r2 information: non-paged memory # [ 145.107076] Register r3 information: non-paged memory # [ 145.112430] Register r4 information: 1-page vmalloc region starting at 0xf094f000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 145.124839] Register r5 information: 1-page vmalloc region starting at 0xf0951000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x20/0x60 # [ 145.137250] Register r6 information: NULL pointer # [ 145.142202] Register r7 information: 2-page vmalloc region starting at 0xf1780000 allocated at kernel_clone+0xac/0x388 # [ 145.153214] Register r8 information: non-slab/vmalloc memory # [ 145.159177] Register r9 information: 2-page vmalloc region starting at 0xf1780000 allocated at kernel_clone+0xac/0x388 # [ 145.170183] Register r10 information: slab kmalloc-192 start c91a4280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 145.184048] full_proxy_open+0x124/0x24c # [ 145.188499] do_dentry_open+0x144/0x4dc # [ 145.192857] vfs_open+0x2c/0xec # [ 145.196509] path_openat+0x748/0x1198 # [ 145.200762] do_filp_open+0x98/0x134 # [ 145.204813] do_sys_openat2+0xbc/0xe4 # [ 145.209068] sys_openat+0x98/0xd4 # [ 145.212921] ret_fast_syscall+0x0/0x1c # [ 145.217172] Free path: # [ 145.219902] full_proxy_release+0x78/0xc0 # [ 145.224454] __fput+0xdc/0x2ec # [ 145.228000] task_work_run+0x98/0xc8 # [ 145.232158] do_exit+0x374/0xa1c # [ 145.235908] do_group_exit+0x40/0x8c # [ 145.239957] pid_child_should_wake+0x0/0x94 # [ 145.244712] Register r11 information: non-paged memory # [ 145.250069] Register r12 information: 1-page vmalloc region starting at 0xf094f000 allocated at lkdtm_VMALLOC_LINEAR_OVERFLOW+0x14/0x60 # [ 145.262580] Process cat (pid: 1686, stack limit = 0xf1780000) # [ 145.268636] Stack: (0xf1781eb0 to 0xf1782000) # [ 145.273290] 1ea0: 00000018 c5c7c000 00000000 c0e03fc0 # [ 145.281765] 1ec0: 00000018 c0e043a4 c0e04288 c66d0940 b6da4000 00000018 c3983a30 c0893830 # [ 145.290239] 1ee0: c66d0940 c08937d4 f1781f80 b6da4000 c9325040 00000018 c91a42c0 c062a2a0 # [ 145.298712] 1f00: c5922db0 00000000 00000000 00000000 00000000 00000018 b6da4000 0001ffe8 # [ 145.307184] 1f20: 00000001 00000000 c8de1a40 00000000 00000000 00000000 00000000 00000000 # [ 145.315659] 1f40: 00000000 00000000 00000000 00000000 00000022 4af9f06b 00000000 c66d0940 # [ 145.324132] 1f60: c66d0940 00000000 00000000 c03002f0 c9325040 00000004 0042fe38 c062a7fc # [ 145.332606] 1f80: 00000000 00000000 00000000 4af9f06b 000000c0 00000018 00000018 7ff00000 # [ 145.341079] 1fa0: 00000004 c03000c0 00000018 00000018 00000001 b6da4000 00000018 00000001 # [ 145.349560] 1fc0: 00000018 00000018 7ff00000 00000004 00000001 b6da4000 00020000 0042fe38 # [ 145.358042] 1fe0: 00000004 bebfd788 b6e6a33b b6de3616 60080030 00000001 00000000 00000000 # [ 145.366516] Call trace: # [ 145.366532] mmioset from lkdtm_VMALLOC_LINEAR_OVERFLOW+0x4c/0x60 # [ 145.375661] lkdtm_VMALLOC_LINEAR_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 145.382753] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 145.388527] direct_entry from full_proxy_write+0x5c/0x8c # [ 145.394198] full_proxy_write from vfs_write+0xbc/0x3cc # [ 145.399664] vfs_write from ksys_write+0x78/0xf8 # [ 145.404523] ksys_write from ret_fast_syscall+0x0/0x1c # [ 145.409986] Exception stack(0xf1781fa8 to 0xf1781ff0) # [ 145.415346] 1fa0: 00000018 00000018 00000001 b6da4000 00000018 00000001 # [ 145.423822] 1fc0: 00000018 00000018 7ff00000 00000004 00000001 b6da4000 00020000 0042fe38 # [ 145.432293] 1fe0: 00000004 bebfd788 b6e6a33b b6de3616 # [ 145.437551] Code: e3120002 14cc1001 14cc1001 e3120001 (14cc1001) # [ 145.444343] ---[ end trace 0000000000000000 ]--- # VMALLOC_LINEAR_OVERFLOW: saw 'call trace:': ok ok 22 selftests: lkdtm: VMALLOC_LINEAR_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: WRITE_AFTER_FREE.sh # Skipping WRITE_AFTER_FREE: Corrupts memory on failure ok 23 selftests: lkdtm: WRITE_AFTER_FREE.sh # SKIP # timeout set to 45 # selftests: lkdtm: READ_AFTER_FREE.sh <6>[ 147.735998] lkdtm: Performing direct entry READ_AFTER_FREE <6>[ 147.740603] lkdtm: Value in memory before free: 12345678 <6>[ 147.746073] lkdtm: Attempting bad read from freed memory <6>[ 147.751647] lkdtm: Memory correctly poisoned (6b6b6b6b) # [ 147.735998] lkdtm: Performing direct entry READ_AFTER_FREE # [ 147.740603] lkdtm: Value in memory before free: 12345678 # [ 147.746073] lkdtm: Attempting bad read from freed memory # [ 147.751647] lkdtm: Memory correctly poisoned (6b6b6b6b) # READ_AFTER_FREE: saw 'call trace:|Memory correctly poisoned': ok ok 24 selftests: lkdtm: READ_AFTER_FREE.sh # timeout set to 45 # selftests: lkdtm: WRITE_BUDDY_AFTER_FREE.sh # Skipping WRITE_BUDDY_AFTER_FREE: Corrupts memory on failure ok 25 selftests: lkdtm: WRITE_BUDDY_AFTER_FREE.sh # SKIP # timeout set to 45 # selftests: lkdtm: READ_BUDDY_AFTER_FREE.sh <6>[ 149.692714] lkdtm: Performing direct entry READ_BUDDY_AFTER_FREE <6>[ 149.697768] lkdtm: Value in memory before free: 12345678 <6>[ 149.703743] lkdtm: Attempting to read from freed memory <6>[ 149.709601] lkdtm: Memory correctly poisoned (0) # [ 149.692714] lkdtm: Performing direct entry READ_BUDDY_AFTER_FREE # [ 149.697768] lkdtm: Value in memory before free: 12345678 # [ 149.703743] lkdtm: Attempting to read from freed memory # [ 149.709601] lkdtm: Memory correctly poisoned (0) # READ_BUDDY_AFTER_FREE: saw 'call trace:|Memory correctly poisoned': ok ok 26 selftests: lkdtm: READ_BUDDY_AFTER_FREE.sh # timeout set to 45 # selftests: lkdtm: SLAB_INIT_ON_ALLOC.sh <6>[ 150.956069] lkdtm: Performing direct entry SLAB_INIT_ON_ALLOC <6>[ 150.960984] lkdtm: Memory appears initialized (6b, no earlier values) # [ 150.956069] lkdtm: Performing direct entry SLAB_INIT_ON_ALLOC # [ 150.960984] lkdtm: Memory appears initialized (6b, no earlier values) # SLAB_INIT_ON_ALLOC: saw 'Memory appears initialized': ok ok 27 selftests: lkdtm: SLAB_INIT_ON_ALLOC.sh # timeout set to 45 # selftests: lkdtm: BUDDY_INIT_ON_ALLOC.sh <6>[ 152.404572] lkdtm: Performing direct entry BUDDY_INIT_ON_ALLOC <6>[ 152.409517] lkdtm: Memory appears initialized (0, no earlier values) # [ 152.404572] lkdtm: Performing direct entry BUDDY_INIT_ON_ALLOC # [ 152.409517] lkdtm: Memory appears initialized (0, no earlier values) # BUDDY_INIT_ON_ALLOC: saw 'Memory appears initialized': ok ok 28 selftests: lkdtm: BUDDY_INIT_ON_ALLOC.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_DOUBLE.sh <6>[ 153.585146] lkdtm: Performing direct entry SLAB_FREE_DOUBLE <6>[ 153.589848] lkdtm: Attempting double slab free ... <3>[ 153.595474] ============================================================================= <3>[ 153.603264] BUG lkdtm-heap-double_free (Tainted: G B D W ): Slab has 0 allocated objects but 1 are to be freed <3>[ 153.603264] <3>[ 153.616265] ----------------------------------------------------------------------------- <3>[ 153.616265] <3>[ 153.626437] Slab 0xef7c13dc objects=32 used=0 fp=0xc58ff008 flags=0x200(workingset|zone=0) <4>[ 153.635026] CPU: 1 UID: 0 PID: 2014 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 153.644714] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 153.649858] Hardware name: STM32 (Device Tree Support) <4>[ 153.655308] Call trace: <4>[ 153.655321] unwind_backtrace from show_stack+0x18/0x1c <4>[ 153.663626] show_stack from dump_stack_lvl+0x88/0xb8 <4>[ 153.668999] dump_stack_lvl from slab_err+0x78/0xb0 <4>[ 153.674072] slab_err from free_to_partial_list+0x4ec/0x58c <4>[ 153.679952] free_to_partial_list from kmem_cache_free+0x1a8/0x3c0 <4>[ 153.686438] kmem_cache_free from lkdtm_do_action+0x24/0x4c <4>[ 153.692313] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 153.698077] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 153.703744] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 153.709209] vfs_write from ksys_write+0x78/0xf8 <4>[ 153.714068] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 153.719530] Exception stack(0xf1961fa8 to 0xf1961ff0) <4>[ 153.724889] 1fa0: 00000011 00000011 00000001 b6e28000 00000011 00000001 <4>[ 153.733362] 1fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 0043fe38 <4>[ 153.741831] 1fe0: 00000004 be8aa788 b6eee33b b6e67616 <3>[ 153.747181] FIX lkdtm-heap-double_free: Object at 0xc58ff008 not freed # [ 153.585146] lkdtm: Performing direct entry SLAB_FREE_DOUBLE # [ 153.589848] lkdtm: Attempting double slab free ... # [ 153.595474] ============================================================================= # [ 153.603264] BUG lkdtm-heap-double_free (Tainted: G B D W ): Slab has 0 allocated objects but 1 are to be freed # # [ 153.616265] ----------------------------------------------------------------------------- # # [ 153.626437] Slab 0xef7c13dc objects=32 used=0 fp=0xc58ff008 flags=0x200(workingset|zone=0) # [ 153.635026] CPU: 1 UID: 0 PID: 2014 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 153.644714] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 153.649858] Hardware name: STM32 (Device Tree Support) # [ 153.655308] Call trace: # [ 153.655321] unwind_backtrace from show_stack+0x18/0x1c # [ 153.663626] show_stack from dump_stack_lvl+0x88/0xb8 # [ 153.668999] dump_stack_lvl from slab_err+0x78/0xb0 # [ 153.674072] slab_err from free_to_partial_list+0x4ec/0x58c # [ 153.679952] free_to_partial_list from kmem_cache_free+0x1a8/0x3c0 # [ 153.686438] kmem_cache_free from lkdtm_do_action+0x24/0x4c # [ 153.692313] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 153.698077] direct_entry from full_proxy_write+0x5c/0x8c # [ 153.703744] full_proxy_write from vfs_write+0xbc/0x3cc # [ 153.709209] vfs_write from ksys_write+0x78/0xf8 # [ 153.714068] ksys_write from ret_fast_syscall+0x0/0x1c # [ 153.719530] Exception stack(0xf1961fa8 to 0xf1961ff0) # [ 153.724889] 1fa0: 00000011 00000011 00000001 b6e28000 00000011 00000001 # [ 153.733362] 1fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 0043fe38 # [ 153.741831] 1fe0: 00000004 be8aa788 b6eee33b b6e67616 # [ 153.747181] FIX lkdtm-heap-double_free: Object at 0xc58ff008 not freed # SLAB_FREE_DOUBLE: saw 'call trace:': ok ok 29 selftests: lkdtm: SLAB_FREE_DOUBLE.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_CROSS.sh <6>[ 154.961133] lkdtm: Performing direct entry SLAB_FREE_CROSS <6>[ 154.965731] lkdtm: Attempting cross-cache slab free ... <4>[ 154.971736] ------------[ cut here ]------------ <4>[ 154.976125] WARNING: CPU: 1 PID: 2053 at mm/slub.c:4669 kmem_cache_free+0x2bc/0x3c0 <4>[ 154.984085] cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a <4>[ 154.992538] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 155.029085] CPU: 1 UID: 0 PID: 2053 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 155.038597] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 155.043848] Hardware name: STM32 (Device Tree Support) <4>[ 155.049197] Call trace: <4>[ 155.049211] unwind_backtrace from show_stack+0x18/0x1c <4>[ 155.057517] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 155.062888] dump_stack_lvl from __warn+0x84/0x134 <4>[ 155.067966] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 155.073346] warn_slowpath_fmt from kmem_cache_free+0x2bc/0x3c0 <4>[ 155.079534] kmem_cache_free from lkdtm_do_action+0x24/0x4c <4>[ 155.085411] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 155.091175] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 155.096842] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 155.102307] vfs_write from ksys_write+0x78/0xf8 <4>[ 155.107266] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 155.112629] Exception stack(0xf1995fa8 to 0xf1995ff0) <4>[ 155.117989] 5fa0: 00000010 00000010 00000001 b6dd8000 00000010 00000001 <4>[ 155.126463] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6dd8000 00020000 004ffe38 <4>[ 155.134932] 5fe0: 00000004 bea17788 b6e9e33b b6e17616 <4>[ 155.140404] ---[ end trace 0000000000000000 ]--- <3>[ 155.145261] Allocated in lkdtm_SLAB_FREE_CROSS+0x20/0x60 age=180 cpu=1 pid=2053 <4>[ 155.152885] lkdtm_SLAB_FREE_CROSS+0x20/0x60 <4>[ 155.157457] lkdtm_do_action+0x24/0x4c <4>[ 155.161422] direct_entry+0x11c/0x140 <4>[ 155.165382] full_proxy_write+0x5c/0x8c <4>[ 155.169441] vfs_write+0xbc/0x3cc <4>[ 155.173080] ksys_write+0x78/0xf8 <4>[ 155.176593] ret_fast_syscall+0x0/0x1c # [ 154.961133] lkdtm: Performing direct entry SLAB_FREE_CROSS # [ 154.965731] lkdtm: Attempting cross-cache slab free ... # [ 154.971736] ------------[ cut here ]------------ # [ 154.976125] WARNING: CPU: 1 PID: 2053 at mm/slub.c:4669 kmem_cache_free+0x2bc/0x3c0 # [ 154.984085] cache_from_obj: Wrong slab cache. lkdtm-heap-b but object is from lkdtm-heap-a # [ 154.992538] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 155.029085] CPU: 1 UID: 0 PID: 2053 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 155.038597] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 155.043848] Hardware name: STM32 (Device Tree Support) # [ 155.049197] Call trace: # [ 155.049211] unwind_backtrace from show_stack+0x18/0x1c # [ 155.057517] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 155.062888] dump_stack_lvl from __warn+0x84/0x134 # [ 155.067966] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 155.073346] warn_slowpath_fmt from kmem_cache_free+0x2bc/0x3c0 # [ 155.079534] kmem_cache_free from lkdtm_do_action+0x24/0x4c # [ 155.085411] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 155.091175] direct_entry from full_proxy_write+0x5c/0x8c # [ 155.096842] full_proxy_write from vfs_write+0xbc/0x3cc # [ 155.102307] vfs_write from ksys_write+0x78/0xf8 # [ 155.107266] ksys_write from ret_fast_syscall+0x0/0x1c # [ 155.112629] Exception stack(0xf1995fa8 to 0xf1995ff0) # [ 155.117989] 5fa0: 00000010 00000010 00000001 b6dd8000 00000010 00000001 # [ 155.126463] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6dd8000 00020000 004ffe38 # [ 155.134932] 5fe0: 00000004 bea17788 b6e9e33b b6e17616 # [ 155.140404] ---[ end trace 0000000000000000 ]--- # [ 155.145261] Allocated in lkdtm_SLAB_FREE_CROSS+0x20/0x60 age=180 cpu=1 pid=2053 # [ 155.152885] lkdtm_SLAB_FREE_CROSS+0x20/0x60 # [ 155.157457] lkdtm_do_action+0x24/0x4c # [ 155.161422] direct_entry+0x11c/0x140 # [ 155.165382] full_proxy_write+0x5c/0x8c # [ 155.169441] vfs_write+0xbc/0x3cc # [ 155.173080] ksys_write+0x78/0xf8 # [ 155.176593] ret_fast_syscall+0x0/0x1c # SLAB_FREE_CROSS: saw 'call trace:': ok ok 30 selftests: lkdtm: SLAB_FREE_CROSS.sh # timeout set to 45 # selftests: lkdtm: SLAB_FREE_PAGE.sh <6>[ 156.404638] lkdtm: Performing direct entry SLAB_FREE_PAGE <6>[ 156.409035] lkdtm: Attempting non-Slab slab free ... <4>[ 156.414286] ------------[ cut here ]------------ <4>[ 156.419153] WARNING: CPU: 0 PID: 2092 at mm/slub.c:4655 kmem_cache_free+0x314/0x3c0 <4>[ 156.427115] virt_to_cache: Object is not a Slab page! <4>[ 156.432448] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 156.469070] CPU: 0 UID: 0 PID: 2092 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 156.478380] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 156.483629] Hardware name: STM32 (Device Tree Support) <4>[ 156.489077] Call trace: <4>[ 156.489093] unwind_backtrace from show_stack+0x18/0x1c <4>[ 156.497399] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 156.502671] dump_stack_lvl from __warn+0x84/0x134 <4>[ 156.507749] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 156.513229] warn_slowpath_fmt from kmem_cache_free+0x314/0x3c0 <4>[ 156.519419] kmem_cache_free from lkdtm_SLAB_FREE_PAGE+0x34/0x44 <4>[ 156.525701] lkdtm_SLAB_FREE_PAGE from lkdtm_do_action+0x24/0x4c <4>[ 156.531971] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 156.537735] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 156.543403] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 156.548969] vfs_write from ksys_write+0x78/0xf8 <4>[ 156.553828] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 156.559190] Exception stack(0xf19e1fa8 to 0xf19e1ff0) <4>[ 156.564549] 1fa0: 0000000f 0000000f 00000001 b6e64000 0000000f 00000001 <4>[ 156.573023] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e64000 00020000 0047fe38 <4>[ 156.581492] 1fe0: 00000004 bec30788 b6f2a33b b6ea3616 <4>[ 156.587148] ---[ end trace 0000000000000000 ]--- # [ 156.404638] lkdtm: Performing direct entry SLAB_FREE_PAGE # [ 156.409035] lkdtm: Attempting non-Slab slab free ... # [ 156.414286] ------------[ cut here ]------------ # [ 156.419153] WARNING: CPU: 0 PID: 2092 at mm/slub.c:4655 kmem_cache_free+0x314/0x3c0 # [ 156.427115] virt_to_cache: Object is not a Slab page! # [ 156.432448] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 156.469070] CPU: 0 UID: 0 PID: 2092 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 156.478380] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 156.483629] Hardware name: STM32 (Device Tree Support) # [ 156.489077] Call trace: # [ 156.489093] unwind_backtrace from show_stack+0x18/0x1c # [ 156.497399] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 156.502671] dump_stack_lvl from __warn+0x84/0x134 # [ 156.507749] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 156.513229] warn_slowpath_fmt from kmem_cache_free+0x314/0x3c0 # [ 156.519419] kmem_cache_free from lkdtm_SLAB_FREE_PAGE+0x34/0x44 # [ 156.525701] lkdtm_SLAB_FREE_PAGE from lkdtm_do_action+0x24/0x4c # [ 156.531971] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 156.537735] direct_entry from full_proxy_write+0x5c/0x8c # [ 156.543403] full_proxy_write from vfs_write+0xbc/0x3cc # [ 156.548969] vfs_write from ksys_write+0x78/0xf8 # [ 156.553828] ksys_write from ret_fast_syscall+0x0/0x1c # [ 156.559190] Exception stack(0xf19e1fa8 to 0xf19e1ff0) # [ 156.564549] 1fa0: 0000000f 0000000f 00000001 b6e64000 0000000f 00000001 # [ 156.573023] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e64000 00020000 0047fe38 # [ 156.581492] 1fe0: 00000004 bec30788 b6f2a33b b6ea3616 # [ 156.587148] ---[ end trace 0000000000000000 ]--- # SLAB_FREE_PAGE: saw 'call trace:': ok ok 31 selftests: lkdtm: SLAB_FREE_PAGE.sh # timeout set to 45 # selftests: lkdtm: SOFTLOCKUP.sh # Skipping SOFTLOCKUP: Hangs the system ok 32 selftests: lkdtm: SOFTLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: HARDLOCKUP.sh # Skipping HARDLOCKUP: Hangs the system ok 33 selftests: lkdtm: HARDLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: SMP_CALL_LOCKUP.sh # Skipping SMP_CALL_LOCKUP: Hangs the system ok 34 selftests: lkdtm: SMP_CALL_LOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: SPINLOCKUP.sh # Skipping SPINLOCKUP: Hangs the system ok 35 selftests: lkdtm: SPINLOCKUP.sh # SKIP # timeout set to 45 # selftests: lkdtm: HUNG_TASK.sh # Skipping HUNG_TASK: Hangs the system ok 36 selftests: lkdtm: HUNG_TASK.sh # SKIP # timeout set to 45 # selftests: lkdtm: EXEC_DATA.sh <6>[ 161.095512] lkdtm: Performing direct entry EXEC_DATA <6>[ 161.099502] lkdtm: attempting ok execution at c0e05898 <6>[ 161.104829] lkdtm: attempting bad execution at c29069d8 <1>[ 161.110410] 8<--- cut here --- <1>[ 161.113670] Unable to handle kernel paging request at virtual address c29069d8 when execute <1>[ 161.122256] [c29069d8] *pgd=c281141e(bad) <0>[ 161.126538] Internal error: Oops: 8000000d [#6] SMP ARM <4>[ 161.132101] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 161.168482] CPU: 0 UID: 0 PID: 2306 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 161.178174] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 161.183319] Hardware name: STM32 (Device Tree Support) <4>[ 161.188767] PC is at data_area+0x0/0x40 <4>[ 161.192935] LR is at execute_location+0x9c/0xac <4>[ 161.197698] pc : [] lr : [] psr: 60080013 <4>[ 161.204255] sp : f1b25eb0 ip : 00000000 fp : 0046fe38 <4>[ 161.209804] r10: c91a4400 r9 : f1b25f80 r8 : c2789508 <4>[ 161.215254] r7 : f1b25f80 r6 : 00000001 r5 : c29069d8 r4 : c0e05898 <4>[ 161.222112] r3 : c9324640 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 161.228871] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 161.236336] Control: 10c5387d Table: c5a4c06a DAC: 00000051 <1>[ 161.242385] Register r0 information: non-paged memory <1>[ 161.247646] Register r1 information: NULL pointer <1>[ 161.252698] Register r2 information: NULL pointer <1>[ 161.257649] Register r3 information: slab task_struct start c9324600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 161.271321] copy_process+0x1f4/0x1f84 <6>[ 161.275678] kernel_clone+0xac/0x388 <6>[ 161.279732] sys_clone+0x78/0x9c <6>[ 161.283484] ret_fast_syscall+0x0/0x1c <4>[ 161.287836] Free path: <6>[ 161.290467] rcu_core+0x2dc/0xb14 <6>[ 161.294318] handle_softirqs+0x15c/0x430 <6>[ 161.298775] irq_exit+0xac/0xd4 <6>[ 161.302525] call_with_stack+0x18/0x20 <6>[ 161.306784] __irq_svc+0x9c/0xb8 <6>[ 161.310530] mmioset+0x3c/0xac <6>[ 161.314085] new_slab+0x3e4/0x480 <6>[ 161.317943] ___slab_alloc+0x5c4/0xd7c <6>[ 161.322199] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 161.327362] vm_area_dup+0x24/0x104 <6>[ 161.331415] copy_process+0x1968/0x1f84 <6>[ 161.335771] kernel_clone+0xac/0x388 <6>[ 161.339925] sys_clone+0x78/0x9c <6>[ 161.343678] ret_fast_syscall+0x0/0x1c <1>[ 161.347926] Register r4 information: non-slab/vmalloc memory <1>[ 161.353887] Register r5 information: non-slab/vmalloc memory <1>[ 161.359845] Register r6 information: non-paged memory <1>[ 161.365099] Register r7 information: 2-page vmalloc region starting at 0xf1b24000 allocated at kernel_clone+0xac/0x388 <1>[ 161.376108] Register r8 information: non-slab/vmalloc memory <1>[ 161.382067] Register r9 information: 2-page vmalloc region starting at 0xf1b24000 allocated at kernel_clone+0xac/0x388 <1>[ 161.393073] Register r10 information: slab kmalloc-192 start c91a43c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 161.407033] full_proxy_open+0x124/0x24c <6>[ 161.411484] do_dentry_open+0x144/0x4dc <6>[ 161.415841] vfs_open+0x2c/0xec <6>[ 161.419493] path_openat+0x748/0x1198 <6>[ 161.423646] do_filp_open+0x98/0x134 <6>[ 161.427796] do_sys_openat2+0xbc/0xe4 <6>[ 161.431950] sys_openat+0x98/0xd4 <6>[ 161.435803] ret_fast_syscall+0x0/0x1c <4>[ 161.440152] Free path: <6>[ 161.442782] __free_slab+0xdc/0xec <6>[ 161.446738] kmem_cache_free_bulk.part.0+0x2e0/0x364 <6>[ 161.452302] kvfree_rcu_bulk+0x208/0x284 <6>[ 161.456755] kfree_rcu_work+0xcc/0x1d0 <6>[ 161.461006] process_one_work+0x1b8/0x450 <6>[ 161.465561] worker_thread+0x1d4/0x3c4 <6>[ 161.469813] kthread+0xe8/0x104 <6>[ 161.473461] ret_from_fork+0x14/0x28 <1>[ 161.477609] Register r11 information: non-paged memory <1>[ 161.483065] Register r12 information: NULL pointer <0>[ 161.488118] Process cat (pid: 2306, stack limit = 0xf1b24000) <0>[ 161.494074] Stack: (0xf1b25eb0 to 0xf1b26000) <0>[ 161.498726] 5ea0: 0000000a c97bb000 00000000 c0e03fc0 <0>[ 161.507200] 5ec0: 0000000a c0e043a4 c0e04288 c92c8b40 b6df8000 0000000a c3983a30 c0893830 <0>[ 161.515674] 5ee0: c92c8b40 c08937d4 f1b25f80 b6df8000 c9324640 0000000a c91a4400 c062a2a0 <0>[ 161.524146] 5f00: c5a4edb0 00000000 00000000 00000000 00000000 0000000a b6df8000 0001fff6 <0>[ 161.532618] 5f20: 00000001 00000000 c92c8540 00000000 00000000 00000000 00000000 00000000 <0>[ 161.541191] 5f40: 00000000 00000000 00000000 00000000 00000022 63d10907 00000000 c92c8b40 <0>[ 161.549664] 5f60: c92c8b40 00000000 00000000 c03002f0 c9324640 00000004 0046fe38 c062a7fc <0>[ 161.558137] 5f80: 00000000 00000000 00000000 63d10907 000000c0 0000000a 0000000a 7ff00000 <0>[ 161.566609] 5fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6df8000 0000000a 00000001 <0>[ 161.575083] 5fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6df8000 00020000 0046fe38 <0>[ 161.583556] 5fe0: 00000004 bec4a788 b6ebe33b b6e37616 60080030 00000001 00000000 00000000 <0>[ 161.592020] Call trace: <0>[ 161.592041] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 161.600746] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 161.606520] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 161.612189] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 161.617656] vfs_write from ksys_write+0x78/0xf8 <0>[ 161.622616] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 161.627979] Exception stack(0xf1b25fa8 to 0xf1b25ff0) <0>[ 161.633335] 5fa0: 0000000a 0000000a 00000001 b6df8000 0000000a 00000001 <0>[ 161.641809] 5fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6df8000 00020000 0046fe38 <0>[ 161.650278] 5fe0: 00000004 bec4a788 b6ebe33b b6e37616 <0>[ 161.655636] Code: 00000002 c683e040 c683e140 c61b5f40 (e52de004) <4>[ 161.661991] ---[ end trace 0000000000000000 ]--- <6>[ 161.666937] note: cat[2306] exited with irqs disabled # Segmentation fault # [ 161.095512] lkdtm: Performing direct entry EXEC_DATA # [ 161.099502] lkdtm: attempting ok execution at c0e05898 # [ 161.104829] lkdtm: attempting bad execution at c29069d8 # [ 161.110410] 8<--- cut here --- # [ 161.113670] Unable to handle kernel paging request at virtual address c29069d8 when execute # [ 161.122256] [c29069d8] *pgd=c281141e(bad) # [ 161.126538] Internal error: Oops: 8000000d [#6] SMP ARM # [ 161.132101] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 161.168482] CPU: 0 UID: 0 PID: 2306 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 161.178174] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 161.183319] Hardware name: STM32 (Device Tree Support) # [ 161.188767] PC is at data_area+0x0/0x40 # [ 161.192935] LR is at execute_location+0x9c/0xac # [ 161.197698] pc : [] lr : [] psr: 60080013 # [ 161.204255] sp : f1b25eb0 ip : 00000000 fp : 0046fe38 # [ 161.209804] r10: c91a4400 r9 : f1b25f80 r8 : c2789508 # [ 161.215254] r7 : f1b25f80 r6 : 00000001 r5 : c29069d8 r4 : c0e05898 # [ 161.222112] r3 : c9324640 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 161.228871] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 161.236336] Control: 10c5387d Table: c5a4c06a DAC: 00000051 # [ 161.242385] Register r0 information: non-paged memory # [ 161.247646] Register r1 information: NULL pointer # [ 161.252698] Register r2 information: NULL pointer # [ 161.257649] Register r3 information: slab task_struct start c9324600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 161.271321] copy_process+0x1f4/0x1f84 # [ 161.275678] kernel_clone+0xac/0x388 # [ 161.279732] sys_clone+0x78/0x9c # [ 161.283484] ret_fast_syscall+0x0/0x1c # [ 161.287836] Free path: # [ 161.290467] rcu_core+0x2dc/0xb14 # [ 161.294318] handle_softirqs+0x15c/0x430 # [ 161.298775] irq_exit+0xac/0xd4 # [ 161.302525] call_with_stack+0x18/0x20 # [ 161.306784] __irq_svc+0x9c/0xb8 # [ 161.310530] mmioset+0x3c/0xac # [ 161.314085] new_slab+0x3e4/0x480 # [ 161.317943] ___slab_alloc+0x5c4/0xd7c # [ 161.322199] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 161.327362] vm_area_dup+0x24/0x104 # [ 161.331415] copy_process+0x1968/0x1f84 # [ 161.335771] kernel_clone+0xac/0x388 # [ 161.339925] sys_clone+0x78/0x9c # [ 161.343678] ret_fast_syscall+0x0/0x1c # [ 161.347926] Register r4 information: non-slab/vmalloc memory # [ 161.353887] Register r5 information: non-slab/vmalloc memory # [ 161.359845] Register r6 information: non-paged memory # [ 161.365099] Register r7 information: 2-page vmalloc region starting at 0xf1b24000 allocated at kernel_clone+0xac/0x388 # [ 161.376108] Register r8 information: non-slab/vmalloc memory # [ 161.382067] Register r9 information: 2-page vmalloc region starting at 0xf1b24000 allocated at kernel_clone+0xac/0x388 # [ 161.393073] Register r10 information: slab kmalloc-192 start c91a43c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 161.407033] full_proxy_open+0x124/0x24c # [ 161.411484] do_dentry_open+0x144/0x4dc # [ 161.415841] vfs_open+0x2c/0xec # [ 161.419493] path_openat+0x748/0x1198 # [ 161.423646] do_filp_open+0x98/0x134 # [ 161.427796] do_sys_openat2+0xbc/0xe4 # [ 161.431950] sys_openat+0x98/0xd4 # [ 161.435803] ret_fast_syscall+0x0/0x1c # [ 161.440152] Free path: # [ 161.442782] __free_slab+0xdc/0xec # [ 161.446738] kmem_cache_free_bulk.part.0+0x2e0/0x364 # [ 161.452302] kvfree_rcu_bulk+0x208/0x284 # [ 161.456755] kfree_rcu_work+0xcc/0x1d0 # [ 161.461006] process_one_work+0x1b8/0x450 # [ 161.465561] worker_thread+0x1d4/0x3c4 # [ 161.469813] kthread+0xe8/0x104 # [ 161.473461] ret_from_fork+0x14/0x28 # [ 161.477609] Register r11 information: non-paged memory # [ 161.483065] Register r12 information: NULL pointer # [ 161.488118] Process cat (pid: 2306, stack limit = 0xf1b24000) # [ 161.494074] Stack: (0xf1b25eb0 to 0xf1b26000) # [ 161.498726] 5ea0: 0000000a c97bb000 00000000 c0e03fc0 # [ 161.507200] 5ec0: 0000000a c0e043a4 c0e04288 c92c8b40 b6df8000 0000000a c3983a30 c0893830 # [ 161.515674] 5ee0: c92c8b40 c08937d4 f1b25f80 b6df8000 c9324640 0000000a c91a4400 c062a2a0 # [ 161.524146] 5f00: c5a4edb0 00000000 00000000 00000000 00000000 0000000a b6df8000 0001fff6 # [ 161.532618] 5f20: 00000001 00000000 c92c8540 00000000 00000000 00000000 00000000 00000000 # [ 161.541191] 5f40: 00000000 00000000 00000000 00000000 00000022 63d10907 00000000 c92c8b40 # [ 161.549664] 5f60: c92c8b40 00000000 00000000 c03002f0 c9324640 00000004 0046fe38 c062a7fc # [ 161.558137] 5f80: 00000000 00000000 00000000 63d10907 000000c0 0000000a 0000000a 7ff00000 # [ 161.566609] 5fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6df8000 0000000a 00000001 # [ 161.575083] 5fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6df8000 00020000 0046fe38 # [ 161.583556] 5fe0: 00000004 bec4a788 b6ebe33b b6e37616 60080030 00000001 00000000 00000000 # [ 161.592020] Call trace: # [ 161.592041] execute_location from lkdtm_do_action+0x24/0x4c # [ 161.600746] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 161.606520] direct_entry from full_proxy_write+0x5c/0x8c # [ 161.612189] full_proxy_write from vfs_write+0xbc/0x3cc # [ 161.617656] vfs_write from ksys_write+0x78/0xf8 # [ 161.622616] ksys_write from ret_fast_syscall+0x0/0x1c # [ 161.627979] Exception stack(0xf1b25fa8 to 0xf1b25ff0) # [ 161.633335] 5fa0: 0000000a 0000000a 00000001 b6df8000 0000000a 00000001 # [ 161.641809] 5fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6df8000 00020000 0046fe38 # [ 161.650278] 5fe0: 00000004 bec4a788 b6ebe33b b6e37616 # [ 161.655636] Code: 00000002 c683e040 c683e140 c61b5f40 (e52de004) # [ 161.661991] ---[ end trace 0000000000000000 ]--- # [ 161.666937] note: cat[2306] exited with irqs disabled # EXEC_DATA: saw 'call trace:': ok ok 37 selftests: lkdtm: EXEC_DATA.sh # timeout set to 45 # selftests: lkdtm: EXEC_STACK.sh <6>[ 163.332343] lkdtm: Performing direct entry EXEC_STACK <6>[ 163.336426] lkdtm: attempting ok execution at c0e05898 <6>[ 163.342316] lkdtm: attempting bad execution at f1b8de74 <1>[ 163.347452] 8<--- cut here --- <1>[ 163.350569] Unable to handle kernel execution of memory at virtual address f1b8de74 when execute <1>[ 163.359751] [f1b8de74] *pgd=c58ad811, *pte=faf9465f, *ppte=faf9445f <0>[ 163.366257] Internal error: Oops: 8000000f [#7] SMP ARM <4>[ 163.371742] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 163.408138] CPU: 1 UID: 0 PID: 2387 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 163.417742] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 163.422998] Hardware name: STM32 (Device Tree Support) <4>[ 163.428453] PC is at 0xf1b8de74 <4>[ 163.431813] LR is at execute_location+0x9c/0xac <4>[ 163.436581] pc : [] lr : [] psr: 60080013 <4>[ 163.443138] sp : f1b8de60 ip : 00000000 fp : 004afe38 <4>[ 163.448688] r10: c91a4a40 r9 : f1b8df80 r8 : c2789510 <4>[ 163.454138] r7 : f1b8df80 r6 : 00000001 r5 : f1b8de74 r4 : c0e05898 <4>[ 163.460997] r3 : c59a6e40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 163.467856] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 163.475222] Control: 10c5387d Table: c5d0406a DAC: 00000051 <1>[ 163.481273] Register r0 information: non-paged memory <1>[ 163.486639] Register r1 information: NULL pointer <1>[ 163.491593] Register r2 information: NULL pointer <1>[ 163.496545] Register r3 information: slab task_struct start c59a6e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 163.510323] copy_process+0x1f4/0x1f84 <6>[ 163.514582] kernel_clone+0xac/0x388 <6>[ 163.518636] sys_clone+0x78/0x9c <6>[ 163.522389] ret_fast_syscall+0x0/0x1c <4>[ 163.526741] Free path: <6>[ 163.529372] rcu_core+0x2dc/0xb14 <6>[ 163.533226] handle_softirqs+0x15c/0x430 <6>[ 163.537683] irq_exit+0xac/0xd4 <6>[ 163.541433] call_with_stack+0x18/0x20 <6>[ 163.545691] __irq_svc+0x9c/0xb8 <6>[ 163.549438] mmioset+0x3c/0xac <6>[ 163.552992] unwind_frame+0x34/0x92c <6>[ 163.557151] arch_stack_walk+0x84/0x100 <6>[ 163.561503] stack_trace_save+0x50/0x78 <6>[ 163.565862] set_track_prepare+0x40/0x74 <6>[ 163.570321] ___slab_alloc+0xd28/0xd7c <6>[ 163.574579] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 163.579742] nfs_page_create+0x60/0x110 <6>[ 163.584101] nfs_page_create_from_folio+0x40/0x104 <6>[ 163.589464] nfs_update_folio+0x6ec/0x96c <6>[ 163.594018] nfs_vm_page_mkwrite+0x2d4/0x2e4 <1>[ 163.598782] Register r4 information: non-slab/vmalloc memory <1>[ 163.604762] Register r5 information: 2-page vmalloc region starting at 0xf1b8c000 allocated at kernel_clone+0xac/0x388 <1>[ 163.615798] Register r6 information: non-paged memory <1>[ 163.621073] Register r7 information: 2-page vmalloc region starting at 0xf1b8c000 allocated at kernel_clone+0xac/0x388 <1>[ 163.632100] Register r8 information: non-slab/vmalloc memory <1>[ 163.638073] Register r9 information: 2-page vmalloc region starting at 0xf1b8c000 allocated at kernel_clone+0xac/0x388 <1>[ 163.649087] Register r10 information: slab kmalloc-192 start c91a4a00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 163.662956] full_proxy_open+0x124/0x24c <6>[ 163.667409] do_dentry_open+0x144/0x4dc <6>[ 163.671767] vfs_open+0x2c/0xec <6>[ 163.675419] path_openat+0x748/0x1198 <6>[ 163.679674] do_filp_open+0x98/0x134 <6>[ 163.683726] do_sys_openat2+0xbc/0xe4 <6>[ 163.687880] sys_openat+0x98/0xd4 <6>[ 163.691734] ret_fast_syscall+0x0/0x1c <4>[ 163.696084] Free path: <6>[ 163.698715] full_proxy_release+0x78/0xc0 <6>[ 163.703268] __fput+0xdc/0x2ec <6>[ 163.706914] task_work_run+0x98/0xc8 <6>[ 163.710972] do_exit+0x374/0xa1c <6>[ 163.714721] do_group_exit+0x40/0x8c <6>[ 163.718871] pid_child_should_wake+0x0/0x94 <1>[ 163.723525] Register r11 information: non-paged memory <1>[ 163.728984] Register r12 information: NULL pointer <0>[ 163.734038] Process cat (pid: 2387, stack limit = 0xf1b8c000) <0>[ 163.740095] Stack: (0xf1b8de60 to 0xf1b8e000) <0>[ 163.744753] de60: 0000000b c9613000 00000000 c17016bc c24d58c0 e52de004 e28dd004 e12fff1e <0>[ 163.753230] de80: e92d4010 e52de004 e28dd004 e3a00040 ebdf56d3 e3a01001 e1a04000 eb23ef38 <0>[ 163.761705] dea0: e1a00004 e8bd4010 eadf53f8 e92d4010 e52de004 6730b73e c20a64e4 c0e03fc0 <0>[ 163.770180] dec0: 0000000b c0e043a4 c0e04288 c92c8440 b6e78000 0000000b c3983a30 c0893830 <0>[ 163.778654] dee0: c92c8440 c08937d4 f1b8df80 b6e78000 c59a6e40 0000000b c91a4a40 c062a2a0 <0>[ 163.787126] df00: c5d06db8 00000000 00000000 00000000 00000000 0000000b b6e78000 0001fff5 <0>[ 163.795598] df20: 00000001 00000000 c92c8b40 00000000 00000000 00000000 00000000 00000000 <0>[ 163.804071] df40: 00000000 00000000 00000000 00000000 00000022 6730b73e 00000000 c92c8440 <0>[ 163.812546] df60: c92c8440 00000000 00000000 c03002f0 c59a6e40 00000004 004afe38 c062a7fc <0>[ 163.821021] df80: 00000000 00000000 00000000 6730b73e 000000c0 0000000b 0000000b 7ff00000 <0>[ 163.829496] dfa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6e78000 0000000b 00000001 <0>[ 163.837969] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 <0>[ 163.846443] dfe0: 00000004 bef0e788 b6f3e33b b6eb7616 60080030 00000001 00000000 00000000 <0>[ 163.854907] Call trace: <0>[ 163.854923] execute_location from lkdtm_EXEC_STACK+0x3c/0x60 <0>[ 163.863736] lkdtm_EXEC_STACK from lkdtm_do_action+0x24/0x4c <0>[ 163.869714] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 163.875479] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 163.881147] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 163.886613] vfs_write from ksys_write+0x78/0xf8 <0>[ 163.891472] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 163.896934] Exception stack(0xf1b8dfa8 to 0xf1b8dff0) <0>[ 163.902291] dfa0: 0000000b 0000000b 00000001 b6e78000 0000000b 00000001 <0>[ 163.910764] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 <0>[ 163.919233] dfe0: 00000004 bef0e788 b6f3e33b b6eb7616 <0>[ 163.924590] Code: c9613000 00000000 c17016bc c24d58c0 (e52de004) <4>[ 163.931088] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 163.332343] lkdtm: Performing direct entry EXEC_STACK # [ 163.336426] lkdtm: attempting ok execution at c0e05898 # [ 163.342316] lkdtm: attempting bad execution at f1b8de74 # [ 163.347452] 8<--- cut here --- # [ 163.350569] Unable to handle kernel execution of memory at virtual address f1b8de74 when execute # [ 163.359751] [f1b8de74] *pgd=c58ad811, *pte=faf9465f, *ppte=faf9445f # [ 163.366257] Internal error: Oops: 8000000f [#7] SMP ARM # [ 163.371742] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 163.408138] CPU: 1 UID: 0 PID: 2387 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 163.417742] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 163.422998] Hardware name: STM32 (Device Tree Support) # [ 163.428453] PC is at 0xf1b8de74 # [ 163.431813] LR is at execute_location+0x9c/0xac # [ 163.436581] pc : [] lr : [] psr: 60080013 # [ 163.443138] sp : f1b8de60 ip : 00000000 fp : 004afe38 # [ 163.448688] r10: c91a4a40 r9 : f1b8df80 r8 : c2789510 # [ 163.454138] r7 : f1b8df80 r6 : 00000001 r5 : f1b8de74 r4 : c0e05898 # [ 163.460997] r3 : c59a6e40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 163.467856] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 163.475222] Control: 10c5387d Table: c5d0406a DAC: 00000051 # [ 163.481273] Register r0 information: non-paged memory # [ 163.486639] Register r1 information: NULL pointer # [ 163.491593] Register r2 information: NULL pointer # [ 163.496545] Register r3 information: slab task_struct start c59a6e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 163.510323] copy_process+0x1f4/0x1f84 # [ 163.514582] kernel_clone+0xac/0x388 # [ 163.518636] sys_clone+0x78/0x9c # [ 163.522389] ret_fast_syscall+0x0/0x1c # [ 163.526741] Free path: # [ 163.529372] rcu_core+0x2dc/0xb14 # [ 163.533226] handle_softirqs+0x15c/0x430 # [ 163.537683] irq_exit+0xac/0xd4 # [ 163.541433] call_with_stack+0x18/0x20 # [ 163.545691] __irq_svc+0x9c/0xb8 # [ 163.549438] mmioset+0x3c/0xac # [ 163.552992] unwind_frame+0x34/0x92c # [ 163.557151] arch_stack_walk+0x84/0x100 # [ 163.561503] stack_trace_save+0x50/0x78 # [ 163.565862] set_track_prepare+0x40/0x74 # [ 163.570321] ___slab_alloc+0xd28/0xd7c # [ 163.574579] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 163.579742] nfs_page_create+0x60/0x110 # [ 163.584101] nfs_page_create_from_folio+0x40/0x104 # [ 163.589464] nfs_update_folio+0x6ec/0x96c # [ 163.594018] nfs_vm_page_mkwrite+0x2d4/0x2e4 # [ 163.598782] Register r4 information: non-slab/vmalloc memory # [ 163.604762] Register r5 information: 2-page vmalloc region starting at 0xf1b8c000 allocated at kernel_clone+0xac/0x388 # [ 163.615798] Register r6 information: non-paged memory # [ 163.621073] Register r7 information: 2-page vmalloc region starting at 0xf1b8c000 allocated at kernel_clone+0xac/0x388 # [ 163.632100] Register r8 information: non-slab/vmalloc memory # [ 163.638073] Register r9 information: 2-page vmalloc region starting at 0xf1b8c000 allocated at kernel_clone+0xac/0x388 # [ 163.649087] Register r10 information: slab kmalloc-192 start c91a4a00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 163.662956] full_proxy_open+0x124/0x24c # [ 163.667409] do_dentry_open+0x144/0x4dc # [ 163.671767] vfs_open+0x2c/0xec # [ 163.675419] path_openat+0x748/0x1198 # [ 163.679674] do_filp_open+0x98/0x134 # [ 163.683726] do_sys_openat2+0xbc/0xe4 # [ 163.687880] sys_openat+0x98/0xd4 # [ 163.691734] ret_fast_syscall+0x0/0x1c # [ 163.696084] Free path: # [ 163.698715] full_proxy_release+0x78/0xc0 # [ 163.703268] __fput+0xdc/0x2ec # [ 163.706914] task_work_run+0x98/0xc8 # [ 163.710972] do_exit+0x374/0xa1c # [ 163.714721] do_group_exit+0x40/0x8c # [ 163.718871] pid_child_should_wake+0x0/0x94 # [ 163.723525] Register r11 information: non-paged memory # [ 163.728984] Register r12 information: NULL pointer # [ 163.734038] Process cat (pid: 2387, stack limit = 0xf1b8c000) # [ 163.740095] Stack: (0xf1b8de60 to 0xf1b8e000) # [ 163.744753] de60: 0000000b c9613000 00000000 c17016bc c24d58c0 e52de004 e28dd004 e12fff1e # [ 163.753230] de80: e92d4010 e52de004 e28dd004 e3a00040 ebdf56d3 e3a01001 e1a04000 eb23ef38 # [ 163.761705] dea0: e1a00004 e8bd4010 eadf53f8 e92d4010 e52de004 6730b73e c20a64e4 c0e03fc0 # [ 163.770180] dec0: 0000000b c0e043a4 c0e04288 c92c8440 b6e78000 0000000b c3983a30 c0893830 # [ 163.778654] dee0: c92c8440 c08937d4 f1b8df80 b6e78000 c59a6e40 0000000b c91a4a40 c062a2a0 # [ 163.787126] df00: c5d06db8 00000000 00000000 00000000 00000000 0000000b b6e78000 0001fff5 # [ 163.795598] df20: 00000001 00000000 c92c8b40 00000000 00000000 00000000 00000000 00000000 # [ 163.804071] df40: 00000000 00000000 00000000 00000000 00000022 6730b73e 00000000 c92c8440 # [ 163.812546] df60: c92c8440 00000000 00000000 c03002f0 c59a6e40 00000004 004afe38 c062a7fc # [ 163.821021] df80: 00000000 00000000 00000000 6730b73e 000000c0 0000000b 0000000b 7ff00000 # [ 163.829496] dfa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6e78000 0000000b 00000001 # [ 163.837969] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 # [ 163.846443] dfe0: 00000004 bef0e788 b6f3e33b b6eb7616 60080030 00000001 00000000 00000000 # [ 163.854907] Call trace: # [ 163.854923] execute_location from lkdtm_EXEC_STACK+0x3c/0x60 # [ 163.863736] lkdtm_EXEC_STACK from lkdtm_do_action+0x24/0x4c # [ 163.869714] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 163.875479] direct_entry from full_proxy_write+0x5c/0x8c # [ 163.881147] full_proxy_write from vfs_write+0xbc/0x3cc # [ 163.886613] vfs_write from ksys_write+0x78/0xf8 # [ 163.891472] ksys_write from ret_fast_syscall+0x0/0x1c # [ 163.896934] Exception stack(0xf1b8dfa8 to 0xf1b8dff0) # [ 163.902291] dfa0: 0000000b 0000000b 00000001 b6e78000 0000000b 00000001 # [ 163.910764] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6e78000 00020000 004afe38 # [ 163.919233] dfe0: 00000004 bef0e788 b6f3e33b b6eb7616 # [ 163.924590] Code: c9613000 00000000 c17016bc c24d58c0 (e52de004) # [ 163.931088] ---[ end trace 0000000000000000 ]--- # EXEC_STACK: saw 'call trace:': ok ok 38 selftests: lkdtm: EXEC_STACK.sh # timeout set to 45 # selftests: lkdtm: EXEC_KMALLOC.sh <6>[ 165.622115] lkdtm: Performing direct entry EXEC_KMALLOC <6>[ 165.626362] lkdtm: attempting ok execution at c0e05898 <6>[ 165.631698] lkdtm: attempting bad execution at c4fc1940 <1>[ 165.637293] 8<--- cut here --- <1>[ 165.640446] Unable to handle kernel paging request at virtual address c4fc1940 when execute <1>[ 165.649120] [c4fc1940] *pgd=c4e1141e(bad) <0>[ 165.653390] Internal error: Oops: 8000000d [#8] SMP ARM <4>[ 165.658947] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 165.695323] CPU: 0 UID: 0 PID: 2471 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 165.705012] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 165.710257] Hardware name: STM32 (Device Tree Support) <4>[ 165.715604] PC is at 0xc4fc1940 <4>[ 165.719052] LR is at execute_location+0x9c/0xac <4>[ 165.723817] pc : [] lr : [] psr: 60080013 <4>[ 165.730374] sp : f1c19ea8 ip : 00000000 fp : 004afe38 <4>[ 165.735924] r10: c91a4a40 r9 : f1c19f80 r8 : c2789518 <4>[ 165.741374] r7 : f1c19f80 r6 : 00000001 r5 : c4fc1940 r4 : c0e05898 <4>[ 165.748232] r3 : c9326e40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 165.755091] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 165.762455] Control: 10c5387d Table: c5b6c06a DAC: 00000051 <1>[ 165.768505] Register r0 information: non-paged memory <1>[ 165.773865] Register r1 information: NULL pointer <1>[ 165.778816] Register r2 information: NULL pointer <1>[ 165.783768] Register r3 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 165.797542] copy_process+0x1f4/0x1f84 <6>[ 165.801798] kernel_clone+0xac/0x388 <6>[ 165.805852] sys_clone+0x78/0x9c <6>[ 165.809705] ret_fast_syscall+0x0/0x1c <4>[ 165.813956] Free path: <6>[ 165.816687] rcu_core+0x2dc/0xb14 <6>[ 165.820539] handle_softirqs+0x15c/0x430 <6>[ 165.824995] irq_exit+0xac/0xd4 <6>[ 165.828645] call_with_stack+0x18/0x20 <6>[ 165.832904] __irq_svc+0x9c/0xb8 <6>[ 165.836651] pfn_valid+0x30/0x40 <6>[ 165.840398] __sync_icache_dcache+0x38/0xbc <6>[ 165.845153] set_ptes+0x6c/0x70 <6>[ 165.848803] filemap_map_pages+0x1ec/0x5c8 <6>[ 165.853461] handle_mm_fault+0x918/0x1180 <6>[ 165.858019] do_page_fault+0x1ac/0x470 <6>[ 165.862272] do_PrefetchAbort+0x40/0xa0 <6>[ 165.866621] ret_from_exception+0x0/0x1c <1>[ 165.871073] Register r4 information: non-slab/vmalloc memory <1>[ 165.877035] Register r5 information: slab kmalloc-64 start c4fc1900 data offset 64 pointer offset 0 size 64 allocated at lkdtm_EXEC_KMALLOC+0x24/0x3c <6>[ 165.890795] lkdtm_EXEC_KMALLOC+0x24/0x3c <6>[ 165.895246] lkdtm_do_action+0x24/0x4c <6>[ 165.899595] direct_entry+0x11c/0x140 <6>[ 165.903743] full_proxy_write+0x5c/0x8c <6>[ 165.908095] vfs_write+0xbc/0x3cc <6>[ 165.911943] ksys_write+0x78/0xf8 <6>[ 165.915788] ret_fast_syscall+0x0/0x1c <4>[ 165.920137] Free path: <6>[ 165.922767] xdr_free_bvec+0x18/0x24 <6>[ 165.926920] xprt_transmit+0x29c/0x4a0 <6>[ 165.931178] call_transmit+0x80/0x8c <6>[ 165.935328] __rpc_execute+0xc8/0x5d0 <6>[ 165.939480] rpc_async_schedule+0x24/0x40 <6>[ 165.944033] process_one_work+0x1b8/0x450 <6>[ 165.948588] worker_thread+0x1d4/0x3c4 <6>[ 165.952840] kthread+0xe8/0x104 <6>[ 165.956487] ret_from_fork+0x14/0x28 <1>[ 165.960635] Register r6 information: non-paged memory <1>[ 165.965991] Register r7 information: 2-page vmalloc region starting at 0xf1c18000 allocated at kernel_clone+0xac/0x388 <1>[ 165.977000] Register r8 information: non-slab/vmalloc memory <1>[ 165.982959] Register r9 information: 2-page vmalloc region starting at 0xf1c18000 allocated at kernel_clone+0xac/0x388 <1>[ 165.993964] Register r10 information: slab kmalloc-192 start c91a4a00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 166.007822] full_proxy_open+0x124/0x24c <6>[ 166.012273] do_dentry_open+0x144/0x4dc <6>[ 166.016630] vfs_open+0x2c/0xec <6>[ 166.020282] path_openat+0x748/0x1198 <6>[ 166.024534] do_filp_open+0x98/0x134 <6>[ 166.028585] do_sys_openat2+0xbc/0xe4 <6>[ 166.032840] sys_openat+0x98/0xd4 <6>[ 166.036693] ret_fast_syscall+0x0/0x1c <4>[ 166.040941] Free path: <6>[ 166.043671] full_proxy_release+0x78/0xc0 <6>[ 166.048224] __fput+0xdc/0x2ec <6>[ 166.051768] task_work_run+0x98/0xc8 <6>[ 166.055924] do_exit+0x374/0xa1c <6>[ 166.059673] do_group_exit+0x40/0x8c <6>[ 166.063723] pid_child_should_wake+0x0/0x94 <1>[ 166.068477] Register r11 information: non-paged memory <1>[ 166.073833] Register r12 information: NULL pointer <0>[ 166.078986] Process cat (pid: 2471, stack limit = 0xf1c18000) <0>[ 166.084942] Stack: (0xf1c19ea8 to 0xf1c1a000) <0>[ 166.089596] 9ea0: c4fc1940 c5dd6000 00000000 c0e05900 0000000d c0e03fc0 <0>[ 166.098075] 9ec0: 0000000d c0e043a4 c0e04288 c92c8740 b6dc8000 0000000d c3983a30 c0893830 <0>[ 166.106562] 9ee0: c92c8740 c08937d4 f1c19f80 b6dc8000 c9326e40 0000000d c91a4a40 c062a2a0 <0>[ 166.115045] 9f00: c5b6edb0 00000000 00000000 00000000 00000000 0000000d b6dc8000 0001fff3 <0>[ 166.123518] 9f20: 00000001 00000000 c92c8440 00000000 00000000 00000000 00000000 00000000 <0>[ 166.131991] 9f40: 00000000 00000000 00000000 00000000 00000022 d8776bd2 00000000 c92c8740 <0>[ 166.140465] 9f60: c92c8740 00000000 00000000 c03002f0 c9326e40 00000004 004afe38 c062a7fc <0>[ 166.148938] 9f80: 00000000 00000000 00000000 d8776bd2 000000c0 0000000d 0000000d 7ff00000 <0>[ 166.157411] 9fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6dc8000 0000000d 00000001 <0>[ 166.165885] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6dc8000 00020000 004afe38 <0>[ 166.174358] 9fe0: 00000004 beb3a788 b6e8e33b b6e07616 60080030 00000001 00000000 00000000 <0>[ 166.182823] Call trace: <0>[ 166.182843] execute_location from lkdtm_EXEC_KMALLOC+0x30/0x3c <0>[ 166.191861] lkdtm_EXEC_KMALLOC from lkdtm_do_action+0x24/0x4c <0>[ 166.197931] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 166.203696] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 166.209364] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 166.214930] vfs_write from ksys_write+0x78/0xf8 <0>[ 166.219789] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 166.225151] Exception stack(0xf1c19fa8 to 0xf1c19ff0) <0>[ 166.230508] 9fa0: 0000000d 0000000d 00000001 b6dc8000 0000000d 00000001 <0>[ 166.238981] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6dc8000 00020000 004afe38 <0>[ 166.247451] 9fe0: 00000004 beb3a788 b6e8e33b b6e07616 <0>[ 166.252808] Code: cccccccc cccccccc cccccccc cccccccc (e52de004) <4>[ 166.259164] ---[ end trace 0000000000000000 ]--- <6>[ 166.264111] note: cat[2471] exited with irqs disabled # Segmentation fault # [ 165.622115] lkdtm: Performing direct entry EXEC_KMALLOC # [ 165.626362] lkdtm: attempting ok execution at c0e05898 # [ 165.631698] lkdtm: attempting bad execution at c4fc1940 # [ 165.637293] 8<--- cut here --- # [ 165.640446] Unable to handle kernel paging request at virtual address c4fc1940 when execute # [ 165.649120] [c4fc1940] *pgd=c4e1141e(bad) # [ 165.653390] Internal error: Oops: 8000000d [#8] SMP ARM # [ 165.658947] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 165.695323] CPU: 0 UID: 0 PID: 2471 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 165.705012] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 165.710257] Hardware name: STM32 (Device Tree Support) # [ 165.715604] PC is at 0xc4fc1940 # [ 165.719052] LR is at execute_location+0x9c/0xac # [ 165.723817] pc : [] lr : [] psr: 60080013 # [ 165.730374] sp : f1c19ea8 ip : 00000000 fp : 004afe38 # [ 165.735924] r10: c91a4a40 r9 : f1c19f80 r8 : c2789518 # [ 165.741374] r7 : f1c19f80 r6 : 00000001 r5 : c4fc1940 r4 : c0e05898 # [ 165.748232] r3 : c9326e40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 165.755091] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 165.762455] Control: 10c5387d Table: c5b6c06a DAC: 00000051 # [ 165.768505] Register r0 information: non-paged memory # [ 165.773865] Register r1 information: NULL pointer # [ 165.778816] Register r2 information: NULL pointer # [ 165.783768] Register r3 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 165.797542] copy_process+0x1f4/0x1f84 # [ 165.801798] kernel_clone+0xac/0x388 # [ 165.805852] sys_clone+0x78/0x9c # [ 165.809705] ret_fast_syscall+0x0/0x1c # [ 165.813956] Free path: # [ 165.816687] rcu_core+0x2dc/0xb14 # [ 165.820539] handle_softirqs+0x15c/0x430 # [ 165.824995] irq_exit+0xac/0xd4 # [ 165.828645] call_with_stack+0x18/0x20 # [ 165.832904] __irq_svc+0x9c/0xb8 # [ 165.836651] pfn_valid+0x30/0x40 # [ 165.840398] __sync_icache_dcache+0x38/0xbc # [ 165.845153] set_ptes+0x6c/0x70 # [ 165.848803] filemap_map_pages+0x1ec/0x5c8 # [ 165.853461] handle_mm_fault+0x918/0x1180 # [ 165.858019] do_page_fault+0x1ac/0x470 # [ 165.862272] do_PrefetchAbort+0x40/0xa0 # [ 165.866621] ret_from_exception+0x0/0x1c # [ 165.871073] Register r4 information: non-slab/vmalloc memory # [ 165.877035] Register r5 information: slab kmalloc-64 start c4fc1900 data offset 64 pointer offset 0 size 64 allocated at lkdtm_EXEC_KMALLOC+0x24/0x3c # [ 165.890795] lkdtm_EXEC_KMALLOC+0x24/0x3c # [ 165.895246] lkdtm_do_action+0x24/0x4c # [ 165.899595] direct_entry+0x11c/0x140 # [ 165.903743] full_proxy_write+0x5c/0x8c # [ 165.908095] vfs_write+0xbc/0x3cc # [ 165.911943] ksys_write+0x78/0xf8 # [ 165.915788] ret_fast_syscall+0x0/0x1c # [ 165.920137] Free path: # [ 165.922767] xdr_free_bvec+0x18/0x24 # [ 165.926920] xprt_transmit+0x29c/0x4a0 # [ 165.931178] call_transmit+0x80/0x8c # [ 165.935328] __rpc_execute+0xc8/0x5d0 # [ 165.939480] rpc_async_schedule+0x24/0x40 # [ 165.944033] process_one_work+0x1b8/0x450 # [ 165.948588] worker_thread+0x1d4/0x3c4 # [ 165.952840] kthread+0xe8/0x104 # [ 165.956487] ret_from_fork+0x14/0x28 # [ 165.960635] Register r6 information: non-paged memory # [ 165.965991] Register r7 information: 2-page vmalloc region starting at 0xf1c18000 allocated at kernel_clone+0xac/0x388 # [ 165.977000] Register r8 information: non-slab/vmalloc memory # [ 165.982959] Register r9 information: 2-page vmalloc region starting at 0xf1c18000 allocated at kernel_clone+0xac/0x388 # [ 165.993964] Register r10 information: slab kmalloc-192 start c91a4a00 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 166.007822] full_proxy_open+0x124/0x24c # [ 166.012273] do_dentry_open+0x144/0x4dc # [ 166.016630] vfs_open+0x2c/0xec # [ 166.020282] path_openat+0x748/0x1198 # [ 166.024534] do_filp_open+0x98/0x134 # [ 166.028585] do_sys_openat2+0xbc/0xe4 # [ 166.032840] sys_openat+0x98/0xd4 # [ 166.036693] ret_fast_syscall+0x0/0x1c # [ 166.040941] Free path: # [ 166.043671] full_proxy_release+0x78/0xc0 # [ 166.048224] __fput+0xdc/0x2ec # [ 166.051768] task_work_run+0x98/0xc8 # [ 166.055924] do_exit+0x374/0xa1c # [ 166.059673] do_group_exit+0x40/0x8c # [ 166.063723] pid_child_should_wake+0x0/0x94 # [ 166.068477] Register r11 information: non-paged memory # [ 166.073833] Register r12 information: NULL pointer # [ 166.078986] Process cat (pid: 2471, stack limit = 0xf1c18000) # [ 166.084942] Stack: (0xf1c19ea8 to 0xf1c1a000) # [ 166.089596] 9ea0: c4fc1940 c5dd6000 00000000 c0e05900 0000000d c0e03fc0 # [ 166.098075] 9ec0: 0000000d c0e043a4 c0e04288 c92c8740 b6dc8000 0000000d c3983a30 c0893830 # [ 166.106562] 9ee0: c92c8740 c08937d4 f1c19f80 b6dc8000 c9326e40 0000000d c91a4a40 c062a2a0 # [ 166.115045] 9f00: c5b6edb0 00000000 00000000 00000000 00000000 0000000d b6dc8000 0001fff3 # [ 166.123518] 9f20: 00000001 00000000 c92c8440 00000000 00000000 00000000 00000000 00000000 # [ 166.131991] 9f40: 00000000 00000000 00000000 00000000 00000022 d8776bd2 00000000 c92c8740 # [ 166.140465] 9f60: c92c8740 00000000 00000000 c03002f0 c9326e40 00000004 004afe38 c062a7fc # [ 166.148938] 9f80: 00000000 00000000 00000000 d8776bd2 000000c0 0000000d 0000000d 7ff00000 # [ 166.157411] 9fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6dc8000 0000000d 00000001 # [ 166.165885] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6dc8000 00020000 004afe38 # [ 166.174358] 9fe0: 00000004 beb3a788 b6e8e33b b6e07616 60080030 00000001 00000000 00000000 # [ 166.182823] Call trace: # [ 166.182843] execute_location from lkdtm_EXEC_KMALLOC+0x30/0x3c # [ 166.191861] lkdtm_EXEC_KMALLOC from lkdtm_do_action+0x24/0x4c # [ 166.197931] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 166.203696] direct_entry from full_proxy_write+0x5c/0x8c # [ 166.209364] full_proxy_write from vfs_write+0xbc/0x3cc # [ 166.214930] vfs_write from ksys_write+0x78/0xf8 # [ 166.219789] ksys_write from ret_fast_syscall+0x0/0x1c # [ 166.225151] Exception stack(0xf1c19fa8 to 0xf1c19ff0) # [ 166.230508] 9fa0: 0000000d 0000000d 00000001 b6dc8000 0000000d 00000001 # [ 166.238981] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6dc8000 00020000 004afe38 # [ 166.247451] 9fe0: 00000004 beb3a788 b6e8e33b b6e07616 # [ 166.252808] Code: cccccccc cccccccc cccccccc cccccccc (e52de004) # [ 166.259164] ---[ end trace 0000000000000000 ]--- # [ 166.264111] note: cat[2471] exited with irqs disabled # EXEC_KMALLOC: saw 'call trace:': ok ok 39 selftests: lkdtm: EXEC_KMALLOC.sh # timeout set to 45 # selftests: lkdtm: EXEC_VMALLOC.sh <6>[ 168.226446] lkdtm: Performing direct entry EXEC_VMALLOC <6>[ 168.230813] lkdtm: attempting ok execution at c0e05898 <6>[ 168.236492] lkdtm: attempting bad execution at f0979000 <1>[ 168.241574] 8<--- cut here --- <1>[ 168.244945] Unable to handle kernel execution of memory at virtual address f0979000 when execute <1>[ 168.254035] [f0979000] *pgd=c3235811, *pte=f714165f, *ppte=f714145f <0>[ 168.260517] Internal error: Oops: 8000000f [#9] SMP ARM <4>[ 168.265999] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 168.302401] CPU: 1 UID: 0 PID: 2553 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 168.312002] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 168.317250] Hardware name: STM32 (Device Tree Support) <4>[ 168.322699] PC is at 0xf0979000 <4>[ 168.326052] LR is at execute_location+0x9c/0xac <4>[ 168.330918] pc : [] lr : [] psr: 60080013 <4>[ 168.337475] sp : f1cc9ea8 ip : 00000000 fp : 004ffe38 <4>[ 168.342925] r10: c91a42c0 r9 : f1cc9f80 r8 : c2789520 <4>[ 168.348475] r7 : f1cc9f80 r6 : 00000001 r5 : f0979000 r4 : c0e05898 <4>[ 168.355233] r3 : c59a6440 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 168.362092] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 168.369457] Control: 10c5387d Table: c5f1806a DAC: 00000051 <1>[ 168.375509] Register r0 information: non-paged memory <1>[ 168.380874] Register r1 information: NULL pointer <1>[ 168.385827] Register r2 information: NULL pointer <1>[ 168.390779] Register r3 information: slab task_struct start c59a6400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 168.404555] copy_process+0x1f4/0x1f84 <6>[ 168.408813] kernel_clone+0xac/0x388 <6>[ 168.412968] sys_clone+0x78/0x9c <6>[ 168.416720] ret_fast_syscall+0x0/0x1c <4>[ 168.420970] Free path: <6>[ 168.423701] rcu_core+0x2dc/0xb14 <6>[ 168.427554] handle_softirqs+0x15c/0x430 <6>[ 168.432010] irq_exit+0xac/0xd4 <6>[ 168.435661] call_with_stack+0x18/0x20 <6>[ 168.439919] __irq_svc+0x9c/0xb8 <6>[ 168.443666] xas_find_marked+0x240/0x370 <6>[ 168.448117] filemap_get_folios_tag+0x7c/0x278 <6>[ 168.453076] __filemap_fdatawait_range+0x80/0x10c <6>[ 168.458334] filemap_write_and_wait_range+0xa4/0xc0 <6>[ 168.463795] nfs_getattr+0x464/0x478 <6>[ 168.467849] vfs_getattr_nosec+0xb4/0xd8 <6>[ 168.472306] vfs_statx_path+0x28/0xbc <6>[ 168.476559] vfs_statx+0x94/0xe8 <6>[ 168.480310] do_statx+0x74/0xb4 <6>[ 168.483961] sys_statx+0x78/0xf4 <6>[ 168.487713] ret_fast_syscall+0x0/0x1c <1>[ 168.491962] Register r4 information: non-slab/vmalloc memory <1>[ 168.497926] Register r5 information: 1-page vmalloc region starting at 0xf0979000 allocated at lkdtm_EXEC_VMALLOC+0x14/0x2c <1>[ 168.509336] Register r6 information: non-paged memory <1>[ 168.514692] Register r7 information: 2-page vmalloc region starting at 0xf1cc8000 allocated at kernel_clone+0xac/0x388 <1>[ 168.525701] Register r8 information: non-slab/vmalloc memory <1>[ 168.531661] Register r9 information: 2-page vmalloc region starting at 0xf1cc8000 allocated at kernel_clone+0xac/0x388 <1>[ 168.542666] Register r10 information: slab kmalloc-192 start c91a4280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 168.556527] full_proxy_open+0x124/0x24c <6>[ 168.560979] do_dentry_open+0x144/0x4dc <6>[ 168.565336] vfs_open+0x2c/0xec <6>[ 168.569088] path_openat+0x748/0x1198 <6>[ 168.573241] do_filp_open+0x98/0x134 <6>[ 168.577391] do_sys_openat2+0xbc/0xe4 <6>[ 168.581547] sys_openat+0x98/0xd4 <6>[ 168.585400] ret_fast_syscall+0x0/0x1c <4>[ 168.589649] Free path: <6>[ 168.592379] full_proxy_release+0x78/0xc0 <6>[ 168.596935] __fput+0xdc/0x2ec <6>[ 168.600495] task_work_run+0x98/0xc8 <6>[ 168.604665] do_exit+0x374/0xa1c <6>[ 168.608325] do_group_exit+0x40/0x8c <6>[ 168.612487] pid_child_should_wake+0x0/0x94 <1>[ 168.617155] Register r11 information: non-paged memory <1>[ 168.622631] Register r12 information: NULL pointer <0>[ 168.627699] Process cat (pid: 2553, stack limit = 0xf1cc8000) <0>[ 168.633666] Stack: (0xf1cc9ea8 to 0xf1cca000) <0>[ 168.638330] 9ea0: f0979000 c5ee8000 00000000 c0e058c4 0000000d c0e03fc0 <0>[ 168.646809] 9ec0: 0000000d c0e043a4 c0e04288 c9443440 b6d78000 0000000d c3983a30 c0893830 <0>[ 168.655284] 9ee0: c9443440 c08937d4 f1cc9f80 b6d78000 c59a6440 0000000d c91a42c0 c062a2a0 <0>[ 168.663758] 9f00: c5f1adb0 00000000 00000000 00000000 00000000 0000000d b6d78000 0001fff3 <0>[ 168.672229] 9f20: 00000001 00000000 c91b4040 00000000 00000000 00000000 00000000 00000000 <0>[ 168.680703] 9f40: 00000000 00000000 00000000 00000000 00000022 80d8b145 00000000 c9443440 <0>[ 168.689178] 9f60: c9443440 00000000 00000000 c03002f0 c59a6440 00000004 004ffe38 c062a7fc <0>[ 168.697652] 9f80: 00000000 00000000 00000000 80d8b145 000000c0 0000000d 0000000d 7ff00000 <0>[ 168.706124] 9fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6d78000 0000000d 00000001 <0>[ 168.714597] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d78000 00020000 004ffe38 <0>[ 168.723070] 9fe0: 00000004 beafa788 b6e3e33b b6db7616 60080030 00000001 00000000 00000000 <0>[ 168.731534] Call trace: <0>[ 168.731550] execute_location from lkdtm_EXEC_VMALLOC+0x20/0x2c <0>[ 168.740566] lkdtm_EXEC_VMALLOC from lkdtm_do_action+0x24/0x4c <0>[ 168.746638] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 168.752404] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 168.758073] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 168.763638] vfs_write from ksys_write+0x78/0xf8 <0>[ 168.768497] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 168.773961] Exception stack(0xf1cc9fa8 to 0xf1cc9ff0) <0>[ 168.779318] 9fa0: 0000000d 0000000d 00000001 b6d78000 0000000d 00000001 <0>[ 168.787791] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d78000 00020000 004ffe38 <0>[ 168.796261] 9fe0: 00000004 beafa788 b6e3e33b b6db7616 <0>[ 168.801518] Code: bad PC value <4>[ 168.805161] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 168.226446] lkdtm: Performing direct entry EXEC_VMALLOC # [ 168.230813] lkdtm: attempting ok execution at c0e05898 # [ 168.236492] lkdtm: attempting bad execution at f0979000 # [ 168.241574] 8<--- cut here --- # [ 168.244945] Unable to handle kernel execution of memory at virtual address f0979000 when execute # [ 168.254035] [f0979000] *pgd=c3235811, *pte=f714165f, *ppte=f714145f # [ 168.260517] Internal error: Oops: 8000000f [#9] SMP ARM # [ 168.265999] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 168.302401] CPU: 1 UID: 0 PID: 2553 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 168.312002] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 168.317250] Hardware name: STM32 (Device Tree Support) # [ 168.322699] PC is at 0xf0979000 # [ 168.326052] LR is at execute_location+0x9c/0xac # [ 168.330918] pc : [] lr : [] psr: 60080013 # [ 168.337475] sp : f1cc9ea8 ip : 00000000 fp : 004ffe38 # [ 168.342925] r10: c91a42c0 r9 : f1cc9f80 r8 : c2789520 # [ 168.348475] r7 : f1cc9f80 r6 : 00000001 r5 : f0979000 r4 : c0e05898 # [ 168.355233] r3 : c59a6440 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 168.362092] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 168.369457] Control: 10c5387d Table: c5f1806a DAC: 00000051 # [ 168.375509] Register r0 information: non-paged memory # [ 168.380874] Register r1 information: NULL pointer # [ 168.385827] Register r2 information: NULL pointer # [ 168.390779] Register r3 information: slab task_struct start c59a6400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 168.404555] copy_process+0x1f4/0x1f84 # [ 168.408813] kernel_clone+0xac/0x388 # [ 168.412968] sys_clone+0x78/0x9c # [ 168.416720] ret_fast_syscall+0x0/0x1c # [ 168.420970] Free path: # [ 168.423701] rcu_core+0x2dc/0xb14 # [ 168.427554] handle_softirqs+0x15c/0x430 # [ 168.432010] irq_exit+0xac/0xd4 # [ 168.435661] call_with_stack+0x18/0x20 # [ 168.439919] __irq_svc+0x9c/0xb8 # [ 168.443666] xas_find_marked+0x240/0x370 # [ 168.448117] filemap_get_folios_tag+0x7c/0x278 # [ 168.453076] __filemap_fdatawait_range+0x80/0x10c # [ 168.458334] filemap_write_and_wait_range+0xa4/0xc0 # [ 168.463795] nfs_getattr+0x464/0x478 # [ 168.467849] vfs_getattr_nosec+0xb4/0xd8 # [ 168.472306] vfs_statx_path+0x28/0xbc # [ 168.476559] vfs_statx+0x94/0xe8 # [ 168.480310] do_statx+0x74/0xb4 # [ 168.483961] sys_statx+0x78/0xf4 # [ 168.487713] ret_fast_syscall+0x0/0x1c # [ 168.491962] Register r4 information: non-slab/vmalloc memory # [ 168.497926] Register r5 information: 1-page vmalloc region starting at 0xf0979000 allocated at lkdtm_EXEC_VMALLOC+0x14/0x2c # [ 168.509336] Register r6 information: non-paged memory # [ 168.514692] Register r7 information: 2-page vmalloc region starting at 0xf1cc8000 allocated at kernel_clone+0xac/0x388 # [ 168.525701] Register r8 information: non-slab/vmalloc memory # [ 168.531661] Register r9 information: 2-page vmalloc region starting at 0xf1cc8000 allocated at kernel_clone+0xac/0x388 # [ 168.542666] Register r10 information: slab kmalloc-192 start c91a4280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 168.556527] full_proxy_open+0x124/0x24c # [ 168.560979] do_dentry_open+0x144/0x4dc # [ 168.565336] vfs_open+0x2c/0xec # [ 168.569088] path_openat+0x748/0x1198 # [ 168.573241] do_filp_open+0x98/0x134 # [ 168.577391] do_sys_openat2+0xbc/0xe4 # [ 168.581547] sys_openat+0x98/0xd4 # [ 168.585400] ret_fast_syscall+0x0/0x1c # [ 168.589649] Free path: # [ 168.592379] full_proxy_release+0x78/0xc0 # [ 168.596935] __fput+0xdc/0x2ec # [ 168.600495] task_work_run+0x98/0xc8 # [ 168.604665] do_exit+0x374/0xa1c # [ 168.608325] do_group_exit+0x40/0x8c # [ 168.612487] pid_child_should_wake+0x0/0x94 # [ 168.617155] Register r11 information: non-paged memory # [ 168.622631] Register r12 information: NULL pointer # [ 168.627699] Process cat (pid: 2553, stack limit = 0xf1cc8000) # [ 168.633666] Stack: (0xf1cc9ea8 to 0xf1cca000) # [ 168.638330] 9ea0: f0979000 c5ee8000 00000000 c0e058c4 0000000d c0e03fc0 # [ 168.646809] 9ec0: 0000000d c0e043a4 c0e04288 c9443440 b6d78000 0000000d c3983a30 c0893830 # [ 168.655284] 9ee0: c9443440 c08937d4 f1cc9f80 b6d78000 c59a6440 0000000d c91a42c0 c062a2a0 # [ 168.663758] 9f00: c5f1adb0 00000000 00000000 00000000 00000000 0000000d b6d78000 0001fff3 # [ 168.672229] 9f20: 00000001 00000000 c91b4040 00000000 00000000 00000000 00000000 00000000 # [ 168.680703] 9f40: 00000000 00000000 00000000 00000000 00000022 80d8b145 00000000 c9443440 # [ 168.689178] 9f60: c9443440 00000000 00000000 c03002f0 c59a6440 00000004 004ffe38 c062a7fc # [ 168.697652] 9f80: 00000000 00000000 00000000 80d8b145 000000c0 0000000d 0000000d 7ff00000 # [ 168.706124] 9fa0: 00000004 c03000c0 0000000d 0000000d 00000001 b6d78000 0000000d 00000001 # [ 168.714597] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d78000 00020000 004ffe38 # [ 168.723070] 9fe0: 00000004 beafa788 b6e3e33b b6db7616 60080030 00000001 00000000 00000000 # [ 168.731534] Call trace: # [ 168.731550] execute_location from lkdtm_EXEC_VMALLOC+0x20/0x2c # [ 168.740566] lkdtm_EXEC_VMALLOC from lkdtm_do_action+0x24/0x4c # [ 168.746638] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 168.752404] direct_entry from full_proxy_write+0x5c/0x8c # [ 168.758073] full_proxy_write from vfs_write+0xbc/0x3cc # [ 168.763638] vfs_write from ksys_write+0x78/0xf8 # [ 168.768497] ksys_write from ret_fast_syscall+0x0/0x1c # [ 168.773961] Exception stack(0xf1cc9fa8 to 0xf1cc9ff0) # [ 168.779318] 9fa0: 0000000d 0000000d 00000001 b6d78000 0000000d 00000001 # [ 168.787791] 9fc0: 0000000d 0000000d 7ff00000 00000004 00000001 b6d78000 00020000 004ffe38 # [ 168.796261] 9fe0: 00000004 beafa788 b6e3e33b b6db7616 # [ 168.801518] Code: bad PC value # [ 168.805161] ---[ end trace 0000000000000000 ]--- # EXEC_VMALLOC: saw 'call trace:': ok ok 40 selftests: lkdtm: EXEC_VMALLOC.sh # timeout set to 45 # selftests: lkdtm: EXEC_RODATA.sh <6>[ 170.587138] lkdtm: Performing direct entry EXEC_RODATA <6>[ 170.591337] lkdtm: attempting ok execution at c0e05898 <6>[ 170.596809] lkdtm: attempting bad execution at c1a72098 <1>[ 170.602293] 8<--- cut here --- <1>[ 170.605450] Unable to handle kernel paging request at virtual address c1a72098 when execute <1>[ 170.614125] [c1a72098] *pgd=c1a1941e(bad) <0>[ 170.618392] Internal error: Oops: 8000000d [#10] SMP ARM <4>[ 170.624049] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 170.660424] CPU: 0 UID: 0 PID: 2635 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 170.670112] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 170.675256] Hardware name: STM32 (Device Tree Support) <4>[ 170.680703] PC is at lkdtm_rodata_do_nothing+0x0/0x4 <4>[ 170.685974] LR is at execute_location+0x9c/0xac <4>[ 170.690735] pc : [] lr : [] psr: 60080013 <4>[ 170.697291] sp : f1d49eb0 ip : 00000000 fp : 0046fe38 <4>[ 170.702841] r10: c91a42c0 r9 : f1d49f80 r8 : c2789528 <4>[ 170.708290] r7 : f1d49f80 r6 : 00000000 r5 : c1a72098 r4 : c0e05898 <4>[ 170.715148] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 170.721907] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 170.729371] Control: 10c5387d Table: c5ccc06a DAC: 00000051 <1>[ 170.735421] Register r0 information: non-paged memory <1>[ 170.740781] Register r1 information: NULL pointer <1>[ 170.745732] Register r2 information: NULL pointer <1>[ 170.750684] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 170.764457] copy_process+0x1f4/0x1f84 <6>[ 170.768712] kernel_clone+0xac/0x388 <6>[ 170.772767] sys_clone+0x78/0x9c <6>[ 170.776520] ret_fast_syscall+0x0/0x1c <4>[ 170.780871] Free path: <6>[ 170.783601] rcu_core+0x2dc/0xb14 <6>[ 170.787352] handle_softirqs+0x15c/0x430 <6>[ 170.791809] irq_exit+0xac/0xd4 <6>[ 170.795560] call_with_stack+0x18/0x20 <6>[ 170.799818] __irq_svc+0x9c/0xb8 <6>[ 170.803565] __cond_resched+0x28/0x54 <6>[ 170.807722] copy_strings+0xc8/0x370 <6>[ 170.811880] do_execveat_common+0x108/0x1b4 <6>[ 170.816539] sys_execve+0x38/0x40 <6>[ 170.820392] ret_fast_syscall+0x0/0x1c <1>[ 170.824741] Register r4 information: non-slab/vmalloc memory <1>[ 170.830603] Register r5 information: non-slab/vmalloc memory <1>[ 170.836561] Register r6 information: NULL pointer <1>[ 170.841612] Register r7 information: 2-page vmalloc region starting at 0xf1d48000 allocated at kernel_clone+0xac/0x388 <1>[ 170.852621] Register r8 information: non-slab/vmalloc memory <1>[ 170.858480] Register r9 information: 2-page vmalloc region starting at 0xf1d48000 allocated at kernel_clone+0xac/0x388 <1>[ 170.869486] Register r10 information: slab kmalloc-192 start c91a4280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 170.883446] full_proxy_open+0x124/0x24c <6>[ 170.887897] do_dentry_open+0x144/0x4dc <6>[ 170.892254] vfs_open+0x2c/0xec <6>[ 170.895905] path_openat+0x748/0x1198 <6>[ 170.900057] do_filp_open+0x98/0x134 <6>[ 170.904208] do_sys_openat2+0xbc/0xe4 <6>[ 170.908363] sys_openat+0x98/0xd4 <6>[ 170.912215] ret_fast_syscall+0x0/0x1c <4>[ 170.916565] Free path: <6>[ 170.919194] nfs_pgio_header_free+0x34/0x48 <6>[ 170.923955] nfs_write_completion+0x60/0x240 <6>[ 170.928809] rpc_free_task+0x34/0x54 <6>[ 170.932861] rpc_async_release+0x24/0x40 <6>[ 170.937322] process_one_work+0x1b8/0x450 <6>[ 170.941878] worker_thread+0x1d4/0x3c4 <6>[ 170.946130] kthread+0xe8/0x104 <6>[ 170.949777] ret_from_fork+0x14/0x28 <1>[ 170.953925] Register r11 information: non-paged memory <1>[ 170.959381] Register r12 information: NULL pointer <0>[ 170.964434] Process cat (pid: 2635, stack limit = 0xf1d48000) <0>[ 170.970490] Stack: (0xf1d49eb0 to 0xf1d4a000) <0>[ 170.975042] 9ea0: 0000000c c5978000 00000000 c0e03fc0 <0>[ 170.983516] 9ec0: 0000000c c0e043a4 c0e04288 c9651640 b6e48000 0000000c c3983a30 c0893830 <0>[ 170.991990] 9ee0: c9651640 c08937d4 f1d49f80 b6e48000 c9322840 0000000c c91a42c0 c062a2a0 <0>[ 171.000462] 9f00: c5ccedb8 00000000 00000000 00000000 00000000 0000000c b6e48000 0001fff4 <0>[ 171.008934] 9f20: 00000001 00000000 c9651440 00000000 00000000 00000000 00000000 00000000 <0>[ 171.017507] 9f40: 00000000 00000000 00000000 00000000 00000022 20366a59 00000000 c9651640 <0>[ 171.025981] 9f60: c9651640 00000000 00000000 c03002f0 c9322840 00000004 0046fe38 c062a7fc <0>[ 171.034453] 9f80: 00000000 00000000 00000000 20366a59 000000c0 0000000c 0000000c 7ff00000 <0>[ 171.042925] 9fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6e48000 0000000c 00000001 <0>[ 171.051399] 9fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e48000 00020000 0046fe38 <0>[ 171.059872] 9fe0: 00000004 bec45788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 171.068336] Call trace: <0>[ 171.068356] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 171.077058] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 171.082822] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 171.088490] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 171.093958] vfs_write from ksys_write+0x78/0xf8 <0>[ 171.098924] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 171.104303] Exception stack(0xf1d49fa8 to 0xf1d49ff0) <0>[ 171.109668] 9fa0: 0000000c 0000000c 00000001 b6e48000 0000000c 00000001 <0>[ 171.118145] 9fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e48000 00020000 0046fe38 <0>[ 171.126615] 9fe0: 00000004 bec45788 b6f0e33b b6e87616 <0>[ 171.131973] Code: 5f727563 6e756f63 00000074 aa55aa55 (e12fff1e) <4>[ 171.138330] ---[ end trace 0000000000000000 ]--- <6>[ 171.143178] note: cat[2635] exited with irqs disabled # Segmentation fault # [ 170.587138] lkdtm: Performing direct entry EXEC_RODATA # [ 170.591337] lkdtm: attempting ok execution at c0e05898 # [ 170.596809] lkdtm: attempting bad execution at c1a72098 # [ 170.602293] 8<--- cut here --- # [ 170.605450] Unable to handle kernel paging request at virtual address c1a72098 when execute # [ 170.614125] [c1a72098] *pgd=c1a1941e(bad) # [ 170.618392] Internal error: Oops: 8000000d [#10] SMP ARM # [ 170.624049] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 170.660424] CPU: 0 UID: 0 PID: 2635 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 170.670112] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 170.675256] Hardware name: STM32 (Device Tree Support) # [ 170.680703] PC is at lkdtm_rodata_do_nothing+0x0/0x4 # [ 170.685974] LR is at execute_location+0x9c/0xac # [ 170.690735] pc : [] lr : [] psr: 60080013 # [ 170.697291] sp : f1d49eb0 ip : 00000000 fp : 0046fe38 # [ 170.702841] r10: c91a42c0 r9 : f1d49f80 r8 : c2789528 # [ 170.708290] r7 : f1d49f80 r6 : 00000000 r5 : c1a72098 r4 : c0e05898 # [ 170.715148] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 170.721907] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 170.729371] Control: 10c5387d Table: c5ccc06a DAC: 00000051 # [ 170.735421] Register r0 information: non-paged memory # [ 170.740781] Register r1 information: NULL pointer # [ 170.745732] Register r2 information: NULL pointer # [ 170.750684] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 170.764457] copy_process+0x1f4/0x1f84 # [ 170.768712] kernel_clone+0xac/0x388 # [ 170.772767] sys_clone+0x78/0x9c # [ 170.776520] ret_fast_syscall+0x0/0x1c # [ 170.780871] Free path: # [ 170.783601] rcu_core+0x2dc/0xb14 # [ 170.787352] handle_softirqs+0x15c/0x430 # [ 170.791809] irq_exit+0xac/0xd4 # [ 170.795560] call_with_stack+0x18/0x20 # [ 170.799818] __irq_svc+0x9c/0xb8 # [ 170.803565] __cond_resched+0x28/0x54 # [ 170.807722] copy_strings+0xc8/0x370 # [ 170.811880] do_execveat_common+0x108/0x1b4 # [ 170.816539] sys_execve+0x38/0x40 # [ 170.820392] ret_fast_syscall+0x0/0x1c # [ 170.824741] Register r4 information: non-slab/vmalloc memory # [ 170.830603] Register r5 information: non-slab/vmalloc memory # [ 170.836561] Register r6 information: NULL pointer # [ 170.841612] Register r7 information: 2-page vmalloc region starting at 0xf1d48000 allocated at kernel_clone+0xac/0x388 # [ 170.852621] Register r8 information: non-slab/vmalloc memory # [ 170.858480] Register r9 information: 2-page vmalloc region starting at 0xf1d48000 allocated at kernel_clone+0xac/0x388 # [ 170.869486] Register r10 information: slab kmalloc-192 start c91a4280 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 170.883446] full_proxy_open+0x124/0x24c # [ 170.887897] do_dentry_open+0x144/0x4dc # [ 170.892254] vfs_open+0x2c/0xec # [ 170.895905] path_openat+0x748/0x1198 # [ 170.900057] do_filp_open+0x98/0x134 # [ 170.904208] do_sys_openat2+0xbc/0xe4 # [ 170.908363] sys_openat+0x98/0xd4 # [ 170.912215] ret_fast_syscall+0x0/0x1c # [ 170.916565] Free path: # [ 170.919194] nfs_pgio_header_free+0x34/0x48 # [ 170.923955] nfs_write_completion+0x60/0x240 # [ 170.928809] rpc_free_task+0x34/0x54 # [ 170.932861] rpc_async_release+0x24/0x40 # [ 170.937322] process_one_work+0x1b8/0x450 # [ 170.941878] worker_thread+0x1d4/0x3c4 # [ 170.946130] kthread+0xe8/0x104 # [ 170.949777] ret_from_fork+0x14/0x28 # [ 170.953925] Register r11 information: non-paged memory # [ 170.959381] Register r12 information: NULL pointer # [ 170.964434] Process cat (pid: 2635, stack limit = 0xf1d48000) # [ 170.970490] Stack: (0xf1d49eb0 to 0xf1d4a000) # [ 170.975042] 9ea0: 0000000c c5978000 00000000 c0e03fc0 # [ 170.983516] 9ec0: 0000000c c0e043a4 c0e04288 c9651640 b6e48000 0000000c c3983a30 c0893830 # [ 170.991990] 9ee0: c9651640 c08937d4 f1d49f80 b6e48000 c9322840 0000000c c91a42c0 c062a2a0 # [ 171.000462] 9f00: c5ccedb8 00000000 00000000 00000000 00000000 0000000c b6e48000 0001fff4 # [ 171.008934] 9f20: 00000001 00000000 c9651440 00000000 00000000 00000000 00000000 00000000 # [ 171.017507] 9f40: 00000000 00000000 00000000 00000000 00000022 20366a59 00000000 c9651640 # [ 171.025981] 9f60: c9651640 00000000 00000000 c03002f0 c9322840 00000004 0046fe38 c062a7fc # [ 171.034453] 9f80: 00000000 00000000 00000000 20366a59 000000c0 0000000c 0000000c 7ff00000 # [ 171.042925] 9fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6e48000 0000000c 00000001 # [ 171.051399] 9fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e48000 00020000 0046fe38 # [ 171.059872] 9fe0: 00000004 bec45788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 171.068336] Call trace: # [ 171.068356] execute_location from lkdtm_do_action+0x24/0x4c # [ 171.077058] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 171.082822] direct_entry from full_proxy_write+0x5c/0x8c # [ 171.088490] full_proxy_write from vfs_write+0xbc/0x3cc # [ 171.093958] vfs_write from ksys_write+0x78/0xf8 # [ 171.098924] ksys_write from ret_fast_syscall+0x0/0x1c # [ 171.104303] Exception stack(0xf1d49fa8 to 0xf1d49ff0) # [ 171.109668] 9fa0: 0000000c 0000000c 00000001 b6e48000 0000000c 00000001 # [ 171.118145] 9fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e48000 00020000 0046fe38 # [ 171.126615] 9fe0: 00000004 bec45788 b6f0e33b b6e87616 # [ 171.131973] Code: 5f727563 6e756f63 00000074 aa55aa55 (e12fff1e) # [ 171.138330] ---[ end trace 0000000000000000 ]--- # [ 171.143178] note: cat[2635] exited with irqs disabled # EXEC_RODATA: saw 'call trace:': ok ok 41 selftests: lkdtm: EXEC_RODATA.sh # timeout set to 45 # selftests: lkdtm: EXEC_USERSPACE.sh <6>[ 173.051832] lkdtm: Performing direct entry EXEC_USERSPACE <6>[ 173.056436] lkdtm: attempting ok execution at c0e05898 <6>[ 173.062563] lkdtm: attempting bad execution at b6fa5000 <1>[ 173.067915] 8<--- cut here --- <1>[ 173.070470] Unhandled prefetch abort: page domain fault (0x00b) at 0xb6fa5000 <0>[ 173.077845] Internal error: : b [#11] SMP ARM <4>[ 173.082501] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 173.118885] CPU: 1 UID: 0 PID: 2716 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 173.128481] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 173.133727] Hardware name: STM32 (Device Tree Support) <4>[ 173.139175] PC is at 0xb6fa5000 <4>[ 173.142626] LR is at lkdtm_EXEC_USERSPACE+0xb4/0xc4 <4>[ 173.147790] pc : [] lr : [] psr: 60080013 <4>[ 173.154346] sp : f1db1eb0 ip : 00000000 fp : 004bfe38 <4>[ 173.159795] r10: c91a47c0 r9 : f1db1f80 r8 : c2789530 <4>[ 173.165345] r7 : f1db1f80 r6 : 00000000 r5 : c935d000 r4 : b6fa5000 <4>[ 173.172103] r3 : c9326e40 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 173.178962] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 173.186327] Control: 10c5387d Table: c956006a DAC: 00000051 <1>[ 173.192378] Register r0 information: non-paged memory <1>[ 173.197740] Register r1 information: NULL pointer <1>[ 173.202692] Register r2 information: NULL pointer <1>[ 173.207645] Register r3 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 173.221420] copy_process+0x1f4/0x1f84 <6>[ 173.225678] kernel_clone+0xac/0x388 <6>[ 173.229835] sys_clone+0x78/0x9c <6>[ 173.233589] ret_fast_syscall+0x0/0x1c <4>[ 173.237840] Free path: <6>[ 173.240570] rcu_core+0x2dc/0xb14 <6>[ 173.244423] handle_softirqs+0x15c/0x430 <6>[ 173.248880] run_ksoftirqd+0x48/0x60 <6>[ 173.252933] smpboot_thread_fn+0xc0/0x15c <6>[ 173.257486] kthread+0xe8/0x104 <6>[ 173.261133] ret_from_fork+0x14/0x28 <1>[ 173.265282] Register r4 information: non-paged memory <1>[ 173.270639] Register r5 information: non-slab/vmalloc memory <1>[ 173.276599] Register r6 information: NULL pointer <1>[ 173.281551] Register r7 information: 2-page vmalloc region starting at 0xf1db0000 allocated at kernel_clone+0xac/0x388 <1>[ 173.292560] Register r8 information: non-slab/vmalloc memory <1>[ 173.298520] Register r9 information: 2-page vmalloc region starting at 0xf1db0000 allocated at kernel_clone+0xac/0x388 <1>[ 173.309526] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 173.323388] full_proxy_open+0x124/0x24c <6>[ 173.327839] do_dentry_open+0x144/0x4dc <6>[ 173.332196] vfs_open+0x2c/0xec <6>[ 173.335849] path_openat+0x748/0x1198 <6>[ 173.340102] do_filp_open+0x98/0x134 <6>[ 173.344153] do_sys_openat2+0xbc/0xe4 <6>[ 173.348416] sys_openat+0x98/0xd4 <6>[ 173.352282] ret_fast_syscall+0x0/0x1c <4>[ 173.356545] Free path: <6>[ 173.359185] nfs_pgio_header_free+0x34/0x48 <6>[ 173.363963] nfs_write_completion+0x60/0x240 <6>[ 173.368729] rpc_free_task+0x34/0x54 <6>[ 173.372895] rpc_async_release+0x24/0x40 <6>[ 173.377364] process_one_work+0x1b8/0x450 <6>[ 173.381831] worker_thread+0x1d4/0x3c4 <6>[ 173.386186] kthread+0xe8/0x104 <6>[ 173.389834] ret_from_fork+0x14/0x28 <1>[ 173.393884] Register r11 information: non-paged memory <1>[ 173.399350] Register r12 information: NULL pointer <0>[ 173.404404] Process cat (pid: 2716, stack limit = 0xf1db0000) <0>[ 173.410464] Stack: (0xf1db1eb0 to 0xf1db2000) <0>[ 173.415118] 1ea0: 00000001 00000000 0000000f c0e03fc0 <0>[ 173.423593] 1ec0: 0000000f c0e043a4 c0e04288 c9651240 b6e48000 0000000f c3983a30 c0893830 <0>[ 173.432069] 1ee0: c9651240 c08937d4 f1db1f80 b6e48000 c9326e40 0000000f c91a47c0 c062a2a0 <0>[ 173.440543] 1f00: c9562db8 00000000 00000000 00000000 00000000 0000000f b6e48000 0001fff1 <0>[ 173.449016] 1f20: 00000001 00000000 c9651440 00000000 00000000 00000000 00000000 00000000 <0>[ 173.457493] 1f40: 00000000 00000000 00000000 00000000 00000022 ed0b33e1 00000000 c9651240 <0>[ 173.465971] 1f60: c9651240 00000000 00000000 c03002f0 c9326e40 00000004 004bfe38 c062a7fc <0>[ 173.474448] 1f80: 00000000 00000000 00000000 ed0b33e1 000000c0 0000000f 0000000f 7ff00000 <0>[ 173.482922] 1fa0: 00000004 c03000c0 0000000f 0000000f 00000001 b6e48000 0000000f 00000001 <0>[ 173.491396] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e48000 00020000 004bfe38 <0>[ 173.499869] 1fe0: 00000004 be878788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 173.508334] Call trace: <0>[ 173.508350] lkdtm_EXEC_USERSPACE from lkdtm_do_action+0x24/0x4c <0>[ 173.517355] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 173.523122] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 173.528792] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 173.534359] vfs_write from ksys_write+0x78/0xf8 <0>[ 173.539218] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 173.544681] Exception stack(0xf1db1fa8 to 0xf1db1ff0) <0>[ 173.550037] 1fa0: 0000000f 0000000f 00000001 b6e48000 0000000f 00000001 <0>[ 173.558511] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e48000 00020000 004bfe38 <0>[ 173.566980] 1fe0: 00000004 be878788 b6f0e33b b6e87616 <0>[ 173.572230] Code: bad PC value <4>[ 173.575570] ---[ end trace 0000000000000000 ]--- <6>[ 173.580517] note: cat[2716] exited with irqs disabled # Segmentation fault # [ 173.051832] lkdtm: Performing direct entry EXEC_USERSPACE # [ 173.056436] lkdtm: attempting ok execution at c0e05898 # [ 173.062563] lkdtm: attempting bad execution at b6fa5000 # [ 173.067915] 8<--- cut here --- # [ 173.070470] Unhandled prefetch abort: page domain fault (0x00b) at 0xb6fa5000 # [ 173.077845] Internal error: : b [#11] SMP ARM # [ 173.082501] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 173.118885] CPU: 1 UID: 0 PID: 2716 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 173.128481] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 173.133727] Hardware name: STM32 (Device Tree Support) # [ 173.139175] PC is at 0xb6fa5000 # [ 173.142626] LR is at lkdtm_EXEC_USERSPACE+0xb4/0xc4 # [ 173.147790] pc : [] lr : [] psr: 60080013 # [ 173.154346] sp : f1db1eb0 ip : 00000000 fp : 004bfe38 # [ 173.159795] r10: c91a47c0 r9 : f1db1f80 r8 : c2789530 # [ 173.165345] r7 : f1db1f80 r6 : 00000000 r5 : c935d000 r4 : b6fa5000 # [ 173.172103] r3 : c9326e40 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 173.178962] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 173.186327] Control: 10c5387d Table: c956006a DAC: 00000051 # [ 173.192378] Register r0 information: non-paged memory # [ 173.197740] Register r1 information: NULL pointer # [ 173.202692] Register r2 information: NULL pointer # [ 173.207645] Register r3 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 173.221420] copy_process+0x1f4/0x1f84 # [ 173.225678] kernel_clone+0xac/0x388 # [ 173.229835] sys_clone+0x78/0x9c # [ 173.233589] ret_fast_syscall+0x0/0x1c # [ 173.237840] Free path: # [ 173.240570] rcu_core+0x2dc/0xb14 # [ 173.244423] handle_softirqs+0x15c/0x430 # [ 173.248880] run_ksoftirqd+0x48/0x60 # [ 173.252933] smpboot_thread_fn+0xc0/0x15c # [ 173.257486] kthread+0xe8/0x104 # [ 173.261133] ret_from_fork+0x14/0x28 # [ 173.265282] Register r4 information: non-paged memory # [ 173.270639] Register r5 information: non-slab/vmalloc memory # [ 173.276599] Register r6 information: NULL pointer # [ 173.281551] Register r7 information: 2-page vmalloc region starting at 0xf1db0000 allocated at kernel_clone+0xac/0x388 # [ 173.292560] Register r8 information: non-slab/vmalloc memory # [ 173.298520] Register r9 information: 2-page vmalloc region starting at 0xf1db0000 allocated at kernel_clone+0xac/0x388 # [ 173.309526] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 173.323388] full_proxy_open+0x124/0x24c # [ 173.327839] do_dentry_open+0x144/0x4dc # [ 173.332196] vfs_open+0x2c/0xec # [ 173.335849] path_openat+0x748/0x1198 # [ 173.340102] do_filp_open+0x98/0x134 # [ 173.344153] do_sys_openat2+0xbc/0xe4 # [ 173.348416] sys_openat+0x98/0xd4 # [ 173.352282] ret_fast_syscall+0x0/0x1c # [ 173.356545] Free path: # [ 173.359185] nfs_pgio_header_free+0x34/0x48 # [ 173.363963] nfs_write_completion+0x60/0x240 # [ 173.368729] rpc_free_task+0x34/0x54 # [ 173.372895] rpc_async_release+0x24/0x40 # [ 173.377364] process_one_work+0x1b8/0x450 # [ 173.381831] worker_thread+0x1d4/0x3c4 # [ 173.386186] kthread+0xe8/0x104 # [ 173.389834] ret_from_fork+0x14/0x28 # [ 173.393884] Register r11 information: non-paged memory # [ 173.399350] Register r12 information: NULL pointer # [ 173.404404] Process cat (pid: 2716, stack limit = 0xf1db0000) # [ 173.410464] Stack: (0xf1db1eb0 to 0xf1db2000) # [ 173.415118] 1ea0: 00000001 00000000 0000000f c0e03fc0 # [ 173.423593] 1ec0: 0000000f c0e043a4 c0e04288 c9651240 b6e48000 0000000f c3983a30 c0893830 # [ 173.432069] 1ee0: c9651240 c08937d4 f1db1f80 b6e48000 c9326e40 0000000f c91a47c0 c062a2a0 # [ 173.440543] 1f00: c9562db8 00000000 00000000 00000000 00000000 0000000f b6e48000 0001fff1 # [ 173.449016] 1f20: 00000001 00000000 c9651440 00000000 00000000 00000000 00000000 00000000 # [ 173.457493] 1f40: 00000000 00000000 00000000 00000000 00000022 ed0b33e1 00000000 c9651240 # [ 173.465971] 1f60: c9651240 00000000 00000000 c03002f0 c9326e40 00000004 004bfe38 c062a7fc # [ 173.474448] 1f80: 00000000 00000000 00000000 ed0b33e1 000000c0 0000000f 0000000f 7ff00000 # [ 173.482922] 1fa0: 00000004 c03000c0 0000000f 0000000f 00000001 b6e48000 0000000f 00000001 # [ 173.491396] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e48000 00020000 004bfe38 # [ 173.499869] 1fe0: 00000004 be878788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 173.508334] Call trace: # [ 173.508350] lkdtm_EXEC_USERSPACE from lkdtm_do_action+0x24/0x4c # [ 173.517355] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 173.523122] direct_entry from full_proxy_write+0x5c/0x8c # [ 173.528792] full_proxy_write from vfs_write+0xbc/0x3cc # [ 173.534359] vfs_write from ksys_write+0x78/0xf8 # [ 173.539218] ksys_write from ret_fast_syscall+0x0/0x1c # [ 173.544681] Exception stack(0xf1db1fa8 to 0xf1db1ff0) # [ 173.550037] 1fa0: 0000000f 0000000f 00000001 b6e48000 0000000f 00000001 # [ 173.558511] 1fc0: 0000000f 0000000f 7ff00000 00000004 00000001 b6e48000 00020000 004bfe38 # [ 173.566980] 1fe0: 00000004 be878788 b6f0e33b b6e87616 # [ 173.572230] Code: bad PC value # [ 173.575570] ---[ end trace 0000000000000000 ]--- # [ 173.580517] note: cat[2716] exited with irqs disabled # EXEC_USERSPACE: saw 'call trace:': ok ok 42 selftests: lkdtm: EXEC_USERSPACE.sh # timeout set to 45 # selftests: lkdtm: EXEC_NULL.sh <6>[ 175.339617] lkdtm: Performing direct entry EXEC_NULL <6>[ 175.343618] lkdtm: attempting ok execution at c0e05898 <6>[ 175.348948] lkdtm: attempting bad execution at 00000000 <1>[ 175.354991] 8<--- cut here --- <1>[ 175.358306] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute <1>[ 175.367516] [00000000] *pgd=00000000 <0>[ 175.371223] Internal error: Oops: 80000005 [#12] SMP ARM <4>[ 175.376711] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 175.413109] CPU: 1 UID: 0 PID: 2796 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 175.422715] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 175.427963] Hardware name: STM32 (Device Tree Support) <4>[ 175.433412] PC is at 0x0 <4>[ 175.436160] LR is at execute_location+0x9c/0xac <4>[ 175.441027] pc : [<00000000>] lr : [] psr: 60080013 <4>[ 175.447583] sp : f1e11eb0 ip : 00000000 fp : 004bfe38 <4>[ 175.453033] r10: c91a47c0 r9 : f1e11f80 r8 : c2789538 <4>[ 175.458583] r7 : f1e11f80 r6 : 00000000 r5 : 00000000 r4 : c0e05898 <4>[ 175.465341] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b <4>[ 175.472200] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 175.479666] Control: 10c5387d Table: c5e5c06a DAC: 00000051 <1>[ 175.485616] Register r0 information: non-paged memory <1>[ 175.490981] Register r1 information: NULL pointer <1>[ 175.495938] Register r2 information: NULL pointer <1>[ 175.500891] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 175.514668] copy_process+0x1f4/0x1f84 <6>[ 175.518925] kernel_clone+0xac/0x388 <6>[ 175.523081] sys_clone+0x78/0x9c <6>[ 175.526835] ret_fast_syscall+0x0/0x1c <4>[ 175.531086] Free path: <6>[ 175.533817] rcu_core+0x2dc/0xb14 <6>[ 175.537671] handle_softirqs+0x15c/0x430 <6>[ 175.542128] irq_exit+0xac/0xd4 <6>[ 175.545778] call_with_stack+0x18/0x20 <6>[ 175.550037] __irq_svc+0x9c/0xb8 <6>[ 175.553784] unwind_frame+0x20c/0x92c <6>[ 175.557943] arch_stack_walk+0x84/0x100 <6>[ 175.562394] stack_trace_save+0x50/0x78 <6>[ 175.566754] set_track_prepare+0x40/0x74 <6>[ 175.571212] ___slab_alloc+0xd28/0xd7c <6>[ 175.575471] __kmalloc_cache_noprof+0x128/0x3b0 <6>[ 175.580523] unx_lookup_cred+0x4c/0xc8 <6>[ 175.584781] rpcauth_refreshcred+0x248/0x2b4 <6>[ 175.589638] __rpc_execute+0xc8/0x5d0 <6>[ 175.593789] rpc_execute+0xa4/0x14c <6>[ 175.597838] rpc_run_task+0x170/0x1b8 <1>[ 175.601993] Register r4 information: non-slab/vmalloc memory <1>[ 175.607959] Register r5 information: NULL pointer <1>[ 175.612911] Register r6 information: NULL pointer <1>[ 175.617964] Register r7 information: 2-page vmalloc region starting at 0xf1e10000 allocated at kernel_clone+0xac/0x388 <1>[ 175.628976] Register r8 information: non-slab/vmalloc memory <1>[ 175.634836] Register r9 information: 2-page vmalloc region starting at 0xf1e10000 allocated at kernel_clone+0xac/0x388 <1>[ 175.645842] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 175.659805] full_proxy_open+0x124/0x24c <6>[ 175.664258] do_dentry_open+0x144/0x4dc <6>[ 175.668614] vfs_open+0x2c/0xec <6>[ 175.672266] path_openat+0x748/0x1198 <6>[ 175.676419] do_filp_open+0x98/0x134 <6>[ 175.680570] do_sys_openat2+0xbc/0xe4 <6>[ 175.684725] sys_openat+0x98/0xd4 <6>[ 175.688578] ret_fast_syscall+0x0/0x1c <4>[ 175.692927] Free path: <6>[ 175.695559] nfs_pgio_header_free+0x34/0x48 <6>[ 175.700320] nfs_write_completion+0x60/0x240 <6>[ 175.705173] rpc_free_task+0x34/0x54 <6>[ 175.709226] rpc_async_release+0x24/0x40 <6>[ 175.713687] process_one_work+0x1b8/0x450 <6>[ 175.718244] worker_thread+0x1d4/0x3c4 <6>[ 175.722496] kthread+0xe8/0x104 <6>[ 175.726144] ret_from_fork+0x14/0x28 <1>[ 175.730292] Register r11 information: non-paged memory <1>[ 175.735751] Register r12 information: NULL pointer <0>[ 175.740804] Process cat (pid: 2796, stack limit = 0xf1e10000) <0>[ 175.746761] Stack: (0xf1e11eb0 to 0xf1e12000) <0>[ 175.751414] 1ea0: 0000000a c5a51000 00000000 c0e03fc0 <0>[ 175.759889] 1ec0: 0000000a c0e043a4 c0e04288 c92dcf40 b6e24000 0000000a c3983a30 c0893830 <0>[ 175.768363] 1ee0: c92dcf40 c08937d4 f1e11f80 b6e24000 c9322840 0000000a c91a47c0 c062a2a0 <0>[ 175.776835] 1f00: c5e5edb8 00000000 00000000 00000000 00000000 0000000a b6e24000 0001fff6 <0>[ 175.785308] 1f20: 00000001 00000000 c8d9c840 00000000 00000000 00000000 00000000 00000000 <0>[ 175.793781] 1f40: 00000000 00000000 00000000 00000000 00000022 c2bfc08b 00000000 c92dcf40 <0>[ 175.802255] 1f60: c92dcf40 00000000 00000000 c03002f0 c9322840 00000004 004bfe38 c062a7fc <0>[ 175.810730] 1f80: 00000000 00000000 00000000 c2bfc08b 000000c0 0000000a 0000000a 7ff00000 <0>[ 175.819202] 1fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e24000 0000000a 00000001 <0>[ 175.827677] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e24000 00020000 004bfe38 <0>[ 175.836149] 1fe0: 00000004 bec11788 b6eea33b b6e63616 60080030 00000001 00000000 00000000 <0>[ 175.844614] Call trace: <0>[ 175.844635] execute_location from lkdtm_do_action+0x24/0x4c <0>[ 175.853354] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 175.859139] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 175.864825] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 175.870309] vfs_write from ksys_write+0x78/0xf8 <0>[ 175.875186] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 175.880662] Exception stack(0xf1e11fa8 to 0xf1e11ff0) <0>[ 175.886027] 1fa0: 0000000a 0000000a 00000001 b6e24000 0000000a 00000001 <0>[ 175.894505] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e24000 00020000 004bfe38 <0>[ 175.902977] 1fe0: 00000004 bec11788 b6eea33b b6e63616 <0>[ 175.908238] Code: bad PC value <4>[ 175.911748] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** # [ 0.000000] ** ** # [ 0.000000] ** This system shows unhashed kernel memory addresses ** # [ 0.000000] ** via the console, logs, and other interfaces. This ** # [ 0.000000] ** might reduce the security of your system. ** # [ 0.000000] ** ** # [ 0.000000] ** If you see this message and you are not debugging ** # [ 0.000000] ** the kernel, report this immediately to your system ** # [ 0.000000] ** administrator! ** # [ 0.000000] ** ** # [ 0.000000] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** # [ 0.000000] ********************************************************** # [ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1 # [ 0.000000] ftrace: allocating 70997 entries in 209 pages # [ 0.000000] ftrace: allocated 209 pages with 4 groups # [ 175.339617] lkdtm: Performing direct entry EXEC_NULL # [ 175.343618] lkdtm: attempting ok execution at c0e05898 # [ 175.348948] lkdtm: attempting bad execution at 00000000 # [ 175.354991] 8<--- cut here --- # [ 175.358306] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute # [ 175.367516] [00000000] *pgd=00000000 # [ 175.371223] Internal error: Oops: 80000005 [#12] SMP ARM # [ 175.376711] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 175.413109] CPU: 1 UID: 0 PID: 2796 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 175.422715] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 175.427963] Hardware name: STM32 (Device Tree Support) # [ 175.433412] PC is at 0x0 # [ 175.436160] LR is at execute_location+0x9c/0xac # [ 175.441027] pc : [<00000000>] lr : [] psr: 60080013 # [ 175.447583] sp : f1e11eb0 ip : 00000000 fp : 004bfe38 # [ 175.453033] r10: c91a47c0 r9 : f1e11f80 r8 : c2789538 # [ 175.458583] r7 : f1e11f80 r6 : 00000000 r5 : 00000000 r4 : c0e05898 # [ 175.465341] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 0000002b # [ 175.472200] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 175.479666] Control: 10c5387d Table: c5e5c06a DAC: 00000051 # [ 175.485616] Register r0 information: non-paged memory # [ 175.490981] Register r1 information: NULL pointer # [ 175.495938] Register r2 information: NULL pointer # [ 175.500891] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 175.514668] copy_process+0x1f4/0x1f84 # [ 175.518925] kernel_clone+0xac/0x388 # [ 175.523081] sys_clone+0x78/0x9c # [ 175.526835] ret_fast_syscall+0x0/0x1c # [ 175.531086] Free path: # [ 175.533817] rcu_core+0x2dc/0xb14 # [ 175.537671] handle_softirqs+0x15c/0x430 # [ 175.542128] irq_exit+0xac/0xd4 # [ 175.545778] call_with_stack+0x18/0x20 # [ 175.550037] __irq_svc+0x9c/0xb8 # [ 175.553784] unwind_frame+0x20c/0x92c # [ 175.557943] arch_stack_walk+0x84/0x100 # [ 175.562394] stack_trace_save+0x50/0x78 # [ 175.566754] set_track_prepare+0x40/0x74 # [ 175.571212] ___slab_alloc+0xd28/0xd7c # [ 175.575471] __kmalloc_cache_noprof+0x128/0x3b0 # [ 175.580523] unx_lookup_cred+0x4c/0xc8 # [ 175.584781] rpcauth_refreshcred+0x248/0x2b4 # [ 175.589638] __rpc_execute+0xc8/0x5d0 # [ 175.593789] rpc_execute+0xa4/0x14c # [ 175.597838] rpc_run_task+0x170/0x1b8 # [ 175.601993] Register r4 information: non-slab/vmalloc memory # [ 175.607959] Register r5 information: NULL pointer # [ 175.612911] Register r6 information: NULL pointer # [ 175.617964] Register r7 information: 2-page vmalloc region starting at 0xf1e10000 allocated at kernel_clone+0xac/0x388 # [ 175.628976] Register r8 information: non-slab/vmalloc memory # [ 175.634836] Register r9 information: 2-page vmalloc region starting at 0xf1e10000 allocated at kernel_clone+0xac/0x388 # [ 175.645842] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 175.659805] full_proxy_open+0x124/0x24c # [ 175.664258] do_dentry_open+0x144/0x4dc # [ 175.668614] vfs_open+0x2c/0xec # [ 175.672266] path_openat+0x748/0x1198 # [ 175.676419] do_filp_open+0x98/0x134 # [ 175.680570] do_sys_openat2+0xbc/0xe4 # [ 175.684725] sys_openat+0x98/0xd4 # [ 175.688578] ret_fast_syscall+0x0/0x1c # [ 175.692927] Free path: # [ 175.695559] nfs_pgio_header_free+0x34/0x48 # [ 175.700320] nfs_write_completion+0x60/0x240 # [ 175.705173] rpc_free_task+0x34/0x54 # [ 175.709226] rpc_async_release+0x24/0x40 # [ 175.713687] process_one_work+0x1b8/0x450 # [ 175.718244] worker_thread+0x1d4/0x3c4 # [ 175.722496] kthread+0xe8/0x104 # [ 175.726144] ret_from_fork+0x14/0x28 # [ 175.730292] Register r11 information: non-paged memory # [ 175.735751] Register r12 information: NULL pointer # [ 175.740804] Process cat (pid: 2796, stack limit = 0xf1e10000) # [ 175.746761] Stack: (0xf1e11eb0 to 0xf1e12000) # [ 175.751414] 1ea0: 0000000a c5a51000 00000000 c0e03fc0 # [ 175.759889] 1ec0: 0000000a c0e043a4 c0e04288 c92dcf40 b6e24000 0000000a c3983a30 c0893830 # [ 175.768363] 1ee0: c92dcf40 c08937d4 f1e11f80 b6e24000 c9322840 0000000a c91a47c0 c062a2a0 # [ 175.776835] 1f00: c5e5edb8 00000000 00000000 00000000 00000000 0000000a b6e24000 0001fff6 # [ 175.785308] 1f20: 00000001 00000000 c8d9c840 00000000 00000000 00000000 00000000 00000000 # [ 175.793781] 1f40: 00000000 00000000 00000000 00000000 00000022 c2bfc08b 00000000 c92dcf40 # [ 175.802255] 1f60: c92dcf40 00000000 00000000 c03002f0 c9322840 00000004 004bfe38 c062a7fc # [ 175.810730] 1f80: 00000000 00000000 00000000 c2bfc08b 000000c0 0000000a 0000000a 7ff00000 # [ 175.819202] 1fa0: 00000004 c03000c0 0000000a 0000000a 00000001 b6e24000 0000000a 00000001 # [ 175.827677] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e24000 00020000 004bfe38 # [ 175.836149] 1fe0: 00000004 bec11788 b6eea33b b6e63616 60080030 00000001 00000000 00000000 # [ 175.844614] Call trace: # [ 175.844635] execute_location from lkdtm_do_action+0x24/0x4c # [ 175.853354] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 175.859139] direct_entry from full_proxy_write+0x5c/0x8c # [ 175.864825] full_proxy_write from vfs_write+0xbc/0x3cc # [ 175.870309] vfs_write from ksys_write+0x78/0xf8 # [ 175.875186] ksys_write from ret_fast_syscall+0x0/0x1c # [ 175.880662] Exception stack(0xf1e11fa8 to 0xf1e11ff0) # [ 175.886027] 1fa0: 0000000a 0000000a 00000001 b6e24000 0000000a 00000001 # [ 175.894505] 1fc0: 0000000a 0000000a 7ff00000 00000004 00000001 b6e24000 00020000 004bfe38 # [ 175.902977] 1fe0: 00000004 bec11788 b6eea33b b6e63616 # [ 175.908238] Code: bad PC value # [ 175.911748] ---[ end trace 0000000000000000 ]--- # EXEC_NULL: saw 'call trace:': ok ok 43 selftests: lkdtm: EXEC_NULL.sh # timeout set to 45 # selftests: lkdtm: ACCESS_USERSPACE.sh <6>[ 177.740938] lkdtm: Performing direct entry ACCESS_USERSPACE <6>[ 177.745819] lkdtm: attempting bad read at b6f85000 <1>[ 177.751079] 8<--- cut here --- <1>[ 177.753838] Unhandled fault: page domain fault (0x01b) at 0xb6f85000 <1>[ 177.760513] [b6f85000] *pgd=fb22f835 <0>[ 177.764388] Internal error: : 1b [#13] SMP ARM <4>[ 177.769053] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 177.805555] CPU: 1 UID: 0 PID: 2877 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 177.815161] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 177.820317] Hardware name: STM32 (Device Tree Support) <4>[ 177.825775] PC is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 <4>[ 177.831157] LR is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 <4>[ 177.836623] pc : [] lr : [] psr: 60080013 <4>[ 177.843186] sp : f1e95ea0 ip : 00000000 fp : 004cfe38 <4>[ 177.848641] r10: c91a47c0 r9 : f1e95f80 r8 : c2789540 <4>[ 177.854193] r7 : f1e95f80 r6 : 00000000 r5 : 00000051 r4 : b6f85000 <4>[ 177.860952] r3 : c9321440 r2 : 00000000 r1 : 00000000 r0 : 00000026 <4>[ 177.867812] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 177.875279] Control: 10c5387d Table: c58e406a DAC: 00000051 <1>[ 177.881230] Register r0 information: non-paged memory <1>[ 177.886598] Register r1 information: NULL pointer <1>[ 177.891553] Register r2 information: NULL pointer <1>[ 177.896506] Register r3 information: slab task_struct start c9321400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 177.910289] copy_process+0x1f4/0x1f84 <6>[ 177.914547] kernel_clone+0xac/0x388 <6>[ 177.918703] sys_clone+0x78/0x9c <6>[ 177.922456] ret_fast_syscall+0x0/0x1c <4>[ 177.926708] Free path: <6>[ 177.929438] rcu_core+0x2dc/0xb14 <6>[ 177.933291] handle_softirqs+0x15c/0x430 <6>[ 177.937748] irq_exit+0xac/0xd4 <6>[ 177.941398] call_with_stack+0x18/0x20 <6>[ 177.945657] __irq_svc+0x9c/0xb8 <6>[ 177.949404] xs_read_stream_request.constprop.0+0x4d8/0x62c <6>[ 177.955577] xs_stream_data_receive_workfn+0x350/0x594 <6>[ 177.961238] process_one_work+0x1b8/0x450 <6>[ 177.965795] worker_thread+0x1d4/0x3c4 <6>[ 177.970047] kthread+0xe8/0x104 <6>[ 177.973694] ret_from_fork+0x14/0x28 <1>[ 177.977842] Register r4 information: non-paged memory <1>[ 177.983203] Register r5 information: non-paged memory <1>[ 177.988458] Register r6 information: NULL pointer <1>[ 177.993510] Register r7 information: 2-page vmalloc region starting at 0xf1e94000 allocated at kernel_clone+0xac/0x388 <1>[ 178.004524] Register r8 information: non-slab/vmalloc memory <1>[ 178.010393] Register r9 information: 2-page vmalloc region starting at 0xf1e94000 allocated at kernel_clone+0xac/0x388 <1>[ 178.021405] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 178.035374] full_proxy_open+0x124/0x24c <6>[ 178.039826] do_dentry_open+0x144/0x4dc <6>[ 178.044185] vfs_open+0x2c/0xec <6>[ 178.047838] path_openat+0x748/0x1198 <6>[ 178.051990] do_filp_open+0x98/0x134 <6>[ 178.056141] do_sys_openat2+0xbc/0xe4 <6>[ 178.060297] sys_openat+0x98/0xd4 <6>[ 178.064150] ret_fast_syscall+0x0/0x1c <4>[ 178.068500] Free path: <6>[ 178.071131] nfs_pgio_header_free+0x34/0x48 <6>[ 178.075894] nfs_write_completion+0x60/0x240 <6>[ 178.080647] rpc_free_task+0x34/0x54 <6>[ 178.084800] rpc_async_release+0x24/0x40 <6>[ 178.089261] process_one_work+0x1b8/0x450 <6>[ 178.093816] worker_thread+0x1d4/0x3c4 <6>[ 178.098074] kthread+0xe8/0x104 <6>[ 178.101734] ret_from_fork+0x14/0x28 <1>[ 178.105896] Register r11 information: non-paged memory <1>[ 178.111276] Register r12 information: NULL pointer <0>[ 178.116346] Process cat (pid: 2877, stack limit = 0xf1e94000) <0>[ 178.122417] Stack: (0xf1e95ea0 to 0xf1e96000) <0>[ 178.126986] 5ea0: 00000022 00000000 00000000 e66f1149 f1e95f80 00000011 c9225000 c0e03fc0 <0>[ 178.135472] 5ec0: 00000011 c0e043a4 c0e04288 c9080240 b6e28000 00000011 c3983a30 c0893830 <0>[ 178.143957] 5ee0: c9080240 c08937d4 f1e95f80 b6e28000 c9321440 00000011 c91a47c0 c062a2a0 <0>[ 178.152437] 5f00: c58e6db8 00000000 00000000 00000000 00000000 00000011 b6e28000 0001ffef <0>[ 178.160912] 5f20: 00000001 00000000 c9080440 00000000 00000000 00000000 00000000 00000000 <0>[ 178.169387] 5f40: 00000000 00000000 00000000 00000000 00000022 e66f1149 00000000 c9080240 <0>[ 178.177862] 5f60: c9080240 00000000 00000000 c03002f0 c9321440 00000004 004cfe38 c062a7fc <0>[ 178.186338] 5f80: 00000000 00000000 00000000 e66f1149 000000c0 00000011 00000011 7ff00000 <0>[ 178.194812] 5fa0: 00000004 c03000c0 00000011 00000011 00000001 b6e28000 00000011 00000001 <0>[ 178.203287] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 004cfe38 <0>[ 178.211761] 5fe0: 00000004 becaa788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 <0>[ 178.220225] Call trace: <0>[ 178.220239] lkdtm_ACCESS_USERSPACE from lkdtm_do_action+0x24/0x4c <0>[ 178.229547] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 178.235315] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 178.240986] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 178.246453] vfs_write from ksys_write+0x78/0xf8 <0>[ 178.251313] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 178.256775] Exception stack(0xf1e95fa8 to 0xf1e95ff0) <0>[ 178.262133] 5fa0: 00000011 00000011 00000001 b6e28000 00000011 00000001 <0>[ 178.270607] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 004cfe38 <0>[ 178.279077] 5fe0: 00000004 becaa788 b6eee33b b6e67616 <0>[ 178.284436] Code: e1a01004 e3070bdc e34c020a eb23b251 (e5943000) <4>[ 178.290792] ---[ end trace 0000000000000000 ]--- <6>[ 178.295640] note: cat[2877] exited with irqs disabled # Segmentation fault # [ 177.740938] lkdtm: Performing direct entry ACCESS_USERSPACE # [ 177.745819] lkdtm: attempting bad read at b6f85000 # [ 177.751079] 8<--- cut here --- # [ 177.753838] Unhandled fault: page domain fault (0x01b) at 0xb6f85000 # [ 177.760513] [b6f85000] *pgd=fb22f835 # [ 177.764388] Internal error: : 1b [#13] SMP ARM # [ 177.769053] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 177.805555] CPU: 1 UID: 0 PID: 2877 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 177.815161] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 177.820317] Hardware name: STM32 (Device Tree Support) # [ 177.825775] PC is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 # [ 177.831157] LR is at lkdtm_ACCESS_USERSPACE+0xe8/0x140 # [ 177.836623] pc : [] lr : [] psr: 60080013 # [ 177.843186] sp : f1e95ea0 ip : 00000000 fp : 004cfe38 # [ 177.848641] r10: c91a47c0 r9 : f1e95f80 r8 : c2789540 # [ 177.854193] r7 : f1e95f80 r6 : 00000000 r5 : 00000051 r4 : b6f85000 # [ 177.860952] r3 : c9321440 r2 : 00000000 r1 : 00000000 r0 : 00000026 # [ 177.867812] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 177.875279] Control: 10c5387d Table: c58e406a DAC: 00000051 # [ 177.881230] Register r0 information: non-paged memory # [ 177.886598] Register r1 information: NULL pointer # [ 177.891553] Register r2 information: NULL pointer # [ 177.896506] Register r3 information: slab task_struct start c9321400 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 177.910289] copy_process+0x1f4/0x1f84 # [ 177.914547] kernel_clone+0xac/0x388 # [ 177.918703] sys_clone+0x78/0x9c # [ 177.922456] ret_fast_syscall+0x0/0x1c # [ 177.926708] Free path: # [ 177.929438] rcu_core+0x2dc/0xb14 # [ 177.933291] handle_softirqs+0x15c/0x430 # [ 177.937748] irq_exit+0xac/0xd4 # [ 177.941398] call_with_stack+0x18/0x20 # [ 177.945657] __irq_svc+0x9c/0xb8 # [ 177.949404] xs_read_stream_request.constprop.0+0x4d8/0x62c # [ 177.955577] xs_stream_data_receive_workfn+0x350/0x594 # [ 177.961238] process_one_work+0x1b8/0x450 # [ 177.965795] worker_thread+0x1d4/0x3c4 # [ 177.970047] kthread+0xe8/0x104 # [ 177.973694] ret_from_fork+0x14/0x28 # [ 177.977842] Register r4 information: non-paged memory # [ 177.983203] Register r5 information: non-paged memory # [ 177.988458] Register r6 information: NULL pointer # [ 177.993510] Register r7 information: 2-page vmalloc region starting at 0xf1e94000 allocated at kernel_clone+0xac/0x388 # [ 178.004524] Register r8 information: non-slab/vmalloc memory # [ 178.010393] Register r9 information: 2-page vmalloc region starting at 0xf1e94000 allocated at kernel_clone+0xac/0x388 # [ 178.021405] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 178.035374] full_proxy_open+0x124/0x24c # [ 178.039826] do_dentry_open+0x144/0x4dc # [ 178.044185] vfs_open+0x2c/0xec # [ 178.047838] path_openat+0x748/0x1198 # [ 178.051990] do_filp_open+0x98/0x134 # [ 178.056141] do_sys_openat2+0xbc/0xe4 # [ 178.060297] sys_openat+0x98/0xd4 # [ 178.064150] ret_fast_syscall+0x0/0x1c # [ 178.068500] Free path: # [ 178.071131] nfs_pgio_header_free+0x34/0x48 # [ 178.075894] nfs_write_completion+0x60/0x240 # [ 178.080647] rpc_free_task+0x34/0x54 # [ 178.084800] rpc_async_release+0x24/0x40 # [ 178.089261] process_one_work+0x1b8/0x450 # [ 178.093816] worker_thread+0x1d4/0x3c4 # [ 178.098074] kthread+0xe8/0x104 # [ 178.101734] ret_from_fork+0x14/0x28 # [ 178.105896] Register r11 information: non-paged memory # [ 178.111276] Register r12 information: NULL pointer # [ 178.116346] Process cat (pid: 2877, stack limit = 0xf1e94000) # [ 178.122417] Stack: (0xf1e95ea0 to 0xf1e96000) # [ 178.126986] 5ea0: 00000022 00000000 00000000 e66f1149 f1e95f80 00000011 c9225000 c0e03fc0 # [ 178.135472] 5ec0: 00000011 c0e043a4 c0e04288 c9080240 b6e28000 00000011 c3983a30 c0893830 # [ 178.143957] 5ee0: c9080240 c08937d4 f1e95f80 b6e28000 c9321440 00000011 c91a47c0 c062a2a0 # [ 178.152437] 5f00: c58e6db8 00000000 00000000 00000000 00000000 00000011 b6e28000 0001ffef # [ 178.160912] 5f20: 00000001 00000000 c9080440 00000000 00000000 00000000 00000000 00000000 # [ 178.169387] 5f40: 00000000 00000000 00000000 00000000 00000022 e66f1149 00000000 c9080240 # [ 178.177862] 5f60: c9080240 00000000 00000000 c03002f0 c9321440 00000004 004cfe38 c062a7fc # [ 178.186338] 5f80: 00000000 00000000 00000000 e66f1149 000000c0 00000011 00000011 7ff00000 # [ 178.194812] 5fa0: 00000004 c03000c0 00000011 00000011 00000001 b6e28000 00000011 00000001 # [ 178.203287] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 004cfe38 # [ 178.211761] 5fe0: 00000004 becaa788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 # [ 178.220225] Call trace: # [ 178.220239] lkdtm_ACCESS_USERSPACE from lkdtm_do_action+0x24/0x4c # [ 178.229547] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 178.235315] direct_entry from full_proxy_write+0x5c/0x8c # [ 178.240986] full_proxy_write from vfs_write+0xbc/0x3cc # [ 178.246453] vfs_write from ksys_write+0x78/0xf8 # [ 178.251313] ksys_write from ret_fast_syscall+0x0/0x1c # [ 178.256775] Exception stack(0xf1e95fa8 to 0xf1e95ff0) # [ 178.262133] 5fa0: 00000011 00000011 00000001 b6e28000 00000011 00000001 # [ 178.270607] 5fc0: 00000011 00000011 7ff00000 00000004 00000001 b6e28000 00020000 004cfe38 # [ 178.279077] 5fe0: 00000004 becaa788 b6eee33b b6e67616 # [ 178.284436] Code: e1a01004 e3070bdc e34c020a eb23b251 (e5943000) # [ 178.290792] ---[ end trace 0000000000000000 ]--- # [ 178.295640] note: cat[2877] exited with irqs disabled # ACCESS_USERSPACE: saw 'call trace:': ok ok 44 selftests: lkdtm: ACCESS_USERSPACE.sh # timeout set to 45 # selftests: lkdtm: ACCESS_NULL.sh <6>[ 180.076367] lkdtm: Performing direct entry ACCESS_NULL <6>[ 180.080549] lkdtm: attempting bad read at 00000000 <1>[ 180.086271] 8<--- cut here --- <1>[ 180.088912] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read <1>[ 180.098180] [00000000] *pgd=00000000 <0>[ 180.101960] Internal error: Oops: 5 [#14] SMP ARM <4>[ 180.106942] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 180.143342] CPU: 1 UID: 0 PID: 2958 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 180.152947] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 180.158194] Hardware name: STM32 (Device Tree Support) <4>[ 180.163644] PC is at lkdtm_ACCESS_NULL+0x20/0x60 <4>[ 180.168520] LR is at lkdtm_ACCESS_NULL+0x20/0x60 <4>[ 180.173379] pc : [] lr : [] psr: 60080013 <4>[ 180.179936] sp : f1ef1eb0 ip : 00000000 fp : 004efe38 <4>[ 180.185487] r10: c91a47c0 r9 : f1ef1f80 r8 : c2789548 <4>[ 180.190938] r7 : f1ef1f80 r6 : 00000000 r5 : c945e000 r4 : 00000000 <4>[ 180.197797] r3 : c9324640 r2 : 00000000 r1 : 00000000 r0 : 00000026 <4>[ 180.204657] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 180.212023] Control: 10c5387d Table: c5dc006a DAC: 00000051 <1>[ 180.218075] Register r0 information: non-paged memory <1>[ 180.223438] Register r1 information: NULL pointer <1>[ 180.228392] Register r2 information: NULL pointer <1>[ 180.233345] Register r3 information: slab task_struct start c9324600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 180.247123] copy_process+0x1f4/0x1f84 <6>[ 180.251380] kernel_clone+0xac/0x388 <6>[ 180.255436] sys_clone+0x78/0x9c <6>[ 180.259189] ret_fast_syscall+0x0/0x1c <4>[ 180.263540] Free path: <6>[ 180.266271] rcu_core+0x2dc/0xb14 <6>[ 180.270023] handle_softirqs+0x15c/0x430 <6>[ 180.274481] irq_exit+0xac/0xd4 <6>[ 180.278232] call_with_stack+0x18/0x20 <6>[ 180.282491] __irq_svc+0x9c/0xb8 <6>[ 180.286237] unwind_frame+0x1e0/0x92c <6>[ 180.290395] arch_stack_walk+0x84/0x100 <6>[ 180.294846] stack_trace_save+0x50/0x78 <6>[ 180.299205] set_track_prepare+0x40/0x74 <6>[ 180.303666] ___slab_alloc+0xd28/0xd7c <6>[ 180.307924] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 180.313087] anon_vma_fork+0x8c/0x174 <6>[ 180.317242] copy_process+0x1d60/0x1f84 <6>[ 180.321599] kernel_clone+0xac/0x388 <6>[ 180.325754] sys_clone+0x78/0x9c <6>[ 180.329506] ret_fast_syscall+0x0/0x1c <1>[ 180.333755] Register r4 information: NULL pointer <1>[ 180.338811] Register r5 information: non-slab/vmalloc memory <1>[ 180.344674] Register r6 information: NULL pointer <1>[ 180.349737] Register r7 information: 2-page vmalloc region starting at 0xf1ef0000 allocated at kernel_clone+0xac/0x388 <1>[ 180.360670] Register r8 information: non-slab/vmalloc memory <1>[ 180.366653] Register r9 information: 2-page vmalloc region starting at 0xf1ef0000 allocated at kernel_clone+0xac/0x388 <1>[ 180.377684] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 180.391577] full_proxy_open+0x124/0x24c <6>[ 180.396040] do_dentry_open+0x144/0x4dc <6>[ 180.400400] vfs_open+0x2c/0xec <6>[ 180.404054] path_openat+0x748/0x1198 <6>[ 180.408207] do_filp_open+0x98/0x134 <6>[ 180.412358] do_sys_openat2+0xbc/0xe4 <6>[ 180.416515] sys_openat+0x98/0xd4 <6>[ 180.420368] ret_fast_syscall+0x0/0x1c <4>[ 180.424717] Free path: <6>[ 180.427349] nfs_pgio_header_free+0x34/0x48 <6>[ 180.432113] nfs_write_completion+0x60/0x240 <6>[ 180.436867] rpc_free_task+0x34/0x54 <6>[ 180.441022] rpc_async_release+0x24/0x40 <6>[ 180.445484] process_one_work+0x1b8/0x450 <6>[ 180.450040] worker_thread+0x1d4/0x3c4 <6>[ 180.454294] kthread+0xe8/0x104 <6>[ 180.457942] ret_from_fork+0x14/0x28 <1>[ 180.462093] Register r11 information: non-paged memory <1>[ 180.467458] Register r12 information: NULL pointer <0>[ 180.472512] Process cat (pid: 2958, stack limit = 0xf1ef0000) <0>[ 180.478571] Stack: (0xf1ef1eb0 to 0xf1ef2000) <0>[ 180.483227] 1ea0: 0000000c c945e000 00000000 c0e03fc0 <0>[ 180.491703] 1ec0: 0000000c c0e043a4 c0e04288 c92c8440 b6e54000 0000000c c3983a30 c0893830 <0>[ 180.500178] 1ee0: c92c8440 c08937d4 f1ef1f80 b6e54000 c9324640 0000000c c91a47c0 c062a2a0 <0>[ 180.508651] 1f00: c5dc2db8 00000000 00000000 00000000 00000000 0000000c b6e54000 0001fff4 <0>[ 180.517124] 1f20: 00000001 00000000 c92c8240 00000000 00000000 00000000 00000000 00000000 <0>[ 180.525598] 1f40: 00000000 00000000 00000000 00000000 00000022 813d29b5 00000000 c92c8440 <0>[ 180.534072] 1f60: c92c8440 00000000 00000000 c03002f0 c9324640 00000004 004efe38 c062a7fc <0>[ 180.542545] 1f80: 00000000 00000000 00000000 813d29b5 000000c0 0000000c 0000000c 7ff00000 <0>[ 180.551019] 1fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6e54000 0000000c 00000001 <0>[ 180.559493] 1fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e54000 00020000 004efe38 <0>[ 180.567967] 1fe0: 00000004 beca8788 b6f1a33b b6e93616 60080030 00000001 00000000 00000000 <0>[ 180.576431] Call trace: <0>[ 180.576446] lkdtm_ACCESS_NULL from lkdtm_do_action+0x24/0x4c <0>[ 180.585254] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 180.591021] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 180.596691] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 180.602258] vfs_write from ksys_write+0x78/0xf8 <0>[ 180.607118] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 180.612580] Exception stack(0xf1ef1fa8 to 0xf1ef1ff0) <0>[ 180.617837] 1fa0: 0000000c 0000000c 00000001 b6e54000 0000000c 00000001 <0>[ 180.626411] 1fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e54000 00020000 004efe38 <0>[ 180.634881] 1fe0: 00000004 beca8788 b6f1a33b b6e93616 <0>[ 180.640139] Code: e3070bdc e34c020a e1a01004 ebffc3f8 (e5945000) <4>[ 180.646701] ---[ end trace 0000000000000000 ]--- # Segmentation fault # [ 180.076367] lkdtm: Performing direct entry ACCESS_NULL # [ 180.080549] lkdtm: attempting bad read at 00000000 # [ 180.086271] 8<--- cut here --- # [ 180.088912] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read # [ 180.098180] [00000000] *pgd=00000000 # [ 180.101960] Internal error: Oops: 5 [#14] SMP ARM # [ 180.106942] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 180.143342] CPU: 1 UID: 0 PID: 2958 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 180.152947] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 180.158194] Hardware name: STM32 (Device Tree Support) # [ 180.163644] PC is at lkdtm_ACCESS_NULL+0x20/0x60 # [ 180.168520] LR is at lkdtm_ACCESS_NULL+0x20/0x60 # [ 180.173379] pc : [] lr : [] psr: 60080013 # [ 180.179936] sp : f1ef1eb0 ip : 00000000 fp : 004efe38 # [ 180.185487] r10: c91a47c0 r9 : f1ef1f80 r8 : c2789548 # [ 180.190938] r7 : f1ef1f80 r6 : 00000000 r5 : c945e000 r4 : 00000000 # [ 180.197797] r3 : c9324640 r2 : 00000000 r1 : 00000000 r0 : 00000026 # [ 180.204657] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 180.212023] Control: 10c5387d Table: c5dc006a DAC: 00000051 # [ 180.218075] Register r0 information: non-paged memory # [ 180.223438] Register r1 information: NULL pointer # [ 180.228392] Register r2 information: NULL pointer # [ 180.233345] Register r3 information: slab task_struct start c9324600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 180.247123] copy_process+0x1f4/0x1f84 # [ 180.251380] kernel_clone+0xac/0x388 # [ 180.255436] sys_clone+0x78/0x9c # [ 180.259189] ret_fast_syscall+0x0/0x1c # [ 180.263540] Free path: # [ 180.266271] rcu_core+0x2dc/0xb14 # [ 180.270023] handle_softirqs+0x15c/0x430 # [ 180.274481] irq_exit+0xac/0xd4 # [ 180.278232] call_with_stack+0x18/0x20 # [ 180.282491] __irq_svc+0x9c/0xb8 # [ 180.286237] unwind_frame+0x1e0/0x92c # [ 180.290395] arch_stack_walk+0x84/0x100 # [ 180.294846] stack_trace_save+0x50/0x78 # [ 180.299205] set_track_prepare+0x40/0x74 # [ 180.303666] ___slab_alloc+0xd28/0xd7c # [ 180.307924] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 180.313087] anon_vma_fork+0x8c/0x174 # [ 180.317242] copy_process+0x1d60/0x1f84 # [ 180.321599] kernel_clone+0xac/0x388 # [ 180.325754] sys_clone+0x78/0x9c # [ 180.329506] ret_fast_syscall+0x0/0x1c # [ 180.333755] Register r4 information: NULL pointer # [ 180.338811] Register r5 information: non-slab/vmalloc memory # [ 180.344674] Register r6 information: NULL pointer # [ 180.349737] Register r7 information: 2-page vmalloc region starting at 0xf1ef0000 allocated at kernel_clone+0xac/0x388 # [ 180.360670] Register r8 information: non-slab/vmalloc memory # [ 180.366653] Register r9 information: 2-page vmalloc region starting at 0xf1ef0000 allocated at kernel_clone+0xac/0x388 # [ 180.377684] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 180.391577] full_proxy_open+0x124/0x24c # [ 180.396040] do_dentry_open+0x144/0x4dc # [ 180.400400] vfs_open+0x2c/0xec # [ 180.404054] path_openat+0x748/0x1198 # [ 180.408207] do_filp_open+0x98/0x134 # [ 180.412358] do_sys_openat2+0xbc/0xe4 # [ 180.416515] sys_openat+0x98/0xd4 # [ 180.420368] ret_fast_syscall+0x0/0x1c # [ 180.424717] Free path: # [ 180.427349] nfs_pgio_header_free+0x34/0x48 # [ 180.432113] nfs_write_completion+0x60/0x240 # [ 180.436867] rpc_free_task+0x34/0x54 # [ 180.441022] rpc_async_release+0x24/0x40 # [ 180.445484] process_one_work+0x1b8/0x450 # [ 180.450040] worker_thread+0x1d4/0x3c4 # [ 180.454294] kthread+0xe8/0x104 # [ 180.457942] ret_from_fork+0x14/0x28 # [ 180.462093] Register r11 information: non-paged memory # [ 180.467458] Register r12 information: NULL pointer # [ 180.472512] Process cat (pid: 2958, stack limit = 0xf1ef0000) # [ 180.478571] Stack: (0xf1ef1eb0 to 0xf1ef2000) # [ 180.483227] 1ea0: 0000000c c945e000 00000000 c0e03fc0 # [ 180.491703] 1ec0: 0000000c c0e043a4 c0e04288 c92c8440 b6e54000 0000000c c3983a30 c0893830 # [ 180.500178] 1ee0: c92c8440 c08937d4 f1ef1f80 b6e54000 c9324640 0000000c c91a47c0 c062a2a0 # [ 180.508651] 1f00: c5dc2db8 00000000 00000000 00000000 00000000 0000000c b6e54000 0001fff4 # [ 180.517124] 1f20: 00000001 00000000 c92c8240 00000000 00000000 00000000 00000000 00000000 # [ 180.525598] 1f40: 00000000 00000000 00000000 00000000 00000022 813d29b5 00000000 c92c8440 # [ 180.534072] 1f60: c92c8440 00000000 00000000 c03002f0 c9324640 00000004 004efe38 c062a7fc # [ 180.542545] 1f80: 00000000 00000000 00000000 813d29b5 000000c0 0000000c 0000000c 7ff00000 # [ 180.551019] 1fa0: 00000004 c03000c0 0000000c 0000000c 00000001 b6e54000 0000000c 00000001 # [ 180.559493] 1fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e54000 00020000 004efe38 # [ 180.567967] 1fe0: 00000004 beca8788 b6f1a33b b6e93616 60080030 00000001 00000000 00000000 # [ 180.576431] Call trace: # [ 180.576446] lkdtm_ACCESS_NULL from lkdtm_do_action+0x24/0x4c # [ 180.585254] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 180.591021] direct_entry from full_proxy_write+0x5c/0x8c # [ 180.596691] full_proxy_write from vfs_write+0xbc/0x3cc # [ 180.602258] vfs_write from ksys_write+0x78/0xf8 # [ 180.607118] ksys_write from ret_fast_syscall+0x0/0x1c # [ 180.612580] Exception stack(0xf1ef1fa8 to 0xf1ef1ff0) # [ 180.617837] 1fa0: 0000000c 0000000c 00000001 b6e54000 0000000c 00000001 # [ 180.626411] 1fc0: 0000000c 0000000c 7ff00000 00000004 00000001 b6e54000 00020000 004efe38 # [ 180.634881] 1fe0: 00000004 beca8788 b6f1a33b b6e93616 # [ 180.640139] Code: e3070bdc e34c020a e1a01004 ebffc3f8 (e5945000) # [ 180.646701] ---[ end trace 0000000000000000 ]--- # ACCESS_NULL: saw 'call trace:': ok ok 45 selftests: lkdtm: ACCESS_NULL.sh # timeout set to 45 # selftests: lkdtm: WRITE_RO.sh <6>[ 182.505278] lkdtm: Performing direct entry WRITE_RO <6>[ 182.509151] lkdtm: attempting bad rodata write at c1a72094 <1>[ 182.514922] 8<--- cut here --- <1>[ 182.518173] Unable to handle kernel paging request at virtual address c1a72094 when write <1>[ 182.526656] [c1a72094] *pgd=c1a1941e(bad) <0>[ 182.530947] Internal error: Oops: 80d [#15] SMP ARM <4>[ 182.536114] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 182.572502] CPU: 0 UID: 0 PID: 3039 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 182.582095] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 182.587341] Hardware name: STM32 (Device Tree Support) <4>[ 182.592790] PC is at lkdtm_WRITE_RO+0x34/0x48 <4>[ 182.597362] LR is at lkdtm_WRITE_RO+0x24/0x48 <4>[ 182.602019] pc : [] lr : [] psr: 60080013 <4>[ 182.608577] sp : f1f45eb8 ip : 00000000 fp : 004efe38 <4>[ 182.614127] r10: c91a47c0 r9 : f1f45f80 r8 : c27894e8 <4>[ 182.619578] r7 : f1f45f80 r6 : 00000000 r5 : c584b000 r4 : c1a72094 <4>[ 182.626437] r3 : 0198b861 r2 : aa55aa55 r1 : 00000000 r0 : 0000002e <4>[ 182.633196] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 182.640662] Control: 10c5387d Table: c5a3c06a DAC: 00000051 <1>[ 182.646713] Register r0 information: non-paged memory <1>[ 182.651974] Register r1 information: NULL pointer <1>[ 182.657027] Register r2 information: non-paged memory <1>[ 182.662382] Register r3 information: non-paged memory <1>[ 182.667635] Register r4 information: non-slab/vmalloc memory <1>[ 182.673597] Register r5 information: non-slab/vmalloc memory <1>[ 182.679556] Register r6 information: NULL pointer <1>[ 182.684509] Register r7 information: 2-page vmalloc region starting at 0xf1f44000 allocated at kernel_clone+0xac/0x388 <1>[ 182.695525] Register r8 information: non-slab/vmalloc memory <1>[ 182.701492] Register r9 information: 2-page vmalloc region starting at 0xf1f44000 allocated at kernel_clone+0xac/0x388 <1>[ 182.712503] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 182.726374] full_proxy_open+0x124/0x24c <6>[ 182.730826] do_dentry_open+0x144/0x4dc <6>[ 182.735184] vfs_open+0x2c/0xec <6>[ 182.738936] path_openat+0x748/0x1198 <6>[ 182.743090] do_filp_open+0x98/0x134 <6>[ 182.747143] do_sys_openat2+0xbc/0xe4 <6>[ 182.751400] sys_openat+0x98/0xd4 <6>[ 182.755254] ret_fast_syscall+0x0/0x1c <4>[ 182.759505] Free path: <6>[ 182.762236] nfs_pgio_header_free+0x34/0x48 <6>[ 182.766898] nfs_write_completion+0x60/0x240 <6>[ 182.771752] rpc_free_task+0x34/0x54 <6>[ 182.775806] rpc_async_release+0x24/0x40 <6>[ 182.780267] process_one_work+0x1b8/0x450 <6>[ 182.784824] worker_thread+0x1d4/0x3c4 <6>[ 182.789177] kthread+0xe8/0x104 <6>[ 182.792825] ret_from_fork+0x14/0x28 <1>[ 182.796874] Register r11 information: non-paged memory <1>[ 182.802333] Register r12 information: NULL pointer <0>[ 182.807387] Process cat (pid: 3039, stack limit = 0xf1f44000) <0>[ 182.813444] Stack: (0xf1f45eb8 to 0xf1f46000) <0>[ 182.818095] 5ea0: 00000009 c0e03fc0 <0>[ 182.826570] 5ec0: 00000009 c0e043a4 c0e04288 c94afc40 b6d98000 00000009 c3983a30 c0893830 <0>[ 182.835044] 5ee0: c94afc40 c08937d4 f1f45f80 b6d98000 c9326e40 00000009 c91a47c0 c062a2a0 <0>[ 182.843518] 5f00: c5a3edb0 00000000 00000000 00000000 00000000 00000009 b6d98000 0001fff7 <0>[ 182.851992] 5f20: 00000001 00000000 c9080440 00000000 00000000 00000000 00000000 00000000 <0>[ 182.860469] 5f40: 00000000 00000000 00000000 00000000 00000022 7853ed09 00000000 c94afc40 <0>[ 182.868944] 5f60: c94afc40 00000000 00000000 c03002f0 c9326e40 00000004 004efe38 c062a7fc <0>[ 182.877418] 5f80: 00000000 00000000 00000000 7853ed09 000000c0 00000009 00000009 7ff00000 <0>[ 182.885892] 5fa0: 00000004 c03000c0 00000009 00000009 00000001 b6d98000 00000009 00000001 <0>[ 182.894366] 5fc0: 00000009 00000009 7ff00000 00000004 00000001 b6d98000 00020000 004efe38 <0>[ 182.902840] 5fe0: 00000004 beab1788 b6e5e33b b6dd7616 60080030 00000001 00000000 00000000 <0>[ 182.911305] Call trace: <0>[ 182.911322] lkdtm_WRITE_RO from lkdtm_do_action+0x24/0x4c <0>[ 182.919828] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 182.925595] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 182.931265] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 182.936832] vfs_write from ksys_write+0x78/0xf8 <0>[ 182.941691] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 182.947154] Exception stack(0xf1f45fa8 to 0xf1f45ff0) <0>[ 182.952410] 5fa0: 00000009 00000009 00000001 b6d98000 00000009 00000001 <0>[ 182.960884] 5fc0: 00000009 00000009 7ff00000 00000004 00000001 b6d98000 00020000 004efe38 <0>[ 182.969354] 5fe0: 00000004 beab1788 b6e5e33b b6dd7616 <0>[ 182.974712] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) <4>[ 182.981068] ---[ end trace 0000000000000000 ]--- <6>[ 182.986015] note: cat[3039] exited with irqs disabled # Segmentation fault # [ 182.505278] lkdtm: Performing direct entry WRITE_RO # [ 182.509151] lkdtm: attempting bad rodata write at c1a72094 # [ 182.514922] 8<--- cut here --- # [ 182.518173] Unable to handle kernel paging request at virtual address c1a72094 when write # [ 182.526656] [c1a72094] *pgd=c1a1941e(bad) # [ 182.530947] Internal error: Oops: 80d [#15] SMP ARM # [ 182.536114] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 182.572502] CPU: 0 UID: 0 PID: 3039 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 182.582095] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 182.587341] Hardware name: STM32 (Device Tree Support) # [ 182.592790] PC is at lkdtm_WRITE_RO+0x34/0x48 # [ 182.597362] LR is at lkdtm_WRITE_RO+0x24/0x48 # [ 182.602019] pc : [] lr : [] psr: 60080013 # [ 182.608577] sp : f1f45eb8 ip : 00000000 fp : 004efe38 # [ 182.614127] r10: c91a47c0 r9 : f1f45f80 r8 : c27894e8 # [ 182.619578] r7 : f1f45f80 r6 : 00000000 r5 : c584b000 r4 : c1a72094 # [ 182.626437] r3 : 0198b861 r2 : aa55aa55 r1 : 00000000 r0 : 0000002e # [ 182.633196] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 182.640662] Control: 10c5387d Table: c5a3c06a DAC: 00000051 # [ 182.646713] Register r0 information: non-paged memory # [ 182.651974] Register r1 information: NULL pointer # [ 182.657027] Register r2 information: non-paged memory # [ 182.662382] Register r3 information: non-paged memory # [ 182.667635] Register r4 information: non-slab/vmalloc memory # [ 182.673597] Register r5 information: non-slab/vmalloc memory # [ 182.679556] Register r6 information: NULL pointer # [ 182.684509] Register r7 information: 2-page vmalloc region starting at 0xf1f44000 allocated at kernel_clone+0xac/0x388 # [ 182.695525] Register r8 information: non-slab/vmalloc memory # [ 182.701492] Register r9 information: 2-page vmalloc region starting at 0xf1f44000 allocated at kernel_clone+0xac/0x388 # [ 182.712503] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 182.726374] full_proxy_open+0x124/0x24c # [ 182.730826] do_dentry_open+0x144/0x4dc # [ 182.735184] vfs_open+0x2c/0xec # [ 182.738936] path_openat+0x748/0x1198 # [ 182.743090] do_filp_open+0x98/0x134 # [ 182.747143] do_sys_openat2+0xbc/0xe4 # [ 182.751400] sys_openat+0x98/0xd4 # [ 182.755254] ret_fast_syscall+0x0/0x1c # [ 182.759505] Free path: # [ 182.762236] nfs_pgio_header_free+0x34/0x48 # [ 182.766898] nfs_write_completion+0x60/0x240 # [ 182.771752] rpc_free_task+0x34/0x54 # [ 182.775806] rpc_async_release+0x24/0x40 # [ 182.780267] process_one_work+0x1b8/0x450 # [ 182.784824] worker_thread+0x1d4/0x3c4 # [ 182.789177] kthread+0xe8/0x104 # [ 182.792825] ret_from_fork+0x14/0x28 # [ 182.796874] Register r11 information: non-paged memory # [ 182.802333] Register r12 information: NULL pointer # [ 182.807387] Process cat (pid: 3039, stack limit = 0xf1f44000) # [ 182.813444] Stack: (0xf1f45eb8 to 0xf1f46000) # [ 182.818095] 5ea0: 00000009 c0e03fc0 # [ 182.826570] 5ec0: 00000009 c0e043a4 c0e04288 c94afc40 b6d98000 00000009 c3983a30 c0893830 # [ 182.835044] 5ee0: c94afc40 c08937d4 f1f45f80 b6d98000 c9326e40 00000009 c91a47c0 c062a2a0 # [ 182.843518] 5f00: c5a3edb0 00000000 00000000 00000000 00000000 00000009 b6d98000 0001fff7 # [ 182.851992] 5f20: 00000001 00000000 c9080440 00000000 00000000 00000000 00000000 00000000 # [ 182.860469] 5f40: 00000000 00000000 00000000 00000000 00000022 7853ed09 00000000 c94afc40 # [ 182.868944] 5f60: c94afc40 00000000 00000000 c03002f0 c9326e40 00000004 004efe38 c062a7fc # [ 182.877418] 5f80: 00000000 00000000 00000000 7853ed09 000000c0 00000009 00000009 7ff00000 # [ 182.885892] 5fa0: 00000004 c03000c0 00000009 00000009 00000001 b6d98000 00000009 00000001 # [ 182.894366] 5fc0: 00000009 00000009 7ff00000 00000004 00000001 b6d98000 00020000 004efe38 # [ 182.902840] 5fe0: 00000004 beab1788 b6e5e33b b6dd7616 60080030 00000001 00000000 00000000 # [ 182.911305] Call trace: # [ 182.911322] lkdtm_WRITE_RO from lkdtm_do_action+0x24/0x4c # [ 182.919828] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 182.925595] direct_entry from full_proxy_write+0x5c/0x8c # [ 182.931265] full_proxy_write from vfs_write+0xbc/0x3cc # [ 182.936832] vfs_write from ksys_write+0x78/0xf8 # [ 182.941691] ksys_write from ret_fast_syscall+0x0/0x1c # [ 182.947154] Exception stack(0xf1f45fa8 to 0xf1f45ff0) # [ 182.952410] 5fa0: 00000009 00000009 00000001 b6d98000 00000009 00000001 # [ 182.960884] 5fc0: 00000009 00000009 7ff00000 00000004 00000001 b6d98000 00020000 004efe38 # [ 182.969354] 5fe0: 00000004 beab1788 b6e5e33b b6dd7616 # [ 182.974712] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) # [ 182.981068] ---[ end trace 0000000000000000 ]--- # [ 182.986015] note: cat[3039] exited with irqs disabled # WRITE_RO: saw 'call trace:': ok ok 46 selftests: lkdtm: WRITE_RO.sh # timeout set to 45 # selftests: lkdtm: WRITE_RO_AFTER_INIT.sh <6>[ 184.841536] lkdtm: Performing direct entry WRITE_RO_AFTER_INIT <6>[ 184.846438] lkdtm: attempting bad ro_after_init write at c2196d4c <1>[ 184.852810] 8<--- cut here --- <1>[ 184.855959] Unable to handle kernel paging request at virtual address c2196d4c when write <1>[ 184.864444] [c2196d4c] *pgd=c201941e(bad) <0>[ 184.868728] Internal error: Oops: 80d [#16] SMP ARM <4>[ 184.873895] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 184.910393] CPU: 1 UID: 0 PID: 3121 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 184.919995] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 184.925242] Hardware name: STM32 (Device Tree Support) <4>[ 184.930591] PC is at lkdtm_WRITE_RO_AFTER_INIT+0x58/0x6c <4>[ 184.936172] LR is at lkdtm_WRITE_RO_AFTER_INIT+0x48/0x6c <4>[ 184.941836] pc : [] lr : [] psr: 60080013 <4>[ 184.948392] sp : f1fc1eb8 ip : 00000000 fp : 004ffe38 <4>[ 184.953843] r10: c91a47c0 r9 : f1fc1f80 r8 : c27894f0 <4>[ 184.959393] r7 : f1fc1f80 r6 : 00000000 r5 : c5b0d000 r4 : c2196d4c <4>[ 184.966152] r3 : fe67479e r2 : 55aa55aa r1 : 00000000 r0 : 00000035 <4>[ 184.973012] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 184.980477] Control: 10c5387d Table: c5cc806a DAC: 00000051 <1>[ 184.986428] Register r0 information: non-paged memory <1>[ 184.991793] Register r1 information: NULL pointer <1>[ 184.996748] Register r2 information: non-paged memory <1>[ 185.002102] Register r3 information: vmalloc memory <1>[ 185.007259] Register r4 information: non-slab/vmalloc memory <1>[ 185.013221] Register r5 information: non-slab/vmalloc memory <1>[ 185.019180] Register r6 information: NULL pointer <1>[ 185.024132] Register r7 information: 2-page vmalloc region starting at 0xf1fc0000 allocated at kernel_clone+0xac/0x388 <1>[ 185.035145] Register r8 information: non-slab/vmalloc memory <1>[ 185.041106] Register r9 information: 2-page vmalloc region starting at 0xf1fc0000 allocated at kernel_clone+0xac/0x388 <1>[ 185.052115] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 185.065985] full_proxy_open+0x124/0x24c <6>[ 185.070442] do_dentry_open+0x144/0x4dc <6>[ 185.074801] vfs_open+0x2c/0xec <6>[ 185.078454] path_openat+0x748/0x1198 <6>[ 185.082708] do_filp_open+0x98/0x134 <6>[ 185.086759] do_sys_openat2+0xbc/0xe4 <6>[ 185.091015] sys_openat+0x98/0xd4 <6>[ 185.094867] ret_fast_syscall+0x0/0x1c <4>[ 185.099118] Free path: <6>[ 185.101849] nfs_pgio_header_free+0x34/0x48 <6>[ 185.106511] nfs_write_completion+0x60/0x240 <6>[ 185.111366] rpc_free_task+0x34/0x54 <6>[ 185.115419] rpc_async_release+0x24/0x40 <6>[ 185.119881] process_one_work+0x1b8/0x450 <6>[ 185.124438] worker_thread+0x1d4/0x3c4 <6>[ 185.128791] kthread+0xe8/0x104 <6>[ 185.132438] ret_from_fork+0x14/0x28 <1>[ 185.136486] Register r11 information: non-paged memory <1>[ 185.141947] Register r12 information: NULL pointer <0>[ 185.147001] Process cat (pid: 3121, stack limit = 0xf1fc0000) <0>[ 185.153059] Stack: (0xf1fc1eb8 to 0xf1fc2000) <0>[ 185.157710] 1ea0: 00000014 c0e03fc0 <0>[ 185.166186] 1ec0: 00000014 c0e043a4 c0e04288 c9651440 b6d88000 00000014 c3983a30 c0893830 <0>[ 185.174661] 1ee0: c9651440 c08937d4 f1fc1f80 b6d88000 c9324640 00000014 c91a47c0 c062a2a0 <0>[ 185.183135] 1f00: c5ccadb0 00000000 00000000 00000000 00000000 00000014 b6d88000 0001ffec <0>[ 185.191608] 1f20: 00000001 00000000 c9651f40 00000000 00000000 00000000 00000000 00000000 <0>[ 185.200082] 1f40: 00000000 00000000 00000000 00000000 00000022 e18e17b1 00000000 c9651440 <0>[ 185.208556] 1f60: c9651440 00000000 00000000 c03002f0 c9324640 00000004 004ffe38 c062a7fc <0>[ 185.217030] 1f80: 00000000 00000000 00000000 e18e17b1 000000c0 00000014 00000014 7ff00000 <0>[ 185.225504] 1fa0: 00000004 c03000c0 00000014 00000014 00000001 b6d88000 00000014 00000001 <0>[ 185.233979] 1fc0: 00000014 00000014 7ff00000 00000004 00000001 b6d88000 00020000 004ffe38 <0>[ 185.242453] 1fe0: 00000004 bec79788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 <0>[ 185.250918] Call trace: <0>[ 185.250933] lkdtm_WRITE_RO_AFTER_INIT from lkdtm_do_action+0x24/0x4c <0>[ 185.260443] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 185.266208] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 185.271877] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 185.277444] vfs_write from ksys_write+0x78/0xf8 <0>[ 185.282304] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 185.287666] Exception stack(0xf1fc1fa8 to 0xf1fc1ff0) <0>[ 185.293023] 1fa0: 00000014 00000014 00000001 b6d88000 00000014 00000001 <0>[ 185.301498] 1fc0: 00000014 00000014 7ff00000 00000004 00000001 b6d88000 00020000 004ffe38 <0>[ 185.309968] 1fe0: 00000004 bec79788 b6e4e33b b6dc7616 <0>[ 185.315327] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) <4>[ 185.321683] ---[ end trace 0000000000000000 ]--- <6>[ 185.326630] note: cat[3121] exited with irqs disabled # Segmentation fault # [ 184.841536] lkdtm: Performing direct entry WRITE_RO_AFTER_INIT # [ 184.846438] lkdtm: attempting bad ro_after_init write at c2196d4c # [ 184.852810] 8<--- cut here --- # [ 184.855959] Unable to handle kernel paging request at virtual address c2196d4c when write # [ 184.864444] [c2196d4c] *pgd=c201941e(bad) # [ 184.868728] Internal error: Oops: 80d [#16] SMP ARM # [ 184.873895] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 184.910393] CPU: 1 UID: 0 PID: 3121 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 184.919995] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 184.925242] Hardware name: STM32 (Device Tree Support) # [ 184.930591] PC is at lkdtm_WRITE_RO_AFTER_INIT+0x58/0x6c # [ 184.936172] LR is at lkdtm_WRITE_RO_AFTER_INIT+0x48/0x6c # [ 184.941836] pc : [] lr : [] psr: 60080013 # [ 184.948392] sp : f1fc1eb8 ip : 00000000 fp : 004ffe38 # [ 184.953843] r10: c91a47c0 r9 : f1fc1f80 r8 : c27894f0 # [ 184.959393] r7 : f1fc1f80 r6 : 00000000 r5 : c5b0d000 r4 : c2196d4c # [ 184.966152] r3 : fe67479e r2 : 55aa55aa r1 : 00000000 r0 : 00000035 # [ 184.973012] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 184.980477] Control: 10c5387d Table: c5cc806a DAC: 00000051 # [ 184.986428] Register r0 information: non-paged memory # [ 184.991793] Register r1 information: NULL pointer # [ 184.996748] Register r2 information: non-paged memory # [ 185.002102] Register r3 information: vmalloc memory # [ 185.007259] Register r4 information: non-slab/vmalloc memory # [ 185.013221] Register r5 information: non-slab/vmalloc memory # [ 185.019180] Register r6 information: NULL pointer # [ 185.024132] Register r7 information: 2-page vmalloc region starting at 0xf1fc0000 allocated at kernel_clone+0xac/0x388 # [ 185.035145] Register r8 information: non-slab/vmalloc memory # [ 185.041106] Register r9 information: 2-page vmalloc region starting at 0xf1fc0000 allocated at kernel_clone+0xac/0x388 # [ 185.052115] Register r10 information: slab kmalloc-192 start c91a4780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 185.065985] full_proxy_open+0x124/0x24c # [ 185.070442] do_dentry_open+0x144/0x4dc # [ 185.074801] vfs_open+0x2c/0xec # [ 185.078454] path_openat+0x748/0x1198 # [ 185.082708] do_filp_open+0x98/0x134 # [ 185.086759] do_sys_openat2+0xbc/0xe4 # [ 185.091015] sys_openat+0x98/0xd4 # [ 185.094867] ret_fast_syscall+0x0/0x1c # [ 185.099118] Free path: # [ 185.101849] nfs_pgio_header_free+0x34/0x48 # [ 185.106511] nfs_write_completion+0x60/0x240 # [ 185.111366] rpc_free_task+0x34/0x54 # [ 185.115419] rpc_async_release+0x24/0x40 # [ 185.119881] process_one_work+0x1b8/0x450 # [ 185.124438] worker_thread+0x1d4/0x3c4 # [ 185.128791] kthread+0xe8/0x104 # [ 185.132438] ret_from_fork+0x14/0x28 # [ 185.136486] Register r11 information: non-paged memory # [ 185.141947] Register r12 information: NULL pointer # [ 185.147001] Process cat (pid: 3121, stack limit = 0xf1fc0000) # [ 185.153059] Stack: (0xf1fc1eb8 to 0xf1fc2000) # [ 185.157710] 1ea0: 00000014 c0e03fc0 # [ 185.166186] 1ec0: 00000014 c0e043a4 c0e04288 c9651440 b6d88000 00000014 c3983a30 c0893830 # [ 185.174661] 1ee0: c9651440 c08937d4 f1fc1f80 b6d88000 c9324640 00000014 c91a47c0 c062a2a0 # [ 185.183135] 1f00: c5ccadb0 00000000 00000000 00000000 00000000 00000014 b6d88000 0001ffec # [ 185.191608] 1f20: 00000001 00000000 c9651f40 00000000 00000000 00000000 00000000 00000000 # [ 185.200082] 1f40: 00000000 00000000 00000000 00000000 00000022 e18e17b1 00000000 c9651440 # [ 185.208556] 1f60: c9651440 00000000 00000000 c03002f0 c9324640 00000004 004ffe38 c062a7fc # [ 185.217030] 1f80: 00000000 00000000 00000000 e18e17b1 000000c0 00000014 00000014 7ff00000 # [ 185.225504] 1fa0: 00000004 c03000c0 00000014 00000014 00000001 b6d88000 00000014 00000001 # [ 185.233979] 1fc0: 00000014 00000014 7ff00000 00000004 00000001 b6d88000 00020000 004ffe38 # [ 185.242453] 1fe0: 00000004 bec79788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 # [ 185.250918] Call trace: # [ 185.250933] lkdtm_WRITE_RO_AFTER_INIT from lkdtm_do_action+0x24/0x4c # [ 185.260443] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 185.266208] direct_entry from full_proxy_write+0x5c/0x8c # [ 185.271877] full_proxy_write from vfs_write+0xbc/0x3cc # [ 185.277444] vfs_write from ksys_write+0x78/0xf8 # [ 185.282304] ksys_write from ret_fast_syscall+0x0/0x1c # [ 185.287666] Exception stack(0xf1fc1fa8 to 0xf1fc1ff0) # [ 185.293023] 1fa0: 00000014 00000014 00000001 b6d88000 00000014 00000001 # [ 185.301498] 1fc0: 00000014 00000014 7ff00000 00000004 00000001 b6d88000 00020000 004ffe38 # [ 185.309968] 1fe0: 00000004 bec79788 b6e4e33b b6dc7616 # [ 185.315327] Code: e5942000 e3013234 e34a3bcd e0233002 (e5843000) # [ 185.321683] ---[ end trace 0000000000000000 ]--- # [ 185.326630] note: cat[3121] exited with irqs disabled # WRITE_RO_AFTER_INIT: saw 'call trace:': ok ok 47 selftests: lkdtm: WRITE_RO_AFTER_INIT.sh # timeout set to 45 # selftests: lkdtm: WRITE_KERN.sh <6>[ 187.175564] lkdtm: Performing direct entry WRITE_KERN <6>[ 187.179664] lkdtm: attempting bad 9419716 byte write at c170145c <1>[ 187.185943] 8<--- cut here --- <1>[ 187.189193] Unable to handle kernel paging request at virtual address c170145c when write <1>[ 187.197577] [c170145c] *pgd=c161940e(bad) <0>[ 187.201863] Internal error: Oops: 80d [#17] SMP ARM <4>[ 187.207026] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 187.243512] CPU: 0 UID: 0 PID: 3202 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 187.253108] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 187.258355] Hardware name: STM32 (Device Tree Support) <4>[ 187.263803] PC is at mmiocpy+0x54/0x334 <4>[ 187.267876] LR is at 0xebdf56d3 <4>[ 187.271322] pc : [] lr : [] psr: 20080013 <4>[ 187.277879] sp : f202de90 ip : e3a00040 fp : f202dea0 <4>[ 187.283329] r10: c91a4e00 r9 : e28dd004 r8 : e52de004 <4>[ 187.288880] r7 : f202df80 r6 : e92d4010 r5 : e12fff1e r4 : e28dd004 <4>[ 187.295639] r3 : e52de004 r2 : 008fbb24 r1 : c0e058b8 r0 : c170145c <4>[ 187.302499] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 187.309864] Control: 10c5387d Table: c5e6c06a DAC: 00000051 <1>[ 187.315915] Register r0 information: non-slab/vmalloc memory <1>[ 187.321882] Register r1 information: non-slab/vmalloc memory <1>[ 187.327842] Register r2 information: non-paged memory <1>[ 187.333198] Register r3 information: non-slab/vmalloc memory <1>[ 187.339056] Register r4 information: non-slab/vmalloc memory <1>[ 187.345015] Register r5 information: non-slab/vmalloc memory <1>[ 187.350973] Register r6 information: non-slab/vmalloc memory <1>[ 187.356932] Register r7 information: 2-page vmalloc region starting at 0xf202c000 allocated at kernel_clone+0xac/0x388 <1>[ 187.367949] Register r8 information: non-slab/vmalloc memory <1>[ 187.373911] Register r9 information: non-slab/vmalloc memory <1>[ 187.379769] Register r10 information: slab kmalloc-192 start c91a4dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 187.393738] full_proxy_open+0x124/0x24c <6>[ 187.398191] do_dentry_open+0x144/0x4dc <6>[ 187.402549] vfs_open+0x2c/0xec <6>[ 187.406201] path_openat+0x748/0x1198 <6>[ 187.410455] do_filp_open+0x98/0x134 <6>[ 187.414508] do_sys_openat2+0xbc/0xe4 <6>[ 187.418664] sys_openat+0x98/0xd4 <6>[ 187.422518] ret_fast_syscall+0x0/0x1c <4>[ 187.426869] Free path: <6>[ 187.429500] nfs_pgio_header_free+0x34/0x48 <6>[ 187.434263] nfs_write_completion+0x60/0x240 <6>[ 187.439118] rpc_free_task+0x34/0x54 <6>[ 187.443170] rpc_async_release+0x24/0x40 <6>[ 187.447632] process_one_work+0x1b8/0x450 <6>[ 187.452189] worker_thread+0x1d4/0x3c4 <6>[ 187.456442] kthread+0xe8/0x104 <6>[ 187.460089] ret_from_fork+0x14/0x28 <1>[ 187.464238] Register r11 information: 2-page vmalloc region starting at 0xf202c000 allocated at kernel_clone+0xac/0x388 <1>[ 187.475350] Register r12 information: non-slab/vmalloc memory <0>[ 187.481412] Process cat (pid: 3202, stack limit = 0xf202c000) <0>[ 187.487368] Stack: (0xf202de90 to 0xf202e000) <0>[ 187.492021] de80: c0e05898 008fbbc4 c27894f8 f202df80 <0>[ 187.500496] dea0: c170145c c170145c 004afe38 c170157c 0000000b c5adf000 00000000 c0e03fc0 <0>[ 187.508971] dec0: 0000000b c0e043a4 c0e04288 c9651e40 b6de8000 0000000b c3983a30 c0893830 <0>[ 187.517445] dee0: c9651e40 c08937d4 f202df80 b6de8000 c9325040 0000000b c91a4e00 c062a2a0 <0>[ 187.525919] df00: c5e6edb0 00000000 00000000 00000000 00000000 0000000b b6de8000 0001fff5 <0>[ 187.534391] df20: 00000001 00000000 c9651d40 00000000 00000000 00000000 00000000 00000000 <0>[ 187.542864] df40: 00000000 00000000 00000000 00000000 00000022 54fe3e69 00000000 c9651e40 <0>[ 187.551339] df60: c9651e40 00000000 00000000 c03002f0 c9325040 00000004 004afe38 c062a7fc <0>[ 187.559815] df80: 00000000 00000000 00000000 54fe3e69 000000c0 0000000b 0000000b 7ff00000 <0>[ 187.568294] dfa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6de8000 0000000b 00000001 <0>[ 187.576768] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6de8000 00020000 004afe38 <0>[ 187.585242] dfe0: 00000004 beb38788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 <0>[ 187.593707] Call trace: <0>[ 187.593725] mmiocpy from lkdtm_WRITE_KERN+0x44/0x70 <0>[ 187.601743] lkdtm_WRITE_KERN from lkdtm_do_action+0x24/0x4c <0>[ 187.607728] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 187.613496] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 187.619165] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 187.624733] vfs_write from ksys_write+0x78/0xf8 <0>[ 187.629595] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 187.634958] Exception stack(0xf202dfa8 to 0xf202dff0) <0>[ 187.640315] dfa0: 0000000b 0000000b 00000001 b6de8000 0000000b 00000001 <0>[ 187.648788] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6de8000 00020000 004afe38 <0>[ 187.657258] dfe0: 00000004 beb38788 b6eae33b b6e27616 <0>[ 187.662616] Code: f5d1f05c f5d1f07c e8b15378 e2522020 (e8a05378) <4>[ 187.668973] ---[ end trace 0000000000000000 ]--- <6>[ 187.673920] note: cat[3202] exited with irqs disabled # Segmentation fault # [ 187.175564] lkdtm: Performing direct entry WRITE_KERN # [ 187.179664] lkdtm: attempting bad 9419716 byte write at c170145c # [ 187.185943] 8<--- cut here --- # [ 187.189193] Unable to handle kernel paging request at virtual address c170145c when write # [ 187.197577] [c170145c] *pgd=c161940e(bad) # [ 187.201863] Internal error: Oops: 80d [#17] SMP ARM # [ 187.207026] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 187.243512] CPU: 0 UID: 0 PID: 3202 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 187.253108] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 187.258355] Hardware name: STM32 (Device Tree Support) # [ 187.263803] PC is at mmiocpy+0x54/0x334 # [ 187.267876] LR is at 0xebdf56d3 # [ 187.271322] pc : [] lr : [] psr: 20080013 # [ 187.277879] sp : f202de90 ip : e3a00040 fp : f202dea0 # [ 187.283329] r10: c91a4e00 r9 : e28dd004 r8 : e52de004 # [ 187.288880] r7 : f202df80 r6 : e92d4010 r5 : e12fff1e r4 : e28dd004 # [ 187.295639] r3 : e52de004 r2 : 008fbb24 r1 : c0e058b8 r0 : c170145c # [ 187.302499] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 187.309864] Control: 10c5387d Table: c5e6c06a DAC: 00000051 # [ 187.315915] Register r0 information: non-slab/vmalloc memory # [ 187.321882] Register r1 information: non-slab/vmalloc memory # [ 187.327842] Register r2 information: non-paged memory # [ 187.333198] Register r3 information: non-slab/vmalloc memory # [ 187.339056] Register r4 information: non-slab/vmalloc memory # [ 187.345015] Register r5 information: non-slab/vmalloc memory # [ 187.350973] Register r6 information: non-slab/vmalloc memory # [ 187.356932] Register r7 information: 2-page vmalloc region starting at 0xf202c000 allocated at kernel_clone+0xac/0x388 # [ 187.367949] Register r8 information: non-slab/vmalloc memory # [ 187.373911] Register r9 information: non-slab/vmalloc memory # [ 187.379769] Register r10 information: slab kmalloc-192 start c91a4dc0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 187.393738] full_proxy_open+0x124/0x24c # [ 187.398191] do_dentry_open+0x144/0x4dc # [ 187.402549] vfs_open+0x2c/0xec # [ 187.406201] path_openat+0x748/0x1198 # [ 187.410455] do_filp_open+0x98/0x134 # [ 187.414508] do_sys_openat2+0xbc/0xe4 # [ 187.418664] sys_openat+0x98/0xd4 # [ 187.422518] ret_fast_syscall+0x0/0x1c # [ 187.426869] Free path: # [ 187.429500] nfs_pgio_header_free+0x34/0x48 # [ 187.434263] nfs_write_completion+0x60/0x240 # [ 187.439118] rpc_free_task+0x34/0x54 # [ 187.443170] rpc_async_release+0x24/0x40 # [ 187.447632] process_one_work+0x1b8/0x450 # [ 187.452189] worker_thread+0x1d4/0x3c4 # [ 187.456442] kthread+0xe8/0x104 # [ 187.460089] ret_from_fork+0x14/0x28 # [ 187.464238] Register r11 information: 2-page vmalloc region starting at 0xf202c000 allocated at kernel_clone+0xac/0x388 # [ 187.475350] Register r12 information: non-slab/vmalloc memory # [ 187.481412] Process cat (pid: 3202, stack limit = 0xf202c000) # [ 187.487368] Stack: (0xf202de90 to 0xf202e000) # [ 187.492021] de80: c0e05898 008fbbc4 c27894f8 f202df80 # [ 187.500496] dea0: c170145c c170145c 004afe38 c170157c 0000000b c5adf000 00000000 c0e03fc0 # [ 187.508971] dec0: 0000000b c0e043a4 c0e04288 c9651e40 b6de8000 0000000b c3983a30 c0893830 # [ 187.517445] dee0: c9651e40 c08937d4 f202df80 b6de8000 c9325040 0000000b c91a4e00 c062a2a0 # [ 187.525919] df00: c5e6edb0 00000000 00000000 00000000 00000000 0000000b b6de8000 0001fff5 # [ 187.534391] df20: 00000001 00000000 c9651d40 00000000 00000000 00000000 00000000 00000000 # [ 187.542864] df40: 00000000 00000000 00000000 00000000 00000022 54fe3e69 00000000 c9651e40 # [ 187.551339] df60: c9651e40 00000000 00000000 c03002f0 c9325040 00000004 004afe38 c062a7fc # [ 187.559815] df80: 00000000 00000000 00000000 54fe3e69 000000c0 0000000b 0000000b 7ff00000 # [ 187.568294] dfa0: 00000004 c03000c0 0000000b 0000000b 00000001 b6de8000 0000000b 00000001 # [ 187.576768] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6de8000 00020000 004afe38 # [ 187.585242] dfe0: 00000004 beb38788 b6eae33b b6e27616 60080030 00000001 00000000 00000000 # [ 187.593707] Call trace: # [ 187.593725] mmiocpy from lkdtm_WRITE_KERN+0x44/0x70 # [ 187.601743] lkdtm_WRITE_KERN from lkdtm_do_action+0x24/0x4c # [ 187.607728] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 187.613496] direct_entry from full_proxy_write+0x5c/0x8c # [ 187.619165] full_proxy_write from vfs_write+0xbc/0x3cc # [ 187.624733] vfs_write from ksys_write+0x78/0xf8 # [ 187.629595] ksys_write from ret_fast_syscall+0x0/0x1c # [ 187.634958] Exception stack(0xf202dfa8 to 0xf202dff0) # [ 187.640315] dfa0: 0000000b 0000000b 00000001 b6de8000 0000000b 00000001 # [ 187.648788] dfc0: 0000000b 0000000b 7ff00000 00000004 00000001 b6de8000 00020000 004afe38 # [ 187.657258] dfe0: 00000004 beb38788 b6eae33b b6e27616 # [ 187.662616] Code: f5d1f05c f5d1f07c e8b15378 e2522020 (e8a05378) # [ 187.668973] ---[ end trace 0000000000000000 ]--- # [ 187.673920] note: cat[3202] exited with irqs disabled # WRITE_KERN: saw 'call trace:': ok ok 48 selftests: lkdtm: WRITE_KERN.sh # timeout set to 45 # selftests: lkdtm: WRITE_OPD.sh <6>[ 189.477494] lkdtm: Performing direct entry WRITE_OPD <6>[ 189.481488] lkdtm: XFAIL: Platform doesn't use function descriptors. # [ 189.477494] lkdtm: Performing direct entry WRITE_OPD # [ 189.481488] lkdtm: XFAIL: Platform doesn't use function descriptors. # WRITE_OPD: saw 'XFAIL': [SKIP] ok 49 selftests: lkdtm: WRITE_OPD.sh # SKIP # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_OVERFLOW.sh <6>[ 190.808551] lkdtm: Performing direct entry REFCOUNT_INC_OVERFLOW <6>[ 190.813543] lkdtm: attempting good refcount_inc() without overflow <6>[ 190.819993] lkdtm: attempting bad refcount_inc() overflow <4>[ 190.825762] ------------[ cut here ]------------ <4>[ 190.830610] WARNING: CPU: 1 PID: 3326 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 <4>[ 190.839722] refcount_t: saturated; leaking memory. <4>[ 190.844961] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 190.881292] CPU: 1 UID: 0 PID: 3326 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 190.890797] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 190.895950] Hardware name: STM32 (Device Tree Support) <4>[ 190.901402] Call trace: <4>[ 190.901419] unwind_backtrace from show_stack+0x18/0x1c <4>[ 190.909729] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 190.915001] dump_stack_lvl from __warn+0x84/0x134 <4>[ 190.920079] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 190.925560] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 <4>[ 190.932652] lkdtm_REFCOUNT_INC_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 190.939535] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 190.945299] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 190.950968] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 190.956535] vfs_write from ksys_write+0x78/0xf8 <4>[ 190.961394] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 190.966756] Exception stack(0xf20f1fa8 to 0xf20f1ff0) <4>[ 190.972116] 1fa0: 00000016 00000016 00000001 b6e28000 00000016 00000001 <4>[ 190.980591] 1fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e28000 00020000 0047fe38 <4>[ 190.989060] 1fe0: 00000004 beefc788 b6eee33b b6e67616 <4>[ 190.994564] ---[ end trace 0000000000000000 ]--- <6>[ 190.999398] lkdtm: Overflow detected: saturated # [ 190.808551] lkdtm: Performing direct entry REFCOUNT_INC_OVERFLOW # [ 190.813543] lkdtm: attempting good refcount_inc() without overflow # [ 190.819993] lkdtm: attempting bad refcount_inc() overflow # [ 190.825762] ------------[ cut here ]------------ # [ 190.830610] WARNING: CPU: 1 PID: 3326 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 # [ 190.839722] refcount_t: saturated; leaking memory. # [ 190.844961] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 190.881292] CPU: 1 UID: 0 PID: 3326 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 190.890797] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 190.895950] Hardware name: STM32 (Device Tree Support) # [ 190.901402] Call trace: # [ 190.901419] unwind_backtrace from show_stack+0x18/0x1c # [ 190.909729] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 190.915001] dump_stack_lvl from __warn+0x84/0x134 # [ 190.920079] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 190.925560] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_OVERFLOW+0x6c/0x98 # [ 190.932652] lkdtm_REFCOUNT_INC_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 190.939535] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 190.945299] direct_entry from full_proxy_write+0x5c/0x8c # [ 190.950968] full_proxy_write from vfs_write+0xbc/0x3cc # [ 190.956535] vfs_write from ksys_write+0x78/0xf8 # [ 190.961394] ksys_write from ret_fast_syscall+0x0/0x1c # [ 190.966756] Exception stack(0xf20f1fa8 to 0xf20f1ff0) # [ 190.972116] 1fa0: 00000016 00000016 00000001 b6e28000 00000016 00000001 # [ 190.980591] 1fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e28000 00020000 0047fe38 # [ 190.989060] 1fe0: 00000004 beefc788 b6eee33b b6e67616 # [ 190.994564] ---[ end trace 0000000000000000 ]--- # [ 190.999398] lkdtm: Overflow detected: saturated # REFCOUNT_INC_OVERFLOW: saw 'call trace:': ok ok 50 selftests: lkdtm: REFCOUNT_INC_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_OVERFLOW.sh <6>[ 192.370627] lkdtm: Performing direct entry REFCOUNT_ADD_OVERFLOW <6>[ 192.376118] lkdtm: attempting good refcount_add() without overflow <6>[ 192.382072] lkdtm: attempting bad refcount_add() overflow <4>[ 192.387845] ------------[ cut here ]------------ <4>[ 192.392711] WARNING: CPU: 0 PID: 3365 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 <4>[ 192.401706] refcount_t: saturated; leaking memory. <4>[ 192.407016] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 192.443434] CPU: 0 UID: 0 PID: 3365 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 192.452841] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 192.458095] Hardware name: STM32 (Device Tree Support) <4>[ 192.463446] Call trace: <4>[ 192.463461] unwind_backtrace from show_stack+0x18/0x1c <4>[ 192.471770] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 192.477142] dump_stack_lvl from __warn+0x84/0x134 <4>[ 192.482221] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 192.487602] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 <4>[ 192.494695] lkdtm_REFCOUNT_ADD_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 192.501577] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 192.507341] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 192.513010] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 192.518577] vfs_write from ksys_write+0x78/0xf8 <4>[ 192.523436] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 192.528798] Exception stack(0xf2129fa8 to 0xf2129ff0) <4>[ 192.534158] 9fa0: 00000016 00000016 00000001 b6d84000 00000016 00000001 <4>[ 192.542632] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6d84000 00020000 0050fe38 <4>[ 192.551102] 9fe0: 00000004 bedb0788 b6e4a33b b6dc3616 <4>[ 192.556821] ---[ end trace 0000000000000000 ]--- <6>[ 192.561474] lkdtm: Overflow detected: saturated # [ 192.370627] lkdtm: Performing direct entry REFCOUNT_ADD_OVERFLOW # [ 192.376118] lkdtm: attempting good refcount_add() without overflow # [ 192.382072] lkdtm: attempting bad refcount_add() overflow # [ 192.387845] ------------[ cut here ]------------ # [ 192.392711] WARNING: CPU: 0 PID: 3365 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 # [ 192.401706] refcount_t: saturated; leaking memory. # [ 192.407016] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 192.443434] CPU: 0 UID: 0 PID: 3365 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 192.452841] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 192.458095] Hardware name: STM32 (Device Tree Support) # [ 192.463446] Call trace: # [ 192.463461] unwind_backtrace from show_stack+0x18/0x1c # [ 192.471770] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 192.477142] dump_stack_lvl from __warn+0x84/0x134 # [ 192.482221] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 192.487602] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_OVERFLOW+0x78/0xa4 # [ 192.494695] lkdtm_REFCOUNT_ADD_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 192.501577] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 192.507341] direct_entry from full_proxy_write+0x5c/0x8c # [ 192.513010] full_proxy_write from vfs_write+0xbc/0x3cc # [ 192.518577] vfs_write from ksys_write+0x78/0xf8 # [ 192.523436] ksys_write from ret_fast_syscall+0x0/0x1c # [ 192.528798] Exception stack(0xf2129fa8 to 0xf2129ff0) # [ 192.534158] 9fa0: 00000016 00000016 00000001 b6d84000 00000016 00000001 # [ 192.542632] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6d84000 00020000 0050fe38 # [ 192.551102] 9fe0: 00000004 bedb0788 b6e4a33b b6dc3616 # [ 192.556821] ---[ end trace 0000000000000000 ]--- # [ 192.561474] lkdtm: Overflow detected: saturated # REFCOUNT_ADD_OVERFLOW: saw 'call trace:': ok ok 51 selftests: lkdtm: REFCOUNT_ADD_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh <6>[ 193.918625] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_OVERFLOW <6>[ 193.924437] lkdtm: attempting bad refcount_inc_not_zero() overflow <4>[ 193.930872] ------------[ cut here ]------------ <4>[ 193.935840] WARNING: CPU: 0 PID: 3404 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 193.945539] refcount_t: saturated; leaking memory. <4>[ 193.950718] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 193.987376] CPU: 0 UID: 0 PID: 3404 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 193.996589] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 194.001841] Hardware name: STM32 (Device Tree Support) <4>[ 194.007291] Call trace: <4>[ 194.007306] unwind_backtrace from show_stack+0x18/0x1c <4>[ 194.015611] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 194.020884] dump_stack_lvl from __warn+0x84/0x134 <4>[ 194.025965] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 194.031446] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 194.039140] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW+0x40/0x80 <4>[ 194.048641] lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 194.056327] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 194.062092] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 194.067762] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 194.073229] vfs_write from ksys_write+0x78/0xf8 <4>[ 194.078189] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 194.083552] Exception stack(0xf2151fa8 to 0xf2151ff0) <4>[ 194.088911] 1fa0: 0000001f 0000001f 00000001 b6e68000 0000001f 00000001 <4>[ 194.097387] 1fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e68000 00020000 004afe38 <4>[ 194.105856] 1fe0: 00000004 befbb788 b6f2e33b b6ea7616 <4>[ 194.111842] ---[ end trace 0000000000000000 ]--- <6>[ 194.116241] lkdtm: Overflow detected: saturated # [ 193.918625] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_OVERFLOW # [ 193.924437] lkdtm: attempting bad refcount_inc_not_zero() overflow # [ 193.930872] ------------[ cut here ]------------ # [ 193.935840] WARNING: CPU: 0 PID: 3404 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 193.945539] refcount_t: saturated; leaking memory. # [ 193.950718] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 193.987376] CPU: 0 UID: 0 PID: 3404 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 193.996589] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 194.001841] Hardware name: STM32 (Device Tree Support) # [ 194.007291] Call trace: # [ 194.007306] unwind_backtrace from show_stack+0x18/0x1c # [ 194.015611] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 194.020884] dump_stack_lvl from __warn+0x84/0x134 # [ 194.025965] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 194.031446] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 194.039140] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW+0x40/0x80 # [ 194.048641] lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 194.056327] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 194.062092] direct_entry from full_proxy_write+0x5c/0x8c # [ 194.067762] full_proxy_write from vfs_write+0xbc/0x3cc # [ 194.073229] vfs_write from ksys_write+0x78/0xf8 # [ 194.078189] ksys_write from ret_fast_syscall+0x0/0x1c # [ 194.083552] Exception stack(0xf2151fa8 to 0xf2151ff0) # [ 194.088911] 1fa0: 0000001f 0000001f 00000001 b6e68000 0000001f 00000001 # [ 194.097387] 1fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6e68000 00020000 004afe38 # [ 194.105856] 1fe0: 00000004 befbb788 b6f2e33b b6ea7616 # [ 194.111842] ---[ end trace 0000000000000000 ]--- # [ 194.116241] lkdtm: Overflow detected: saturated # REFCOUNT_INC_NOT_ZERO_OVERFLOW: saw 'call trace:': ok ok 52 selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh <6>[ 195.467037] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_OVERFLOW <6>[ 195.472922] lkdtm: attempting bad refcount_add_not_zero() overflow <4>[ 195.479263] ------------[ cut here ]------------ <4>[ 195.484228] WARNING: CPU: 1 PID: 3443 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 195.493931] refcount_t: saturated; leaking memory. <4>[ 195.499073] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 195.535522] CPU: 1 UID: 0 PID: 3443 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 195.545028] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 195.550283] Hardware name: STM32 (Device Tree Support) <4>[ 195.555734] Call trace: <4>[ 195.555749] unwind_backtrace from show_stack+0x18/0x1c <4>[ 195.564055] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 195.569327] dump_stack_lvl from __warn+0x84/0x134 <4>[ 195.574406] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 195.579888] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 195.587584] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW+0x40/0x80 <4>[ 195.597085] lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c <4>[ 195.604772] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 195.610536] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 195.616205] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 195.621672] vfs_write from ksys_write+0x78/0xf8 <4>[ 195.626631] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 195.631993] Exception stack(0xf21a1fa8 to 0xf21a1ff0) <4>[ 195.637353] 1fa0: 0000001f 0000001f 00000001 b6dd8000 0000001f 00000001 <4>[ 195.645827] 1fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6dd8000 00020000 0048fe38 <4>[ 195.654299] 1fe0: 00000004 bed2a788 b6e9e33b b6e17616 <4>[ 195.659772] ---[ end trace 0000000000000000 ]--- <6>[ 195.664604] lkdtm: Overflow detected: saturated # [ 195.467037] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_OVERFLOW # [ 195.472922] lkdtm: attempting bad refcount_add_not_zero() overflow # [ 195.479263] ------------[ cut here ]------------ # [ 195.484228] WARNING: CPU: 1 PID: 3443 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 195.493931] refcount_t: saturated; leaking memory. # [ 195.499073] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 195.535522] CPU: 1 UID: 0 PID: 3443 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 195.545028] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 195.550283] Hardware name: STM32 (Device Tree Support) # [ 195.555734] Call trace: # [ 195.555749] unwind_backtrace from show_stack+0x18/0x1c # [ 195.564055] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 195.569327] dump_stack_lvl from __warn+0x84/0x134 # [ 195.574406] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 195.579888] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 195.587584] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW+0x40/0x80 # [ 195.597085] lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW from lkdtm_do_action+0x24/0x4c # [ 195.604772] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 195.610536] direct_entry from full_proxy_write+0x5c/0x8c # [ 195.616205] full_proxy_write from vfs_write+0xbc/0x3cc # [ 195.621672] vfs_write from ksys_write+0x78/0xf8 # [ 195.626631] ksys_write from ret_fast_syscall+0x0/0x1c # [ 195.631993] Exception stack(0xf21a1fa8 to 0xf21a1ff0) # [ 195.637353] 1fa0: 0000001f 0000001f 00000001 b6dd8000 0000001f 00000001 # [ 195.645827] 1fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6dd8000 00020000 0048fe38 # [ 195.654299] 1fe0: 00000004 bed2a788 b6e9e33b b6e17616 # [ 195.659772] ---[ end trace 0000000000000000 ]--- # [ 195.664604] lkdtm: Overflow detected: saturated # REFCOUNT_ADD_NOT_ZERO_OVERFLOW: saw 'call trace:': ok ok 53 selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_ZERO.sh <6>[ 197.026944] lkdtm: Performing direct entry REFCOUNT_DEC_ZERO <6>[ 197.031658] lkdtm: attempting good refcount_dec() <6>[ 197.036592] lkdtm: attempting bad refcount_dec() to zero <4>[ 197.042656] ------------[ cut here ]------------ <4>[ 197.047214] WARNING: CPU: 1 PID: 3482 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 <4>[ 197.055833] refcount_t: decrement hit 0; leaking memory. <4>[ 197.061393] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 197.098053] CPU: 1 UID: 0 PID: 3482 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 197.107364] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 197.112618] Hardware name: STM32 (Device Tree Support) <4>[ 197.118067] Call trace: <4>[ 197.118080] unwind_backtrace from show_stack+0x18/0x1c <4>[ 197.126388] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 197.131661] dump_stack_lvl from __warn+0x84/0x134 <4>[ 197.136739] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 197.142120] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 <4>[ 197.148911] lkdtm_REFCOUNT_DEC_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 197.155490] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 197.161254] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 197.166923] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 197.172389] vfs_write from ksys_write+0x78/0xf8 <4>[ 197.177349] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 197.182711] Exception stack(0xf21e5fa8 to 0xf21e5ff0) <4>[ 197.188069] 5fa0: 00000012 00000012 00000001 b6dc8000 00000012 00000001 <4>[ 197.196544] 5fc0: 00000012 00000012 7ff00000 00000004 00000001 b6dc8000 00020000 0047fe38 <4>[ 197.205013] 5fe0: 00000004 bed8b788 b6e8e33b b6e07616 <4>[ 197.210529] ---[ end trace 0000000000000000 ]--- <6>[ 197.215252] lkdtm: Zero detected: saturated # [ 197.026944] lkdtm: Performing direct entry REFCOUNT_DEC_ZERO # [ 197.031658] lkdtm: attempting good refcount_dec() # [ 197.036592] lkdtm: attempting bad refcount_dec() to zero # [ 197.042656] ------------[ cut here ]------------ # [ 197.047214] WARNING: CPU: 1 PID: 3482 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 # [ 197.055833] refcount_t: decrement hit 0; leaking memory. # [ 197.061393] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 197.098053] CPU: 1 UID: 0 PID: 3482 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 197.107364] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 197.112618] Hardware name: STM32 (Device Tree Support) # [ 197.118067] Call trace: # [ 197.118080] unwind_backtrace from show_stack+0x18/0x1c # [ 197.126388] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 197.131661] dump_stack_lvl from __warn+0x84/0x134 # [ 197.136739] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 197.142120] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_ZERO+0x50/0xd4 # [ 197.148911] lkdtm_REFCOUNT_DEC_ZERO from lkdtm_do_action+0x24/0x4c # [ 197.155490] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 197.161254] direct_entry from full_proxy_write+0x5c/0x8c # [ 197.166923] full_proxy_write from vfs_write+0xbc/0x3cc # [ 197.172389] vfs_write from ksys_write+0x78/0xf8 # [ 197.177349] ksys_write from ret_fast_syscall+0x0/0x1c # [ 197.182711] Exception stack(0xf21e5fa8 to 0xf21e5ff0) # [ 197.188069] 5fa0: 00000012 00000012 00000001 b6dc8000 00000012 00000001 # [ 197.196544] 5fc0: 00000012 00000012 7ff00000 00000004 00000001 b6dc8000 00020000 0047fe38 # [ 197.205013] 5fe0: 00000004 bed8b788 b6e8e33b b6e07616 # [ 197.210529] ---[ end trace 0000000000000000 ]--- # [ 197.215252] lkdtm: Zero detected: saturated # REFCOUNT_DEC_ZERO: saw 'call trace:': ok ok 54 selftests: lkdtm: REFCOUNT_DEC_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_NEGATIVE.sh <6>[ 198.664368] lkdtm: Performing direct entry REFCOUNT_DEC_NEGATIVE <6>[ 198.669363] lkdtm: attempting bad refcount_dec() below zero <4>[ 198.675224] ------------[ cut here ]------------ <4>[ 198.680211] WARNING: CPU: 0 PID: 3526 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c <4>[ 198.689253] refcount_t: decrement hit 0; leaking memory. <4>[ 198.694777] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 198.731523] CPU: 0 UID: 0 PID: 3526 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 198.740736] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 198.745983] Hardware name: STM32 (Device Tree Support) <4>[ 198.751433] Call trace: <4>[ 198.751449] unwind_backtrace from show_stack+0x18/0x1c <4>[ 198.759755] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 198.765027] dump_stack_lvl from __warn+0x84/0x134 <4>[ 198.770105] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 198.775586] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c <4>[ 198.782678] lkdtm_REFCOUNT_DEC_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 198.789561] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 198.795325] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 198.800993] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 198.806460] vfs_write from ksys_write+0x78/0xf8 <4>[ 198.811419] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 198.816781] Exception stack(0xf221dfa8 to 0xf221dff0) <4>[ 198.822140] dfa0: 00000016 00000016 00000001 b6e18000 00000016 00000001 <4>[ 198.830615] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e18000 00020000 004afe38 <4>[ 198.839084] dfe0: 00000004 bebfd788 b6ede33b b6e57616 <4>[ 198.844721] ---[ end trace 0000000000000000 ]--- <6>[ 198.849364] lkdtm: Negative detected: saturated # [ 198.664368] lkdtm: Performing direct entry REFCOUNT_DEC_NEGATIVE # [ 198.669363] lkdtm: attempting bad refcount_dec() below zero # [ 198.675224] ------------[ cut here ]------------ # [ 198.680211] WARNING: CPU: 0 PID: 3526 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c # [ 198.689253] refcount_t: decrement hit 0; leaking memory. # [ 198.694777] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 198.731523] CPU: 0 UID: 0 PID: 3526 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 198.740736] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 198.745983] Hardware name: STM32 (Device Tree Support) # [ 198.751433] Call trace: # [ 198.751449] unwind_backtrace from show_stack+0x18/0x1c # [ 198.759755] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 198.765027] dump_stack_lvl from __warn+0x84/0x134 # [ 198.770105] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 198.775586] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_NEGATIVE+0x3c/0x6c # [ 198.782678] lkdtm_REFCOUNT_DEC_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 198.789561] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 198.795325] direct_entry from full_proxy_write+0x5c/0x8c # [ 198.800993] full_proxy_write from vfs_write+0xbc/0x3cc # [ 198.806460] vfs_write from ksys_write+0x78/0xf8 # [ 198.811419] ksys_write from ret_fast_syscall+0x0/0x1c # [ 198.816781] Exception stack(0xf221dfa8 to 0xf221dff0) # [ 198.822140] dfa0: 00000016 00000016 00000001 b6e18000 00000016 00000001 # [ 198.830615] dfc0: 00000016 00000016 7ff00000 00000004 00000001 b6e18000 00020000 004afe38 # [ 198.839084] dfe0: 00000004 bebfd788 b6ede33b b6e57616 # [ 198.844721] ---[ end trace 0000000000000000 ]--- # [ 198.849364] lkdtm: Negative detected: saturated # REFCOUNT_DEC_NEGATIVE: saw 'Negative detected: saturated': ok ok 55 selftests: lkdtm: REFCOUNT_DEC_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_AND_TEST_NEGATIVE.sh <6>[ 200.263881] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_NEGATIVE <6>[ 200.269698] lkdtm: attempting bad refcount_dec_and_test() below zero <4>[ 200.276321] ------------[ cut here ]------------ <4>[ 200.281639] WARNING: CPU: 1 PID: 3570 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 200.290964] refcount_t: underflow; use-after-free. <4>[ 200.296118] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 200.332479] CPU: 1 UID: 0 PID: 3570 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 200.342087] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 200.347240] Hardware name: STM32 (Device Tree Support) <4>[ 200.352691] Call trace: <4>[ 200.352707] unwind_backtrace from show_stack+0x18/0x1c <4>[ 200.361014] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 200.366287] dump_stack_lvl from __warn+0x84/0x134 <4>[ 200.371367] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 200.376847] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 200.384638] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE+0x3c/0x80 <4>[ 200.394037] lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 200.401720] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 200.407484] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 200.413153] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 200.418720] vfs_write from ksys_write+0x78/0xf8 <4>[ 200.423578] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 200.428941] Exception stack(0xf225dfa8 to 0xf225dff0) <4>[ 200.434301] dfa0: 0000001f 0000001f 00000001 b6db8000 0000001f 00000001 <4>[ 200.442776] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6db8000 00020000 0043fe38 <4>[ 200.451247] dfe0: 00000004 be99a788 b6e7e33b b6df7616 <4>[ 200.456704] ---[ end trace 0000000000000000 ]--- <6>[ 200.461533] lkdtm: Negative detected: saturated # [ 200.263881] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_NEGATIVE # [ 200.269698] lkdtm: attempting bad refcount_dec_and_test() below zero # [ 200.276321] ------------[ cut here ]------------ # [ 200.281639] WARNING: CPU: 1 PID: 3570 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 200.290964] refcount_t: underflow; use-after-free. # [ 200.296118] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 200.332479] CPU: 1 UID: 0 PID: 3570 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 200.342087] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 200.347240] Hardware name: STM32 (Device Tree Support) # [ 200.352691] Call trace: # [ 200.352707] unwind_backtrace from show_stack+0x18/0x1c # [ 200.361014] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 200.366287] dump_stack_lvl from __warn+0x84/0x134 # [ 200.371367] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 200.376847] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 200.384638] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE+0x3c/0x80 # [ 200.394037] lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 200.401720] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 200.407484] direct_entry from full_proxy_write+0x5c/0x8c # [ 200.413153] full_proxy_write from vfs_write+0xbc/0x3cc # [ 200.418720] vfs_write from ksys_write+0x78/0xf8 # [ 200.423578] ksys_write from ret_fast_syscall+0x0/0x1c # [ 200.428941] Exception stack(0xf225dfa8 to 0xf225dff0) # [ 200.434301] dfa0: 0000001f 0000001f 00000001 b6db8000 0000001f 00000001 # [ 200.442776] dfc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6db8000 00020000 0043fe38 # [ 200.451247] dfe0: 00000004 be99a788 b6e7e33b b6df7616 # [ 200.456704] ---[ end trace 0000000000000000 ]--- # [ 200.461533] lkdtm: Negative detected: saturated # REFCOUNT_DEC_AND_TEST_NEGATIVE: saw 'Negative detected: saturated': ok ok 56 selftests: lkdtm: REFCOUNT_DEC_AND_TEST_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_SUB_AND_TEST_NEGATIVE.sh <6>[ 201.912001] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_NEGATIVE <6>[ 201.917856] lkdtm: attempting bad refcount_sub_and_test() below zero <4>[ 201.924988] ------------[ cut here ]------------ <4>[ 201.929368] WARNING: CPU: 1 PID: 3614 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 201.939163] refcount_t: underflow; use-after-free. <4>[ 201.944250] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 201.980689] CPU: 1 UID: 0 PID: 3614 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 201.990195] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 201.995449] Hardware name: STM32 (Device Tree Support) <4>[ 202.000898] Call trace: <4>[ 202.000914] unwind_backtrace from show_stack+0x18/0x1c <4>[ 202.009222] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 202.014501] dump_stack_lvl from __warn+0x84/0x134 <4>[ 202.019584] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 202.024967] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 202.032760] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE+0x40/0x84 <4>[ 202.042161] lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c <4>[ 202.049848] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 202.055615] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 202.061385] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 202.066851] vfs_write from ksys_write+0x78/0xf8 <4>[ 202.071712] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 202.077176] Exception stack(0xf2295fa8 to 0xf2295ff0) <4>[ 202.082536] 5fa0: 0000001f 0000001f 00000001 b6db8000 0000001f 00000001 <4>[ 202.091011] 5fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6db8000 00020000 0049fe38 <4>[ 202.099480] 5fe0: 00000004 bed98788 b6e7e33b b6df7616 <4>[ 202.104830] ---[ end trace 0000000000000000 ]--- <6>[ 202.109753] lkdtm: Negative detected: saturated # [ 201.912001] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_NEGATIVE # [ 201.917856] lkdtm: attempting bad refcount_sub_and_test() below zero # [ 201.924988] ------------[ cut here ]------------ # [ 201.929368] WARNING: CPU: 1 PID: 3614 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 201.939163] refcount_t: underflow; use-after-free. # [ 201.944250] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 201.980689] CPU: 1 UID: 0 PID: 3614 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 201.990195] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 201.995449] Hardware name: STM32 (Device Tree Support) # [ 202.000898] Call trace: # [ 202.000914] unwind_backtrace from show_stack+0x18/0x1c # [ 202.009222] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 202.014501] dump_stack_lvl from __warn+0x84/0x134 # [ 202.019584] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 202.024967] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 202.032760] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE+0x40/0x84 # [ 202.042161] lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE from lkdtm_do_action+0x24/0x4c # [ 202.049848] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 202.055615] direct_entry from full_proxy_write+0x5c/0x8c # [ 202.061385] full_proxy_write from vfs_write+0xbc/0x3cc # [ 202.066851] vfs_write from ksys_write+0x78/0xf8 # [ 202.071712] ksys_write from ret_fast_syscall+0x0/0x1c # [ 202.077176] Exception stack(0xf2295fa8 to 0xf2295ff0) # [ 202.082536] 5fa0: 0000001f 0000001f 00000001 b6db8000 0000001f 00000001 # [ 202.091011] 5fc0: 0000001f 0000001f 7ff00000 00000004 00000001 b6db8000 00020000 0049fe38 # [ 202.099480] 5fe0: 00000004 bed98788 b6e7e33b b6df7616 # [ 202.104830] ---[ end trace 0000000000000000 ]--- # [ 202.109753] lkdtm: Negative detected: saturated # REFCOUNT_SUB_AND_TEST_NEGATIVE: saw 'Negative detected: saturated': ok ok 57 selftests: lkdtm: REFCOUNT_SUB_AND_TEST_NEGATIVE.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_ZERO.sh <6>[ 203.451268] lkdtm: Performing direct entry REFCOUNT_INC_ZERO <6>[ 203.455940] lkdtm: attempting safe refcount_inc_not_zero() from zero <6>[ 203.462575] lkdtm: Good: zero detected <6>[ 203.466634] lkdtm: Correctly stayed at zero <6>[ 203.471080] lkdtm: attempting bad refcount_inc() from zero <4>[ 203.476814] ------------[ cut here ]------------ <4>[ 203.481760] WARNING: CPU: 1 PID: 3653 at lib/refcount.c:25 lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 <4>[ 203.490450] refcount_t: addition on 0; use-after-free. <4>[ 203.495901] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 203.532380] CPU: 1 UID: 0 PID: 3653 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 203.541888] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 203.547141] Hardware name: STM32 (Device Tree Support) <4>[ 203.552491] Call trace: <4>[ 203.552508] unwind_backtrace from show_stack+0x18/0x1c <4>[ 203.560817] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 203.566189] dump_stack_lvl from __warn+0x84/0x134 <4>[ 203.571269] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 203.576649] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 <4>[ 203.583339] lkdtm_REFCOUNT_INC_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 203.589919] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 203.595684] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 203.601353] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 203.606920] vfs_write from ksys_write+0x78/0xf8 <4>[ 203.611779] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 203.617241] Exception stack(0xf22d9fa8 to 0xf22d9ff0) <4>[ 203.622601] 9fa0: 00000012 00000012 00000001 b6e78000 00000012 00000001 <4>[ 203.631076] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e78000 00020000 0044fe38 <4>[ 203.639545] 9fe0: 00000004 bef71788 b6f3e33b b6eb7616 <4>[ 203.645045] ---[ end trace 0000000000000000 ]--- <6>[ 203.649787] lkdtm: Zero detected: saturated # [ 203.451268] lkdtm: Performing direct entry REFCOUNT_INC_ZERO # [ 203.455940] lkdtm: attempting safe refcount_inc_not_zero() from zero # [ 203.462575] lkdtm: Good: zero detected # [ 203.466634] lkdtm: Correctly stayed at zero # [ 203.471080] lkdtm: attempting bad refcount_inc() from zero # [ 203.476814] ------------[ cut here ]------------ # [ 203.481760] WARNING: CPU: 1 PID: 3653 at lib/refcount.c:25 lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 # [ 203.490450] refcount_t: addition on 0; use-after-free. # [ 203.495901] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 203.532380] CPU: 1 UID: 0 PID: 3653 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 203.541888] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 203.547141] Hardware name: STM32 (Device Tree Support) # [ 203.552491] Call trace: # [ 203.552508] unwind_backtrace from show_stack+0x18/0x1c # [ 203.560817] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 203.566189] dump_stack_lvl from __warn+0x84/0x134 # [ 203.571269] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 203.576649] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_ZERO+0x94/0xc0 # [ 203.583339] lkdtm_REFCOUNT_INC_ZERO from lkdtm_do_action+0x24/0x4c # [ 203.589919] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 203.595684] direct_entry from full_proxy_write+0x5c/0x8c # [ 203.601353] full_proxy_write from vfs_write+0xbc/0x3cc # [ 203.606920] vfs_write from ksys_write+0x78/0xf8 # [ 203.611779] ksys_write from ret_fast_syscall+0x0/0x1c # [ 203.617241] Exception stack(0xf22d9fa8 to 0xf22d9ff0) # [ 203.622601] 9fa0: 00000012 00000012 00000001 b6e78000 00000012 00000001 # [ 203.631076] 9fc0: 00000012 00000012 7ff00000 00000004 00000001 b6e78000 00020000 0044fe38 # [ 203.639545] 9fe0: 00000004 bef71788 b6f3e33b b6eb7616 # [ 203.645045] ---[ end trace 0000000000000000 ]--- # [ 203.649787] lkdtm: Zero detected: saturated # REFCOUNT_INC_ZERO: saw 'call trace:': ok ok 58 selftests: lkdtm: REFCOUNT_INC_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_ZERO.sh <6>[ 204.973837] lkdtm: Performing direct entry REFCOUNT_ADD_ZERO <6>[ 204.978585] lkdtm: attempting safe refcount_add_not_zero() from zero <6>[ 204.985732] lkdtm: Good: zero detected <6>[ 204.989180] lkdtm: Correctly stayed at zero <6>[ 204.993657] lkdtm: attempting bad refcount_add() from zero <4>[ 204.999386] ------------[ cut here ]------------ <4>[ 205.004327] WARNING: CPU: 1 PID: 3692 at lib/refcount.c:25 lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 <4>[ 205.013239] refcount_t: addition on 0; use-after-free. <4>[ 205.018630] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 205.054958] CPU: 1 UID: 0 PID: 3692 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 205.064463] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 205.069717] Hardware name: STM32 (Device Tree Support) <4>[ 205.075167] Call trace: <4>[ 205.075181] unwind_backtrace from show_stack+0x18/0x1c <4>[ 205.083488] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 205.088760] dump_stack_lvl from __warn+0x84/0x134 <4>[ 205.093839] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 205.099321] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 <4>[ 205.106009] lkdtm_REFCOUNT_ADD_ZERO from lkdtm_do_action+0x24/0x4c <4>[ 205.112591] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 205.118354] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 205.124024] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 205.129489] vfs_write from ksys_write+0x78/0xf8 <4>[ 205.134448] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 205.139809] Exception stack(0xf2315fa8 to 0xf2315ff0) <4>[ 205.145169] 5fa0: 00000012 00000012 00000001 b6de8000 00000012 00000001 <4>[ 205.153643] 5fc0: 00000012 00000012 7ff00000 00000004 00000001 b6de8000 00020000 004bfe38 <4>[ 205.162113] 5fe0: 00000004 beb28788 b6eae33b b6e27616 <4>[ 205.167605] ---[ end trace 0000000000000000 ]--- <6>[ 205.172438] lkdtm: Zero detected: saturated # [ 204.973837] lkdtm: Performing direct entry REFCOUNT_ADD_ZERO # [ 204.978585] lkdtm: attempting safe refcount_add_not_zero() from zero # [ 204.985732] lkdtm: Good: zero detected # [ 204.989180] lkdtm: Correctly stayed at zero # [ 204.993657] lkdtm: attempting bad refcount_add() from zero # [ 204.999386] ------------[ cut here ]------------ # [ 205.004327] WARNING: CPU: 1 PID: 3692 at lib/refcount.c:25 lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 # [ 205.013239] refcount_t: addition on 0; use-after-free. # [ 205.018630] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 205.054958] CPU: 1 UID: 0 PID: 3692 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 205.064463] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 205.069717] Hardware name: STM32 (Device Tree Support) # [ 205.075167] Call trace: # [ 205.075181] unwind_backtrace from show_stack+0x18/0x1c # [ 205.083488] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 205.088760] dump_stack_lvl from __warn+0x84/0x134 # [ 205.093839] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 205.099321] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_ZERO+0x94/0xc0 # [ 205.106009] lkdtm_REFCOUNT_ADD_ZERO from lkdtm_do_action+0x24/0x4c # [ 205.112591] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 205.118354] direct_entry from full_proxy_write+0x5c/0x8c # [ 205.124024] full_proxy_write from vfs_write+0xbc/0x3cc # [ 205.129489] vfs_write from ksys_write+0x78/0xf8 # [ 205.134448] ksys_write from ret_fast_syscall+0x0/0x1c # [ 205.139809] Exception stack(0xf2315fa8 to 0xf2315ff0) # [ 205.145169] 5fa0: 00000012 00000012 00000001 b6de8000 00000012 00000001 # [ 205.153643] 5fc0: 00000012 00000012 7ff00000 00000004 00000001 b6de8000 00020000 004bfe38 # [ 205.162113] 5fe0: 00000004 beb28788 b6eae33b b6e27616 # [ 205.167605] ---[ end trace 0000000000000000 ]--- # [ 205.172438] lkdtm: Zero detected: saturated # REFCOUNT_ADD_ZERO: saw 'call trace:': ok ok 59 selftests: lkdtm: REFCOUNT_ADD_ZERO.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_SATURATED.sh <6>[ 206.617799] lkdtm: Performing direct entry REFCOUNT_INC_SATURATED <6>[ 206.622913] lkdtm: attempting bad refcount_inc() from saturated <4>[ 206.629034] ------------[ cut here ]------------ <4>[ 206.634479] WARNING: CPU: 0 PID: 3736 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c <4>[ 206.643215] refcount_t: saturated; leaking memory. <4>[ 206.648273] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 206.684855] CPU: 0 UID: 0 PID: 3736 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 206.694268] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 206.699519] Hardware name: STM32 (Device Tree Support) <4>[ 206.704871] Call trace: <4>[ 206.704887] unwind_backtrace from show_stack+0x18/0x1c <4>[ 206.713196] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 206.718568] dump_stack_lvl from __warn+0x84/0x134 <4>[ 206.723648] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 206.729029] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c <4>[ 206.736221] lkdtm_REFCOUNT_INC_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 206.743205] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 206.748970] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 206.754639] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 206.760205] vfs_write from ksys_write+0x78/0xf8 <4>[ 206.765063] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 206.770526] Exception stack(0xf2359fa8 to 0xf2359ff0) <4>[ 206.775786] 9fa0: 00000017 00000017 00000001 b6e38000 00000017 00000001 <4>[ 206.784260] 9fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e38000 00020000 004dfe38 <4>[ 206.792730] 9fe0: 00000004 bebdc788 b6efe33b b6e77616 <4>[ 206.798400] ---[ end trace 0000000000000000 ]--- <6>[ 206.803071] lkdtm: Saturation detected: still saturated # [ 206.617799] lkdtm: Performing direct entry REFCOUNT_INC_SATURATED # [ 206.622913] lkdtm: attempting bad refcount_inc() from saturated # [ 206.629034] ------------[ cut here ]------------ # [ 206.634479] WARNING: CPU: 0 PID: 3736 at lib/refcount.c:22 lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c # [ 206.643215] refcount_t: saturated; leaking memory. # [ 206.648273] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 206.684855] CPU: 0 UID: 0 PID: 3736 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 206.694268] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 206.699519] Hardware name: STM32 (Device Tree Support) # [ 206.704871] Call trace: # [ 206.704887] unwind_backtrace from show_stack+0x18/0x1c # [ 206.713196] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 206.718568] dump_stack_lvl from __warn+0x84/0x134 # [ 206.723648] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 206.729029] warn_slowpath_fmt from lkdtm_REFCOUNT_INC_SATURATED+0x40/0x6c # [ 206.736221] lkdtm_REFCOUNT_INC_SATURATED from lkdtm_do_action+0x24/0x4c # [ 206.743205] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 206.748970] direct_entry from full_proxy_write+0x5c/0x8c # [ 206.754639] full_proxy_write from vfs_write+0xbc/0x3cc # [ 206.760205] vfs_write from ksys_write+0x78/0xf8 # [ 206.765063] ksys_write from ret_fast_syscall+0x0/0x1c # [ 206.770526] Exception stack(0xf2359fa8 to 0xf2359ff0) # [ 206.775786] 9fa0: 00000017 00000017 00000001 b6e38000 00000017 00000001 # [ 206.784260] 9fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e38000 00020000 004dfe38 # [ 206.792730] 9fe0: 00000004 bebdc788 b6efe33b b6e77616 # [ 206.798400] ---[ end trace 0000000000000000 ]--- # [ 206.803071] lkdtm: Saturation detected: still saturated # REFCOUNT_INC_SATURATED: saw 'Saturation detected: still saturated': ok ok 60 selftests: lkdtm: REFCOUNT_INC_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_SATURATED.sh <6>[ 208.247092] lkdtm: Performing direct entry REFCOUNT_DEC_SATURATED <6>[ 208.252246] lkdtm: attempting bad refcount_dec() from saturated <4>[ 208.258391] ------------[ cut here ]------------ <4>[ 208.263359] WARNING: CPU: 1 PID: 3780 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 <4>[ 208.272453] refcount_t: decrement hit 0; leaking memory. <4>[ 208.278106] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 208.314553] CPU: 1 UID: 0 PID: 3780 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 208.324058] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 208.329314] Hardware name: STM32 (Device Tree Support) <4>[ 208.334664] Call trace: <4>[ 208.334680] unwind_backtrace from show_stack+0x18/0x1c <4>[ 208.342988] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 208.348360] dump_stack_lvl from __warn+0x84/0x134 <4>[ 208.353440] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 208.358828] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 <4>[ 208.366022] lkdtm_REFCOUNT_DEC_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 208.373006] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 208.378771] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 208.384441] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 208.389908] vfs_write from ksys_write+0x78/0xf8 <4>[ 208.394867] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 208.400230] Exception stack(0xf2391fa8 to 0xf2391ff0) <4>[ 208.405591] 1fa0: 00000017 00000017 00000001 b6e24000 00000017 00000001 <4>[ 208.414066] 1fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e24000 00020000 0044fe38 <4>[ 208.422535] 1fe0: 00000004 be9be788 b6eea33b b6e63616 <4>[ 208.428020] ---[ end trace 0000000000000000 ]--- <6>[ 208.432860] lkdtm: Saturation detected: still saturated # [ 208.247092] lkdtm: Performing direct entry REFCOUNT_DEC_SATURATED # [ 208.252246] lkdtm: attempting bad refcount_dec() from saturated # [ 208.258391] ------------[ cut here ]------------ # [ 208.263359] WARNING: CPU: 1 PID: 3780 at lib/refcount.c:31 lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 # [ 208.272453] refcount_t: decrement hit 0; leaking memory. # [ 208.278106] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 208.314553] CPU: 1 UID: 0 PID: 3780 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 208.324058] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 208.329314] Hardware name: STM32 (Device Tree Support) # [ 208.334664] Call trace: # [ 208.334680] unwind_backtrace from show_stack+0x18/0x1c # [ 208.342988] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 208.348360] dump_stack_lvl from __warn+0x84/0x134 # [ 208.353440] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 208.358828] warn_slowpath_fmt from lkdtm_REFCOUNT_DEC_SATURATED+0x3c/0x68 # [ 208.366022] lkdtm_REFCOUNT_DEC_SATURATED from lkdtm_do_action+0x24/0x4c # [ 208.373006] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 208.378771] direct_entry from full_proxy_write+0x5c/0x8c # [ 208.384441] full_proxy_write from vfs_write+0xbc/0x3cc # [ 208.389908] vfs_write from ksys_write+0x78/0xf8 # [ 208.394867] ksys_write from ret_fast_syscall+0x0/0x1c # [ 208.400230] Exception stack(0xf2391fa8 to 0xf2391ff0) # [ 208.405591] 1fa0: 00000017 00000017 00000001 b6e24000 00000017 00000001 # [ 208.414066] 1fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e24000 00020000 0044fe38 # [ 208.422535] 1fe0: 00000004 be9be788 b6eea33b b6e63616 # [ 208.428020] ---[ end trace 0000000000000000 ]--- # [ 208.432860] lkdtm: Saturation detected: still saturated # REFCOUNT_DEC_SATURATED: saw 'Saturation detected: still saturated': ok ok 61 selftests: lkdtm: REFCOUNT_DEC_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_SATURATED.sh <6>[ 209.844815] lkdtm: Performing direct entry REFCOUNT_ADD_SATURATED <6>[ 209.850113] lkdtm: attempting bad refcount_dec() from saturated <4>[ 209.856625] ------------[ cut here ]------------ <4>[ 209.861113] WARNING: CPU: 0 PID: 3824 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c <4>[ 209.870226] refcount_t: saturated; leaking memory. <4>[ 209.875261] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 209.911885] CPU: 0 UID: 0 PID: 3824 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 209.921198] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 209.926448] Hardware name: STM32 (Device Tree Support) <4>[ 209.931898] Call trace: <4>[ 209.931913] unwind_backtrace from show_stack+0x18/0x1c <4>[ 209.940221] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 209.945495] dump_stack_lvl from __warn+0x84/0x134 <4>[ 209.950573] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 209.955955] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c <4>[ 209.963146] lkdtm_REFCOUNT_ADD_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 209.970130] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 209.975895] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 209.981564] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 209.987132] vfs_write from ksys_write+0x78/0xf8 <4>[ 209.991992] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 209.997454] Exception stack(0xf23d1fa8 to 0xf23d1ff0) <4>[ 210.002714] 1fa0: 00000017 00000017 00000001 b6e74000 00000017 00000001 <4>[ 210.011289] 1fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e74000 00020000 0044fe38 <4>[ 210.019758] 1fe0: 00000004 bebb7788 b6f3a33b b6eb3616 <4>[ 210.025350] ---[ end trace 0000000000000000 ]--- <6>[ 210.031764] lkdtm: Saturation detected: still saturated # [ 209.844815] lkdtm: Performing direct entry REFCOUNT_ADD_SATURATED # [ 209.850113] lkdtm: attempting bad refcount_dec() from saturated # [ 209.856625] ------------[ cut here ]------------ # [ 209.861113] WARNING: CPU: 0 PID: 3824 at lib/refcount.c:22 lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c # [ 209.870226] refcount_t: saturated; leaking memory. # [ 209.875261] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 209.911885] CPU: 0 UID: 0 PID: 3824 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 209.921198] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 209.926448] Hardware name: STM32 (Device Tree Support) # [ 209.931898] Call trace: # [ 209.931913] unwind_backtrace from show_stack+0x18/0x1c # [ 209.940221] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 209.945495] dump_stack_lvl from __warn+0x84/0x134 # [ 209.950573] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 209.955955] warn_slowpath_fmt from lkdtm_REFCOUNT_ADD_SATURATED+0x40/0x6c # [ 209.963146] lkdtm_REFCOUNT_ADD_SATURATED from lkdtm_do_action+0x24/0x4c # [ 209.970130] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 209.975895] direct_entry from full_proxy_write+0x5c/0x8c # [ 209.981564] full_proxy_write from vfs_write+0xbc/0x3cc # [ 209.987132] vfs_write from ksys_write+0x78/0xf8 # [ 209.991992] ksys_write from ret_fast_syscall+0x0/0x1c # [ 209.997454] Exception stack(0xf23d1fa8 to 0xf23d1ff0) # [ 210.002714] 1fa0: 00000017 00000017 00000001 b6e74000 00000017 00000001 # [ 210.011289] 1fc0: 00000017 00000017 7ff00000 00000004 00000001 b6e74000 00020000 0044fe38 # [ 210.019758] 1fe0: 00000004 bebb7788 b6f3a33b b6eb3616 # [ 210.025350] ---[ end trace 0000000000000000 ]--- # [ 210.031764] lkdtm: Saturation detected: still saturated # REFCOUNT_ADD_SATURATED: saw 'Saturation detected: still saturated': ok ok 62 selftests: lkdtm: REFCOUNT_ADD_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_SATURATED.sh <6>[ 211.402661] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_SATURATED <6>[ 211.408564] lkdtm: attempting bad refcount_inc_not_zero() from saturated <4>[ 211.415907] ------------[ cut here ]------------ <4>[ 211.420493] WARNING: CPU: 1 PID: 3863 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 211.430223] refcount_t: saturated; leaking memory. <4>[ 211.435247] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 211.471983] CPU: 1 UID: 0 PID: 3863 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 211.481298] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 211.486447] Hardware name: STM32 (Device Tree Support) <4>[ 211.491895] Call trace: <4>[ 211.491910] unwind_backtrace from show_stack+0x18/0x1c <4>[ 211.500214] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 211.505586] dump_stack_lvl from __warn+0x84/0x134 <4>[ 211.510565] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 211.516046] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 211.523841] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED+0x40/0x80 <4>[ 211.533343] lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 211.541130] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 211.546894] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 211.552563] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 211.558032] vfs_write from ksys_write+0x78/0xf8 <4>[ 211.562896] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 211.568360] Exception stack(0xf23f9fa8 to 0xf23f9ff0) <4>[ 211.573721] 9fa0: 00000020 00000020 00000001 b6e68000 00000020 00000001 <4>[ 211.582196] 9fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e68000 00020000 0044fe38 <4>[ 211.590667] 9fe0: 00000004 bec33788 b6f2e33b b6ea7616 <4>[ 211.596040] ---[ end trace 0000000000000000 ]--- <6>[ 211.600879] lkdtm: Saturation detected: still saturated # [ 211.402661] lkdtm: Performing direct entry REFCOUNT_INC_NOT_ZERO_SATURATED # [ 211.408564] lkdtm: attempting bad refcount_inc_not_zero() from saturated # [ 211.415907] ------------[ cut here ]------------ # [ 211.420493] WARNING: CPU: 1 PID: 3863 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 211.430223] refcount_t: saturated; leaking memory. # [ 211.435247] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 211.471983] CPU: 1 UID: 0 PID: 3863 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 211.481298] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 211.486447] Hardware name: STM32 (Device Tree Support) # [ 211.491895] Call trace: # [ 211.491910] unwind_backtrace from show_stack+0x18/0x1c # [ 211.500214] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 211.505586] dump_stack_lvl from __warn+0x84/0x134 # [ 211.510565] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 211.516046] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 211.523841] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED+0x40/0x80 # [ 211.533343] lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c # [ 211.541130] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 211.546894] direct_entry from full_proxy_write+0x5c/0x8c # [ 211.552563] full_proxy_write from vfs_write+0xbc/0x3cc # [ 211.558032] vfs_write from ksys_write+0x78/0xf8 # [ 211.562896] ksys_write from ret_fast_syscall+0x0/0x1c # [ 211.568360] Exception stack(0xf23f9fa8 to 0xf23f9ff0) # [ 211.573721] 9fa0: 00000020 00000020 00000001 b6e68000 00000020 00000001 # [ 211.582196] 9fc0: 00000020 00000020 7ff00000 00000004 00000001 b6e68000 00020000 0044fe38 # [ 211.590667] 9fe0: 00000004 bec33788 b6f2e33b b6ea7616 # [ 211.596040] ---[ end trace 0000000000000000 ]--- # [ 211.600879] lkdtm: Saturation detected: still saturated # REFCOUNT_INC_NOT_ZERO_SATURATED: saw 'call trace:': ok ok 63 selftests: lkdtm: REFCOUNT_INC_NOT_ZERO_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_SATURATED.sh <6>[ 212.954736] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_SATURATED <6>[ 212.960683] lkdtm: attempting bad refcount_add_not_zero() from saturated <4>[ 212.968147] ------------[ cut here ]------------ <4>[ 212.972636] WARNING: CPU: 0 PID: 3902 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 212.982266] refcount_t: saturated; leaking memory. <4>[ 212.987413] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 213.024400] CPU: 0 UID: 0 PID: 3902 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 213.033321] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 213.038574] Hardware name: STM32 (Device Tree Support) <4>[ 213.044024] Call trace: <4>[ 213.044039] unwind_backtrace from show_stack+0x18/0x1c <4>[ 213.052247] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 213.057620] dump_stack_lvl from __warn+0x84/0x134 <4>[ 213.062700] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 213.068083] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 <4>[ 213.075877] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED+0x40/0x80 <4>[ 213.085379] lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 213.093167] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 213.098931] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 213.104599] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 213.110165] vfs_write from ksys_write+0x78/0xf8 <4>[ 213.115025] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 213.120487] Exception stack(0xf2445fa8 to 0xf2445ff0) <4>[ 213.125747] 5fa0: 00000020 00000020 00000001 b6da8000 00000020 00000001 <4>[ 213.134222] 5fc0: 00000020 00000020 7ff00000 00000004 00000001 b6da8000 00020000 004ffe38 <4>[ 213.142692] 5fe0: 00000004 bed81788 b6e6e33b b6de7616 <4>[ 213.148429] ---[ end trace 0000000000000000 ]--- <6>[ 213.153110] lkdtm: Saturation detected: still saturated # [ 212.954736] lkdtm: Performing direct entry REFCOUNT_ADD_NOT_ZERO_SATURATED # [ 212.960683] lkdtm: attempting bad refcount_add_not_zero() from saturated # [ 212.968147] ------------[ cut here ]------------ # [ 212.972636] WARNING: CPU: 0 PID: 3902 at lib/refcount.c:19 __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 212.982266] refcount_t: saturated; leaking memory. # [ 212.987413] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 213.024400] CPU: 0 UID: 0 PID: 3902 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 213.033321] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 213.038574] Hardware name: STM32 (Device Tree Support) # [ 213.044024] Call trace: # [ 213.044039] unwind_backtrace from show_stack+0x18/0x1c # [ 213.052247] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 213.057620] dump_stack_lvl from __warn+0x84/0x134 # [ 213.062700] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 213.068083] warn_slowpath_fmt from __refcount_add_not_zero.constprop.0+0x74/0x84 # [ 213.075877] __refcount_add_not_zero.constprop.0 from lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED+0x40/0x80 # [ 213.085379] lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED from lkdtm_do_action+0x24/0x4c # [ 213.093167] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 213.098931] direct_entry from full_proxy_write+0x5c/0x8c # [ 213.104599] full_proxy_write from vfs_write+0xbc/0x3cc # [ 213.110165] vfs_write from ksys_write+0x78/0xf8 # [ 213.115025] ksys_write from ret_fast_syscall+0x0/0x1c # [ 213.120487] Exception stack(0xf2445fa8 to 0xf2445ff0) # [ 213.125747] 5fa0: 00000020 00000020 00000001 b6da8000 00000020 00000001 # [ 213.134222] 5fc0: 00000020 00000020 7ff00000 00000004 00000001 b6da8000 00020000 004ffe38 # [ 213.142692] 5fe0: 00000004 bed81788 b6e6e33b b6de7616 # [ 213.148429] ---[ end trace 0000000000000000 ]--- # [ 213.153110] lkdtm: Saturation detected: still saturated # REFCOUNT_ADD_NOT_ZERO_SATURATED: saw 'call trace:': ok ok 64 selftests: lkdtm: REFCOUNT_ADD_NOT_ZERO_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_DEC_AND_TEST_SATURATED.sh <6>[ 214.590076] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_SATURATED <6>[ 214.596006] lkdtm: attempting bad refcount_dec_and_test() from saturated <4>[ 214.602941] ------------[ cut here ]------------ <4>[ 214.607841] WARNING: CPU: 1 PID: 3946 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 214.617621] refcount_t: underflow; use-after-free. <4>[ 214.622612] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 214.659458] CPU: 1 UID: 0 PID: 3946 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 214.668675] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 214.673923] Hardware name: STM32 (Device Tree Support) <4>[ 214.679273] Call trace: <4>[ 214.679287] unwind_backtrace from show_stack+0x18/0x1c <4>[ 214.687594] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 214.692966] dump_stack_lvl from __warn+0x84/0x134 <4>[ 214.698044] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 214.703424] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 214.711215] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED+0x40/0x80 <4>[ 214.720716] lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 214.728502] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 214.734267] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 214.739939] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 214.745512] vfs_write from ksys_write+0x78/0xf8 <4>[ 214.750374] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 214.755738] Exception stack(0xf247dfa8 to 0xf247dff0) <4>[ 214.761102] dfa0: 00000020 00000020 00000001 b6e14000 00000020 00000001 <4>[ 214.769577] dfc0: 00000020 00000020 7ff00000 00000004 00000001 b6e14000 00020000 004afe38 <4>[ 214.778050] dfe0: 00000004 bea65788 b6eda33b b6e53616 <4>[ 214.783521] ---[ end trace 0000000000000000 ]--- <6>[ 214.788355] lkdtm: Saturation detected: still saturated # [ 214.590076] lkdtm: Performing direct entry REFCOUNT_DEC_AND_TEST_SATURATED # [ 214.596006] lkdtm: attempting bad refcount_dec_and_test() from saturated # [ 214.602941] ------------[ cut here ]------------ # [ 214.607841] WARNING: CPU: 1 PID: 3946 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 214.617621] refcount_t: underflow; use-after-free. # [ 214.622612] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 214.659458] CPU: 1 UID: 0 PID: 3946 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 214.668675] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 214.673923] Hardware name: STM32 (Device Tree Support) # [ 214.679273] Call trace: # [ 214.679287] unwind_backtrace from show_stack+0x18/0x1c # [ 214.687594] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 214.692966] dump_stack_lvl from __warn+0x84/0x134 # [ 214.698044] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 214.703424] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 214.711215] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED+0x40/0x80 # [ 214.720716] lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c # [ 214.728502] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 214.734267] direct_entry from full_proxy_write+0x5c/0x8c # [ 214.739939] full_proxy_write from vfs_write+0xbc/0x3cc # [ 214.745512] vfs_write from ksys_write+0x78/0xf8 # [ 214.750374] ksys_write from ret_fast_syscall+0x0/0x1c # [ 214.755738] Exception stack(0xf247dfa8 to 0xf247dff0) # [ 214.761102] dfa0: 00000020 00000020 00000001 b6e14000 00000020 00000001 # [ 214.769577] dfc0: 00000020 00000020 7ff00000 00000004 00000001 b6e14000 00020000 004afe38 # [ 214.778050] dfe0: 00000004 bea65788 b6eda33b b6e53616 # [ 214.783521] ---[ end trace 0000000000000000 ]--- # [ 214.788355] lkdtm: Saturation detected: still saturated # REFCOUNT_DEC_AND_TEST_SATURATED: saw 'Saturation detected: still saturated': ok ok 65 selftests: lkdtm: REFCOUNT_DEC_AND_TEST_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_SUB_AND_TEST_SATURATED.sh <6>[ 216.209775] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_SATURATED <6>[ 216.215690] lkdtm: attempting bad refcount_sub_and_test() from saturated <4>[ 216.223153] ------------[ cut here ]------------ <4>[ 216.227583] WARNING: CPU: 0 PID: 3990 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 216.237287] refcount_t: underflow; use-after-free. <4>[ 216.242434] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 216.279055] CPU: 0 UID: 0 PID: 3990 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 216.288368] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 216.293621] Hardware name: STM32 (Device Tree Support) <4>[ 216.299071] Call trace: <4>[ 216.299085] unwind_backtrace from show_stack+0x18/0x1c <4>[ 216.307393] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 216.312668] dump_stack_lvl from __warn+0x84/0x134 <4>[ 216.317748] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 216.323129] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 <4>[ 216.330923] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED+0x40/0x80 <4>[ 216.340424] lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c <4>[ 216.348210] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 216.353975] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 216.359744] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 216.365210] vfs_write from ksys_write+0x78/0xf8 <4>[ 216.370069] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 216.375531] Exception stack(0xf24bdfa8 to 0xf24bdff0) <4>[ 216.380890] dfa0: 00000020 00000020 00000001 b6e78000 00000020 00000001 <4>[ 216.389365] dfc0: 00000020 00000020 7ff00000 00000004 00000001 b6e78000 00020000 0044fe38 <4>[ 216.397835] dfe0: 00000004 be972788 b6f3e33b b6eb7616 <4>[ 216.403508] ---[ end trace 0000000000000000 ]--- <6>[ 216.408168] lkdtm: Saturation detected: still saturated # [ 216.209775] lkdtm: Performing direct entry REFCOUNT_SUB_AND_TEST_SATURATED # [ 216.215690] lkdtm: attempting bad refcount_sub_and_test() from saturated # [ 216.223153] ------------[ cut here ]------------ # [ 216.227583] WARNING: CPU: 0 PID: 3990 at lib/refcount.c:28 __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 216.237287] refcount_t: underflow; use-after-free. # [ 216.242434] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 216.279055] CPU: 0 UID: 0 PID: 3990 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 216.288368] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 216.293621] Hardware name: STM32 (Device Tree Support) # [ 216.299071] Call trace: # [ 216.299085] unwind_backtrace from show_stack+0x18/0x1c # [ 216.307393] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 216.312668] dump_stack_lvl from __warn+0x84/0x134 # [ 216.317748] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 216.323129] warn_slowpath_fmt from __refcount_sub_and_test.constprop.0+0x70/0x78 # [ 216.330923] __refcount_sub_and_test.constprop.0 from lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED+0x40/0x80 # [ 216.340424] lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED from lkdtm_do_action+0x24/0x4c # [ 216.348210] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 216.353975] direct_entry from full_proxy_write+0x5c/0x8c # [ 216.359744] full_proxy_write from vfs_write+0xbc/0x3cc # [ 216.365210] vfs_write from ksys_write+0x78/0xf8 # [ 216.370069] ksys_write from ret_fast_syscall+0x0/0x1c # [ 216.375531] Exception stack(0xf24bdfa8 to 0xf24bdff0) # [ 216.380890] dfa0: 00000020 00000020 00000001 b6e78000 00000020 00000001 # [ 216.389365] dfc0: 00000020 00000020 7ff00000 00000004 00000001 b6e78000 00020000 0044fe38 # [ 216.397835] dfe0: 00000004 be972788 b6f3e33b b6eb7616 # [ 216.403508] ---[ end trace 0000000000000000 ]--- # [ 216.408168] lkdtm: Saturation detected: still saturated # REFCOUNT_SUB_AND_TEST_SATURATED: saw 'Saturation detected: still saturated': ok ok 66 selftests: lkdtm: REFCOUNT_SUB_AND_TEST_SATURATED.sh # timeout set to 45 # selftests: lkdtm: REFCOUNT_TIMING.sh # Skipping REFCOUNT_TIMING: timing only ok 67 selftests: lkdtm: REFCOUNT_TIMING.sh # SKIP # timeout set to 45 # selftests: lkdtm: ATOMIC_TIMING.sh # Skipping ATOMIC_TIMING: timing only ok 68 selftests: lkdtm: ATOMIC_TIMING.sh # SKIP # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_SIZE_TO.sh <6>[ 219.042364] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_TO <6>[ 219.047590] lkdtm: attempting good copy_to_user of correct size <6>[ 219.054165] lkdtm: attempting bad copy_to_user of too large size <0>[ 219.059916] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-1k' (offset 16, size 1024)! <4>[ 219.070620] ------------[ cut here ]------------ <2>[ 219.075478] kernel BUG at mm/usercopy.c:102! <0>[ 219.079934] Internal error: Oops - BUG: 0 [#18] SMP ARM <4>[ 219.085494] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 219.121882] CPU: 1 UID: 0 PID: 4099 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 219.131573] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 219.136821] Hardware name: STM32 (Device Tree Support) <4>[ 219.142168] PC is at usercopy_abort+0x98/0x9c <4>[ 219.146841] LR is at usercopy_abort+0x98/0x9c <4>[ 219.151496] pc : [] lr : [] psr: 60080013 <4>[ 219.158055] sp : f2559e28 ip : 00000000 fp : 00000200 <4>[ 219.163506] r10: b6f3b010 r9 : c91bc010 r8 : c91bc010 <4>[ 219.169056] r7 : 00000001 r6 : 00000400 r5 : 00000400 r4 : 00000010 <4>[ 219.175814] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 00000067 <4>[ 219.182673] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 219.190138] Control: 10c5387d Table: c5d1006a DAC: 00000051 <1>[ 219.196089] Register r0 information: non-paged memory <1>[ 219.201451] Register r1 information: NULL pointer <1>[ 219.206404] Register r2 information: NULL pointer <1>[ 219.211457] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 219.225132] copy_process+0x1f4/0x1f84 <6>[ 219.229390] kernel_clone+0xac/0x388 <6>[ 219.233545] sys_clone+0x78/0x9c <6>[ 219.237299] ret_fast_syscall+0x0/0x1c <4>[ 219.241549] Free path: <6>[ 219.244280] rcu_core+0x2dc/0xb14 <6>[ 219.248133] handle_softirqs+0x15c/0x430 <6>[ 219.252590] irq_exit+0xac/0xd4 <6>[ 219.256241] call_with_stack+0x18/0x20 <6>[ 219.260499] __irq_svc+0x9c/0xb8 <6>[ 219.264246] unwind_frame+0x1a4/0x92c <6>[ 219.268506] arch_stack_walk+0x84/0x100 <6>[ 219.272857] stack_trace_save+0x50/0x78 <6>[ 219.277216] set_track_prepare+0x40/0x74 <6>[ 219.281676] ___slab_alloc+0xd28/0xd7c <6>[ 219.285934] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 219.291097] vm_area_dup+0x24/0x104 <6>[ 219.295152] copy_process+0x1968/0x1f84 <6>[ 219.299509] kernel_clone+0xac/0x388 <6>[ 219.303663] sys_clone+0x78/0x9c <6>[ 219.307416] ret_fast_syscall+0x0/0x1c <1>[ 219.311664] Register r4 information: zero-size pointer <1>[ 219.317124] Register r5 information: non-paged memory <1>[ 219.322378] Register r6 information: non-paged memory <1>[ 219.327732] Register r7 information: non-paged memory <1>[ 219.333086] Register r8 information: slab kmalloc-1k start c91bbc00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 219.347558] do_usercopy_slab_size+0x30/0x330 <6>[ 219.352529] lkdtm_do_action+0x24/0x4c <6>[ 219.356791] direct_entry+0x11c/0x140 <6>[ 219.360952] full_proxy_write+0x5c/0x8c <6>[ 219.365317] vfs_write+0xbc/0x3cc <6>[ 219.369178] ksys_write+0x78/0xf8 <6>[ 219.373037] ret_fast_syscall+0x0/0x1c <4>[ 219.377300] Free path: <6>[ 219.380040] nfs3_proc_create+0x1b4/0x2c4 <6>[ 219.384514] nfs_do_create+0xa8/0x178 <6>[ 219.388784] nfs_atomic_open_v23+0x84/0xd4 <6>[ 219.393345] path_openat+0xb18/0x1198 <6>[ 219.397601] do_filp_open+0x98/0x134 <6>[ 219.401653] do_sys_openat2+0xbc/0xe4 <6>[ 219.405912] sys_openat+0x98/0xd4 <6>[ 219.409765] ret_fast_syscall+0x0/0x1c <1>[ 219.414016] Register r9 information: slab kmalloc-1k start c91bbc00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 219.428495] do_usercopy_slab_size+0x30/0x330 <6>[ 219.433354] lkdtm_do_action+0x24/0x4c <6>[ 219.437704] direct_entry+0x11c/0x140 <6>[ 219.441852] full_proxy_write+0x5c/0x8c <6>[ 219.446203] vfs_write+0xbc/0x3cc <6>[ 219.450050] ksys_write+0x78/0xf8 <6>[ 219.453896] ret_fast_syscall+0x0/0x1c <4>[ 219.458244] Free path: <6>[ 219.460976] nfs3_proc_create+0x1b4/0x2c4 <6>[ 219.465440] nfs_do_create+0xa8/0x178 <6>[ 219.469699] nfs_atomic_open_v23+0x84/0xd4 <6>[ 219.474251] path_openat+0xb18/0x1198 <6>[ 219.478502] do_filp_open+0x98/0x134 <6>[ 219.482553] do_sys_openat2+0xbc/0xe4 <6>[ 219.486809] sys_openat+0x98/0xd4 <6>[ 219.490662] ret_fast_syscall+0x0/0x1c <1>[ 219.494911] Register r10 information: non-paged memory <1>[ 219.500372] Register r11 information: non-paged memory <1>[ 219.505728] Register r12 information: NULL pointer <0>[ 219.510781] Process cat (pid: 4099, stack limit = 0xf2558000) <0>[ 219.516839] Stack: (0xf2559e28 to 0xf255a000) <0>[ 219.521495] 9e20: c1fb1690 c1fac57c c1f9b6cc 00000010 00000400 00000c00 <0>[ 219.529969] 9e40: ffffffff c05f6c34 00000400 c0317088 c91bc010 ef840de0 00000400 00000001 <0>[ 219.538445] 9e60: c91bc410 c06230c0 00000400 c16f2434 f2559e84 00000400 c91bc000 c91bcc00 <0>[ 219.546919] 9e80: b6f3b000 00000001 c91bc010 c0e067f0 00000022 00000000 f2559ebc 00000016 <0>[ 219.555393] 9ea0: c9459000 00000000 f2559f80 c27896d0 f2559f80 c5bd9040 0042fe38 c0e03fc0 <0>[ 219.563868] 9ec0: 00000016 c0e043a4 c0e04288 c9651d40 b6dd8000 00000016 c3983a30 c0893830 <0>[ 219.572342] 9ee0: c9651d40 c08937d4 f2559f80 b6dd8000 c9322840 00000016 c5bd9040 c062a2a0 <0>[ 219.580816] 9f00: c5d12db0 00000000 00000000 00000000 00000000 00000016 b6dd8000 0001ffea <0>[ 219.589289] 9f20: 00000001 00000000 c9651240 00000000 00000000 00000000 00000000 00000000 <0>[ 219.597763] 9f40: 00000000 00000000 00000000 00000000 00000022 cbc93192 00000000 c9651d40 <0>[ 219.606237] 9f60: c9651d40 00000000 00000000 c03002f0 c9322840 00000004 0042fe38 c062a7fc <0>[ 219.614710] 9f80: 00000000 00000000 00000000 cbc93192 000000c0 00000016 00000016 7ff00000 <0>[ 219.623184] 9fa0: 00000004 c03000c0 00000016 00000016 00000001 b6dd8000 00000016 00000001 <0>[ 219.631759] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 0042fe38 <0>[ 219.640233] 9fe0: 00000004 bedc5788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 219.648698] Call trace: <0>[ 219.648714] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 219.657621] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 219.664400] __check_object_size from do_usercopy_slab_size+0x1f4/0x330 <0>[ 219.671282] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c <0>[ 219.677655] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 219.683421] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 219.689088] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 219.694653] vfs_write from ksys_write+0x78/0xf8 <0>[ 219.699512] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 219.704975] Exception stack(0xf2559fa8 to 0xf2559ff0) <0>[ 219.710232] 9fa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 <0>[ 219.718706] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 0042fe38 <0>[ 219.727276] 9fe0: 00000004 bedc5788 b6e9e33b b6e17616 <0>[ 219.732534] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) <4>[ 219.738892] ---[ end trace 0000000000000000 ]--- <6>[ 219.743839] note: cat[4099] exited with irqs disabled # Segmentation fault # [ 219.042364] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_TO # [ 219.047590] lkdtm: attempting good copy_to_user of correct size # [ 219.054165] lkdtm: attempting bad copy_to_user of too large size # [ 219.059916] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-1k' (offset 16, size 1024)! # [ 219.070620] ------------[ cut here ]------------ # [ 219.075478] kernel BUG at mm/usercopy.c:102! # [ 219.079934] Internal error: Oops - BUG: 0 [#18] SMP ARM # [ 219.085494] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 219.121882] CPU: 1 UID: 0 PID: 4099 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 219.131573] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 219.136821] Hardware name: STM32 (Device Tree Support) # [ 219.142168] PC is at usercopy_abort+0x98/0x9c # [ 219.146841] LR is at usercopy_abort+0x98/0x9c # [ 219.151496] pc : [] lr : [] psr: 60080013 # [ 219.158055] sp : f2559e28 ip : 00000000 fp : 00000200 # [ 219.163506] r10: b6f3b010 r9 : c91bc010 r8 : c91bc010 # [ 219.169056] r7 : 00000001 r6 : 00000400 r5 : 00000400 r4 : 00000010 # [ 219.175814] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 00000067 # [ 219.182673] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 219.190138] Control: 10c5387d Table: c5d1006a DAC: 00000051 # [ 219.196089] Register r0 information: non-paged memory # [ 219.201451] Register r1 information: NULL pointer # [ 219.206404] Register r2 information: NULL pointer # [ 219.211457] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 219.225132] copy_process+0x1f4/0x1f84 # [ 219.229390] kernel_clone+0xac/0x388 # [ 219.233545] sys_clone+0x78/0x9c # [ 219.237299] ret_fast_syscall+0x0/0x1c # [ 219.241549] Free path: # [ 219.244280] rcu_core+0x2dc/0xb14 # [ 219.248133] handle_softirqs+0x15c/0x430 # [ 219.252590] irq_exit+0xac/0xd4 # [ 219.256241] call_with_stack+0x18/0x20 # [ 219.260499] __irq_svc+0x9c/0xb8 # [ 219.264246] unwind_frame+0x1a4/0x92c # [ 219.268506] arch_stack_walk+0x84/0x100 # [ 219.272857] stack_trace_save+0x50/0x78 # [ 219.277216] set_track_prepare+0x40/0x74 # [ 219.281676] ___slab_alloc+0xd28/0xd7c # [ 219.285934] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 219.291097] vm_area_dup+0x24/0x104 # [ 219.295152] copy_process+0x1968/0x1f84 # [ 219.299509] kernel_clone+0xac/0x388 # [ 219.303663] sys_clone+0x78/0x9c # [ 219.307416] ret_fast_syscall+0x0/0x1c # [ 219.311664] Register r4 information: zero-size pointer # [ 219.317124] Register r5 information: non-paged memory # [ 219.322378] Register r6 information: non-paged memory # [ 219.327732] Register r7 information: non-paged memory # [ 219.333086] Register r8 information: slab kmalloc-1k start c91bbc00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 219.347558] do_usercopy_slab_size+0x30/0x330 # [ 219.352529] lkdtm_do_action+0x24/0x4c # [ 219.356791] direct_entry+0x11c/0x140 # [ 219.360952] full_proxy_write+0x5c/0x8c # [ 219.365317] vfs_write+0xbc/0x3cc # [ 219.369178] ksys_write+0x78/0xf8 # [ 219.373037] ret_fast_syscall+0x0/0x1c # [ 219.377300] Free path: # [ 219.380040] nfs3_proc_create+0x1b4/0x2c4 # [ 219.384514] nfs_do_create+0xa8/0x178 # [ 219.388784] nfs_atomic_open_v23+0x84/0xd4 # [ 219.393345] path_openat+0xb18/0x1198 # [ 219.397601] do_filp_open+0x98/0x134 # [ 219.401653] do_sys_openat2+0xbc/0xe4 # [ 219.405912] sys_openat+0x98/0xd4 # [ 219.409765] ret_fast_syscall+0x0/0x1c # [ 219.414016] Register r9 information: slab kmalloc-1k start c91bbc00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 219.428495] do_usercopy_slab_size+0x30/0x330 # [ 219.433354] lkdtm_do_action+0x24/0x4c # [ 219.437704] direct_entry+0x11c/0x140 # [ 219.441852] full_proxy_write+0x5c/0x8c # [ 219.446203] vfs_write+0xbc/0x3cc # [ 219.450050] ksys_write+0x78/0xf8 # [ 219.453896] ret_fast_syscall+0x0/0x1c # [ 219.458244] Free path: # [ 219.460976] nfs3_proc_create+0x1b4/0x2c4 # [ 219.465440] nfs_do_create+0xa8/0x178 # [ 219.469699] nfs_atomic_open_v23+0x84/0xd4 # [ 219.474251] path_openat+0xb18/0x1198 # [ 219.478502] do_filp_open+0x98/0x134 # [ 219.482553] do_sys_openat2+0xbc/0xe4 # [ 219.486809] sys_openat+0x98/0xd4 # [ 219.490662] ret_fast_syscall+0x0/0x1c # [ 219.494911] Register r10 information: non-paged memory # [ 219.500372] Register r11 information: non-paged memory # [ 219.505728] Register r12 information: NULL pointer # [ 219.510781] Process cat (pid: 4099, stack limit = 0xf2558000) # [ 219.516839] Stack: (0xf2559e28 to 0xf255a000) # [ 219.521495] 9e20: c1fb1690 c1fac57c c1f9b6cc 00000010 00000400 00000c00 # [ 219.529969] 9e40: ffffffff c05f6c34 00000400 c0317088 c91bc010 ef840de0 00000400 00000001 # [ 219.538445] 9e60: c91bc410 c06230c0 00000400 c16f2434 f2559e84 00000400 c91bc000 c91bcc00 # [ 219.546919] 9e80: b6f3b000 00000001 c91bc010 c0e067f0 00000022 00000000 f2559ebc 00000016 # [ 219.555393] 9ea0: c9459000 00000000 f2559f80 c27896d0 f2559f80 c5bd9040 0042fe38 c0e03fc0 # [ 219.563868] 9ec0: 00000016 c0e043a4 c0e04288 c9651d40 b6dd8000 00000016 c3983a30 c0893830 # [ 219.572342] 9ee0: c9651d40 c08937d4 f2559f80 b6dd8000 c9322840 00000016 c5bd9040 c062a2a0 # [ 219.580816] 9f00: c5d12db0 00000000 00000000 00000000 00000000 00000016 b6dd8000 0001ffea # [ 219.589289] 9f20: 00000001 00000000 c9651240 00000000 00000000 00000000 00000000 00000000 # [ 219.597763] 9f40: 00000000 00000000 00000000 00000000 00000022 cbc93192 00000000 c9651d40 # [ 219.606237] 9f60: c9651d40 00000000 00000000 c03002f0 c9322840 00000004 0042fe38 c062a7fc # [ 219.614710] 9f80: 00000000 00000000 00000000 cbc93192 000000c0 00000016 00000016 7ff00000 # [ 219.623184] 9fa0: 00000004 c03000c0 00000016 00000016 00000001 b6dd8000 00000016 00000001 # [ 219.631759] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 0042fe38 # [ 219.640233] 9fe0: 00000004 bedc5788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 219.648698] Call trace: # [ 219.648714] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 219.657621] __check_heap_object from __check_object_size+0x294/0x310 # [ 219.664400] __check_object_size from do_usercopy_slab_size+0x1f4/0x330 # [ 219.671282] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c # [ 219.677655] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 219.683421] direct_entry from full_proxy_write+0x5c/0x8c # [ 219.689088] full_proxy_write from vfs_write+0xbc/0x3cc # [ 219.694653] vfs_write from ksys_write+0x78/0xf8 # [ 219.699512] ksys_write from ret_fast_syscall+0x0/0x1c # [ 219.704975] Exception stack(0xf2559fa8 to 0xf2559ff0) # [ 219.710232] 9fa0: 00000016 00000016 00000001 b6dd8000 00000016 00000001 # [ 219.718706] 9fc0: 00000016 00000016 7ff00000 00000004 00000001 b6dd8000 00020000 0042fe38 # [ 219.727276] 9fe0: 00000004 bedc5788 b6e9e33b b6e17616 # [ 219.732534] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) # [ 219.738892] ---[ end trace 0000000000000000 ]--- # [ 219.743839] note: cat[4099] exited with irqs disabled # USERCOPY_SLAB_SIZE_TO: saw 'call trace:': ok ok 69 selftests: lkdtm: USERCOPY_SLAB_SIZE_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_SIZE_FROM.sh <6>[ 221.720258] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_FROM <6>[ 221.725636] lkdtm: attempting good copy_from_user of correct size <6>[ 221.731841] lkdtm: attempting bad copy_from_user of too large size <0>[ 221.738322] usercopy: Kernel memory overwrite attempt detected to SLUB object 'kmalloc-1k' (offset 16, size 1024)! <4>[ 221.748933] ------------[ cut here ]------------ <2>[ 221.753792] kernel BUG at mm/usercopy.c:102! <0>[ 221.758349] Internal error: Oops - BUG: 0 [#19] SMP ARM <4>[ 221.763808] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 221.800293] CPU: 0 UID: 0 PID: 4186 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 221.809887] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 221.815134] Hardware name: STM32 (Device Tree Support) <4>[ 221.820481] PC is at usercopy_abort+0x98/0x9c <4>[ 221.825152] LR is at usercopy_abort+0x98/0x9c <4>[ 221.829807] pc : [] lr : [] psr: 60080013 <4>[ 221.836364] sp : f25bde28 ip : 00000000 fp : 00000200 <4>[ 221.841814] r10: b6fcd010 r9 : c91b9010 r8 : c91b9010 <4>[ 221.847365] r7 : 00000000 r6 : 00000400 r5 : 00000400 r4 : 00000010 <4>[ 221.854123] r3 : c9326e40 r2 : 00000000 r1 : 00000000 r0 : 00000066 <4>[ 221.860983] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 221.868448] Control: 10c5387d Table: c5ca006a DAC: 00000051 <1>[ 221.874398] Register r0 information: non-paged memory <1>[ 221.879759] Register r1 information: NULL pointer <1>[ 221.884712] Register r2 information: NULL pointer <1>[ 221.889764] Register r3 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 221.903438] copy_process+0x1f4/0x1f84 <6>[ 221.907796] kernel_clone+0xac/0x388 <6>[ 221.911851] sys_clone+0x78/0x9c <6>[ 221.915605] ret_fast_syscall+0x0/0x1c <4>[ 221.919856] Free path: <6>[ 221.922587] rcu_core+0x2dc/0xb14 <6>[ 221.926440] handle_softirqs+0x15c/0x430 <6>[ 221.930897] irq_exit+0xac/0xd4 <6>[ 221.934548] call_with_stack+0x18/0x20 <6>[ 221.938906] __irq_svc+0x9c/0xb8 <6>[ 221.942653] __kmap_local_pfn_prot+0xe8/0x188 <6>[ 221.947512] v6_copy_user_highpage_nonaliasing+0x38/0x90 <6>[ 221.953379] do_wp_page+0x430/0xd18 <6>[ 221.957434] handle_mm_fault+0x754/0x1180 <6>[ 221.961891] do_page_fault+0x1ac/0x470 <6>[ 221.966243] do_DataAbort+0x44/0xb8 <6>[ 221.970191] __dabt_usr+0x58/0x60 <1>[ 221.974037] Register r4 information: zero-size pointer <1>[ 221.979496] Register r5 information: non-paged memory <1>[ 221.984852] Register r6 information: non-paged memory <1>[ 221.990105] Register r7 information: NULL pointer <1>[ 221.995158] Register r8 information: slab kmalloc-1k start c91b8c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 222.009625] do_usercopy_slab_size+0x30/0x330 <6>[ 222.014580] lkdtm_do_action+0x24/0x4c <6>[ 222.018829] direct_entry+0x11c/0x140 <6>[ 222.022978] full_proxy_write+0x5c/0x8c <6>[ 222.027331] vfs_write+0xbc/0x3cc <6>[ 222.031179] ksys_write+0x78/0xf8 <6>[ 222.035027] ret_fast_syscall+0x0/0x1c <4>[ 222.039377] Free path: <6>[ 222.042107] nfs3_proc_create+0x1b4/0x2c4 <6>[ 222.046571] nfs_do_create+0xa8/0x178 <6>[ 222.050831] nfs_atomic_open_v23+0x84/0xd4 <6>[ 222.055384] path_openat+0xb18/0x1198 <6>[ 222.059637] do_filp_open+0x98/0x134 <6>[ 222.063688] do_sys_openat2+0xbc/0xe4 <6>[ 222.067946] sys_openat+0x98/0xd4 <6>[ 222.071799] ret_fast_syscall+0x0/0x1c <1>[ 222.076048] Register r9 information: slab kmalloc-1k start c91b8c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 <6>[ 222.090614] do_usercopy_slab_size+0x30/0x330 <6>[ 222.095472] lkdtm_do_action+0x24/0x4c <6>[ 222.099730] direct_entry+0x11c/0x140 <6>[ 222.103992] full_proxy_write+0x5c/0x8c <6>[ 222.108354] vfs_write+0xbc/0x3cc <6>[ 222.112106] ksys_write+0x78/0xf8 <6>[ 222.115957] ret_fast_syscall+0x0/0x1c <4>[ 222.120309] Free path: <6>[ 222.123041] nfs3_proc_create+0x1b4/0x2c4 <6>[ 222.127506] nfs_do_create+0xa8/0x178 <6>[ 222.131766] nfs_atomic_open_v23+0x84/0xd4 <6>[ 222.136318] path_openat+0xb18/0x1198 <6>[ 222.140571] do_filp_open+0x98/0x134 <6>[ 222.144622] do_sys_openat2+0xbc/0xe4 <6>[ 222.148880] sys_openat+0x98/0xd4 <6>[ 222.152734] ret_fast_syscall+0x0/0x1c <1>[ 222.156984] Register r10 information: non-paged memory <1>[ 222.162447] Register r11 information: non-paged memory <1>[ 222.167803] Register r12 information: NULL pointer <0>[ 222.172856] Process cat (pid: 4186, stack limit = 0xf25bc000) <0>[ 222.178915] Stack: (0xf25bde28 to 0xf25be000) <0>[ 222.183571] de20: c1fb1690 c1fac57c c1f9b6cc 00000010 00000400 00000c00 <0>[ 222.192047] de40: ffffffff c05f6c34 00000400 c0317088 c91b9010 ef840de0 00000400 00000000 <0>[ 222.200521] de60: c91b9410 c06230c0 00000400 c16f2434 f25bde84 00000400 c91b9000 c91b8400 <0>[ 222.208996] de80: b6fcd000 00000000 c91b9010 c0e068dc 00000022 00000000 f25bdebc 00000018 <0>[ 222.217470] dea0: c5f19000 00000000 f25bdf80 c27896d8 f25bdf80 c91a4900 004efe38 c0e03fc0 <0>[ 222.225945] dec0: 00000018 c0e043a4 c0e04288 c3645740 b6e68000 00000018 c3983a30 c0893830 <0>[ 222.234419] dee0: c3645740 c08937d4 f25bdf80 b6e68000 c9326e40 00000018 c91a4900 c062a2a0 <0>[ 222.242893] df00: c5ca2db8 00000000 00000000 00000000 00000000 00000018 b6e68000 0001ffe8 <0>[ 222.251366] df20: 00000001 00000000 c9443e40 00000000 00000000 00000000 00000000 00000000 <0>[ 222.259839] df40: 00000000 00000000 00000000 00000000 00000022 0e1ec29f 00000000 c3645740 <0>[ 222.268313] df60: c3645740 00000000 00000000 c03002f0 c9326e40 00000004 004efe38 c062a7fc <0>[ 222.276787] df80: 00000000 00000000 00000000 0e1ec29f 000000c0 00000018 00000018 7ff00000 <0>[ 222.285262] dfa0: 00000004 c03000c0 00000018 00000018 00000001 b6e68000 00000018 00000001 <0>[ 222.293837] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6e68000 00020000 004efe38 <0>[ 222.302310] dfe0: 00000004 bed89788 b6f2e33b b6ea7616 60080030 00000001 00000000 00000000 <0>[ 222.310775] Call trace: <0>[ 222.310791] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 222.319697] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 222.326479] __check_object_size from do_usercopy_slab_size+0x2e0/0x330 <0>[ 222.333362] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c <0>[ 222.339735] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 222.345501] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 222.351169] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 222.356734] vfs_write from ksys_write+0x78/0xf8 <0>[ 222.361592] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 222.367055] Exception stack(0xf25bdfa8 to 0xf25bdff0) <0>[ 222.372413] dfa0: 00000018 00000018 00000001 b6e68000 00000018 00000001 <0>[ 222.380888] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6e68000 00020000 004efe38 <0>[ 222.389358] dfe0: 00000004 bed89788 b6f2e33b b6ea7616 <0>[ 222.394717] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) <4>[ 222.401074] ---[ end trace 0000000000000000 ]--- <6>[ 222.405921] note: cat[4186] exited with irqs disabled # Segmentation fault # [ 221.720258] lkdtm: Performing direct entry USERCOPY_SLAB_SIZE_FROM # [ 221.725636] lkdtm: attempting good copy_from_user of correct size # [ 221.731841] lkdtm: attempting bad copy_from_user of too large size # [ 221.738322] usercopy: Kernel memory overwrite attempt detected to SLUB object 'kmalloc-1k' (offset 16, size 1024)! # [ 221.748933] ------------[ cut here ]------------ # [ 221.753792] kernel BUG at mm/usercopy.c:102! # [ 221.758349] Internal error: Oops - BUG: 0 [#19] SMP ARM # [ 221.763808] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 221.800293] CPU: 0 UID: 0 PID: 4186 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 221.809887] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 221.815134] Hardware name: STM32 (Device Tree Support) # [ 221.820481] PC is at usercopy_abort+0x98/0x9c # [ 221.825152] LR is at usercopy_abort+0x98/0x9c # [ 221.829807] pc : [] lr : [] psr: 60080013 # [ 221.836364] sp : f25bde28 ip : 00000000 fp : 00000200 # [ 221.841814] r10: b6fcd010 r9 : c91b9010 r8 : c91b9010 # [ 221.847365] r7 : 00000000 r6 : 00000400 r5 : 00000400 r4 : 00000010 # [ 221.854123] r3 : c9326e40 r2 : 00000000 r1 : 00000000 r0 : 00000066 # [ 221.860983] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 221.868448] Control: 10c5387d Table: c5ca006a DAC: 00000051 # [ 221.874398] Register r0 information: non-paged memory # [ 221.879759] Register r1 information: NULL pointer # [ 221.884712] Register r2 information: NULL pointer # [ 221.889764] Register r3 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 221.903438] copy_process+0x1f4/0x1f84 # [ 221.907796] kernel_clone+0xac/0x388 # [ 221.911851] sys_clone+0x78/0x9c # [ 221.915605] ret_fast_syscall+0x0/0x1c # [ 221.919856] Free path: # [ 221.922587] rcu_core+0x2dc/0xb14 # [ 221.926440] handle_softirqs+0x15c/0x430 # [ 221.930897] irq_exit+0xac/0xd4 # [ 221.934548] call_with_stack+0x18/0x20 # [ 221.938906] __irq_svc+0x9c/0xb8 # [ 221.942653] __kmap_local_pfn_prot+0xe8/0x188 # [ 221.947512] v6_copy_user_highpage_nonaliasing+0x38/0x90 # [ 221.953379] do_wp_page+0x430/0xd18 # [ 221.957434] handle_mm_fault+0x754/0x1180 # [ 221.961891] do_page_fault+0x1ac/0x470 # [ 221.966243] do_DataAbort+0x44/0xb8 # [ 221.970191] __dabt_usr+0x58/0x60 # [ 221.974037] Register r4 information: zero-size pointer # [ 221.979496] Register r5 information: non-paged memory # [ 221.984852] Register r6 information: non-paged memory # [ 221.990105] Register r7 information: NULL pointer # [ 221.995158] Register r8 information: slab kmalloc-1k start c91b8c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 222.009625] do_usercopy_slab_size+0x30/0x330 # [ 222.014580] lkdtm_do_action+0x24/0x4c # [ 222.018829] direct_entry+0x11c/0x140 # [ 222.022978] full_proxy_write+0x5c/0x8c # [ 222.027331] vfs_write+0xbc/0x3cc # [ 222.031179] ksys_write+0x78/0xf8 # [ 222.035027] ret_fast_syscall+0x0/0x1c # [ 222.039377] Free path: # [ 222.042107] nfs3_proc_create+0x1b4/0x2c4 # [ 222.046571] nfs_do_create+0xa8/0x178 # [ 222.050831] nfs_atomic_open_v23+0x84/0xd4 # [ 222.055384] path_openat+0xb18/0x1198 # [ 222.059637] do_filp_open+0x98/0x134 # [ 222.063688] do_sys_openat2+0xbc/0xe4 # [ 222.067946] sys_openat+0x98/0xd4 # [ 222.071799] ret_fast_syscall+0x0/0x1c # [ 222.076048] Register r9 information: slab kmalloc-1k start c91b8c00 data offset 1024 pointer offset 16 size 1024 allocated at do_usercopy_slab_size+0x30/0x330 # [ 222.090614] do_usercopy_slab_size+0x30/0x330 # [ 222.095472] lkdtm_do_action+0x24/0x4c # [ 222.099730] direct_entry+0x11c/0x140 # [ 222.103992] full_proxy_write+0x5c/0x8c # [ 222.108354] vfs_write+0xbc/0x3cc # [ 222.112106] ksys_write+0x78/0xf8 # [ 222.115957] ret_fast_syscall+0x0/0x1c # [ 222.120309] Free path: # [ 222.123041] nfs3_proc_create+0x1b4/0x2c4 # [ 222.127506] nfs_do_create+0xa8/0x178 # [ 222.131766] nfs_atomic_open_v23+0x84/0xd4 # [ 222.136318] path_openat+0xb18/0x1198 # [ 222.140571] do_filp_open+0x98/0x134 # [ 222.144622] do_sys_openat2+0xbc/0xe4 # [ 222.148880] sys_openat+0x98/0xd4 # [ 222.152734] ret_fast_syscall+0x0/0x1c # [ 222.156984] Register r10 information: non-paged memory # [ 222.162447] Register r11 information: non-paged memory # [ 222.167803] Register r12 information: NULL pointer # [ 222.172856] Process cat (pid: 4186, stack limit = 0xf25bc000) # [ 222.178915] Stack: (0xf25bde28 to 0xf25be000) # [ 222.183571] de20: c1fb1690 c1fac57c c1f9b6cc 00000010 00000400 00000c00 # [ 222.192047] de40: ffffffff c05f6c34 00000400 c0317088 c91b9010 ef840de0 00000400 00000000 # [ 222.200521] de60: c91b9410 c06230c0 00000400 c16f2434 f25bde84 00000400 c91b9000 c91b8400 # [ 222.208996] de80: b6fcd000 00000000 c91b9010 c0e068dc 00000022 00000000 f25bdebc 00000018 # [ 222.217470] dea0: c5f19000 00000000 f25bdf80 c27896d8 f25bdf80 c91a4900 004efe38 c0e03fc0 # [ 222.225945] dec0: 00000018 c0e043a4 c0e04288 c3645740 b6e68000 00000018 c3983a30 c0893830 # [ 222.234419] dee0: c3645740 c08937d4 f25bdf80 b6e68000 c9326e40 00000018 c91a4900 c062a2a0 # [ 222.242893] df00: c5ca2db8 00000000 00000000 00000000 00000000 00000018 b6e68000 0001ffe8 # [ 222.251366] df20: 00000001 00000000 c9443e40 00000000 00000000 00000000 00000000 00000000 # [ 222.259839] df40: 00000000 00000000 00000000 00000000 00000022 0e1ec29f 00000000 c3645740 # [ 222.268313] df60: c3645740 00000000 00000000 c03002f0 c9326e40 00000004 004efe38 c062a7fc # [ 222.276787] df80: 00000000 00000000 00000000 0e1ec29f 000000c0 00000018 00000018 7ff00000 # [ 222.285262] dfa0: 00000004 c03000c0 00000018 00000018 00000001 b6e68000 00000018 00000001 # [ 222.293837] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6e68000 00020000 004efe38 # [ 222.302310] dfe0: 00000004 bed89788 b6f2e33b b6ea7616 60080030 00000001 00000000 00000000 # [ 222.310775] Call trace: # [ 222.310791] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 222.319697] __check_heap_object from __check_object_size+0x294/0x310 # [ 222.326479] __check_object_size from do_usercopy_slab_size+0x2e0/0x330 # [ 222.333362] do_usercopy_slab_size from lkdtm_do_action+0x24/0x4c # [ 222.339735] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 222.345501] direct_entry from full_proxy_write+0x5c/0x8c # [ 222.351169] full_proxy_write from vfs_write+0xbc/0x3cc # [ 222.356734] vfs_write from ksys_write+0x78/0xf8 # [ 222.361592] ksys_write from ret_fast_syscall+0x0/0x1c # [ 222.367055] Exception stack(0xf25bdfa8 to 0xf25bdff0) # [ 222.372413] dfa0: 00000018 00000018 00000001 b6e68000 00000018 00000001 # [ 222.380888] dfc0: 00000018 00000018 7ff00000 00000004 00000001 b6e68000 00020000 004efe38 # [ 222.389358] dfe0: 00000004 bed89788 b6f2e33b b6ea7616 # [ 222.394717] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) # [ 222.401074] ---[ end trace 0000000000000000 ]--- # [ 222.405921] note: cat[4186] exited with irqs disabled # USERCOPY_SLAB_SIZE_FROM: saw 'call trace:': ok ok 70 selftests: lkdtm: USERCOPY_SLAB_SIZE_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_WHITELIST_TO.sh <6>[ 224.480282] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_TO <6>[ 224.486010] lkdtm: attempting good copy_to_user inside whitelist <6>[ 224.492224] lkdtm: attempting bad copy_to_user outside whitelist <0>[ 224.498737] usercopy: Kernel memory exposure attempt detected from SLUB object 'lkdtm-usercopy' (offset 255, size 64)! <4>[ 224.509497] ------------[ cut here ]------------ <2>[ 224.514157] kernel BUG at mm/usercopy.c:102! <0>[ 224.518714] Internal error: Oops - BUG: 0 [#20] SMP ARM <4>[ 224.524174] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 224.560662] CPU: 1 UID: 0 PID: 4273 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 224.570255] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 224.575501] Hardware name: STM32 (Device Tree Support) <4>[ 224.580949] PC is at usercopy_abort+0x98/0x9c <4>[ 224.585522] LR is at usercopy_abort+0x98/0x9c <4>[ 224.590177] pc : [] lr : [] psr: 60080013 <4>[ 224.596735] sp : f264de28 ip : 00000000 fp : 004dfe38 <4>[ 224.602186] r10: c27895f8 r9 : 00000040 r8 : c5990107 <4>[ 224.607739] r7 : 00000001 r6 : 00000040 r5 : 00000040 r4 : 000000ff <4>[ 224.614496] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 0000006a <4>[ 224.621357] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 224.628823] Control: 10c5387d Table: c979806a DAC: 00000051 <1>[ 224.634774] Register r0 information: non-paged memory <1>[ 224.640138] Register r1 information: NULL pointer <1>[ 224.645091] Register r2 information: NULL pointer <1>[ 224.650143] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 224.663824] copy_process+0x1f4/0x1f84 <6>[ 224.668081] kernel_clone+0xac/0x388 <6>[ 224.672237] sys_clone+0x78/0x9c <6>[ 224.675991] ret_fast_syscall+0x0/0x1c <4>[ 224.680241] Free path: <6>[ 224.682971] rcu_core+0x2dc/0xb14 <6>[ 224.686824] handle_softirqs+0x15c/0x430 <6>[ 224.691282] irq_exit+0xac/0xd4 <6>[ 224.694933] call_with_stack+0x18/0x20 <6>[ 224.699191] __irq_usr+0x7c/0xa0 <1>[ 224.702938] Register r4 information: non-paged memory <1>[ 224.708295] Register r5 information: non-paged memory <1>[ 224.713650] Register r6 information: non-paged memory <1>[ 224.719003] Register r7 information: non-paged memory <1>[ 224.724257] Register r8 information: slab lkdtm-usercopy start c5990000 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 224.739426] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 224.744785] lkdtm_do_action+0x24/0x4c <6>[ 224.749034] direct_entry+0x11c/0x140 <6>[ 224.753183] full_proxy_write+0x5c/0x8c <6>[ 224.757637] vfs_write+0xbc/0x3cc <6>[ 224.761487] ksys_write+0x78/0xf8 <6>[ 224.765333] ret_fast_syscall+0x0/0x1c <1>[ 224.769583] Register r9 information: non-paged memory <1>[ 224.774942] Register r10 information: non-slab/vmalloc memory <1>[ 224.780903] Register r11 information: non-paged memory <1>[ 224.786358] Register r12 information: NULL pointer <0>[ 224.791411] Process cat (pid: 4273, stack limit = 0xf264c000) <0>[ 224.797468] Stack: (0xf264de28 to 0xf264e000) <0>[ 224.802123] de20: c1fb1690 c20a92f8 c1f9b6cc 000000ff 00000040 00000440 <0>[ 224.810599] de40: ffffffff c05f6c34 00000040 c0317088 c5990107 ef7c2840 00000040 00000001 <0>[ 224.819074] de60: c5990147 c06230c0 b6f39000 c16f2434 f264de84 b6f39000 c5990008 c2906a18 <0>[ 224.827549] de80: c5990107 00000100 00000040 c0e06508 00000022 00000000 f264debc 0000001b <0>[ 224.836023] dea0: c6df3000 00000000 f264df80 c27896e0 f264df80 c91a4900 004dfe38 c0e03fc0 <0>[ 224.844501] dec0: 0000001b c0e043a4 c0e04288 c91b6e40 b6dd8000 0000001b c3983a30 c0893830 <0>[ 224.852986] dee0: c91b6e40 c08937d4 f264df80 b6dd8000 c9322840 0000001b c91a4900 c062a2a0 <0>[ 224.861473] df00: c979adb0 00000000 00000000 00000000 00000000 0000001b b6dd8000 0001ffe5 <0>[ 224.869954] df20: 00000001 00000000 c91b6940 00000000 00000000 00000000 00000000 00000000 <0>[ 224.878338] df40: 00000000 00000000 00000000 00000000 00000022 004531cc 00000000 c91b6e40 <0>[ 224.886822] df60: c91b6e40 00000000 00000000 c03002f0 c9322840 00000004 004dfe38 c062a7fc <0>[ 224.895303] df80: 00000000 00000000 00000000 004531cc 000000c0 0000001b 0000001b 7ff00000 <0>[ 224.903780] dfa0: 00000004 c03000c0 0000001b 0000001b 00000001 b6dd8000 0000001b 00000001 <0>[ 224.912261] dfc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 <0>[ 224.920741] dfe0: 00000004 beaaa788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 <0>[ 224.929209] Call trace: <0>[ 224.929225] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 224.938238] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 224.944918] __check_object_size from do_usercopy_slab_whitelist+0x250/0x324 <0>[ 224.952305] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c <0>[ 224.959082] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 224.964849] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 224.970517] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 224.976083] vfs_write from ksys_write+0x78/0xf8 <0>[ 224.980943] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 224.986406] Exception stack(0xf264dfa8 to 0xf264dff0) <0>[ 224.991668] dfa0: 0000001b 0000001b 00000001 b6dd8000 0000001b 00000001 <0>[ 225.000143] dfc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 <0>[ 225.008614] dfe0: 00000004 beaaa788 b6e9e33b b6e17616 <0>[ 225.013972] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) <4>[ 225.020329] ---[ end trace 0000000000000000 ]--- <6>[ 225.025278] note: cat[4273] exited with irqs disabled # Segmentation fault # [ 224.480282] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_TO # [ 224.486010] lkdtm: attempting good copy_to_user inside whitelist # [ 224.492224] lkdtm: attempting bad copy_to_user outside whitelist # [ 224.498737] usercopy: Kernel memory exposure attempt detected from SLUB object 'lkdtm-usercopy' (offset 255, size 64)! # [ 224.509497] ------------[ cut here ]------------ # [ 224.514157] kernel BUG at mm/usercopy.c:102! # [ 224.518714] Internal error: Oops - BUG: 0 [#20] SMP ARM # [ 224.524174] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 224.560662] CPU: 1 UID: 0 PID: 4273 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 224.570255] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 224.575501] Hardware name: STM32 (Device Tree Support) # [ 224.580949] PC is at usercopy_abort+0x98/0x9c # [ 224.585522] LR is at usercopy_abort+0x98/0x9c # [ 224.590177] pc : [] lr : [] psr: 60080013 # [ 224.596735] sp : f264de28 ip : 00000000 fp : 004dfe38 # [ 224.602186] r10: c27895f8 r9 : 00000040 r8 : c5990107 # [ 224.607739] r7 : 00000001 r6 : 00000040 r5 : 00000040 r4 : 000000ff # [ 224.614496] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 0000006a # [ 224.621357] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 224.628823] Control: 10c5387d Table: c979806a DAC: 00000051 # [ 224.634774] Register r0 information: non-paged memory # [ 224.640138] Register r1 information: NULL pointer # [ 224.645091] Register r2 information: NULL pointer # [ 224.650143] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 224.663824] copy_process+0x1f4/0x1f84 # [ 224.668081] kernel_clone+0xac/0x388 # [ 224.672237] sys_clone+0x78/0x9c # [ 224.675991] ret_fast_syscall+0x0/0x1c # [ 224.680241] Free path: # [ 224.682971] rcu_core+0x2dc/0xb14 # [ 224.686824] handle_softirqs+0x15c/0x430 # [ 224.691282] irq_exit+0xac/0xd4 # [ 224.694933] call_with_stack+0x18/0x20 # [ 224.699191] __irq_usr+0x7c/0xa0 # [ 224.702938] Register r4 information: non-paged memory # [ 224.708295] Register r5 information: non-paged memory # [ 224.713650] Register r6 information: non-paged memory # [ 224.719003] Register r7 information: non-paged memory # [ 224.724257] Register r8 information: slab lkdtm-usercopy start c5990000 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 224.739426] do_usercopy_slab_whitelist+0x38/0x324 # [ 224.744785] lkdtm_do_action+0x24/0x4c # [ 224.749034] direct_entry+0x11c/0x140 # [ 224.753183] full_proxy_write+0x5c/0x8c # [ 224.757637] vfs_write+0xbc/0x3cc # [ 224.761487] ksys_write+0x78/0xf8 # [ 224.765333] ret_fast_syscall+0x0/0x1c # [ 224.769583] Register r9 information: non-paged memory # [ 224.774942] Register r10 information: non-slab/vmalloc memory # [ 224.780903] Register r11 information: non-paged memory # [ 224.786358] Register r12 information: NULL pointer # [ 224.791411] Process cat (pid: 4273, stack limit = 0xf264c000) # [ 224.797468] Stack: (0xf264de28 to 0xf264e000) # [ 224.802123] de20: c1fb1690 c20a92f8 c1f9b6cc 000000ff 00000040 00000440 # [ 224.810599] de40: ffffffff c05f6c34 00000040 c0317088 c5990107 ef7c2840 00000040 00000001 # [ 224.819074] de60: c5990147 c06230c0 b6f39000 c16f2434 f264de84 b6f39000 c5990008 c2906a18 # [ 224.827549] de80: c5990107 00000100 00000040 c0e06508 00000022 00000000 f264debc 0000001b # [ 224.836023] dea0: c6df3000 00000000 f264df80 c27896e0 f264df80 c91a4900 004dfe38 c0e03fc0 # [ 224.844501] dec0: 0000001b c0e043a4 c0e04288 c91b6e40 b6dd8000 0000001b c3983a30 c0893830 # [ 224.852986] dee0: c91b6e40 c08937d4 f264df80 b6dd8000 c9322840 0000001b c91a4900 c062a2a0 # [ 224.861473] df00: c979adb0 00000000 00000000 00000000 00000000 0000001b b6dd8000 0001ffe5 # [ 224.869954] df20: 00000001 00000000 c91b6940 00000000 00000000 00000000 00000000 00000000 # [ 224.878338] df40: 00000000 00000000 00000000 00000000 00000022 004531cc 00000000 c91b6e40 # [ 224.886822] df60: c91b6e40 00000000 00000000 c03002f0 c9322840 00000004 004dfe38 c062a7fc # [ 224.895303] df80: 00000000 00000000 00000000 004531cc 000000c0 0000001b 0000001b 7ff00000 # [ 224.903780] dfa0: 00000004 c03000c0 0000001b 0000001b 00000001 b6dd8000 0000001b 00000001 # [ 224.912261] dfc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 # [ 224.920741] dfe0: 00000004 beaaa788 b6e9e33b b6e17616 60080030 00000001 00000000 00000000 # [ 224.929209] Call trace: # [ 224.929225] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 224.938238] __check_heap_object from __check_object_size+0x294/0x310 # [ 224.944918] __check_object_size from do_usercopy_slab_whitelist+0x250/0x324 # [ 224.952305] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c # [ 224.959082] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 224.964849] direct_entry from full_proxy_write+0x5c/0x8c # [ 224.970517] full_proxy_write from vfs_write+0xbc/0x3cc # [ 224.976083] vfs_write from ksys_write+0x78/0xf8 # [ 224.980943] ksys_write from ret_fast_syscall+0x0/0x1c # [ 224.986406] Exception stack(0xf264dfa8 to 0xf264dff0) # [ 224.991668] dfa0: 0000001b 0000001b 00000001 b6dd8000 0000001b 00000001 # [ 225.000143] dfc0: 0000001b 0000001b 7ff00000 00000004 00000001 b6dd8000 00020000 004dfe38 # [ 225.008614] dfe0: 00000004 beaaa788 b6e9e33b b6e17616 # [ 225.013972] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) # [ 225.020329] ---[ end trace 0000000000000000 ]--- # [ 225.025278] note: cat[4273] exited with irqs disabled # USERCOPY_SLAB_WHITELIST_TO: saw 'call trace:': ok ok 71 selftests: lkdtm: USERCOPY_SLAB_WHITELIST_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_SLAB_WHITELIST_FROM.sh <6>[ 226.951491] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_FROM <6>[ 226.957278] lkdtm: attempting good copy_from_user inside whitelist <6>[ 226.963531] lkdtm: attempting bad copy_from_user outside whitelist <0>[ 226.970061] usercopy: Kernel memory overwrite attempt detected to SLUB object 'lkdtm-usercopy' (offset 255, size 64)! <4>[ 226.980957] ------------[ cut here ]------------ <2>[ 226.985832] kernel BUG at mm/usercopy.c:102! <0>[ 226.990291] Internal error: Oops - BUG: 0 [#21] SMP ARM <4>[ 226.995861] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 227.032261] CPU: 1 UID: 0 PID: 4360 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 227.041960] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 227.047207] Hardware name: STM32 (Device Tree Support) <4>[ 227.052556] PC is at usercopy_abort+0x98/0x9c <4>[ 227.057231] LR is at usercopy_abort+0x98/0x9c <4>[ 227.061886] pc : [] lr : [] psr: 60080013 <4>[ 227.068444] sp : f26c1e28 ip : 00000000 fp : c5990548 <4>[ 227.073894] r10: 00000000 r9 : 00000040 r8 : c5990547 <4>[ 227.079444] r7 : 00000000 r6 : 00000040 r5 : 00000040 r4 : 000000ff <4>[ 227.086203] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 00000069 <4>[ 227.093063] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 227.100528] Control: 10c5387d Table: c5b1806a DAC: 00000051 <1>[ 227.106479] Register r0 information: non-paged memory <1>[ 227.111846] Register r1 information: NULL pointer <1>[ 227.116800] Register r2 information: NULL pointer <1>[ 227.121852] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 227.135529] copy_process+0x1f4/0x1f84 <6>[ 227.139787] kernel_clone+0xac/0x388 <6>[ 227.143942] sys_clone+0x78/0x9c <6>[ 227.147695] ret_fast_syscall+0x0/0x1c <4>[ 227.151945] Free path: <6>[ 227.154675] rcu_core+0x2dc/0xb14 <6>[ 227.158528] handle_softirqs+0x15c/0x430 <6>[ 227.162986] irq_exit+0xac/0xd4 <6>[ 227.166635] call_with_stack+0x18/0x20 <6>[ 227.170994] __irq_svc+0x9c/0xb8 <6>[ 227.174742] _raw_spin_unlock_irqrestore+0x40/0x44 <6>[ 227.180000] pcpu_alloc_noprof+0x3c8/0x9a8 <6>[ 227.184656] mm_init+0x148/0x288 <6>[ 227.188408] copy_process+0x16e0/0x1f84 <6>[ 227.192765] kernel_clone+0xac/0x388 <6>[ 227.196920] sys_clone+0x78/0x9c <6>[ 227.200672] ret_fast_syscall+0x0/0x1c <1>[ 227.204922] Register r4 information: non-paged memory <1>[ 227.210279] Register r5 information: non-paged memory <1>[ 227.215634] Register r6 information: non-paged memory <1>[ 227.220988] Register r7 information: NULL pointer <1>[ 227.225939] Register r8 information: slab lkdtm-usercopy start c5990440 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 227.241011] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 227.246372] lkdtm_do_action+0x24/0x4c <6>[ 227.250622] direct_entry+0x11c/0x140 <6>[ 227.254871] full_proxy_write+0x5c/0x8c <6>[ 227.259224] vfs_write+0xbc/0x3cc <6>[ 227.263071] ksys_write+0x78/0xf8 <6>[ 227.266917] ret_fast_syscall+0x0/0x1c <1>[ 227.271167] Register r9 information: non-paged memory <1>[ 227.276525] Register r10 information: NULL pointer <1>[ 227.281580] Register r11 information: slab lkdtm-usercopy start c5990440 data offset 8 pointer offset 256 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 <6>[ 227.296847] do_usercopy_slab_whitelist+0x38/0x324 <6>[ 227.302205] lkdtm_do_action+0x24/0x4c <6>[ 227.306454] direct_entry+0x11c/0x140 <6>[ 227.310602] full_proxy_write+0x5c/0x8c <6>[ 227.315053] vfs_write+0xbc/0x3cc <6>[ 227.318899] ksys_write+0x78/0xf8 <6>[ 227.322745] ret_fast_syscall+0x0/0x1c <1>[ 227.326994] Register r12 information: NULL pointer <0>[ 227.332049] Process cat (pid: 4360, stack limit = 0xf26c0000) <0>[ 227.338106] Stack: (0xf26c1e28 to 0xf26c2000) <0>[ 227.342761] 1e20: c1fb1690 c20a92f8 c1f9b6cc 000000ff 00000040 00000440 <0>[ 227.351242] 1e40: ffffffff c05f6c34 00000040 c0317088 c5990547 ef7c2840 00000040 00000000 <0>[ 227.359731] 1e60: c5990587 c06230c0 b6ee5000 c16f2434 f26c1e84 b6ee5000 c5990448 c2906a18 <0>[ 227.368217] 1e80: c5990547 00000100 00000040 c0e06494 00000022 00000000 f26c1ebc 0000001d <0>[ 227.376704] 1ea0: c96ea000 00000000 f26c1f80 c27896e8 f26c1f80 c91a4900 004cfe38 c0e03fc0 <0>[ 227.385087] 1ec0: 0000001d c0e043a4 c0e04288 c8d9c840 b6d88000 0000001d c3983a30 c0893830 <0>[ 227.393569] 1ee0: c8d9c840 c08937d4 f26c1f80 b6d88000 c9322840 0000001d c91a4900 c062a2a0 <0>[ 227.402046] 1f00: c5b1adb0 00000000 00000000 00000000 00000000 0000001d b6d88000 0001ffe3 <0>[ 227.410519] 1f20: 00000001 00000000 c918a040 00000000 00000000 00000000 00000000 00000000 <0>[ 227.419093] 1f40: 00000000 00000000 00000000 00000000 00000022 e9d0fe10 00000000 c8d9c840 <0>[ 227.427567] 1f60: c8d9c840 00000000 00000000 c03002f0 c9322840 00000004 004cfe38 c062a7fc <0>[ 227.436042] 1f80: 00000000 00000000 00000000 e9d0fe10 000000c0 0000001d 0000001d 7ff00000 <0>[ 227.444517] 1fa0: 00000004 c03000c0 0000001d 0000001d 00000001 b6d88000 0000001d 00000001 <0>[ 227.452991] 1fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6d88000 00020000 004cfe38 <0>[ 227.461467] 1fe0: 00000004 be9d7788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 <0>[ 227.469935] Call trace: <0>[ 227.469949] usercopy_abort from __check_heap_object+0xe8/0x104 <0>[ 227.478961] __check_heap_object from __check_object_size+0x294/0x310 <0>[ 227.485644] __check_object_size from do_usercopy_slab_whitelist+0x1dc/0x324 <0>[ 227.493029] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c <0>[ 227.499803] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 227.505569] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 227.511238] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 227.516803] vfs_write from ksys_write+0x78/0xf8 <0>[ 227.521661] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 227.527123] Exception stack(0xf26c1fa8 to 0xf26c1ff0) <0>[ 227.532380] 1fa0: 0000001d 0000001d 00000001 b6d88000 0000001d 00000001 <0>[ 227.540855] 1fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6d88000 00020000 004cfe38 <0>[ 227.549325] 1fe0: 00000004 be9d7788 b6e4e33b b6dc7616 <0>[ 227.554683] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) <4>[ 227.561040] ---[ end trace 0000000000000000 ]--- <6>[ 227.565986] note: cat[4360] exited with irqs disabled # Segmentation fault # [ 226.951491] lkdtm: Performing direct entry USERCOPY_SLAB_WHITELIST_FROM # [ 226.957278] lkdtm: attempting good copy_from_user inside whitelist # [ 226.963531] lkdtm: attempting bad copy_from_user outside whitelist # [ 226.970061] usercopy: Kernel memory overwrite attempt detected to SLUB object 'lkdtm-usercopy' (offset 255, size 64)! # [ 226.980957] ------------[ cut here ]------------ # [ 226.985832] kernel BUG at mm/usercopy.c:102! # [ 226.990291] Internal error: Oops - BUG: 0 [#21] SMP ARM # [ 226.995861] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 227.032261] CPU: 1 UID: 0 PID: 4360 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 227.041960] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 227.047207] Hardware name: STM32 (Device Tree Support) # [ 227.052556] PC is at usercopy_abort+0x98/0x9c # [ 227.057231] LR is at usercopy_abort+0x98/0x9c # [ 227.061886] pc : [] lr : [] psr: 60080013 # [ 227.068444] sp : f26c1e28 ip : 00000000 fp : c5990548 # [ 227.073894] r10: 00000000 r9 : 00000040 r8 : c5990547 # [ 227.079444] r7 : 00000000 r6 : 00000040 r5 : 00000040 r4 : 000000ff # [ 227.086203] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 00000069 # [ 227.093063] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 227.100528] Control: 10c5387d Table: c5b1806a DAC: 00000051 # [ 227.106479] Register r0 information: non-paged memory # [ 227.111846] Register r1 information: NULL pointer # [ 227.116800] Register r2 information: NULL pointer # [ 227.121852] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 227.135529] copy_process+0x1f4/0x1f84 # [ 227.139787] kernel_clone+0xac/0x388 # [ 227.143942] sys_clone+0x78/0x9c # [ 227.147695] ret_fast_syscall+0x0/0x1c # [ 227.151945] Free path: # [ 227.154675] rcu_core+0x2dc/0xb14 # [ 227.158528] handle_softirqs+0x15c/0x430 # [ 227.162986] irq_exit+0xac/0xd4 # [ 227.166635] call_with_stack+0x18/0x20 # [ 227.170994] __irq_svc+0x9c/0xb8 # [ 227.174742] _raw_spin_unlock_irqrestore+0x40/0x44 # [ 227.180000] pcpu_alloc_noprof+0x3c8/0x9a8 # [ 227.184656] mm_init+0x148/0x288 # [ 227.188408] copy_process+0x16e0/0x1f84 # [ 227.192765] kernel_clone+0xac/0x388 # [ 227.196920] sys_clone+0x78/0x9c # [ 227.200672] ret_fast_syscall+0x0/0x1c # [ 227.204922] Register r4 information: non-paged memory # [ 227.210279] Register r5 information: non-paged memory # [ 227.215634] Register r6 information: non-paged memory # [ 227.220988] Register r7 information: NULL pointer # [ 227.225939] Register r8 information: slab lkdtm-usercopy start c5990440 data offset 8 pointer offset 255 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 227.241011] do_usercopy_slab_whitelist+0x38/0x324 # [ 227.246372] lkdtm_do_action+0x24/0x4c # [ 227.250622] direct_entry+0x11c/0x140 # [ 227.254871] full_proxy_write+0x5c/0x8c # [ 227.259224] vfs_write+0xbc/0x3cc # [ 227.263071] ksys_write+0x78/0xf8 # [ 227.266917] ret_fast_syscall+0x0/0x1c # [ 227.271167] Register r9 information: non-paged memory # [ 227.276525] Register r10 information: NULL pointer # [ 227.281580] Register r11 information: slab lkdtm-usercopy start c5990440 data offset 8 pointer offset 256 size 1024 allocated at do_usercopy_slab_whitelist+0x38/0x324 # [ 227.296847] do_usercopy_slab_whitelist+0x38/0x324 # [ 227.302205] lkdtm_do_action+0x24/0x4c # [ 227.306454] direct_entry+0x11c/0x140 # [ 227.310602] full_proxy_write+0x5c/0x8c # [ 227.315053] vfs_write+0xbc/0x3cc # [ 227.318899] ksys_write+0x78/0xf8 # [ 227.322745] ret_fast_syscall+0x0/0x1c # [ 227.326994] Register r12 information: NULL pointer # [ 227.332049] Process cat (pid: 4360, stack limit = 0xf26c0000) # [ 227.338106] Stack: (0xf26c1e28 to 0xf26c2000) # [ 227.342761] 1e20: c1fb1690 c20a92f8 c1f9b6cc 000000ff 00000040 00000440 # [ 227.351242] 1e40: ffffffff c05f6c34 00000040 c0317088 c5990547 ef7c2840 00000040 00000000 # [ 227.359731] 1e60: c5990587 c06230c0 b6ee5000 c16f2434 f26c1e84 b6ee5000 c5990448 c2906a18 # [ 227.368217] 1e80: c5990547 00000100 00000040 c0e06494 00000022 00000000 f26c1ebc 0000001d # [ 227.376704] 1ea0: c96ea000 00000000 f26c1f80 c27896e8 f26c1f80 c91a4900 004cfe38 c0e03fc0 # [ 227.385087] 1ec0: 0000001d c0e043a4 c0e04288 c8d9c840 b6d88000 0000001d c3983a30 c0893830 # [ 227.393569] 1ee0: c8d9c840 c08937d4 f26c1f80 b6d88000 c9322840 0000001d c91a4900 c062a2a0 # [ 227.402046] 1f00: c5b1adb0 00000000 00000000 00000000 00000000 0000001d b6d88000 0001ffe3 # [ 227.410519] 1f20: 00000001 00000000 c918a040 00000000 00000000 00000000 00000000 00000000 # [ 227.419093] 1f40: 00000000 00000000 00000000 00000000 00000022 e9d0fe10 00000000 c8d9c840 # [ 227.427567] 1f60: c8d9c840 00000000 00000000 c03002f0 c9322840 00000004 004cfe38 c062a7fc # [ 227.436042] 1f80: 00000000 00000000 00000000 e9d0fe10 000000c0 0000001d 0000001d 7ff00000 # [ 227.444517] 1fa0: 00000004 c03000c0 0000001d 0000001d 00000001 b6d88000 0000001d 00000001 # [ 227.452991] 1fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6d88000 00020000 004cfe38 # [ 227.461467] 1fe0: 00000004 be9d7788 b6e4e33b b6dc7616 60080030 00000001 00000000 00000000 # [ 227.469935] Call trace: # [ 227.469949] usercopy_abort from __check_heap_object+0xe8/0x104 # [ 227.478961] __check_heap_object from __check_object_size+0x294/0x310 # [ 227.485644] __check_object_size from do_usercopy_slab_whitelist+0x1dc/0x324 # [ 227.493029] do_usercopy_slab_whitelist from lkdtm_do_action+0x24/0x4c # [ 227.499803] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 227.505569] direct_entry from full_proxy_write+0x5c/0x8c # [ 227.511238] full_proxy_write from vfs_write+0xbc/0x3cc # [ 227.516803] vfs_write from ksys_write+0x78/0xf8 # [ 227.521661] ksys_write from ret_fast_syscall+0x0/0x1c # [ 227.527123] Exception stack(0xf26c1fa8 to 0xf26c1ff0) # [ 227.532380] 1fa0: 0000001d 0000001d 00000001 b6d88000 0000001d 00000001 # [ 227.540855] 1fc0: 0000001d 0000001d 7ff00000 00000004 00000001 b6d88000 00020000 004cfe38 # [ 227.549325] 1fe0: 00000004 be9d7788 b6e4e33b b6dc7616 # [ 227.554683] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) # [ 227.561040] ---[ end trace 0000000000000000 ]--- # [ 227.565986] note: cat[4360] exited with irqs disabled # USERCOPY_SLAB_WHITELIST_FROM: saw 'call trace:': ok ok 72 selftests: lkdtm: USERCOPY_SLAB_WHITELIST_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_FRAME_TO.sh <6>[ 229.595636] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_TO <6>[ 229.600843] lkdtm: good_stack: f2745e74-f2745e94 <6>[ 229.606273] lkdtm: bad_stack : f2745dec-f2745e0c <6>[ 229.610850] lkdtm: attempting good copy_to_user of local stack <6>[ 229.616825] lkdtm: attempting bad copy_to_user of distant stack <0>[ 229.623017] usercopy: Kernel memory exposure attempt detected from process stack (offset 84, size 32)! <4>[ 229.635112] ------------[ cut here ]------------ <2>[ 229.638592] kernel BUG at mm/usercopy.c:102! <0>[ 229.643154] Internal error: Oops - BUG: 0 [#22] SMP ARM <4>[ 229.648715] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 229.685105] CPU: 0 UID: 0 PID: 4447 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 229.694699] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 229.699946] Hardware name: STM32 (Device Tree Support) <4>[ 229.705394] PC is at usercopy_abort+0x98/0x9c <4>[ 229.710065] LR is at usercopy_abort+0x98/0x9c <4>[ 229.714622] pc : [] lr : [] psr: 60080013 <4>[ 229.721179] sp : f2745e20 ip : 00000000 fp : f0f0f0f1 <4>[ 229.726730] r10: c1a7209c r9 : c9325040 r8 : f2745e0c <4>[ 229.732180] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : 00000054 <4>[ 229.739039] r3 : c9325040 r2 : 00000000 r1 : 00000000 r0 : 0000005a <4>[ 229.745899] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 229.753264] Control: 10c5387d Table: c960806a DAC: 00000051 <1>[ 229.759316] Register r0 information: non-paged memory <1>[ 229.764677] Register r1 information: NULL pointer <1>[ 229.769629] Register r2 information: NULL pointer <1>[ 229.774582] Register r3 information: slab task_struct start c9325000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 229.788359] copy_process+0x1f4/0x1f84 <6>[ 229.792616] kernel_clone+0xac/0x388 <6>[ 229.796771] sys_clone+0x78/0x9c <6>[ 229.800525] ret_fast_syscall+0x0/0x1c <4>[ 229.804776] Free path: <6>[ 229.807506] rcu_core+0x2dc/0xb14 <6>[ 229.811358] handle_softirqs+0x15c/0x430 <6>[ 229.815815] irq_exit+0xac/0xd4 <6>[ 229.819466] __irq_svc+0x8c/0xb8 <6>[ 229.823213] default_idle_call+0x20/0xc0 <6>[ 229.827671] do_idle+0x25c/0x2f4 <6>[ 229.831421] cpu_startup_entry+0x30/0x34 <6>[ 229.835875] rest_init+0xd4/0xd8 <6>[ 229.839626] start_kernel+0x744/0x764 <1>[ 229.843888] Register r4 information: non-paged memory <1>[ 229.849246] Register r5 information: non-paged memory <1>[ 229.854502] Register r6 information: non-paged memory <1>[ 229.859856] Register r7 information: non-paged memory <1>[ 229.865212] Register r8 information: 2-page vmalloc region starting at 0xf2744000 allocated at kernel_clone+0xac/0x388 <1>[ 229.876223] Register r9 information: slab task_struct start c9325000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 229.889988] copy_process+0x1f4/0x1f84 <6>[ 229.894244] kernel_clone+0xac/0x388 <6>[ 229.898298] sys_clone+0x78/0x9c <6>[ 229.902051] ret_fast_syscall+0x0/0x1c <4>[ 229.906400] Free path: <6>[ 229.909130] rcu_core+0x2dc/0xb14 <6>[ 229.912881] handle_softirqs+0x15c/0x430 <6>[ 229.917337] irq_exit+0xac/0xd4 <6>[ 229.921087] __irq_svc+0x8c/0xb8 <6>[ 229.924834] default_idle_call+0x20/0xc0 <6>[ 229.929292] do_idle+0x25c/0x2f4 <6>[ 229.933040] cpu_startup_entry+0x30/0x34 <6>[ 229.937493] rest_init+0xd4/0xd8 <6>[ 229.941245] start_kernel+0x744/0x764 <1>[ 229.945402] Register r10 information: non-slab/vmalloc memory <1>[ 229.951465] Register r11 information: 0-page vmalloc region starting at 0xf0f0f000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 229.963777] Register r12 information: NULL pointer <0>[ 229.968830] Process cat (pid: 4447, stack limit = 0xf2744000) <0>[ 229.974887] Stack: (0xf2745e20 to 0xf2746000) <0>[ 229.979545] 5e20: c1f93530 c1f93530 c1f93530 00000054 00000020 c03ca640 f2745e5c c0622f90 <0>[ 229.988020] 5e40: 00000020 c16f2434 f2745e5c 00000020 b6f6d000 f2745dec 00000001 00000001 <0>[ 229.996495] 5e60: c9325040 c0e06d88 00000022 00000000 f2745dec 73696854 20736920 65742061 <0>[ 230.004969] 5e80: 0a2e7473 69685400 73692073 74206120 2e747365 c45298d9 f2745ebc 00000018 <0>[ 230.013443] 5ea0: c5ca5000 00000000 f2745f80 c27896f0 f2745f80 c91a4900 0041fe38 c0e03fc0 <0>[ 230.021917] 5ec0: 00000018 c0e043a4 c0e04288 c91b6140 b6e08000 00000018 c3983a30 c0893830 <0>[ 230.030392] 5ee0: c91b6140 c08937d4 f2745f80 b6e08000 c9325040 00000018 c91a4900 c062a2a0 <0>[ 230.038865] 5f00: c960adb8 00000000 00000000 00000000 00000000 00000018 b6e08000 0001ffe8 <0>[ 230.047341] 5f20: 00000001 00000000 c91b6e40 00000000 00000000 00000000 00000000 00000000 <0>[ 230.055822] 5f40: 00000000 00000000 00000000 00000000 00000022 c45298d9 00000000 c91b6140 <0>[ 230.064299] 5f60: c91b6140 00000000 00000000 c03002f0 c9325040 00000004 0041fe38 c062a7fc <0>[ 230.072773] 5f80: 00000000 00000000 00000000 c45298d9 000000c0 00000018 00000018 7ff00000 <0>[ 230.081247] 5fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e08000 00000018 00000001 <0>[ 230.089722] 5fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e08000 00020000 0041fe38 <0>[ 230.098199] 5fe0: 00000004 beb7e788 b6ece33b b6e47616 60080030 00000001 00000000 00000000 <0>[ 230.106666] Call trace: <0>[ 230.106683] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 230.115799] __check_object_size from do_usercopy_stack+0x358/0x380 <0>[ 230.122384] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 230.128355] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 230.134121] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 230.139792] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 230.145357] vfs_write from ksys_write+0x78/0xf8 <0>[ 230.150217] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 230.155681] Exception stack(0xf2745fa8 to 0xf2745ff0) <0>[ 230.161039] 5fa0: 00000018 00000018 00000001 b6e08000 00000018 00000001 <0>[ 230.169514] 5fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e08000 00020000 0041fe38 <0>[ 230.177985] 5fe0: 00000004 beb7e788 b6ece33b b6e47616 <0>[ 230.183244] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) <4>[ 230.189701] ---[ end trace 0000000000000000 ]--- <6>[ 230.194548] note: cat[4447] exited with irqs disabled # Segmentation fault # [ 229.595636] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_TO # [ 229.600843] lkdtm: good_stack: f2745e74-f2745e94 # [ 229.606273] lkdtm: bad_stack : f2745dec-f2745e0c # [ 229.610850] lkdtm: attempting good copy_to_user of local stack # [ 229.616825] lkdtm: attempting bad copy_to_user of distant stack # [ 229.623017] usercopy: Kernel memory exposure attempt detected from process stack (offset 84, size 32)! # [ 229.635112] ------------[ cut here ]------------ # [ 229.638592] kernel BUG at mm/usercopy.c:102! # [ 229.643154] Internal error: Oops - BUG: 0 [#22] SMP ARM # [ 229.648715] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 229.685105] CPU: 0 UID: 0 PID: 4447 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 229.694699] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 229.699946] Hardware name: STM32 (Device Tree Support) # [ 229.705394] PC is at usercopy_abort+0x98/0x9c # [ 229.710065] LR is at usercopy_abort+0x98/0x9c # [ 229.714622] pc : [] lr : [] psr: 60080013 # [ 229.721179] sp : f2745e20 ip : 00000000 fp : f0f0f0f1 # [ 229.726730] r10: c1a7209c r9 : c9325040 r8 : f2745e0c # [ 229.732180] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : 00000054 # [ 229.739039] r3 : c9325040 r2 : 00000000 r1 : 00000000 r0 : 0000005a # [ 229.745899] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 229.753264] Control: 10c5387d Table: c960806a DAC: 00000051 # [ 229.759316] Register r0 information: non-paged memory # [ 229.764677] Register r1 information: NULL pointer # [ 229.769629] Register r2 information: NULL pointer # [ 229.774582] Register r3 information: slab task_struct start c9325000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 229.788359] copy_process+0x1f4/0x1f84 # [ 229.792616] kernel_clone+0xac/0x388 # [ 229.796771] sys_clone+0x78/0x9c # [ 229.800525] ret_fast_syscall+0x0/0x1c # [ 229.804776] Free path: # [ 229.807506] rcu_core+0x2dc/0xb14 # [ 229.811358] handle_softirqs+0x15c/0x430 # [ 229.815815] irq_exit+0xac/0xd4 # [ 229.819466] __irq_svc+0x8c/0xb8 # [ 229.823213] default_idle_call+0x20/0xc0 # [ 229.827671] do_idle+0x25c/0x2f4 # [ 229.831421] cpu_startup_entry+0x30/0x34 # [ 229.835875] rest_init+0xd4/0xd8 # [ 229.839626] start_kernel+0x744/0x764 # [ 229.843888] Register r4 information: non-paged memory # [ 229.849246] Register r5 information: non-paged memory # [ 229.854502] Register r6 information: non-paged memory # [ 229.859856] Register r7 information: non-paged memory # [ 229.865212] Register r8 information: 2-page vmalloc region starting at 0xf2744000 allocated at kernel_clone+0xac/0x388 # [ 229.876223] Register r9 information: slab task_struct start c9325000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 229.889988] copy_process+0x1f4/0x1f84 # [ 229.894244] kernel_clone+0xac/0x388 # [ 229.898298] sys_clone+0x78/0x9c # [ 229.902051] ret_fast_syscall+0x0/0x1c # [ 229.906400] Free path: # [ 229.909130] rcu_core+0x2dc/0xb14 # [ 229.912881] handle_softirqs+0x15c/0x430 # [ 229.917337] irq_exit+0xac/0xd4 # [ 229.921087] __irq_svc+0x8c/0xb8 # [ 229.924834] default_idle_call+0x20/0xc0 # [ 229.929292] do_idle+0x25c/0x2f4 # [ 229.933040] cpu_startup_entry+0x30/0x34 # [ 229.937493] rest_init+0xd4/0xd8 # [ 229.941245] start_kernel+0x744/0x764 # [ 229.945402] Register r10 information: non-slab/vmalloc memory # [ 229.951465] Register r11 information: 0-page vmalloc region starting at 0xf0f0f000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 229.963777] Register r12 information: NULL pointer # [ 229.968830] Process cat (pid: 4447, stack limit = 0xf2744000) # [ 229.974887] Stack: (0xf2745e20 to 0xf2746000) # [ 229.979545] 5e20: c1f93530 c1f93530 c1f93530 00000054 00000020 c03ca640 f2745e5c c0622f90 # [ 229.988020] 5e40: 00000020 c16f2434 f2745e5c 00000020 b6f6d000 f2745dec 00000001 00000001 # [ 229.996495] 5e60: c9325040 c0e06d88 00000022 00000000 f2745dec 73696854 20736920 65742061 # [ 230.004969] 5e80: 0a2e7473 69685400 73692073 74206120 2e747365 c45298d9 f2745ebc 00000018 # [ 230.013443] 5ea0: c5ca5000 00000000 f2745f80 c27896f0 f2745f80 c91a4900 0041fe38 c0e03fc0 # [ 230.021917] 5ec0: 00000018 c0e043a4 c0e04288 c91b6140 b6e08000 00000018 c3983a30 c0893830 # [ 230.030392] 5ee0: c91b6140 c08937d4 f2745f80 b6e08000 c9325040 00000018 c91a4900 c062a2a0 # [ 230.038865] 5f00: c960adb8 00000000 00000000 00000000 00000000 00000018 b6e08000 0001ffe8 # [ 230.047341] 5f20: 00000001 00000000 c91b6e40 00000000 00000000 00000000 00000000 00000000 # [ 230.055822] 5f40: 00000000 00000000 00000000 00000000 00000022 c45298d9 00000000 c91b6140 # [ 230.064299] 5f60: c91b6140 00000000 00000000 c03002f0 c9325040 00000004 0041fe38 c062a7fc # [ 230.072773] 5f80: 00000000 00000000 00000000 c45298d9 000000c0 00000018 00000018 7ff00000 # [ 230.081247] 5fa0: 00000004 c03000c0 00000018 00000018 00000001 b6e08000 00000018 00000001 # [ 230.089722] 5fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e08000 00020000 0041fe38 # [ 230.098199] 5fe0: 00000004 beb7e788 b6ece33b b6e47616 60080030 00000001 00000000 00000000 # [ 230.106666] Call trace: # [ 230.106683] usercopy_abort from __check_object_size+0x164/0x310 # [ 230.115799] __check_object_size from do_usercopy_stack+0x358/0x380 # [ 230.122384] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 230.128355] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 230.134121] direct_entry from full_proxy_write+0x5c/0x8c # [ 230.139792] full_proxy_write from vfs_write+0xbc/0x3cc # [ 230.145357] vfs_write from ksys_write+0x78/0xf8 # [ 230.150217] ksys_write from ret_fast_syscall+0x0/0x1c # [ 230.155681] Exception stack(0xf2745fa8 to 0xf2745ff0) # [ 230.161039] 5fa0: 00000018 00000018 00000001 b6e08000 00000018 00000001 # [ 230.169514] 5fc0: 00000018 00000018 7ff00000 00000004 00000001 b6e08000 00020000 0041fe38 # [ 230.177985] 5fe0: 00000004 beb7e788 b6ece33b b6e47616 # [ 230.183244] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) # [ 230.189701] ---[ end trace 0000000000000000 ]--- # [ 230.194548] note: cat[4447] exited with irqs disabled # USERCOPY_STACK_FRAME_TO: saw 'call trace:': ok ok 73 selftests: lkdtm: USERCOPY_STACK_FRAME_TO.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_FRAME_FROM.sh <6>[ 232.101175] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_FROM <6>[ 232.106589] lkdtm: good_stack: f27d5e74-f27d5e94 <6>[ 232.111451] lkdtm: bad_stack : f27d5dec-f27d5e0c <6>[ 232.116623] lkdtm: attempting good copy_from_user of local stack <6>[ 232.122713] lkdtm: attempting bad copy_from_user of distant stack <0>[ 232.129115] usercopy: Kernel memory overwrite attempt detected to process stack (offset 84, size 32)! <4>[ 232.138791] ------------[ cut here ]------------ <2>[ 232.143356] kernel BUG at mm/usercopy.c:102! <0>[ 232.147914] Internal error: Oops - BUG: 0 [#23] SMP ARM <4>[ 232.153473] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 232.189859] CPU: 0 UID: 0 PID: 4533 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 232.199551] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 232.204798] Hardware name: STM32 (Device Tree Support) <4>[ 232.210145] PC is at usercopy_abort+0x98/0x9c <4>[ 232.214816] LR is at usercopy_abort+0x98/0x9c <4>[ 232.219472] pc : [] lr : [] psr: 60080013 <4>[ 232.226029] sp : f27d5e20 ip : 00000000 fp : f0f0f0f1 <4>[ 232.231478] r10: c1a7209c r9 : c7a01e40 r8 : f27d5e0c <4>[ 232.237029] r7 : 00000000 r6 : 00000020 r5 : 00000020 r4 : 00000054 <4>[ 232.243787] r3 : c7a01e40 r2 : 00000000 r1 : 00000000 r0 : 00000059 <4>[ 232.250646] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 232.258012] Control: 10c5387d Table: c5b9006a DAC: 00000051 <1>[ 232.264064] Register r0 information: non-paged memory <1>[ 232.269425] Register r1 information: NULL pointer <1>[ 232.274378] Register r2 information: NULL pointer <1>[ 232.279430] Register r3 information: slab task_struct start c7a01e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 232.293104] copy_process+0x1f4/0x1f84 <6>[ 232.297361] kernel_clone+0xac/0x388 <6>[ 232.301516] sys_clone+0x78/0x9c <6>[ 232.305269] ret_fast_syscall+0x0/0x1c <4>[ 232.309519] Free path: <6>[ 232.312249] rcu_core+0x2dc/0xb14 <6>[ 232.316102] handle_softirqs+0x15c/0x430 <6>[ 232.320561] irq_exit+0xac/0xd4 <6>[ 232.324212] call_with_stack+0x18/0x20 <6>[ 232.328472] __irq_svc+0x9c/0xb8 <6>[ 232.332220] default_idle_call+0x20/0xc0 <6>[ 232.336678] do_idle+0x25c/0x2f4 <6>[ 232.340428] cpu_startup_entry+0x30/0x34 <6>[ 232.344881] secondary_start_kernel+0x138/0x158 <6>[ 232.350041] __enable_mmu+0x0/0x20 <1>[ 232.353893] Register r4 information: non-paged memory <1>[ 232.359252] Register r5 information: non-paged memory <1>[ 232.364609] Register r6 information: non-paged memory <1>[ 232.369964] Register r7 information: NULL pointer <1>[ 232.374916] Register r8 information: 2-page vmalloc region starting at 0xf27d4000 allocated at kernel_clone+0xac/0x388 <1>[ 232.385927] Register r9 information: slab task_struct start c7a01e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 232.399591] copy_process+0x1f4/0x1f84 <6>[ 232.403948] kernel_clone+0xac/0x388 <6>[ 232.408002] sys_clone+0x78/0x9c <6>[ 232.411755] ret_fast_syscall+0x0/0x1c <4>[ 232.416105] Free path: <6>[ 232.418735] rcu_core+0x2dc/0xb14 <6>[ 232.422586] handle_softirqs+0x15c/0x430 <6>[ 232.427042] irq_exit+0xac/0xd4 <6>[ 232.430792] call_with_stack+0x18/0x20 <6>[ 232.435048] __irq_svc+0x9c/0xb8 <6>[ 232.438795] default_idle_call+0x20/0xc0 <6>[ 232.443252] do_idle+0x25c/0x2f4 <6>[ 232.447000] cpu_startup_entry+0x30/0x34 <6>[ 232.451454] secondary_start_kernel+0x138/0x158 <6>[ 232.456513] __enable_mmu+0x0/0x20 <1>[ 232.460464] Register r10 information: non-slab/vmalloc memory <1>[ 232.466528] Register r11 information: 0-page vmalloc region starting at 0xf0f0f000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 232.478840] Register r12 information: NULL pointer <0>[ 232.483895] Process cat (pid: 4533, stack limit = 0xf27d4000) <0>[ 232.489953] Stack: (0xf27d5e20 to 0xf27d6000) <0>[ 232.494611] 5e20: c1f93530 c1f93530 c1f93530 00000054 00000020 c03ca640 f27d5e5c c0622f90 <0>[ 232.503086] 5e40: 00000020 c16f2434 f27d5e5c 00000020 b6f9b000 f27d5dec 00000001 00000000 <0>[ 232.511560] 5e60: c7a01e40 c0e06d5c 00000022 00000000 f27d5dec 00000000 00000000 00000000 <0>[ 232.520034] 5e80: 00000000 00000000 00000000 00000000 00000000 aa44c031 f27d5ebc 0000001a <0>[ 232.528508] 5ea0: c965b000 00000000 f27d5f80 c27896f8 f27d5f80 c91a4900 004efe38 c0e03fc0 <0>[ 232.536983] 5ec0: 0000001a c0e043a4 c0e04288 c91b6b40 b6e38000 0000001a c3983a30 c0893830 <0>[ 232.545458] 5ee0: c91b6b40 c08937d4 f27d5f80 b6e38000 c7a01e40 0000001a c91a4900 c062a2a0 <0>[ 232.553932] 5f00: c5b92db8 00000000 00000000 00000000 00000000 0000001a b6e38000 0001ffe6 <0>[ 232.562404] 5f20: 00000001 00000000 c91b6140 00000000 00000000 00000000 00000000 00000000 <0>[ 232.570877] 5f40: 00000000 00000000 00000000 00000000 00000022 aa44c031 00000000 c91b6b40 <0>[ 232.579352] 5f60: c91b6b40 00000000 00000000 c03002f0 c7a01e40 00000004 004efe38 c062a7fc <0>[ 232.587826] 5f80: 00000000 00000000 00000000 aa44c031 000000c0 0000001a 0000001a 7ff00000 <0>[ 232.596305] 5fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 <0>[ 232.604793] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 <0>[ 232.613279] 5fe0: 00000004 bee81788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 232.621747] Call trace: <0>[ 232.621762] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 232.630779] __check_object_size from do_usercopy_stack+0x32c/0x380 <0>[ 232.637365] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 232.643438] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 232.649203] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 232.654872] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 232.660339] vfs_write from ksys_write+0x78/0xf8 <0>[ 232.665199] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 232.670662] Exception stack(0xf27d5fa8 to 0xf27d5ff0) <0>[ 232.676023] 5fa0: 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 <0>[ 232.684500] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 <0>[ 232.692971] 5fe0: 00000004 bee81788 b6efe33b b6e77616 <0>[ 232.698328] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) <4>[ 232.704686] ---[ end trace 0000000000000000 ]--- <6>[ 232.709534] note: cat[4533] exited with irqs disabled # Segmentation fault # [ 232.101175] lkdtm: Performing direct entry USERCOPY_STACK_FRAME_FROM # [ 232.106589] lkdtm: good_stack: f27d5e74-f27d5e94 # [ 232.111451] lkdtm: bad_stack : f27d5dec-f27d5e0c # [ 232.116623] lkdtm: attempting good copy_from_user of local stack # [ 232.122713] lkdtm: attempting bad copy_from_user of distant stack # [ 232.129115] usercopy: Kernel memory overwrite attempt detected to process stack (offset 84, size 32)! # [ 232.138791] ------------[ cut here ]------------ # [ 232.143356] kernel BUG at mm/usercopy.c:102! # [ 232.147914] Internal error: Oops - BUG: 0 [#23] SMP ARM # [ 232.153473] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 232.189859] CPU: 0 UID: 0 PID: 4533 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 232.199551] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 232.204798] Hardware name: STM32 (Device Tree Support) # [ 232.210145] PC is at usercopy_abort+0x98/0x9c # [ 232.214816] LR is at usercopy_abort+0x98/0x9c # [ 232.219472] pc : [] lr : [] psr: 60080013 # [ 232.226029] sp : f27d5e20 ip : 00000000 fp : f0f0f0f1 # [ 232.231478] r10: c1a7209c r9 : c7a01e40 r8 : f27d5e0c # [ 232.237029] r7 : 00000000 r6 : 00000020 r5 : 00000020 r4 : 00000054 # [ 232.243787] r3 : c7a01e40 r2 : 00000000 r1 : 00000000 r0 : 00000059 # [ 232.250646] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 232.258012] Control: 10c5387d Table: c5b9006a DAC: 00000051 # [ 232.264064] Register r0 information: non-paged memory # [ 232.269425] Register r1 information: NULL pointer # [ 232.274378] Register r2 information: NULL pointer # [ 232.279430] Register r3 information: slab task_struct start c7a01e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 232.293104] copy_process+0x1f4/0x1f84 # [ 232.297361] kernel_clone+0xac/0x388 # [ 232.301516] sys_clone+0x78/0x9c # [ 232.305269] ret_fast_syscall+0x0/0x1c # [ 232.309519] Free path: # [ 232.312249] rcu_core+0x2dc/0xb14 # [ 232.316102] handle_softirqs+0x15c/0x430 # [ 232.320561] irq_exit+0xac/0xd4 # [ 232.324212] call_with_stack+0x18/0x20 # [ 232.328472] __irq_svc+0x9c/0xb8 # [ 232.332220] default_idle_call+0x20/0xc0 # [ 232.336678] do_idle+0x25c/0x2f4 # [ 232.340428] cpu_startup_entry+0x30/0x34 # [ 232.344881] secondary_start_kernel+0x138/0x158 # [ 232.350041] __enable_mmu+0x0/0x20 # [ 232.353893] Register r4 information: non-paged memory # [ 232.359252] Register r5 information: non-paged memory # [ 232.364609] Register r6 information: non-paged memory # [ 232.369964] Register r7 information: NULL pointer # [ 232.374916] Register r8 information: 2-page vmalloc region starting at 0xf27d4000 allocated at kernel_clone+0xac/0x388 # [ 232.385927] Register r9 information: slab task_struct start c7a01e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 232.399591] copy_process+0x1f4/0x1f84 # [ 232.403948] kernel_clone+0xac/0x388 # [ 232.408002] sys_clone+0x78/0x9c # [ 232.411755] ret_fast_syscall+0x0/0x1c # [ 232.416105] Free path: # [ 232.418735] rcu_core+0x2dc/0xb14 # [ 232.422586] handle_softirqs+0x15c/0x430 # [ 232.427042] irq_exit+0xac/0xd4 # [ 232.430792] call_with_stack+0x18/0x20 # [ 232.435048] __irq_svc+0x9c/0xb8 # [ 232.438795] default_idle_call+0x20/0xc0 # [ 232.443252] do_idle+0x25c/0x2f4 # [ 232.447000] cpu_startup_entry+0x30/0x34 # [ 232.451454] secondary_start_kernel+0x138/0x158 # [ 232.456513] __enable_mmu+0x0/0x20 # [ 232.460464] Register r10 information: non-slab/vmalloc memory # [ 232.466528] Register r11 information: 0-page vmalloc region starting at 0xf0f0f000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 232.478840] Register r12 information: NULL pointer # [ 232.483895] Process cat (pid: 4533, stack limit = 0xf27d4000) # [ 232.489953] Stack: (0xf27d5e20 to 0xf27d6000) # [ 232.494611] 5e20: c1f93530 c1f93530 c1f93530 00000054 00000020 c03ca640 f27d5e5c c0622f90 # [ 232.503086] 5e40: 00000020 c16f2434 f27d5e5c 00000020 b6f9b000 f27d5dec 00000001 00000000 # [ 232.511560] 5e60: c7a01e40 c0e06d5c 00000022 00000000 f27d5dec 00000000 00000000 00000000 # [ 232.520034] 5e80: 00000000 00000000 00000000 00000000 00000000 aa44c031 f27d5ebc 0000001a # [ 232.528508] 5ea0: c965b000 00000000 f27d5f80 c27896f8 f27d5f80 c91a4900 004efe38 c0e03fc0 # [ 232.536983] 5ec0: 0000001a c0e043a4 c0e04288 c91b6b40 b6e38000 0000001a c3983a30 c0893830 # [ 232.545458] 5ee0: c91b6b40 c08937d4 f27d5f80 b6e38000 c7a01e40 0000001a c91a4900 c062a2a0 # [ 232.553932] 5f00: c5b92db8 00000000 00000000 00000000 00000000 0000001a b6e38000 0001ffe6 # [ 232.562404] 5f20: 00000001 00000000 c91b6140 00000000 00000000 00000000 00000000 00000000 # [ 232.570877] 5f40: 00000000 00000000 00000000 00000000 00000022 aa44c031 00000000 c91b6b40 # [ 232.579352] 5f60: c91b6b40 00000000 00000000 c03002f0 c7a01e40 00000004 004efe38 c062a7fc # [ 232.587826] 5f80: 00000000 00000000 00000000 aa44c031 000000c0 0000001a 0000001a 7ff00000 # [ 232.596305] 5fa0: 00000004 c03000c0 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 # [ 232.604793] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 # [ 232.613279] 5fe0: 00000004 bee81788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 232.621747] Call trace: # [ 232.621762] usercopy_abort from __check_object_size+0x164/0x310 # [ 232.630779] __check_object_size from do_usercopy_stack+0x32c/0x380 # [ 232.637365] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 232.643438] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 232.649203] direct_entry from full_proxy_write+0x5c/0x8c # [ 232.654872] full_proxy_write from vfs_write+0xbc/0x3cc # [ 232.660339] vfs_write from ksys_write+0x78/0xf8 # [ 232.665199] ksys_write from ret_fast_syscall+0x0/0x1c # [ 232.670662] Exception stack(0xf27d5fa8 to 0xf27d5ff0) # [ 232.676023] 5fa0: 0000001a 0000001a 00000001 b6e38000 0000001a 00000001 # [ 232.684500] 5fc0: 0000001a 0000001a 7ff00000 00000004 00000001 b6e38000 00020000 004efe38 # [ 232.692971] 5fe0: 00000004 bee81788 b6efe33b b6e77616 # [ 232.698328] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) # [ 232.704686] ---[ end trace 0000000000000000 ]--- # [ 232.709534] note: cat[4533] exited with irqs disabled # USERCOPY_STACK_FRAME_FROM: saw 'call trace:': ok ok 74 selftests: lkdtm: USERCOPY_STACK_FRAME_FROM.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_STACK_BEYOND.sh <6>[ 234.652283] lkdtm: Performing direct entry USERCOPY_STACK_BEYOND <6>[ 234.657788] lkdtm: good_stack: f2845e74-f2845e94 <6>[ 234.662248] lkdtm: bad_stack : f2845ffc-f284601c <6>[ 234.667348] lkdtm: attempting good copy_to_user of local stack <6>[ 234.673328] lkdtm: attempting bad copy_to_user of distant stack <0>[ 234.679377] usercopy: Kernel memory exposure attempt detected from process stack (offset 4294966852, size 32)! <4>[ 234.689784] ------------[ cut here ]------------ <2>[ 234.694559] kernel BUG at mm/usercopy.c:102! <0>[ 234.699121] Internal error: Oops - BUG: 0 [#24] SMP ARM <4>[ 234.704590] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 234.740997] CPU: 1 UID: 0 PID: 4619 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 234.750599] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 234.755847] Hardware name: STM32 (Device Tree Support) <4>[ 234.761296] PC is at usercopy_abort+0x98/0x9c <4>[ 234.765969] LR is at usercopy_abort+0x98/0x9c <4>[ 234.770528] pc : [] lr : [] psr: 60080013 <4>[ 234.777087] sp : f2845e20 ip : 00000000 fp : f0f0f0f1 <4>[ 234.782638] r10: c1a7209c r9 : c9326e40 r8 : f284601c <4>[ 234.788092] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : fffffe44 <4>[ 234.794952] r3 : c9326e40 r2 : 00000000 r1 : 00000000 r0 : 00000062 <4>[ 234.801812] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 234.809178] Control: 10c5387d Table: c5a6c06a DAC: 00000051 <1>[ 234.815230] Register r0 information: non-paged memory <1>[ 234.820594] Register r1 information: NULL pointer <1>[ 234.825546] Register r2 information: NULL pointer <1>[ 234.830498] Register r3 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 234.844277] copy_process+0x1f4/0x1f84 <6>[ 234.848535] kernel_clone+0xac/0x388 <6>[ 234.852590] sys_clone+0x78/0x9c <6>[ 234.856444] ret_fast_syscall+0x0/0x1c <4>[ 234.860695] Free path: <6>[ 234.863426] rcu_core+0x2dc/0xb14 <6>[ 234.867280] handle_softirqs+0x15c/0x430 <6>[ 234.871738] irq_exit+0xac/0xd4 <6>[ 234.875389] __irq_svc+0x8c/0xb8 <6>[ 234.879135] default_idle_call+0x20/0xc0 <6>[ 234.883594] do_idle+0x25c/0x2f4 <6>[ 234.887344] cpu_startup_entry+0x30/0x34 <6>[ 234.891798] rest_init+0xd4/0xd8 <6>[ 234.895551] start_kernel+0x744/0x764 <1>[ 234.899716] Register r4 information: non-paged memory <1>[ 234.905077] Register r5 information: non-paged memory <1>[ 234.910433] Register r6 information: non-paged memory <1>[ 234.915789] Register r7 information: non-paged memory <1>[ 234.921044] Register r8 information: vmalloc memory <1>[ 234.926302] Register r9 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 234.939973] copy_process+0x1f4/0x1f84 <6>[ 234.944230] kernel_clone+0xac/0x388 <6>[ 234.948386] sys_clone+0x78/0x9c <6>[ 234.952140] ret_fast_syscall+0x0/0x1c <4>[ 234.956390] Free path: <6>[ 234.959120] rcu_core+0x2dc/0xb14 <6>[ 234.962973] handle_softirqs+0x15c/0x430 <6>[ 234.967430] irq_exit+0xac/0xd4 <6>[ 234.971079] __irq_svc+0x8c/0xb8 <6>[ 234.974826] default_idle_call+0x20/0xc0 <6>[ 234.979284] do_idle+0x25c/0x2f4 <6>[ 234.983033] cpu_startup_entry+0x30/0x34 <6>[ 234.987487] rest_init+0xd4/0xd8 <6>[ 234.991238] start_kernel+0x744/0x764 <1>[ 234.995497] Register r10 information: non-slab/vmalloc memory <1>[ 235.001560] Register r11 information: 0-page vmalloc region starting at 0xf0f0f000 allocated at dma_common_contiguous_remap+0x74/0x90 <1>[ 235.013873] Register r12 information: NULL pointer <0>[ 235.018928] Process cat (pid: 4619, stack limit = 0xf2844000) <0>[ 235.024886] Stack: (0xf2845e20 to 0xf2846000) <0>[ 235.029544] 5e20: c1f93530 c1f93530 c1f93530 fffffe44 00000020 c03ca640 f2845e5c c0622f90 <0>[ 235.038019] 5e40: 00000020 c16f2434 f2845e5c 00000020 b6f87000 f2845ffc 00000000 00000001 <0>[ 235.046494] 5e60: c9326e40 c0e06d88 00000022 00000000 f2845ffc 73696854 20736920 65742061 <0>[ 235.054969] 5e80: 0a2e7473 69685400 73692073 74206120 2e747365 c0fb73e8 f2845ebc 00000016 <0>[ 235.063443] 5ea0: c5c37000 00000000 f2845f80 c2789700 f2845f80 c91a4900 0041fe38 c0e03fc0 <0>[ 235.071918] 5ec0: 00000016 c0e043a4 c0e04288 c91b6840 b6e28000 00000016 c3983a30 c0893830 <0>[ 235.080492] 5ee0: c91b6840 c08937d4 f2845f80 b6e28000 c9326e40 00000016 c91a4900 c062a2a0 <0>[ 235.088966] 5f00: c5a6edb8 00000000 00000000 00000000 00000000 00000016 b6e28000 0001ffea <0>[ 235.097445] 5f20: 00000001 00000000 c91b6c40 00000000 00000000 00000000 00000000 00000000 <0>[ 235.105931] 5f40: 00000000 00000000 00000000 00000000 00000022 c0fb73e8 00000000 c91b6840 <0>[ 235.114317] 5f60: c91b6840 00000000 00000000 c03002f0 c9326e40 00000004 0041fe38 c062a7fc <0>[ 235.122805] 5f80: 00000000 00000000 c9326e40 c0fb73e8 c9326e40 00000016 00000016 7ff00000 <0>[ 235.131291] 5fa0: 00000004 c03000c0 00000016 00000016 00000001 b6e28000 00000016 00000001 <0>[ 235.139776] 5fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e28000 00020000 0041fe38 <0>[ 235.148259] 5fe0: 00000004 bea5f788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 <0>[ 235.156727] Call trace: <0>[ 235.156742] usercopy_abort from __check_object_size+0x164/0x310 <0>[ 235.165862] __check_object_size from do_usercopy_stack+0x358/0x380 <0>[ 235.172348] do_usercopy_stack from lkdtm_do_action+0x24/0x4c <0>[ 235.178419] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 235.184184] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 235.189857] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 235.195324] vfs_write from ksys_write+0x78/0xf8 <0>[ 235.200286] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 235.205651] Exception stack(0xf2845fa8 to 0xf2845ff0) <0>[ 235.211012] 5fa0: 00000016 00000016 00000001 b6e28000 00000016 00000001 <0>[ 235.219489] 5fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e28000 00020000 0041fe38 <0>[ 235.227961] 5fe0: 00000004 bea5f788 b6eee33b b6e67616 <0>[ 235.233318] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) <4>[ 235.239675] ---[ end trace 0000000000000000 ]--- <6>[ 235.244622] note: cat[4619] exited with irqs disabled # Segmentation fault # [ 234.652283] lkdtm: Performing direct entry USERCOPY_STACK_BEYOND # [ 234.657788] lkdtm: good_stack: f2845e74-f2845e94 # [ 234.662248] lkdtm: bad_stack : f2845ffc-f284601c # [ 234.667348] lkdtm: attempting good copy_to_user of local stack # [ 234.673328] lkdtm: attempting bad copy_to_user of distant stack # [ 234.679377] usercopy: Kernel memory exposure attempt detected from process stack (offset 4294966852, size 32)! # [ 234.689784] ------------[ cut here ]------------ # [ 234.694559] kernel BUG at mm/usercopy.c:102! # [ 234.699121] Internal error: Oops - BUG: 0 [#24] SMP ARM # [ 234.704590] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 234.740997] CPU: 1 UID: 0 PID: 4619 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 234.750599] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 234.755847] Hardware name: STM32 (Device Tree Support) # [ 234.761296] PC is at usercopy_abort+0x98/0x9c # [ 234.765969] LR is at usercopy_abort+0x98/0x9c # [ 234.770528] pc : [] lr : [] psr: 60080013 # [ 234.777087] sp : f2845e20 ip : 00000000 fp : f0f0f0f1 # [ 234.782638] r10: c1a7209c r9 : c9326e40 r8 : f284601c # [ 234.788092] r7 : 00000001 r6 : 00000020 r5 : 00000020 r4 : fffffe44 # [ 234.794952] r3 : c9326e40 r2 : 00000000 r1 : 00000000 r0 : 00000062 # [ 234.801812] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 234.809178] Control: 10c5387d Table: c5a6c06a DAC: 00000051 # [ 234.815230] Register r0 information: non-paged memory # [ 234.820594] Register r1 information: NULL pointer # [ 234.825546] Register r2 information: NULL pointer # [ 234.830498] Register r3 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 234.844277] copy_process+0x1f4/0x1f84 # [ 234.848535] kernel_clone+0xac/0x388 # [ 234.852590] sys_clone+0x78/0x9c # [ 234.856444] ret_fast_syscall+0x0/0x1c # [ 234.860695] Free path: # [ 234.863426] rcu_core+0x2dc/0xb14 # [ 234.867280] handle_softirqs+0x15c/0x430 # [ 234.871738] irq_exit+0xac/0xd4 # [ 234.875389] __irq_svc+0x8c/0xb8 # [ 234.879135] default_idle_call+0x20/0xc0 # [ 234.883594] do_idle+0x25c/0x2f4 # [ 234.887344] cpu_startup_entry+0x30/0x34 # [ 234.891798] rest_init+0xd4/0xd8 # [ 234.895551] start_kernel+0x744/0x764 # [ 234.899716] Register r4 information: non-paged memory # [ 234.905077] Register r5 information: non-paged memory # [ 234.910433] Register r6 information: non-paged memory # [ 234.915789] Register r7 information: non-paged memory # [ 234.921044] Register r8 information: vmalloc memory # [ 234.926302] Register r9 information: slab task_struct start c9326e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 234.939973] copy_process+0x1f4/0x1f84 # [ 234.944230] kernel_clone+0xac/0x388 # [ 234.948386] sys_clone+0x78/0x9c # [ 234.952140] ret_fast_syscall+0x0/0x1c # [ 234.956390] Free path: # [ 234.959120] rcu_core+0x2dc/0xb14 # [ 234.962973] handle_softirqs+0x15c/0x430 # [ 234.967430] irq_exit+0xac/0xd4 # [ 234.971079] __irq_svc+0x8c/0xb8 # [ 234.974826] default_idle_call+0x20/0xc0 # [ 234.979284] do_idle+0x25c/0x2f4 # [ 234.983033] cpu_startup_entry+0x30/0x34 # [ 234.987487] rest_init+0xd4/0xd8 # [ 234.991238] start_kernel+0x744/0x764 # [ 234.995497] Register r10 information: non-slab/vmalloc memory # [ 235.001560] Register r11 information: 0-page vmalloc region starting at 0xf0f0f000 allocated at dma_common_contiguous_remap+0x74/0x90 # [ 235.013873] Register r12 information: NULL pointer # [ 235.018928] Process cat (pid: 4619, stack limit = 0xf2844000) # [ 235.024886] Stack: (0xf2845e20 to 0xf2846000) # [ 235.029544] 5e20: c1f93530 c1f93530 c1f93530 fffffe44 00000020 c03ca640 f2845e5c c0622f90 # [ 235.038019] 5e40: 00000020 c16f2434 f2845e5c 00000020 b6f87000 f2845ffc 00000000 00000001 # [ 235.046494] 5e60: c9326e40 c0e06d88 00000022 00000000 f2845ffc 73696854 20736920 65742061 # [ 235.054969] 5e80: 0a2e7473 69685400 73692073 74206120 2e747365 c0fb73e8 f2845ebc 00000016 # [ 235.063443] 5ea0: c5c37000 00000000 f2845f80 c2789700 f2845f80 c91a4900 0041fe38 c0e03fc0 # [ 235.071918] 5ec0: 00000016 c0e043a4 c0e04288 c91b6840 b6e28000 00000016 c3983a30 c0893830 # [ 235.080492] 5ee0: c91b6840 c08937d4 f2845f80 b6e28000 c9326e40 00000016 c91a4900 c062a2a0 # [ 235.088966] 5f00: c5a6edb8 00000000 00000000 00000000 00000000 00000016 b6e28000 0001ffea # [ 235.097445] 5f20: 00000001 00000000 c91b6c40 00000000 00000000 00000000 00000000 00000000 # [ 235.105931] 5f40: 00000000 00000000 00000000 00000000 00000022 c0fb73e8 00000000 c91b6840 # [ 235.114317] 5f60: c91b6840 00000000 00000000 c03002f0 c9326e40 00000004 0041fe38 c062a7fc # [ 235.122805] 5f80: 00000000 00000000 c9326e40 c0fb73e8 c9326e40 00000016 00000016 7ff00000 # [ 235.131291] 5fa0: 00000004 c03000c0 00000016 00000016 00000001 b6e28000 00000016 00000001 # [ 235.139776] 5fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e28000 00020000 0041fe38 # [ 235.148259] 5fe0: 00000004 bea5f788 b6eee33b b6e67616 60080030 00000001 00000000 00000000 # [ 235.156727] Call trace: # [ 235.156742] usercopy_abort from __check_object_size+0x164/0x310 # [ 235.165862] __check_object_size from do_usercopy_stack+0x358/0x380 # [ 235.172348] do_usercopy_stack from lkdtm_do_action+0x24/0x4c # [ 235.178419] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 235.184184] direct_entry from full_proxy_write+0x5c/0x8c # [ 235.189857] full_proxy_write from vfs_write+0xbc/0x3cc # [ 235.195324] vfs_write from ksys_write+0x78/0xf8 # [ 235.200286] ksys_write from ret_fast_syscall+0x0/0x1c # [ 235.205651] Exception stack(0xf2845fa8 to 0xf2845ff0) # [ 235.211012] 5fa0: 00000016 00000016 00000001 b6e28000 00000016 00000001 # [ 235.219489] 5fc0: 00000016 00000016 7ff00000 00000004 00000001 b6e28000 00020000 0041fe38 # [ 235.227961] 5fe0: 00000004 bea5f788 b6eee33b b6e67616 # [ 235.233318] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) # [ 235.239675] ---[ end trace 0000000000000000 ]--- # [ 235.244622] note: cat[4619] exited with irqs disabled # USERCOPY_STACK_BEYOND: saw 'call trace:': ok ok 75 selftests: lkdtm: USERCOPY_STACK_BEYOND.sh # timeout set to 45 # selftests: lkdtm: USERCOPY_KERNEL.sh <6>[ 237.230252] lkdtm: Performing direct entry USERCOPY_KERNEL <6>[ 237.234879] lkdtm: attempting good copy_to_user from kernel rodata: c1a7209c <6>[ 237.242235] lkdtm: attempting bad copy_to_user from kernel text: c059ea14 <0>[ 237.249244] usercopy: Kernel memory exposure attempt detected from kernel text (offset 2746900, size 4096)! <4>[ 237.259253] ------------[ cut here ]------------ <2>[ 237.264009] kernel BUG at mm/usercopy.c:102! <0>[ 237.268566] Internal error: Oops - BUG: 0 [#25] SMP ARM <4>[ 237.274125] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 237.310513] CPU: 1 UID: 0 PID: 4705 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 237.320105] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 237.325351] Hardware name: STM32 (Device Tree Support) <4>[ 237.330799] PC is at usercopy_abort+0x98/0x9c <4>[ 237.335471] LR is at usercopy_abort+0x98/0x9c <4>[ 237.340027] pc : [] lr : [] psr: 60080013 <4>[ 237.346584] sp : f28c5e60 ip : 00000000 fp : 0042fe38 <4>[ 237.352135] r10: c91a4900 r9 : f28c5f80 r8 : c059fa14 <4>[ 237.357585] r7 : 00000001 r6 : 00001000 r5 : 00001000 r4 : 0029ea14 <4>[ 237.364445] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 0000005f <4>[ 237.371305] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 237.378670] Control: 10c5387d Table: c5e2c06a DAC: 00000051 <1>[ 237.384723] Register r0 information: non-paged memory <1>[ 237.390085] Register r1 information: NULL pointer <1>[ 237.395037] Register r2 information: NULL pointer <1>[ 237.399989] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 237.413767] copy_process+0x1f4/0x1f84 <6>[ 237.418024] kernel_clone+0xac/0x388 <6>[ 237.422180] sys_clone+0x78/0x9c <6>[ 237.425932] ret_fast_syscall+0x0/0x1c <4>[ 237.430183] Free path: <6>[ 237.432913] rcu_core+0x2dc/0xb14 <6>[ 237.436766] handle_softirqs+0x15c/0x430 <6>[ 237.441224] irq_exit+0xac/0xd4 <6>[ 237.444874] call_with_stack+0x18/0x20 <6>[ 237.449132] __irq_svc+0x9c/0xb8 <6>[ 237.452879] xdr_inline_decode+0x0/0x210 <6>[ 237.457334] 0xc93fee00 <1>[ 237.460377] Register r4 information: non-paged memory <1>[ 237.465636] Register r5 information: non-paged memory <1>[ 237.470993] Register r6 information: non-paged memory <1>[ 237.476347] Register r7 information: non-paged memory <1>[ 237.481700] Register r8 information: non-slab/vmalloc memory <1>[ 237.487660] Register r9 information: 2-page vmalloc region starting at 0xf28c4000 allocated at kernel_clone+0xac/0x388 <1>[ 237.498671] Register r10 information: slab kmalloc-192 start c91a48c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 237.512535] full_proxy_open+0x124/0x24c <6>[ 237.516986] do_dentry_open+0x144/0x4dc <6>[ 237.521345] vfs_open+0x2c/0xec <6>[ 237.524997] path_openat+0x748/0x1198 <6>[ 237.529250] do_filp_open+0x98/0x134 <6>[ 237.533301] do_sys_openat2+0xbc/0xe4 <6>[ 237.537557] sys_openat+0x98/0xd4 <6>[ 237.541410] ret_fast_syscall+0x0/0x1c <4>[ 237.545659] Free path: <6>[ 237.548390] nfs_pgio_header_free+0x34/0x48 <6>[ 237.553052] nfs_write_completion+0x60/0x240 <6>[ 237.557907] rpc_free_task+0x34/0x54 <6>[ 237.561959] rpc_async_release+0x24/0x40 <6>[ 237.566422] process_one_work+0x1b8/0x450 <6>[ 237.570983] worker_thread+0x1d4/0x3c4 <6>[ 237.575239] kthread+0xe8/0x104 <6>[ 237.578989] ret_from_fork+0x14/0x28 <1>[ 237.583038] Register r11 information: non-paged memory <1>[ 237.588500] Register r12 information: NULL pointer <0>[ 237.593554] Process cat (pid: 4705, stack limit = 0xf28c4000) <0>[ 237.599616] Stack: (0xf28c5e60 to 0xf28c6000) <0>[ 237.604186] 5e60: c1f93530 c1f93530 c1f93530 0029ea14 00001000 c0317088 c059ea14 c0623120 <0>[ 237.612674] 5e80: 00001000 c16f2434 f28c5e9c b6ee3000 00001000 00000011 f28c5f80 c2789718 <0>[ 237.621161] 5ea0: f28c5f80 c0e05fc8 00000022 00000000 00000010 c936d000 00000000 c0e03fc0 <0>[ 237.629649] 5ec0: 00000010 c0e043a4 c0e04288 c91b6240 b6d84000 00000010 c3983a30 c0893830 <0>[ 237.638135] 5ee0: c91b6240 c08937d4 f28c5f80 b6d84000 c9322840 00000010 c91a4900 c062a2a0 <0>[ 237.646618] 5f00: c5e2edb0 00000000 00000000 00000000 00000000 00000010 b6d84000 0001fff0 <0>[ 237.655094] 5f20: 00000001 00000000 c91b6940 00000000 00000000 00000000 00000000 00000000 <0>[ 237.663570] 5f40: 00000000 00000000 00000000 00000000 00000022 49aa2207 00000000 c91b6240 <0>[ 237.672045] 5f60: c91b6240 00000000 00000000 c03002f0 c9322840 00000004 0042fe38 c062a7fc <0>[ 237.680521] 5f80: 00000000 00000000 00000000 49aa2207 000000c0 00000010 00000010 7ff00000 <0>[ 237.688996] 5fa0: 00000004 c03000c0 00000010 00000010 00000001 b6d84000 00000010 00000001 <0>[ 237.697472] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6d84000 00020000 0042fe38 <0>[ 237.705947] 5fe0: 00000004 bef4b788 b6e4a33b b6dc3616 60080030 00000001 00000000 00000000 <0>[ 237.714414] Call trace: <0>[ 237.714427] usercopy_abort from __check_object_size+0x2f4/0x310 <0>[ 237.723545] __check_object_size from lkdtm_USERCOPY_KERNEL+0x15c/0x1f8 <0>[ 237.730433] lkdtm_USERCOPY_KERNEL from lkdtm_do_action+0x24/0x4c <0>[ 237.736808] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 237.742574] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 237.748243] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 237.753709] vfs_write from ksys_write+0x78/0xf8 <0>[ 237.758669] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 237.764032] Exception stack(0xf28c5fa8 to 0xf28c5ff0) <0>[ 237.769390] 5fa0: 00000010 00000010 00000001 b6d84000 00000010 00000001 <0>[ 237.777866] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6d84000 00020000 0042fe38 <0>[ 237.786336] 5fe0: 00000004 bef4b788 b6e4a33b b6dc3616 <0>[ 237.791696] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) <4>[ 237.798053] ---[ end trace 0000000000000000 ]--- <6>[ 237.802901] note: cat[4705] exited with irqs disabled # Segmentation fault # [ 237.230252] lkdtm: Performing direct entry USERCOPY_KERNEL # [ 237.234879] lkdtm: attempting good copy_to_user from kernel rodata: c1a7209c # [ 237.242235] lkdtm: attempting bad copy_to_user from kernel text: c059ea14 # [ 237.249244] usercopy: Kernel memory exposure attempt detected from kernel text (offset 2746900, size 4096)! # [ 237.259253] ------------[ cut here ]------------ # [ 237.264009] kernel BUG at mm/usercopy.c:102! # [ 237.268566] Internal error: Oops - BUG: 0 [#25] SMP ARM # [ 237.274125] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 237.310513] CPU: 1 UID: 0 PID: 4705 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 237.320105] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 237.325351] Hardware name: STM32 (Device Tree Support) # [ 237.330799] PC is at usercopy_abort+0x98/0x9c # [ 237.335471] LR is at usercopy_abort+0x98/0x9c # [ 237.340027] pc : [] lr : [] psr: 60080013 # [ 237.346584] sp : f28c5e60 ip : 00000000 fp : 0042fe38 # [ 237.352135] r10: c91a4900 r9 : f28c5f80 r8 : c059fa14 # [ 237.357585] r7 : 00000001 r6 : 00001000 r5 : 00001000 r4 : 0029ea14 # [ 237.364445] r3 : c9322840 r2 : 00000000 r1 : 00000000 r0 : 0000005f # [ 237.371305] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 237.378670] Control: 10c5387d Table: c5e2c06a DAC: 00000051 # [ 237.384723] Register r0 information: non-paged memory # [ 237.390085] Register r1 information: NULL pointer # [ 237.395037] Register r2 information: NULL pointer # [ 237.399989] Register r3 information: slab task_struct start c9322800 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 237.413767] copy_process+0x1f4/0x1f84 # [ 237.418024] kernel_clone+0xac/0x388 # [ 237.422180] sys_clone+0x78/0x9c # [ 237.425932] ret_fast_syscall+0x0/0x1c # [ 237.430183] Free path: # [ 237.432913] rcu_core+0x2dc/0xb14 # [ 237.436766] handle_softirqs+0x15c/0x430 # [ 237.441224] irq_exit+0xac/0xd4 # [ 237.444874] call_with_stack+0x18/0x20 # [ 237.449132] __irq_svc+0x9c/0xb8 # [ 237.452879] xdr_inline_decode+0x0/0x210 # [ 237.457334] 0xc93fee00 # [ 237.460377] Register r4 information: non-paged memory # [ 237.465636] Register r5 information: non-paged memory # [ 237.470993] Register r6 information: non-paged memory # [ 237.476347] Register r7 information: non-paged memory # [ 237.481700] Register r8 information: non-slab/vmalloc memory # [ 237.487660] Register r9 information: 2-page vmalloc region starting at 0xf28c4000 allocated at kernel_clone+0xac/0x388 # [ 237.498671] Register r10 information: slab kmalloc-192 start c91a48c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 237.512535] full_proxy_open+0x124/0x24c # [ 237.516986] do_dentry_open+0x144/0x4dc # [ 237.521345] vfs_open+0x2c/0xec # [ 237.524997] path_openat+0x748/0x1198 # [ 237.529250] do_filp_open+0x98/0x134 # [ 237.533301] do_sys_openat2+0xbc/0xe4 # [ 237.537557] sys_openat+0x98/0xd4 # [ 237.541410] ret_fast_syscall+0x0/0x1c # [ 237.545659] Free path: # [ 237.548390] nfs_pgio_header_free+0x34/0x48 # [ 237.553052] nfs_write_completion+0x60/0x240 # [ 237.557907] rpc_free_task+0x34/0x54 # [ 237.561959] rpc_async_release+0x24/0x40 # [ 237.566422] process_one_work+0x1b8/0x450 # [ 237.570983] worker_thread+0x1d4/0x3c4 # [ 237.575239] kthread+0xe8/0x104 # [ 237.578989] ret_from_fork+0x14/0x28 # [ 237.583038] Register r11 information: non-paged memory # [ 237.588500] Register r12 information: NULL pointer # [ 237.593554] Process cat (pid: 4705, stack limit = 0xf28c4000) # [ 237.599616] Stack: (0xf28c5e60 to 0xf28c6000) # [ 237.604186] 5e60: c1f93530 c1f93530 c1f93530 0029ea14 00001000 c0317088 c059ea14 c0623120 # [ 237.612674] 5e80: 00001000 c16f2434 f28c5e9c b6ee3000 00001000 00000011 f28c5f80 c2789718 # [ 237.621161] 5ea0: f28c5f80 c0e05fc8 00000022 00000000 00000010 c936d000 00000000 c0e03fc0 # [ 237.629649] 5ec0: 00000010 c0e043a4 c0e04288 c91b6240 b6d84000 00000010 c3983a30 c0893830 # [ 237.638135] 5ee0: c91b6240 c08937d4 f28c5f80 b6d84000 c9322840 00000010 c91a4900 c062a2a0 # [ 237.646618] 5f00: c5e2edb0 00000000 00000000 00000000 00000000 00000010 b6d84000 0001fff0 # [ 237.655094] 5f20: 00000001 00000000 c91b6940 00000000 00000000 00000000 00000000 00000000 # [ 237.663570] 5f40: 00000000 00000000 00000000 00000000 00000022 49aa2207 00000000 c91b6240 # [ 237.672045] 5f60: c91b6240 00000000 00000000 c03002f0 c9322840 00000004 0042fe38 c062a7fc # [ 237.680521] 5f80: 00000000 00000000 00000000 49aa2207 000000c0 00000010 00000010 7ff00000 # [ 237.688996] 5fa0: 00000004 c03000c0 00000010 00000010 00000001 b6d84000 00000010 00000001 # [ 237.697472] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6d84000 00020000 0042fe38 # [ 237.705947] 5fe0: 00000004 bef4b788 b6e4a33b b6dc3616 60080030 00000001 00000000 00000000 # [ 237.714414] Call trace: # [ 237.714427] usercopy_abort from __check_object_size+0x2f4/0x310 # [ 237.723545] __check_object_size from lkdtm_USERCOPY_KERNEL+0x15c/0x1f8 # [ 237.730433] lkdtm_USERCOPY_KERNEL from lkdtm_do_action+0x24/0x4c # [ 237.736808] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 237.742574] direct_entry from full_proxy_write+0x5c/0x8c # [ 237.748243] full_proxy_write from vfs_write+0xbc/0x3cc # [ 237.753709] vfs_write from ksys_write+0x78/0xf8 # [ 237.758669] ksys_write from ret_fast_syscall+0x0/0x1c # [ 237.764032] Exception stack(0xf28c5fa8 to 0xf28c5ff0) # [ 237.769390] 5fa0: 00000010 00000010 00000001 b6d84000 00000010 00000001 # [ 237.777866] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6d84000 00020000 0042fe38 # [ 237.786336] 5fe0: 00000004 bef4b788 b6e4a33b b6dc3616 # [ 237.791696] Code: e98d4001 e3010694 e34c01fb ebfff34a (e7f001f2) # [ 237.798053] ---[ end trace 0000000000000000 ]--- # [ 237.802901] note: cat[4705] exited with irqs disabled # USERCOPY_KERNEL: saw 'call trace:': ok ok 76 selftests: lkdtm: USERCOPY_KERNEL.sh # timeout set to 45 # selftests: lkdtm: STACKLEAK_ERASING.sh <6>[ 239.857646] lkdtm: Performing direct entry STACKLEAK_ERASING <3>[ 239.862500] lkdtm: XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n) # [ 239.857646] lkdtm: Performing direct entry STACKLEAK_ERASING # [ 239.862500] lkdtm: XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n) # STACKLEAK_ERASING: saw 'XFAIL': [SKIP] ok 77 selftests: lkdtm: STACKLEAK_ERASING.sh # SKIP # timeout set to 45 # selftests: lkdtm: CFI_FORWARD_PROTO.sh <6>[ 241.220261] lkdtm: Performing direct entry CFI_FORWARD_PROTO <6>[ 241.224932] lkdtm: Calling matched prototype ... <6>[ 241.229754] lkdtm: Calling mismatched prototype ... <3>[ 241.235016] lkdtm: FAIL: survived mismatched prototype function call! <4>[ 241.241686] lkdtm: This is probably expected, since this kernel (6.12.0-rc3-next-20241017 armv7l) was built *without* CONFIG_CFI_CLANG=y # [ 241.220261] lkdtm: Performing direct entry CFI_FORWARD_PROTO # [ 241.224932] lkdtm: Calling matched prototype ... # [ 241.229754] lkdtm: Calling mismatched prototype ... # [ 241.235016] lkdtm: FAIL: survived mismatched prototype function call! # [ 241.241686] lkdtm: This is probably expected, since this kernel (6.12.0-rc3-next-20241017 armv7l) was built *without* CONFIG_CFI_CLANG=y # CFI_FORWARD_PROTO: missing 'call trace:': [FAIL] not ok 78 selftests: lkdtm: CFI_FORWARD_PROTO.sh # exit=1 # timeout set to 45 # selftests: lkdtm: CFI_BACKWARD.sh <6>[ 242.689740] lkdtm: Performing direct entry CFI_BACKWARD <6>[ 242.693948] lkdtm: Attempting unchecked stack return address redirection ... <4>[ 242.701287] lkdtm: Eek: return address mismatch! 0000000d != c170250c <3>[ 242.708066] lkdtm: FAIL: stack return address manipulation failed! # [ 242.689740] lkdtm: Performing direct entry CFI_BACKWARD # [ 242.693948] lkdtm: Attempting unchecked stack return address redirection ... # [ 242.701287] lkdtm: Eek: return address mismatch! 0000000d != c170250c # [ 242.708066] lkdtm: FAIL: stack return address manipulation failed! # CFI_BACKWARD: missing 'call trace:|ok: control flow unchanged': [FAIL] not ok 79 selftests: lkdtm: CFI_BACKWARD.sh # exit=1 # timeout set to 45 # selftests: lkdtm: FORTIFY_STRSCPY.sh <6>[ 244.148264] lkdtm: Performing direct entry FORTIFY_STRSCPY <4>[ 244.152799] ------------[ cut here ]------------ <4>[ 244.157632] WARNING: CPU: 1 PID: 4927 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 244.166467] strnlen: detected buffer overflow: 6 byte read of buffer size 5 <4>[ 244.173757] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 244.210185] CPU: 1 UID: 0 PID: 4927 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 244.219691] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 244.224944] Hardware name: STM32 (Device Tree Support) <4>[ 244.230395] Call trace: <4>[ 244.230411] unwind_backtrace from show_stack+0x18/0x1c <4>[ 244.238718] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 244.243990] dump_stack_lvl from __warn+0x84/0x134 <4>[ 244.249068] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 244.254550] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 244.260638] __fortify_report from __fortify_panic+0x8/0xc <4>[ 244.266420] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <4>[ 244.272905] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c <4>[ 244.279379] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 244.285143] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 244.290811] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 244.296278] vfs_write from ksys_write+0x78/0xf8 <4>[ 244.301137] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 244.306599] Exception stack(0xf29f5fa8 to 0xf29f5ff0) <4>[ 244.311959] 5fa0: 00000010 00000010 00000001 b6e48000 00000010 00000001 <4>[ 244.320435] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 004afe38 <4>[ 244.328906] 5fe0: 00000004 beb04788 b6f0e33b b6e87616 <4>[ 244.334368] ---[ end trace 0000000000000000 ]--- <4>[ 244.339257] ------------[ cut here ]------------ <2>[ 244.344022] kernel BUG at lib/string_helpers.c:1040! <0>[ 244.349281] Internal error: Oops - BUG: 0 [#26] SMP ARM <4>[ 244.354749] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 244.391245] CPU: 1 UID: 0 PID: 4927 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 244.400853] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 244.406112] Hardware name: STM32 (Device Tree Support) <4>[ 244.411470] PC is at __fortify_panic+0x8/0xc <4>[ 244.416058] LR is at __fortify_report+0x8c/0xd4 <4>[ 244.420834] pc : [] lr : [] psr: 60080013 <4>[ 244.427400] sp : f29f5e88 ip : 00000000 fp : 004afe38 <4>[ 244.432858] r10: c964b400 r9 : f29f5f80 r8 : c278978c <4>[ 244.438415] r7 : f29f5f80 r6 : 00000000 r5 : 00000000 r4 : c798f4c0 <4>[ 244.445282] r3 : c59a3240 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 <4>[ 244.452049] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 244.459518] Control: 10c5387d Table: c5e1806a DAC: 00000051 <1>[ 244.465470] Register r0 information: non-slab/vmalloc memory <1>[ 244.471444] Register r1 information: NULL pointer <1>[ 244.476399] Register r2 information: NULL pointer <1>[ 244.481453] Register r3 information: slab task_struct start c59a3200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 244.495138] copy_process+0x1f4/0x1f84 <6>[ 244.499398] kernel_clone+0xac/0x388 <6>[ 244.503554] sys_clone+0x78/0x9c <6>[ 244.507307] ret_fast_syscall+0x0/0x1c <4>[ 244.511559] Free path: <6>[ 244.514289] rcu_core+0x2dc/0xb14 <6>[ 244.518142] handle_softirqs+0x15c/0x430 <6>[ 244.522601] irq_exit+0xac/0xd4 <6>[ 244.526251] call_with_stack+0x18/0x20 <6>[ 244.530509] __irq_svc+0x9c/0xb8 <6>[ 244.534256] unwind_frame+0x16c/0x92c <6>[ 244.538515] arch_stack_walk+0x84/0x100 <6>[ 244.542866] stack_trace_save+0x50/0x78 <6>[ 244.547225] set_track_prepare+0x40/0x74 <6>[ 244.551685] ___slab_alloc+0xd28/0xd7c <6>[ 244.555946] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 244.561111] rpc_new_task+0x16c/0x1c0 <6>[ 244.565365] rpc_run_task+0x14/0x1b8 <6>[ 244.569418] rpc_call_sync+0x60/0x10c <6>[ 244.573670] nfs3_rpc_wrapper+0x30/0x70 <6>[ 244.578030] nfs3_proc_getattr+0x60/0x88 <1>[ 244.582488] Register r4 information: slab kmalloc-64 start c798f480 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STRSCPY+0x60/0x2fc <6>[ 244.596561] kstrdup+0x38/0x64 <6>[ 244.600124] lkdtm_FORTIFY_STRSCPY+0x60/0x2fc <6>[ 244.604984] lkdtm_do_action+0x24/0x4c <6>[ 244.609336] direct_entry+0x11c/0x140 <6>[ 244.613486] full_proxy_write+0x5c/0x8c <6>[ 244.617840] vfs_write+0xbc/0x3cc <6>[ 244.621689] ksys_write+0x78/0xf8 <6>[ 244.625535] ret_fast_syscall+0x0/0x1c <4>[ 244.629886] Free path: <6>[ 244.632518] rcu_core+0x2dc/0xb14 <6>[ 244.636372] handle_softirqs+0x15c/0x430 <6>[ 244.640832] irq_exit+0xac/0xd4 <6>[ 244.644484] call_with_stack+0x18/0x20 <6>[ 244.648844] __irq_svc+0x9c/0xb8 <6>[ 244.652591] free_to_partial_list+0x34/0x58c <6>[ 244.657353] kmem_cache_free+0x1a8/0x3c0 <6>[ 244.661812] do_sys_openat2+0xa8/0xe4 <6>[ 244.666069] sys_openat+0x98/0xd4 <6>[ 244.669923] ret_fast_syscall+0x0/0x1c <1>[ 244.674172] Register r5 information: NULL pointer <1>[ 244.679133] Register r6 information: NULL pointer <1>[ 244.684086] Register r7 information: 2-page vmalloc region starting at 0xf29f4000 allocated at kernel_clone+0xac/0x388 <1>[ 244.695101] Register r8 information: non-slab/vmalloc memory <1>[ 244.701063] Register r9 information: 2-page vmalloc region starting at 0xf29f4000 allocated at kernel_clone+0xac/0x388 <1>[ 244.712072] Register r10 information: slab kmalloc-192 start c964b3c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 244.726035] full_proxy_open+0x124/0x24c <6>[ 244.730486] do_dentry_open+0x144/0x4dc <6>[ 244.734842] vfs_open+0x2c/0xec <6>[ 244.738493] path_openat+0x748/0x1198 <6>[ 244.742646] do_filp_open+0x98/0x134 <6>[ 244.746797] do_sys_openat2+0xbc/0xe4 <6>[ 244.750953] sys_openat+0x98/0xd4 <6>[ 244.754806] ret_fast_syscall+0x0/0x1c <4>[ 244.759154] Free path: <6>[ 244.761785] __free_slab+0xdc/0xec <6>[ 244.765740] kmem_cache_free_bulk.part.0+0x2e0/0x364 <6>[ 244.771306] kvfree_rcu_bulk+0x208/0x284 <6>[ 244.775758] kfree_rcu_work+0xcc/0x1d0 <6>[ 244.780009] process_one_work+0x1b8/0x450 <6>[ 244.784565] worker_thread+0x1d4/0x3c4 <6>[ 244.788817] kthread+0xe8/0x104 <6>[ 244.792465] ret_from_fork+0x14/0x28 <1>[ 244.796613] Register r11 information: non-paged memory <1>[ 244.802070] Register r12 information: NULL pointer <0>[ 244.807124] Process cat (pid: 4927, stack limit = 0xf29f4000) <0>[ 244.813182] Stack: (0xf29f5e88 to 0xf29f6000) <0>[ 244.817737] 5e80: c798f4c0 c0e070cc 004afe38 683ca640 6f6c6c65 00000021 <0>[ 244.826212] 5ea0: 6f6f6600 00000000 00000000 383ab1e0 f29f5f80 00000010 c5a61000 c0e03fc0 <0>[ 244.834787] 5ec0: 00000010 c0e043a4 c0e04288 c9454d40 b6e48000 00000010 c3983a30 c0893830 <0>[ 244.843262] 5ee0: c9454d40 c08937d4 f29f5f80 b6e48000 c59a3240 00000010 c964b400 c062a2a0 <0>[ 244.851736] 5f00: c5e1adb8 00000000 00000000 00000000 00000000 00000010 b6e48000 0001fff0 <0>[ 244.860209] 5f20: 00000001 00000000 c9454940 00000000 00000000 00000000 00000000 00000000 <0>[ 244.868684] 5f40: 00000000 00000000 00000000 00000000 00000022 383ab1e0 00000000 c9454d40 <0>[ 244.877160] 5f60: c9454d40 00000000 00000000 c03002f0 c59a3240 00000004 004afe38 c062a7fc <0>[ 244.885635] 5f80: 00000000 00000000 00000000 383ab1e0 000000c0 00000010 00000010 7ff00000 <0>[ 244.894109] 5fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e48000 00000010 00000001 <0>[ 244.902583] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 004afe38 <0>[ 244.911056] 5fe0: 00000004 beb04788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 <0>[ 244.919520] Call trace: <0>[ 244.919534] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <0>[ 244.928849] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c <0>[ 244.935224] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 244.940989] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 244.946658] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 244.952224] vfs_write from ksys_write+0x78/0xf8 <0>[ 244.957083] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 244.962546] Exception stack(0xf29f5fa8 to 0xf29f5ff0) <0>[ 244.967906] 5fa0: 00000010 00000010 00000001 b6e48000 00000010 00000001 <0>[ 244.976381] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 004afe38 <0>[ 244.984852] 5fe0: 00000004 beb04788 b6f0e33b b6e87616 <0>[ 244.990110] Code: e8bd47f0 eac90516 e92d4010 ebc99f9e (e7f001f2) <4>[ 244.996567] ---[ end trace 0000000000000000 ]--- <6>[ 245.001415] note: cat[4927] exited with irqs disabled # Segmentation fault # [ 244.148264] lkdtm: Performing direct entry FORTIFY_STRSCPY # [ 244.152799] ------------[ cut here ]------------ # [ 244.157632] WARNING: CPU: 1 PID: 4927 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 244.166467] strnlen: detected buffer overflow: 6 byte read of buffer size 5 # [ 244.173757] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 244.210185] CPU: 1 UID: 0 PID: 4927 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 244.219691] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 244.224944] Hardware name: STM32 (Device Tree Support) # [ 244.230395] Call trace: # [ 244.230411] unwind_backtrace from show_stack+0x18/0x1c # [ 244.238718] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 244.243990] dump_stack_lvl from __warn+0x84/0x134 # [ 244.249068] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 244.254550] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 244.260638] __fortify_report from __fortify_panic+0x8/0xc # [ 244.266420] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 244.272905] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c # [ 244.279379] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 244.285143] direct_entry from full_proxy_write+0x5c/0x8c # [ 244.290811] full_proxy_write from vfs_write+0xbc/0x3cc # [ 244.296278] vfs_write from ksys_write+0x78/0xf8 # [ 244.301137] ksys_write from ret_fast_syscall+0x0/0x1c # [ 244.306599] Exception stack(0xf29f5fa8 to 0xf29f5ff0) # [ 244.311959] 5fa0: 00000010 00000010 00000001 b6e48000 00000010 00000001 # [ 244.320435] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 004afe38 # [ 244.328906] 5fe0: 00000004 beb04788 b6f0e33b b6e87616 # [ 244.334368] ---[ end trace 0000000000000000 ]--- # [ 244.339257] ------------[ cut here ]------------ # [ 244.344022] kernel BUG at lib/string_helpers.c:1040! # [ 244.349281] Internal error: Oops - BUG: 0 [#26] SMP ARM # [ 244.354749] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 244.391245] CPU: 1 UID: 0 PID: 4927 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 244.400853] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 244.406112] Hardware name: STM32 (Device Tree Support) # [ 244.411470] PC is at __fortify_panic+0x8/0xc # [ 244.416058] LR is at __fortify_report+0x8c/0xd4 # [ 244.420834] pc : [] lr : [] psr: 60080013 # [ 244.427400] sp : f29f5e88 ip : 00000000 fp : 004afe38 # [ 244.432858] r10: c964b400 r9 : f29f5f80 r8 : c278978c # [ 244.438415] r7 : f29f5f80 r6 : 00000000 r5 : 00000000 r4 : c798f4c0 # [ 244.445282] r3 : c59a3240 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 # [ 244.452049] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 244.459518] Control: 10c5387d Table: c5e1806a DAC: 00000051 # [ 244.465470] Register r0 information: non-slab/vmalloc memory # [ 244.471444] Register r1 information: NULL pointer # [ 244.476399] Register r2 information: NULL pointer # [ 244.481453] Register r3 information: slab task_struct start c59a3200 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 244.495138] copy_process+0x1f4/0x1f84 # [ 244.499398] kernel_clone+0xac/0x388 # [ 244.503554] sys_clone+0x78/0x9c # [ 244.507307] ret_fast_syscall+0x0/0x1c # [ 244.511559] Free path: # [ 244.514289] rcu_core+0x2dc/0xb14 # [ 244.518142] handle_softirqs+0x15c/0x430 # [ 244.522601] irq_exit+0xac/0xd4 # [ 244.526251] call_with_stack+0x18/0x20 # [ 244.530509] __irq_svc+0x9c/0xb8 # [ 244.534256] unwind_frame+0x16c/0x92c # [ 244.538515] arch_stack_walk+0x84/0x100 # [ 244.542866] stack_trace_save+0x50/0x78 # [ 244.547225] set_track_prepare+0x40/0x74 # [ 244.551685] ___slab_alloc+0xd28/0xd7c # [ 244.555946] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 244.561111] rpc_new_task+0x16c/0x1c0 # [ 244.565365] rpc_run_task+0x14/0x1b8 # [ 244.569418] rpc_call_sync+0x60/0x10c # [ 244.573670] nfs3_rpc_wrapper+0x30/0x70 # [ 244.578030] nfs3_proc_getattr+0x60/0x88 # [ 244.582488] Register r4 information: slab kmalloc-64 start c798f480 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STRSCPY+0x60/0x2fc # [ 244.596561] kstrdup+0x38/0x64 # [ 244.600124] lkdtm_FORTIFY_STRSCPY+0x60/0x2fc # [ 244.604984] lkdtm_do_action+0x24/0x4c # [ 244.609336] direct_entry+0x11c/0x140 # [ 244.613486] full_proxy_write+0x5c/0x8c # [ 244.617840] vfs_write+0xbc/0x3cc # [ 244.621689] ksys_write+0x78/0xf8 # [ 244.625535] ret_fast_syscall+0x0/0x1c # [ 244.629886] Free path: # [ 244.632518] rcu_core+0x2dc/0xb14 # [ 244.636372] handle_softirqs+0x15c/0x430 # [ 244.640832] irq_exit+0xac/0xd4 # [ 244.644484] call_with_stack+0x18/0x20 # [ 244.648844] __irq_svc+0x9c/0xb8 # [ 244.652591] free_to_partial_list+0x34/0x58c # [ 244.657353] kmem_cache_free+0x1a8/0x3c0 # [ 244.661812] do_sys_openat2+0xa8/0xe4 # [ 244.666069] sys_openat+0x98/0xd4 # [ 244.669923] ret_fast_syscall+0x0/0x1c # [ 244.674172] Register r5 information: NULL pointer # [ 244.679133] Register r6 information: NULL pointer # [ 244.684086] Register r7 information: 2-page vmalloc region starting at 0xf29f4000 allocated at kernel_clone+0xac/0x388 # [ 244.695101] Register r8 information: non-slab/vmalloc memory # [ 244.701063] Register r9 information: 2-page vmalloc region starting at 0xf29f4000 allocated at kernel_clone+0xac/0x388 # [ 244.712072] Register r10 information: slab kmalloc-192 start c964b3c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 244.726035] full_proxy_open+0x124/0x24c # [ 244.730486] do_dentry_open+0x144/0x4dc # [ 244.734842] vfs_open+0x2c/0xec # [ 244.738493] path_openat+0x748/0x1198 # [ 244.742646] do_filp_open+0x98/0x134 # [ 244.746797] do_sys_openat2+0xbc/0xe4 # [ 244.750953] sys_openat+0x98/0xd4 # [ 244.754806] ret_fast_syscall+0x0/0x1c # [ 244.759154] Free path: # [ 244.761785] __free_slab+0xdc/0xec # [ 244.765740] kmem_cache_free_bulk.part.0+0x2e0/0x364 # [ 244.771306] kvfree_rcu_bulk+0x208/0x284 # [ 244.775758] kfree_rcu_work+0xcc/0x1d0 # [ 244.780009] process_one_work+0x1b8/0x450 # [ 244.784565] worker_thread+0x1d4/0x3c4 # [ 244.788817] kthread+0xe8/0x104 # [ 244.792465] ret_from_fork+0x14/0x28 # [ 244.796613] Register r11 information: non-paged memory # [ 244.802070] Register r12 information: NULL pointer # [ 244.807124] Process cat (pid: 4927, stack limit = 0xf29f4000) # [ 244.813182] Stack: (0xf29f5e88 to 0xf29f6000) # [ 244.817737] 5e80: c798f4c0 c0e070cc 004afe38 683ca640 6f6c6c65 00000021 # [ 244.826212] 5ea0: 6f6f6600 00000000 00000000 383ab1e0 f29f5f80 00000010 c5a61000 c0e03fc0 # [ 244.834787] 5ec0: 00000010 c0e043a4 c0e04288 c9454d40 b6e48000 00000010 c3983a30 c0893830 # [ 244.843262] 5ee0: c9454d40 c08937d4 f29f5f80 b6e48000 c59a3240 00000010 c964b400 c062a2a0 # [ 244.851736] 5f00: c5e1adb8 00000000 00000000 00000000 00000000 00000010 b6e48000 0001fff0 # [ 244.860209] 5f20: 00000001 00000000 c9454940 00000000 00000000 00000000 00000000 00000000 # [ 244.868684] 5f40: 00000000 00000000 00000000 00000000 00000022 383ab1e0 00000000 c9454d40 # [ 244.877160] 5f60: c9454d40 00000000 00000000 c03002f0 c59a3240 00000004 004afe38 c062a7fc # [ 244.885635] 5f80: 00000000 00000000 00000000 383ab1e0 000000c0 00000010 00000010 7ff00000 # [ 244.894109] 5fa0: 00000004 c03000c0 00000010 00000010 00000001 b6e48000 00000010 00000001 # [ 244.902583] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 004afe38 # [ 244.911056] 5fe0: 00000004 beb04788 b6f0e33b b6e87616 60080030 00000001 00000000 00000000 # [ 244.919520] Call trace: # [ 244.919534] __fortify_panic from lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 244.928849] lkdtm_FORTIFY_STRSCPY from lkdtm_do_action+0x24/0x4c # [ 244.935224] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 244.940989] direct_entry from full_proxy_write+0x5c/0x8c # [ 244.946658] full_proxy_write from vfs_write+0xbc/0x3cc # [ 244.952224] vfs_write from ksys_write+0x78/0xf8 # [ 244.957083] ksys_write from ret_fast_syscall+0x0/0x1c # [ 244.962546] Exception stack(0xf29f5fa8 to 0xf29f5ff0) # [ 244.967906] 5fa0: 00000010 00000010 00000001 b6e48000 00000010 00000001 # [ 244.976381] 5fc0: 00000010 00000010 7ff00000 00000004 00000001 b6e48000 00020000 004afe38 # [ 244.984852] 5fe0: 00000004 beb04788 b6f0e33b b6e87616 # [ 244.990110] Code: e8bd47f0 eac90516 e92d4010 ebc99f9e (e7f001f2) # [ 244.996567] ---[ end trace 0000000000000000 ]--- # [ 245.001415] note: cat[4927] exited with irqs disabled # FORTIFY_STRSCPY: saw 'detected buffer overflow': ok ok 80 selftests: lkdtm: FORTIFY_STRSCPY.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_STR_OBJECT.sh <6>[ 247.125715] lkdtm: Performing direct entry FORTIFY_STR_OBJECT <6>[ 247.130518] lkdtm: trying to strcmp() past the end of a struct <4>[ 247.136577] ------------[ cut here ]------------ <4>[ 247.141544] WARNING: CPU: 0 PID: 5013 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 247.150245] strncpy: detected buffer overflow: 20 byte write of buffer size 10 <4>[ 247.157811] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 247.194869] CPU: 0 UID: 0 PID: 5013 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 247.203788] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 247.209042] Hardware name: STM32 (Device Tree Support) <4>[ 247.214492] Call trace: <4>[ 247.214507] unwind_backtrace from show_stack+0x18/0x1c <4>[ 247.222817] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 247.228090] dump_stack_lvl from __warn+0x84/0x134 <4>[ 247.233169] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 247.238549] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 247.244735] __fortify_report from __fortify_panic+0x8/0xc <4>[ 247.250516] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 <4>[ 247.257106] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c <4>[ 247.263788] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 247.269552] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 247.275221] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 247.280688] vfs_write from ksys_write+0x78/0xf8 <4>[ 247.285647] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 247.291011] Exception stack(0xf2a81fa8 to 0xf2a81ff0) <4>[ 247.296371] 1fa0: 00000013 00000013 00000001 b6e38000 00000013 00000001 <4>[ 247.304846] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 <4>[ 247.313316] 1fe0: 00000004 bef2c788 b6efe33b b6e77616 <4>[ 247.318835] ---[ end trace 0000000000000000 ]--- <4>[ 247.323724] ------------[ cut here ]------------ <2>[ 247.328490] kernel BUG at lib/string_helpers.c:1040! <0>[ 247.333651] Internal error: Oops - BUG: 0 [#27] SMP ARM <4>[ 247.339218] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 247.375622] CPU: 0 UID: 0 PID: 5013 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 247.385223] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 247.390471] Hardware name: STM32 (Device Tree Support) <4>[ 247.395920] PC is at __fortify_panic+0x8/0xc <4>[ 247.400497] LR is at __fortify_report+0x8c/0xd4 <4>[ 247.405260] pc : [] lr : [] psr: 60080013 <4>[ 247.411817] sp : f2a81e78 ip : 00000000 fp : 0047fe38 <4>[ 247.417367] r10: c964b400 r9 : f2a81f80 r8 : c278976c <4>[ 247.422818] r7 : f2a81f80 r6 : 00000000 r5 : c9613000 r4 : 00000013 <4>[ 247.429676] r3 : c9325040 r2 : 00000000 r1 : 00000000 r0 : ef6a5484 <4>[ 247.436436] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 247.443901] Control: 10c5387d Table: c5e6006a DAC: 00000051 <1>[ 247.449952] Register r0 information: non-slab/vmalloc memory <1>[ 247.455922] Register r1 information: NULL pointer <1>[ 247.460876] Register r2 information: NULL pointer <1>[ 247.465828] Register r3 information: slab task_struct start c9325000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 247.479604] copy_process+0x1f4/0x1f84 <6>[ 247.483861] kernel_clone+0xac/0x388 <6>[ 247.487916] sys_clone+0x78/0x9c <6>[ 247.491669] ret_fast_syscall+0x0/0x1c <4>[ 247.496019] Free path: <6>[ 247.498750] rcu_core+0x2dc/0xb14 <6>[ 247.502502] handle_softirqs+0x15c/0x430 <6>[ 247.506960] irq_exit+0xac/0xd4 <6>[ 247.510710] call_with_stack+0x18/0x20 <6>[ 247.514969] __irq_svc+0x9c/0xb8 <6>[ 247.518717] unwind_frame+0x56c/0x92c <6>[ 247.522876] arch_stack_walk+0x84/0x100 <6>[ 247.527327] stack_trace_save+0x50/0x78 <6>[ 247.531687] set_track_prepare+0x40/0x74 <6>[ 247.536147] ___slab_alloc+0xd28/0xd7c <6>[ 247.540405] kmem_cache_alloc_noprof+0x128/0x3a8 <6>[ 247.545568] vm_area_dup+0x44/0x104 <6>[ 247.549522] copy_process+0x1968/0x1f84 <6>[ 247.553979] kernel_clone+0xac/0x388 <6>[ 247.558033] sys_clone+0x78/0x9c <6>[ 247.561785] ret_fast_syscall+0x0/0x1c <1>[ 247.566035] Register r4 information: non-paged memory <1>[ 247.571391] Register r5 information: non-slab/vmalloc memory <1>[ 247.577351] Register r6 information: NULL pointer <1>[ 247.582302] Register r7 information: 2-page vmalloc region starting at 0xf2a80000 allocated at kernel_clone+0xac/0x388 <1>[ 247.593311] Register r8 information: non-slab/vmalloc memory <1>[ 247.599273] Register r9 information: 2-page vmalloc region starting at 0xf2a80000 allocated at kernel_clone+0xac/0x388 <1>[ 247.610293] Register r10 information: slab kmalloc-192 start c964b3c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 247.624166] full_proxy_open+0x124/0x24c <6>[ 247.628617] do_dentry_open+0x144/0x4dc <6>[ 247.632975] vfs_open+0x2c/0xec <6>[ 247.636727] path_openat+0x748/0x1198 <6>[ 247.640880] do_filp_open+0x98/0x134 <6>[ 247.645030] do_sys_openat2+0xbc/0xe4 <6>[ 247.649185] sys_openat+0x98/0xd4 <6>[ 247.653039] ret_fast_syscall+0x0/0x1c <4>[ 247.657288] Free path: <6>[ 247.660018] full_proxy_release+0x78/0xc0 <6>[ 247.664570] __fput+0xdc/0x2ec <6>[ 247.668116] task_work_run+0x98/0xc8 <6>[ 247.672273] do_exit+0x374/0xa1c <6>[ 247.676022] make_task_dead+0xa0/0x16c <6>[ 247.680274] die+0x458/0x4a8 <6>[ 247.683719] __und_svc_finish+0x0/0x40 <6>[ 247.687969] __fortify_panic+0x8/0xc <6>[ 247.692127] lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc <6>[ 247.697086] lkdtm_do_action+0x24/0x4c <6>[ 247.701334] direct_entry+0x11c/0x140 <6>[ 247.705583] full_proxy_write+0x5c/0x8c <6>[ 247.709934] vfs_write+0xbc/0x3cc <6>[ 247.713781] ksys_write+0x78/0xf8 <6>[ 247.717627] ret_fast_syscall+0x0/0x1c <1>[ 247.721976] Register r11 information: non-paged memory <1>[ 247.727334] Register r12 information: NULL pointer <0>[ 247.732388] Process cat (pid: 5013, stack limit = 0xf2a80000) <0>[ 247.738445] Stack: (0xf2a81e78 to 0xf2a82000) <0>[ 247.743097] 1e60: 00000013 c1702724 <0>[ 247.751570] 1e80: 00000014 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 247.760044] 1ea0: 00000000 00000000 00000000 00000000 00000000 8867bd54 c20a64e4 c0e03fc0 <0>[ 247.768518] 1ec0: 00000013 c0e043a4 c0e04288 c66d0940 b6e38000 00000013 c3983a30 c0893830 <0>[ 247.776992] 1ee0: c66d0940 c08937d4 f2a81f80 b6e38000 c9325040 00000013 c964b400 c062a2a0 <0>[ 247.785466] 1f00: c5e62db8 00000000 00000000 00000000 00000000 00000013 b6e38000 0001ffed <0>[ 247.793939] 1f20: 00000001 00000000 c9199e40 00000000 00000000 00000000 00000000 00000000 <0>[ 247.802412] 1f40: 00000000 00000000 00000000 00000000 00000022 8867bd54 00000000 c66d0940 <0>[ 247.810986] 1f60: c66d0940 00000000 00000000 c03002f0 c9325040 00000004 0047fe38 c062a7fc <0>[ 247.819460] 1f80: 00000000 00000000 00000000 8867bd54 000000c0 00000013 00000013 7ff00000 <0>[ 247.827935] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e38000 00000013 00000001 <0>[ 247.836410] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 <0>[ 247.844884] 1fe0: 00000004 bef2c788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 <0>[ 247.853349] Call trace: <0>[ 247.853365] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 <0>[ 247.862783] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c <0>[ 247.869463] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 247.875228] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 247.880896] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 247.886361] vfs_write from ksys_write+0x78/0xf8 <0>[ 247.891321] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 247.896682] Exception stack(0xf2a81fa8 to 0xf2a81ff0) <0>[ 247.902039] 1fa0: 00000013 00000013 00000001 b6e38000 00000013 00000001 <0>[ 247.910514] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 <0>[ 247.918983] 1fe0: 00000004 bef2c788 b6efe33b b6e77616 <0>[ 247.924341] Code: e8bd47f0 eac90516 e92d4010 ebc99f9e (e7f001f2) <4>[ 247.930698] ---[ end trace 0000000000000000 ]--- <6>[ 247.935645] note: cat[5013] exited with irqs disabled # Segmentation fault # [ 247.125715] lkdtm: Performing direct entry FORTIFY_STR_OBJECT # [ 247.130518] lkdtm: trying to strcmp() past the end of a struct # [ 247.136577] ------------[ cut here ]------------ # [ 247.141544] WARNING: CPU: 0 PID: 5013 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 247.150245] strncpy: detected buffer overflow: 20 byte write of buffer size 10 # [ 247.157811] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 247.194869] CPU: 0 UID: 0 PID: 5013 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 247.203788] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 247.209042] Hardware name: STM32 (Device Tree Support) # [ 247.214492] Call trace: # [ 247.214507] unwind_backtrace from show_stack+0x18/0x1c # [ 247.222817] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 247.228090] dump_stack_lvl from __warn+0x84/0x134 # [ 247.233169] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 247.238549] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 247.244735] __fortify_report from __fortify_panic+0x8/0xc # [ 247.250516] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 # [ 247.257106] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c # [ 247.263788] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 247.269552] direct_entry from full_proxy_write+0x5c/0x8c # [ 247.275221] full_proxy_write from vfs_write+0xbc/0x3cc # [ 247.280688] vfs_write from ksys_write+0x78/0xf8 # [ 247.285647] ksys_write from ret_fast_syscall+0x0/0x1c # [ 247.291011] Exception stack(0xf2a81fa8 to 0xf2a81ff0) # [ 247.296371] 1fa0: 00000013 00000013 00000001 b6e38000 00000013 00000001 # [ 247.304846] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 # [ 247.313316] 1fe0: 00000004 bef2c788 b6efe33b b6e77616 # [ 247.318835] ---[ end trace 0000000000000000 ]--- # [ 247.323724] ------------[ cut here ]------------ # [ 247.328490] kernel BUG at lib/string_helpers.c:1040! # [ 247.333651] Internal error: Oops - BUG: 0 [#27] SMP ARM # [ 247.339218] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 247.375622] CPU: 0 UID: 0 PID: 5013 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 247.385223] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 247.390471] Hardware name: STM32 (Device Tree Support) # [ 247.395920] PC is at __fortify_panic+0x8/0xc # [ 247.400497] LR is at __fortify_report+0x8c/0xd4 # [ 247.405260] pc : [] lr : [] psr: 60080013 # [ 247.411817] sp : f2a81e78 ip : 00000000 fp : 0047fe38 # [ 247.417367] r10: c964b400 r9 : f2a81f80 r8 : c278976c # [ 247.422818] r7 : f2a81f80 r6 : 00000000 r5 : c9613000 r4 : 00000013 # [ 247.429676] r3 : c9325040 r2 : 00000000 r1 : 00000000 r0 : ef6a5484 # [ 247.436436] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 247.443901] Control: 10c5387d Table: c5e6006a DAC: 00000051 # [ 247.449952] Register r0 information: non-slab/vmalloc memory # [ 247.455922] Register r1 information: NULL pointer # [ 247.460876] Register r2 information: NULL pointer # [ 247.465828] Register r3 information: slab task_struct start c9325000 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 247.479604] copy_process+0x1f4/0x1f84 # [ 247.483861] kernel_clone+0xac/0x388 # [ 247.487916] sys_clone+0x78/0x9c # [ 247.491669] ret_fast_syscall+0x0/0x1c # [ 247.496019] Free path: # [ 247.498750] rcu_core+0x2dc/0xb14 # [ 247.502502] handle_softirqs+0x15c/0x430 # [ 247.506960] irq_exit+0xac/0xd4 # [ 247.510710] call_with_stack+0x18/0x20 # [ 247.514969] __irq_svc+0x9c/0xb8 # [ 247.518717] unwind_frame+0x56c/0x92c # [ 247.522876] arch_stack_walk+0x84/0x100 # [ 247.527327] stack_trace_save+0x50/0x78 # [ 247.531687] set_track_prepare+0x40/0x74 # [ 247.536147] ___slab_alloc+0xd28/0xd7c # [ 247.540405] kmem_cache_alloc_noprof+0x128/0x3a8 # [ 247.545568] vm_area_dup+0x44/0x104 # [ 247.549522] copy_process+0x1968/0x1f84 # [ 247.553979] kernel_clone+0xac/0x388 # [ 247.558033] sys_clone+0x78/0x9c # [ 247.561785] ret_fast_syscall+0x0/0x1c # [ 247.566035] Register r4 information: non-paged memory # [ 247.571391] Register r5 information: non-slab/vmalloc memory # [ 247.577351] Register r6 information: NULL pointer # [ 247.582302] Register r7 information: 2-page vmalloc region starting at 0xf2a80000 allocated at kernel_clone+0xac/0x388 # [ 247.593311] Register r8 information: non-slab/vmalloc memory # [ 247.599273] Register r9 information: 2-page vmalloc region starting at 0xf2a80000 allocated at kernel_clone+0xac/0x388 # [ 247.610293] Register r10 information: slab kmalloc-192 start c964b3c0 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 247.624166] full_proxy_open+0x124/0x24c # [ 247.628617] do_dentry_open+0x144/0x4dc # [ 247.632975] vfs_open+0x2c/0xec # [ 247.636727] path_openat+0x748/0x1198 # [ 247.640880] do_filp_open+0x98/0x134 # [ 247.645030] do_sys_openat2+0xbc/0xe4 # [ 247.649185] sys_openat+0x98/0xd4 # [ 247.653039] ret_fast_syscall+0x0/0x1c # [ 247.657288] Free path: # [ 247.660018] full_proxy_release+0x78/0xc0 # [ 247.664570] __fput+0xdc/0x2ec # [ 247.668116] task_work_run+0x98/0xc8 # [ 247.672273] do_exit+0x374/0xa1c # [ 247.676022] make_task_dead+0xa0/0x16c # [ 247.680274] die+0x458/0x4a8 # [ 247.683719] __und_svc_finish+0x0/0x40 # [ 247.687969] __fortify_panic+0x8/0xc # [ 247.692127] lkdtm_FORTIFY_STRSCPY+0x2ac/0x2fc # [ 247.697086] lkdtm_do_action+0x24/0x4c # [ 247.701334] direct_entry+0x11c/0x140 # [ 247.705583] full_proxy_write+0x5c/0x8c # [ 247.709934] vfs_write+0xbc/0x3cc # [ 247.713781] ksys_write+0x78/0xf8 # [ 247.717627] ret_fast_syscall+0x0/0x1c # [ 247.721976] Register r11 information: non-paged memory # [ 247.727334] Register r12 information: NULL pointer # [ 247.732388] Process cat (pid: 5013, stack limit = 0xf2a80000) # [ 247.738445] Stack: (0xf2a81e78 to 0xf2a82000) # [ 247.743097] 1e60: 00000013 c1702724 # [ 247.751570] 1e80: 00000014 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 247.760044] 1ea0: 00000000 00000000 00000000 00000000 00000000 8867bd54 c20a64e4 c0e03fc0 # [ 247.768518] 1ec0: 00000013 c0e043a4 c0e04288 c66d0940 b6e38000 00000013 c3983a30 c0893830 # [ 247.776992] 1ee0: c66d0940 c08937d4 f2a81f80 b6e38000 c9325040 00000013 c964b400 c062a2a0 # [ 247.785466] 1f00: c5e62db8 00000000 00000000 00000000 00000000 00000013 b6e38000 0001ffed # [ 247.793939] 1f20: 00000001 00000000 c9199e40 00000000 00000000 00000000 00000000 00000000 # [ 247.802412] 1f40: 00000000 00000000 00000000 00000000 00000022 8867bd54 00000000 c66d0940 # [ 247.810986] 1f60: c66d0940 00000000 00000000 c03002f0 c9325040 00000004 0047fe38 c062a7fc # [ 247.819460] 1f80: 00000000 00000000 00000000 8867bd54 000000c0 00000013 00000013 7ff00000 # [ 247.827935] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e38000 00000013 00000001 # [ 247.836410] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 # [ 247.844884] 1fe0: 00000004 bef2c788 b6efe33b b6e77616 60080030 00000001 00000000 00000000 # [ 247.853349] Call trace: # [ 247.853365] __fortify_panic from lkdtm_FORTIFY_STR_OBJECT+0x5c/0xc0 # [ 247.862783] lkdtm_FORTIFY_STR_OBJECT from lkdtm_do_action+0x24/0x4c # [ 247.869463] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 247.875228] direct_entry from full_proxy_write+0x5c/0x8c # [ 247.880896] full_proxy_write from vfs_write+0xbc/0x3cc # [ 247.886361] vfs_write from ksys_write+0x78/0xf8 # [ 247.891321] ksys_write from ret_fast_syscall+0x0/0x1c # [ 247.896682] Exception stack(0xf2a81fa8 to 0xf2a81ff0) # [ 247.902039] 1fa0: 00000013 00000013 00000001 b6e38000 00000013 00000001 # [ 247.910514] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e38000 00020000 0047fe38 # [ 247.918983] 1fe0: 00000004 bef2c788 b6efe33b b6e77616 # [ 247.924341] Code: e8bd47f0 eac90516 e92d4010 ebc99f9e (e7f001f2) # [ 247.930698] ---[ end trace 0000000000000000 ]--- # [ 247.935645] note: cat[5013] exited with irqs disabled # FORTIFY_STR_OBJECT: saw 'detected buffer overflow': ok ok 81 selftests: lkdtm: FORTIFY_STR_OBJECT.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_STR_MEMBER.sh <6>[ 249.903925] lkdtm: Performing direct entry FORTIFY_STR_MEMBER <6>[ 249.908786] lkdtm: trying to strncpy() past the end of a struct member... <4>[ 249.915763] ------------[ cut here ]------------ <4>[ 249.920629] WARNING: CPU: 1 PID: 5100 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 249.929780] strncpy: detected buffer overflow: 15 byte write of buffer size 10 <4>[ 249.936939] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 249.973552] CPU: 1 UID: 0 PID: 5100 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 249.982967] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 249.988215] Hardware name: STM32 (Device Tree Support) <4>[ 249.993664] Call trace: <4>[ 249.993678] unwind_backtrace from show_stack+0x18/0x1c <4>[ 250.001884] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 250.007256] dump_stack_lvl from __warn+0x84/0x134 <4>[ 250.012335] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 250.017716] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 250.023903] __fortify_report from __fortify_panic+0x8/0xc <4>[ 250.029586] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 <4>[ 250.036472] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c <4>[ 250.043047] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 250.048811] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 250.054581] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 250.060047] vfs_write from ksys_write+0x78/0xf8 <4>[ 250.064905] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 250.070368] Exception stack(0xf2af1fa8 to 0xf2af1ff0) <4>[ 250.075727] 1fa0: 00000013 00000013 00000001 b6e18000 00000013 00000001 <4>[ 250.084200] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 <4>[ 250.092669] 1fe0: 00000004 bedce788 b6ede33b b6e57616 <4>[ 250.098158] ---[ end trace 0000000000000000 ]--- <4>[ 250.102954] ------------[ cut here ]------------ <2>[ 250.107721] kernel BUG at lib/string_helpers.c:1040! <0>[ 250.112981] Internal error: Oops - BUG: 0 [#28] SMP ARM <4>[ 250.118551] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 250.154949] CPU: 1 UID: 0 PID: 5100 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 250.164558] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 250.169816] Hardware name: STM32 (Device Tree Support) <4>[ 250.175275] PC is at __fortify_panic+0x8/0xc <4>[ 250.179763] LR is at __fortify_report+0x8c/0xd4 <4>[ 250.184644] pc : [] lr : [] psr: 60080013 <4>[ 250.191113] sp : f2af1e88 ip : 00000000 fp : 004cfe38 <4>[ 250.196673] r10: c923d7c0 r9 : f2af1f80 r8 : c2789774 <4>[ 250.202132] r7 : f2af1f80 r6 : c8ee2700 r5 : 00000014 r4 : 0000000f <4>[ 250.208998] r3 : c9324640 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 <4>[ 250.215765] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 250.223242] Control: 10c5387d Table: c5ff406a DAC: 00000051 <1>[ 250.229298] Register r0 information: non-slab/vmalloc memory <1>[ 250.235172] Register r1 information: NULL pointer <1>[ 250.240230] Register r2 information: NULL pointer <1>[ 250.245185] Register r3 information: slab task_struct start c9324600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 250.258871] copy_process+0x1f4/0x1f84 <6>[ 250.263135] kernel_clone+0xac/0x388 <6>[ 250.267293] sys_clone+0x78/0x9c <6>[ 250.271048] ret_fast_syscall+0x0/0x1c <4>[ 250.275302] Free path: <6>[ 250.278034] rcu_core+0x2dc/0xb14 <6>[ 250.281889] handle_softirqs+0x15c/0x430 <6>[ 250.286348] irq_exit+0xac/0xd4 <6>[ 250.290000] call_with_stack+0x18/0x20 <6>[ 250.294259] __irq_svc+0x9c/0xb8 <6>[ 250.298007] search_index+0x58/0xd8 <6>[ 250.302066] unwind_frame+0x94/0x92c <6>[ 250.306122] arch_stack_walk+0xec/0x100 <6>[ 250.310574] stack_trace_save+0x50/0x78 <6>[ 250.314935] set_track_prepare+0x40/0x74 <6>[ 250.319394] ___slab_alloc+0xd28/0xd7c <6>[ 250.323653] __kmalloc_noprof+0x178/0x4f8 <6>[ 250.328213] lsm_blob_alloc+0x28/0x3c <6>[ 250.332367] security_prepare_creds+0x2c/0x100 <6>[ 250.337330] prepare_creds+0x1f8/0x2c0 <6>[ 250.341691] prepare_exec_creds+0x10/0x50 <1>[ 250.346155] Register r4 information: non-paged memory <1>[ 250.351525] Register r5 information: non-paged memory <1>[ 250.356886] Register r6 information: slab kmalloc-64 start c8ee26c0 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 <6>[ 250.371165] lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 <6>[ 250.376327] lkdtm_do_action+0x24/0x4c <6>[ 250.380678] direct_entry+0x11c/0x140 <6>[ 250.384828] full_proxy_write+0x5c/0x8c <6>[ 250.389181] vfs_write+0xbc/0x3cc <6>[ 250.393030] ksys_write+0x78/0xf8 <6>[ 250.396877] ret_fast_syscall+0x0/0x1c <4>[ 250.401128] Free path: <6>[ 250.403861] rcu_core+0x2dc/0xb14 <6>[ 250.407715] handle_softirqs+0x15c/0x430 <6>[ 250.412174] irq_exit+0xac/0xd4 <6>[ 250.415825] call_with_stack+0x18/0x20 <6>[ 250.420084] __irq_svc+0x9c/0xb8 <6>[ 250.423933] begin_new_exec+0x2c/0xb64 <6>[ 250.428193] load_elf_binary+0x1b8/0x1374 <6>[ 250.432751] bprm_execve+0x20c/0x5a4 <6>[ 250.436807] do_execveat_common+0x15c/0x1b4 <6>[ 250.441567] sys_execve+0x38/0x40 <6>[ 250.445421] ret_fast_syscall+0x0/0x1c <1>[ 250.449671] Register r7 information: 2-page vmalloc region starting at 0xf2af0000 allocated at kernel_clone+0xac/0x388 <1>[ 250.460687] Register r8 information: non-slab/vmalloc memory <1>[ 250.466651] Register r9 information: 2-page vmalloc region starting at 0xf2af0000 allocated at kernel_clone+0xac/0x388 <1>[ 250.477657] Register r10 information: slab kmalloc-192 start c923d780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 250.491520] full_proxy_open+0x124/0x24c <6>[ 250.495974] do_dentry_open+0x144/0x4dc <6>[ 250.500334] vfs_open+0x2c/0xec <6>[ 250.503990] path_openat+0x748/0x1198 <6>[ 250.508244] do_filp_open+0x98/0x134 <6>[ 250.512296] do_sys_openat2+0xbc/0xe4 <6>[ 250.516552] sys_openat+0x98/0xd4 <6>[ 250.520407] ret_fast_syscall+0x0/0x1c <4>[ 250.524658] Free path: <6>[ 250.527389] full_proxy_release+0x78/0xc0 <6>[ 250.531945] __fput+0xdc/0x2ec <6>[ 250.535492] task_work_run+0x98/0xc8 <6>[ 250.539551] do_exit+0x374/0xa1c <6>[ 250.543401] do_group_exit+0x40/0x8c <6>[ 250.547453] pid_child_should_wake+0x0/0x94 <1>[ 250.552209] Register r11 information: non-paged memory <1>[ 250.557569] Register r12 information: NULL pointer <0>[ 250.562624] Process cat (pid: 5100, stack limit = 0xf2af0000) <0>[ 250.568682] Stack: (0xf2af1e88 to 0xf2af2000) <0>[ 250.573339] 1e80: 0000000f c0e0723c 004cfe38 0000000f 00000000 00000000 <0>[ 250.581815] 1ea0: 00000000 00000000 00000000 4d28e56c 00000013 c9257000 00000000 c0e03fc0 <0>[ 250.590291] 1ec0: 00000013 c0e043a4 c0e04288 c92c8740 b6e18000 00000013 c3983a30 c0893830 <0>[ 250.598766] 1ee0: c92c8740 c08937d4 f2af1f80 b6e18000 c9324640 00000013 c923d7c0 c062a2a0 <0>[ 250.607242] 1f00: c5ff6db8 00000000 00000000 00000000 00000000 00000013 b6e18000 0001ffed <0>[ 250.615716] 1f20: 00000001 00000000 c92c8440 00000000 00000000 00000000 00000000 00000000 <0>[ 250.624191] 1f40: 00000000 00000000 00000000 00000000 00000022 4d28e56c 00000000 c92c8740 <0>[ 250.632666] 1f60: c92c8740 00000000 00000000 c03002f0 c9324640 00000004 004cfe38 c062a7fc <0>[ 250.641141] 1f80: 00000000 00000000 00000000 4d28e56c 000000c0 00000013 00000013 7ff00000 <0>[ 250.649615] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e18000 00000013 00000001 <0>[ 250.658089] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 <0>[ 250.666563] 1fe0: 00000004 bedce788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 <0>[ 250.675028] Call trace: <0>[ 250.675044] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 <0>[ 250.684662] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c <0>[ 250.691339] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 250.697106] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 250.702774] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 250.708241] vfs_write from ksys_write+0x78/0xf8 <0>[ 250.713201] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 250.718564] Exception stack(0xf2af1fa8 to 0xf2af1ff0) <0>[ 250.723923] 1fa0: 00000013 00000013 00000001 b6e18000 00000013 00000001 <0>[ 250.732398] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 <0>[ 250.740868] 1fe0: 00000004 bedce788 b6ede33b b6e57616 <0>[ 250.746228] Code: e8bd47f0 eac90516 e92d4010 ebc99f9e (e7f001f2) <4>[ 250.752585] ---[ end trace 0000000000000000 ]--- <6>[ 250.757435] note: cat[5100] exited with irqs disabled # Segmentation fault # [ 249.903925] lkdtm: Performing direct entry FORTIFY_STR_MEMBER # [ 249.908786] lkdtm: trying to strncpy() past the end of a struct member... # [ 249.915763] ------------[ cut here ]------------ # [ 249.920629] WARNING: CPU: 1 PID: 5100 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 249.929780] strncpy: detected buffer overflow: 15 byte write of buffer size 10 # [ 249.936939] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 249.973552] CPU: 1 UID: 0 PID: 5100 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 249.982967] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 249.988215] Hardware name: STM32 (Device Tree Support) # [ 249.993664] Call trace: # [ 249.993678] unwind_backtrace from show_stack+0x18/0x1c # [ 250.001884] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 250.007256] dump_stack_lvl from __warn+0x84/0x134 # [ 250.012335] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 250.017716] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 250.023903] __fortify_report from __fortify_panic+0x8/0xc # [ 250.029586] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 # [ 250.036472] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c # [ 250.043047] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 250.048811] direct_entry from full_proxy_write+0x5c/0x8c # [ 250.054581] full_proxy_write from vfs_write+0xbc/0x3cc # [ 250.060047] vfs_write from ksys_write+0x78/0xf8 # [ 250.064905] ksys_write from ret_fast_syscall+0x0/0x1c # [ 250.070368] Exception stack(0xf2af1fa8 to 0xf2af1ff0) # [ 250.075727] 1fa0: 00000013 00000013 00000001 b6e18000 00000013 00000001 # [ 250.084200] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 # [ 250.092669] 1fe0: 00000004 bedce788 b6ede33b b6e57616 # [ 250.098158] ---[ end trace 0000000000000000 ]--- # [ 250.102954] ------------[ cut here ]------------ # [ 250.107721] kernel BUG at lib/string_helpers.c:1040! # [ 250.112981] Internal error: Oops - BUG: 0 [#28] SMP ARM # [ 250.118551] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 250.154949] CPU: 1 UID: 0 PID: 5100 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 250.164558] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 250.169816] Hardware name: STM32 (Device Tree Support) # [ 250.175275] PC is at __fortify_panic+0x8/0xc # [ 250.179763] LR is at __fortify_report+0x8c/0xd4 # [ 250.184644] pc : [] lr : [] psr: 60080013 # [ 250.191113] sp : f2af1e88 ip : 00000000 fp : 004cfe38 # [ 250.196673] r10: c923d7c0 r9 : f2af1f80 r8 : c2789774 # [ 250.202132] r7 : f2af1f80 r6 : c8ee2700 r5 : 00000014 r4 : 0000000f # [ 250.208998] r3 : c9324640 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 # [ 250.215765] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 250.223242] Control: 10c5387d Table: c5ff406a DAC: 00000051 # [ 250.229298] Register r0 information: non-slab/vmalloc memory # [ 250.235172] Register r1 information: NULL pointer # [ 250.240230] Register r2 information: NULL pointer # [ 250.245185] Register r3 information: slab task_struct start c9324600 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 250.258871] copy_process+0x1f4/0x1f84 # [ 250.263135] kernel_clone+0xac/0x388 # [ 250.267293] sys_clone+0x78/0x9c # [ 250.271048] ret_fast_syscall+0x0/0x1c # [ 250.275302] Free path: # [ 250.278034] rcu_core+0x2dc/0xb14 # [ 250.281889] handle_softirqs+0x15c/0x430 # [ 250.286348] irq_exit+0xac/0xd4 # [ 250.290000] call_with_stack+0x18/0x20 # [ 250.294259] __irq_svc+0x9c/0xb8 # [ 250.298007] search_index+0x58/0xd8 # [ 250.302066] unwind_frame+0x94/0x92c # [ 250.306122] arch_stack_walk+0xec/0x100 # [ 250.310574] stack_trace_save+0x50/0x78 # [ 250.314935] set_track_prepare+0x40/0x74 # [ 250.319394] ___slab_alloc+0xd28/0xd7c # [ 250.323653] __kmalloc_noprof+0x178/0x4f8 # [ 250.328213] lsm_blob_alloc+0x28/0x3c # [ 250.332367] security_prepare_creds+0x2c/0x100 # [ 250.337330] prepare_creds+0x1f8/0x2c0 # [ 250.341691] prepare_exec_creds+0x10/0x50 # [ 250.346155] Register r4 information: non-paged memory # [ 250.351525] Register r5 information: non-paged memory # [ 250.356886] Register r6 information: slab kmalloc-64 start c8ee26c0 data offset 64 pointer offset 0 size 64 allocated at lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 # [ 250.371165] lkdtm_FORTIFY_STR_MEMBER+0x50/0x198 # [ 250.376327] lkdtm_do_action+0x24/0x4c # [ 250.380678] direct_entry+0x11c/0x140 # [ 250.384828] full_proxy_write+0x5c/0x8c # [ 250.389181] vfs_write+0xbc/0x3cc # [ 250.393030] ksys_write+0x78/0xf8 # [ 250.396877] ret_fast_syscall+0x0/0x1c # [ 250.401128] Free path: # [ 250.403861] rcu_core+0x2dc/0xb14 # [ 250.407715] handle_softirqs+0x15c/0x430 # [ 250.412174] irq_exit+0xac/0xd4 # [ 250.415825] call_with_stack+0x18/0x20 # [ 250.420084] __irq_svc+0x9c/0xb8 # [ 250.423933] begin_new_exec+0x2c/0xb64 # [ 250.428193] load_elf_binary+0x1b8/0x1374 # [ 250.432751] bprm_execve+0x20c/0x5a4 # [ 250.436807] do_execveat_common+0x15c/0x1b4 # [ 250.441567] sys_execve+0x38/0x40 # [ 250.445421] ret_fast_syscall+0x0/0x1c # [ 250.449671] Register r7 information: 2-page vmalloc region starting at 0xf2af0000 allocated at kernel_clone+0xac/0x388 # [ 250.460687] Register r8 information: non-slab/vmalloc memory # [ 250.466651] Register r9 information: 2-page vmalloc region starting at 0xf2af0000 allocated at kernel_clone+0xac/0x388 # [ 250.477657] Register r10 information: slab kmalloc-192 start c923d780 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 250.491520] full_proxy_open+0x124/0x24c # [ 250.495974] do_dentry_open+0x144/0x4dc # [ 250.500334] vfs_open+0x2c/0xec # [ 250.503990] path_openat+0x748/0x1198 # [ 250.508244] do_filp_open+0x98/0x134 # [ 250.512296] do_sys_openat2+0xbc/0xe4 # [ 250.516552] sys_openat+0x98/0xd4 # [ 250.520407] ret_fast_syscall+0x0/0x1c # [ 250.524658] Free path: # [ 250.527389] full_proxy_release+0x78/0xc0 # [ 250.531945] __fput+0xdc/0x2ec # [ 250.535492] task_work_run+0x98/0xc8 # [ 250.539551] do_exit+0x374/0xa1c # [ 250.543401] do_group_exit+0x40/0x8c # [ 250.547453] pid_child_should_wake+0x0/0x94 # [ 250.552209] Register r11 information: non-paged memory # [ 250.557569] Register r12 information: NULL pointer # [ 250.562624] Process cat (pid: 5100, stack limit = 0xf2af0000) # [ 250.568682] Stack: (0xf2af1e88 to 0xf2af2000) # [ 250.573339] 1e80: 0000000f c0e0723c 004cfe38 0000000f 00000000 00000000 # [ 250.581815] 1ea0: 00000000 00000000 00000000 4d28e56c 00000013 c9257000 00000000 c0e03fc0 # [ 250.590291] 1ec0: 00000013 c0e043a4 c0e04288 c92c8740 b6e18000 00000013 c3983a30 c0893830 # [ 250.598766] 1ee0: c92c8740 c08937d4 f2af1f80 b6e18000 c9324640 00000013 c923d7c0 c062a2a0 # [ 250.607242] 1f00: c5ff6db8 00000000 00000000 00000000 00000000 00000013 b6e18000 0001ffed # [ 250.615716] 1f20: 00000001 00000000 c92c8440 00000000 00000000 00000000 00000000 00000000 # [ 250.624191] 1f40: 00000000 00000000 00000000 00000000 00000022 4d28e56c 00000000 c92c8740 # [ 250.632666] 1f60: c92c8740 00000000 00000000 c03002f0 c9324640 00000004 004cfe38 c062a7fc # [ 250.641141] 1f80: 00000000 00000000 00000000 4d28e56c 000000c0 00000013 00000013 7ff00000 # [ 250.649615] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e18000 00000013 00000001 # [ 250.658089] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 # [ 250.666563] 1fe0: 00000004 bedce788 b6ede33b b6e57616 60080030 00000001 00000000 00000000 # [ 250.675028] Call trace: # [ 250.675044] __fortify_panic from lkdtm_FORTIFY_STR_MEMBER+0x120/0x198 # [ 250.684662] lkdtm_FORTIFY_STR_MEMBER from lkdtm_do_action+0x24/0x4c # [ 250.691339] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 250.697106] direct_entry from full_proxy_write+0x5c/0x8c # [ 250.702774] full_proxy_write from vfs_write+0xbc/0x3cc # [ 250.708241] vfs_write from ksys_write+0x78/0xf8 # [ 250.713201] ksys_write from ret_fast_syscall+0x0/0x1c # [ 250.718564] Exception stack(0xf2af1fa8 to 0xf2af1ff0) # [ 250.723923] 1fa0: 00000013 00000013 00000001 b6e18000 00000013 00000001 # [ 250.732398] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e18000 00020000 004cfe38 # [ 250.740868] 1fe0: 00000004 bedce788 b6ede33b b6e57616 # [ 250.746228] Code: e8bd47f0 eac90516 e92d4010 ebc99f9e (e7f001f2) # [ 250.752585] ---[ end trace 0000000000000000 ]--- # [ 250.757435] note: cat[5100] exited with irqs disabled # FORTIFY_STR_MEMBER: saw 'detected buffer overflow': ok ok 82 selftests: lkdtm: FORTIFY_STR_MEMBER.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_MEM_OBJECT.sh <6>[ 252.812269] lkdtm: Performing direct entry FORTIFY_MEM_OBJECT <6>[ 252.817054] lkdtm: trying to memcpy() past the end of a struct <6>[ 252.823648] lkdtm: 0: 16 <6>[ 252.825889] lkdtm: 1: 16 <6>[ 252.828752] lkdtm: s: 20 <4>[ 252.831460] ------------[ cut here ]------------ <4>[ 252.836385] WARNING: CPU: 1 PID: 5186 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 <4>[ 252.845272] memcpy: detected buffer overflow: 20 byte write of buffer size 16 <4>[ 252.852636] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 252.889334] CPU: 1 UID: 0 PID: 5186 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 252.898645] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 252.903898] Hardware name: STM32 (Device Tree Support) <4>[ 252.909348] Call trace: <4>[ 252.909362] unwind_backtrace from show_stack+0x18/0x1c <4>[ 252.917569] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 252.922942] dump_stack_lvl from __warn+0x84/0x134 <4>[ 252.928022] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 252.933403] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 <4>[ 252.939591] __fortify_report from __fortify_panic+0x8/0xc <4>[ 252.945372] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c <4>[ 252.952062] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c <4>[ 252.958743] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 252.964509] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 252.970178] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 252.975647] vfs_write from ksys_write+0x78/0xf8 <4>[ 252.980507] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 252.985971] Exception stack(0xf2b61fa8 to 0xf2b61ff0) <4>[ 252.991332] 1fa0: 00000013 00000013 00000001 b6e68000 00000013 00000001 <4>[ 252.999808] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0045fe38 <4>[ 253.008281] 1fe0: 00000004 be9b7788 b6f2e33b b6ea7616 <4>[ 253.013654] ---[ end trace 0000000000000000 ]--- <4>[ 253.018527] ------------[ cut here ]------------ <2>[ 253.023393] kernel BUG at lib/string_helpers.c:1040! <0>[ 253.028657] Internal error: Oops - BUG: 0 [#29] SMP ARM <4>[ 253.034124] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 253.070622] CPU: 1 UID: 0 PID: 5186 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 253.080228] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 253.085386] Hardware name: STM32 (Device Tree Support) <4>[ 253.090844] PC is at __fortify_panic+0x8/0xc <4>[ 253.095428] LR is at __fortify_report+0x8c/0xd4 <4>[ 253.100205] pc : [] lr : [] psr: 60080013 <4>[ 253.106770] sp : f2b61e48 ip : 00000000 fp : 0045fe38 <4>[ 253.112229] r10: c8e8e540 r9 : f2b61f80 r8 : c278977c <4>[ 253.117788] r7 : f2b61f80 r6 : 00000000 r5 : c5e61000 r4 : c2906a28 <4>[ 253.124556] r3 : c7a01e40 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 <4>[ 253.131428] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none <4>[ 253.138806] Control: 10c5387d Table: c5bfc06a DAC: 00000051 <1>[ 253.144867] Register r0 information: non-slab/vmalloc memory <1>[ 253.150852] Register r1 information: NULL pointer <1>[ 253.155822] Register r2 information: NULL pointer <1>[ 253.160791] Register r3 information: slab task_struct start c7a01e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 <6>[ 253.174487] copy_process+0x1f4/0x1f84 <6>[ 253.178761] kernel_clone+0xac/0x388 <6>[ 253.182930] sys_clone+0x78/0x9c <6>[ 253.186699] ret_fast_syscall+0x0/0x1c <4>[ 253.190965] Free path: <6>[ 253.193603] rcu_core+0x2dc/0xb14 <6>[ 253.197467] handle_softirqs+0x15c/0x430 <6>[ 253.201936] irq_exit+0xac/0xd4 <6>[ 253.205596] call_with_stack+0x18/0x20 <6>[ 253.209870] __irq_svc+0x9c/0xb8 <6>[ 253.213630] default_idle_call+0x20/0xc0 <6>[ 253.218106] do_idle+0x25c/0x2f4 <6>[ 253.221872] cpu_startup_entry+0x30/0x34 <6>[ 253.226339] secondary_start_kernel+0x138/0x158 <6>[ 253.231414] __enable_mmu+0x0/0x20 <1>[ 253.235382] Register r4 information: non-slab/vmalloc memory <1>[ 253.241264] Register r5 information: non-slab/vmalloc memory <1>[ 253.247242] Register r6 information: NULL pointer <1>[ 253.252212] Register r7 information: 2-page vmalloc region starting at 0xf2b60000 allocated at kernel_clone+0xac/0x388 <1>[ 253.263249] Register r8 information: non-slab/vmalloc memory <1>[ 253.269129] Register r9 information: 2-page vmalloc region starting at 0xf2b60000 allocated at kernel_clone+0xac/0x388 <1>[ 253.280160] Register r10 information: slab kmalloc-192 start c8e8e500 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c <6>[ 253.294054] full_proxy_open+0x124/0x24c <6>[ 253.298523] do_dentry_open+0x144/0x4dc <6>[ 253.302893] vfs_open+0x2c/0xec <6>[ 253.306556] path_openat+0x748/0x1198 <6>[ 253.310821] do_filp_open+0x98/0x134 <6>[ 253.314883] do_sys_openat2+0xbc/0xe4 <6>[ 253.319053] sys_openat+0x98/0xd4 <6>[ 253.322919] ret_fast_syscall+0x0/0x1c <4>[ 253.327187] Free path: <6>[ 253.329929] full_proxy_release+0x78/0xc0 <6>[ 253.334499] __fput+0xdc/0x2ec <6>[ 253.338063] task_work_run+0x98/0xc8 <6>[ 253.342135] do_exit+0x374/0xa1c <6>[ 253.345900] do_group_exit+0x40/0x8c <6>[ 253.350064] pid_child_should_wake+0x0/0x94 <1>[ 253.354735] Register r11 information: non-paged memory <1>[ 253.360110] Register r12 information: NULL pointer <0>[ 253.365179] Process cat (pid: 5186, stack limit = 0xf2b60000) <0>[ 253.371250] Stack: (0xf2b61e48 to 0xf2b62000) <0>[ 253.375915] 1e40: c2906a28 c170266c 00000014 00000000 00000000 00000000 <0>[ 253.384396] 1e60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 253.392883] 1e80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 <0>[ 253.401370] 1ea0: 00000000 00000000 00000000 00000000 00000000 29d2ba04 00000013 c0e03fc0 <0>[ 253.409858] 1ec0: 00000013 c0e043a4 c0e04288 c91b6c40 b6e68000 00000013 c3983a30 c0893830 <0>[ 253.418244] 1ee0: c91b6c40 c08937d4 f2b61f80 b6e68000 c7a01e40 00000013 c8e8e540 c062a2a0 <0>[ 253.426731] 1f00: c5bfedb8 00000000 00000000 00000000 00000000 00000013 b6e68000 0001ffed <0>[ 253.435216] 1f20: 00000001 00000000 c9651140 00000000 00000000 00000000 00000000 00000000 <0>[ 253.443703] 1f40: 00000000 00000000 00000000 00000000 00000022 29d2ba04 00000000 c91b6c40 <0>[ 253.452190] 1f60: c91b6c40 00000000 00000000 c03002f0 c7a01e40 00000004 0045fe38 c062a7fc <0>[ 253.460675] 1f80: 00000000 00000000 00000000 29d2ba04 000000c0 00000013 00000013 7ff00000 <0>[ 253.469162] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e68000 00000013 00000001 <0>[ 253.477651] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0045fe38 <0>[ 253.486139] 1fe0: 00000004 be9b7788 b6f2e33b b6ea7616 60080030 00000001 00000000 00000000 <0>[ 253.494615] Call trace: <0>[ 253.494633] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c <0>[ 253.504073] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c <0>[ 253.510774] lkdtm_do_action from direct_entry+0x11c/0x140 <0>[ 253.516555] direct_entry from full_proxy_write+0x5c/0x8c <0>[ 253.522239] full_proxy_write from vfs_write+0xbc/0x3cc <0>[ 253.527720] vfs_write from ksys_write+0x78/0xf8 <0>[ 253.532596] ksys_write from ret_fast_syscall+0x0/0x1c <0>[ 253.537978] Exception stack(0xf2b61fa8 to 0xf2b61ff0) <0>[ 253.543352] 1fa0: 00000013 00000013 00000001 b6e68000 00000013 00000001 <0>[ 253.551841] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0045fe38 <0>[ 253.560324] 1fe0: 00000004 be9b7788 b6f2e33b b6ea7616 <0>[ 253.565694] Code: e8bd47f0 eac90516 e92d4010 ebc99f9e (e7f001f2) <4>[ 253.572062] ---[ end trace 0000000000000000 ]--- <6>[ 253.576920] note: cat[5186] exited with irqs disabled # Segmentation fault # [ 252.812269] lkdtm: Performing direct entry FORTIFY_MEM_OBJECT # [ 252.817054] lkdtm: trying to memcpy() past the end of a struct # [ 252.823648] lkdtm: 0: 16 # [ 252.825889] lkdtm: 1: 16 # [ 252.828752] lkdtm: s: 20 # [ 252.831460] ------------[ cut here ]------------ # [ 252.836385] WARNING: CPU: 1 PID: 5186 at lib/string_helpers.c:1032 __fortify_report+0x8c/0xd4 # [ 252.845272] memcpy: detected buffer overflow: 20 byte write of buffer size 16 # [ 252.852636] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 252.889334] CPU: 1 UID: 0 PID: 5186 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 252.898645] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 252.903898] Hardware name: STM32 (Device Tree Support) # [ 252.909348] Call trace: # [ 252.909362] unwind_backtrace from show_stack+0x18/0x1c # [ 252.917569] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 252.922942] dump_stack_lvl from __warn+0x84/0x134 # [ 252.928022] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 252.933403] warn_slowpath_fmt from __fortify_report+0x8c/0xd4 # [ 252.939591] __fortify_report from __fortify_panic+0x8/0xc # [ 252.945372] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c # [ 252.952062] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c # [ 252.958743] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 252.964509] direct_entry from full_proxy_write+0x5c/0x8c # [ 252.970178] full_proxy_write from vfs_write+0xbc/0x3cc # [ 252.975647] vfs_write from ksys_write+0x78/0xf8 # [ 252.980507] ksys_write from ret_fast_syscall+0x0/0x1c # [ 252.985971] Exception stack(0xf2b61fa8 to 0xf2b61ff0) # [ 252.991332] 1fa0: 00000013 00000013 00000001 b6e68000 00000013 00000001 # [ 252.999808] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0045fe38 # [ 253.008281] 1fe0: 00000004 be9b7788 b6f2e33b b6ea7616 # [ 253.013654] ---[ end trace 0000000000000000 ]--- # [ 253.018527] ------------[ cut here ]------------ # [ 253.023393] kernel BUG at lib/string_helpers.c:1040! # [ 253.028657] Internal error: Oops - BUG: 0 [#29] SMP ARM # [ 253.034124] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 253.070622] CPU: 1 UID: 0 PID: 5186 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 253.080228] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 253.085386] Hardware name: STM32 (Device Tree Support) # [ 253.090844] PC is at __fortify_panic+0x8/0xc # [ 253.095428] LR is at __fortify_report+0x8c/0xd4 # [ 253.100205] pc : [] lr : [] psr: 60080013 # [ 253.106770] sp : f2b61e48 ip : 00000000 fp : 0045fe38 # [ 253.112229] r10: c8e8e540 r9 : f2b61f80 r8 : c278977c # [ 253.117788] r7 : f2b61f80 r6 : 00000000 r5 : c5e61000 r4 : c2906a28 # [ 253.124556] r3 : c7a01e40 r2 : 00000000 r1 : 00000000 r0 : ef6b8484 # [ 253.131428] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none # [ 253.138806] Control: 10c5387d Table: c5bfc06a DAC: 00000051 # [ 253.144867] Register r0 information: non-slab/vmalloc memory # [ 253.150852] Register r1 information: NULL pointer # [ 253.155822] Register r2 information: NULL pointer # [ 253.160791] Register r3 information: slab task_struct start c7a01e00 data offset 64 pointer offset 0 size 2432 allocated at copy_process+0x1f4/0x1f84 # [ 253.174487] copy_process+0x1f4/0x1f84 # [ 253.178761] kernel_clone+0xac/0x388 # [ 253.182930] sys_clone+0x78/0x9c # [ 253.186699] ret_fast_syscall+0x0/0x1c # [ 253.190965] Free path: # [ 253.193603] rcu_core+0x2dc/0xb14 # [ 253.197467] handle_softirqs+0x15c/0x430 # [ 253.201936] irq_exit+0xac/0xd4 # [ 253.205596] call_with_stack+0x18/0x20 # [ 253.209870] __irq_svc+0x9c/0xb8 # [ 253.213630] default_idle_call+0x20/0xc0 # [ 253.218106] do_idle+0x25c/0x2f4 # [ 253.221872] cpu_startup_entry+0x30/0x34 # [ 253.226339] secondary_start_kernel+0x138/0x158 # [ 253.231414] __enable_mmu+0x0/0x20 # [ 253.235382] Register r4 information: non-slab/vmalloc memory # [ 253.241264] Register r5 information: non-slab/vmalloc memory # [ 253.247242] Register r6 information: NULL pointer # [ 253.252212] Register r7 information: 2-page vmalloc region starting at 0xf2b60000 allocated at kernel_clone+0xac/0x388 # [ 253.263249] Register r8 information: non-slab/vmalloc memory # [ 253.269129] Register r9 information: 2-page vmalloc region starting at 0xf2b60000 allocated at kernel_clone+0xac/0x388 # [ 253.280160] Register r10 information: slab kmalloc-192 start c8e8e500 data offset 64 pointer offset 0 size 192 allocated at full_proxy_open+0x124/0x24c # [ 253.294054] full_proxy_open+0x124/0x24c # [ 253.298523] do_dentry_open+0x144/0x4dc # [ 253.302893] vfs_open+0x2c/0xec # [ 253.306556] path_openat+0x748/0x1198 # [ 253.310821] do_filp_open+0x98/0x134 # [ 253.314883] do_sys_openat2+0xbc/0xe4 # [ 253.319053] sys_openat+0x98/0xd4 # [ 253.322919] ret_fast_syscall+0x0/0x1c # [ 253.327187] Free path: # [ 253.329929] full_proxy_release+0x78/0xc0 # [ 253.334499] __fput+0xdc/0x2ec # [ 253.338063] task_work_run+0x98/0xc8 # [ 253.342135] do_exit+0x374/0xa1c # [ 253.345900] do_group_exit+0x40/0x8c # [ 253.350064] pid_child_should_wake+0x0/0x94 # [ 253.354735] Register r11 information: non-paged memory # [ 253.360110] Register r12 information: NULL pointer # [ 253.365179] Process cat (pid: 5186, stack limit = 0xf2b60000) # [ 253.371250] Stack: (0xf2b61e48 to 0xf2b62000) # [ 253.375915] 1e40: c2906a28 c170266c 00000014 00000000 00000000 00000000 # [ 253.384396] 1e60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 253.392883] 1e80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 # [ 253.401370] 1ea0: 00000000 00000000 00000000 00000000 00000000 29d2ba04 00000013 c0e03fc0 # [ 253.409858] 1ec0: 00000013 c0e043a4 c0e04288 c91b6c40 b6e68000 00000013 c3983a30 c0893830 # [ 253.418244] 1ee0: c91b6c40 c08937d4 f2b61f80 b6e68000 c7a01e40 00000013 c8e8e540 c062a2a0 # [ 253.426731] 1f00: c5bfedb8 00000000 00000000 00000000 00000000 00000013 b6e68000 0001ffed # [ 253.435216] 1f20: 00000001 00000000 c9651140 00000000 00000000 00000000 00000000 00000000 # [ 253.443703] 1f40: 00000000 00000000 00000000 00000000 00000022 29d2ba04 00000000 c91b6c40 # [ 253.452190] 1f60: c91b6c40 00000000 00000000 c03002f0 c7a01e40 00000004 0045fe38 c062a7fc # [ 253.460675] 1f80: 00000000 00000000 00000000 29d2ba04 000000c0 00000013 00000013 7ff00000 # [ 253.469162] 1fa0: 00000004 c03000c0 00000013 00000013 00000001 b6e68000 00000013 00000001 # [ 253.477651] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0045fe38 # [ 253.486139] 1fe0: 00000004 be9b7788 b6f2e33b b6ea7616 60080030 00000001 00000000 00000000 # [ 253.494615] Call trace: # [ 253.494633] __fortify_panic from lkdtm_FORTIFY_MEM_OBJECT+0xc0/0x11c # [ 253.504073] lkdtm_FORTIFY_MEM_OBJECT from lkdtm_do_action+0x24/0x4c # [ 253.510774] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 253.516555] direct_entry from full_proxy_write+0x5c/0x8c # [ 253.522239] full_proxy_write from vfs_write+0xbc/0x3cc # [ 253.527720] vfs_write from ksys_write+0x78/0xf8 # [ 253.532596] ksys_write from ret_fast_syscall+0x0/0x1c # [ 253.537978] Exception stack(0xf2b61fa8 to 0xf2b61ff0) # [ 253.543352] 1fa0: 00000013 00000013 00000001 b6e68000 00000013 00000001 # [ 253.551841] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6e68000 00020000 0045fe38 # [ 253.560324] 1fe0: 00000004 be9b7788 b6f2e33b b6ea7616 # [ 253.565694] Code: e8bd47f0 eac90516 e92d4010 ebc99f9e (e7f001f2) # [ 253.572062] ---[ end trace 0000000000000000 ]--- # [ 253.576920] note: cat[5186] exited with irqs disabled # FORTIFY_MEM_OBJECT: saw 'detected buffer overflow': ok ok 83 selftests: lkdtm: FORTIFY_MEM_OBJECT.sh # timeout set to 45 # selftests: lkdtm: FORTIFY_MEM_MEMBER.sh <6>[ 255.299278] lkdtm: Performing direct entry FORTIFY_MEM_MEMBER <6>[ 255.304109] lkdtm: trying to memcpy() past the end of a struct member... <4>[ 255.311614] ------------[ cut here ]------------ <4>[ 255.315897] WARNING: CPU: 1 PID: 5274 at drivers/misc/lkdtm/fortify.c:122 lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 <4>[ 255.326229] memcpy: detected field-spanning write (size 15) of single field "target.a" at drivers/misc/lkdtm/fortify.c:122 (size 10) <4>[ 255.338397] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector <4>[ 255.374926] CPU: 1 UID: 0 PID: 5274 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 <4>[ 255.384441] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN <4>[ 255.389690] Hardware name: STM32 (Device Tree Support) <4>[ 255.395140] Call trace: <4>[ 255.395155] unwind_backtrace from show_stack+0x18/0x1c <4>[ 255.403460] show_stack from dump_stack_lvl+0xa8/0xb8 <4>[ 255.408733] dump_stack_lvl from __warn+0x84/0x134 <4>[ 255.413811] __warn from warn_slowpath_fmt+0x12c/0x198 <4>[ 255.419292] warn_slowpath_fmt from lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 <4>[ 255.426281] lkdtm_FORTIFY_MEM_MEMBER from lkdtm_do_action+0x24/0x4c <4>[ 255.432855] lkdtm_do_action from direct_entry+0x11c/0x140 <4>[ 255.438620] direct_entry from full_proxy_write+0x5c/0x8c <4>[ 255.444290] full_proxy_write from vfs_write+0xbc/0x3cc <4>[ 255.449857] vfs_write from ksys_write+0x78/0xf8 <4>[ 255.454717] ksys_write from ret_fast_syscall+0x0/0x1c <4>[ 255.460181] Exception stack(0xf2bd1fa8 to 0xf2bd1ff0) <4>[ 255.465540] 1fa0: 00000013 00000013 00000001 b6de8000 00000013 00000001 <4>[ 255.474016] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6de8000 00020000 0050fe38 <4>[ 255.482486] 1fe0: 00000004 becbd788 b6eae33b b6e27616 <4>[ 255.487838] ---[ end trace 0000000000000000 ]--- <3>[ 255.492766] lkdtm: FAIL: fortify did not block a memcpy() struct member write overflow! <3>[ 255.501032] lkdtm: Unexpected! This kernel (6.12.0-rc3-next-20241017 armv7l) was built with CONFIG_FORTIFY_SOURCE=y # [ 255.299278] lkdtm: Performing direct entry FORTIFY_MEM_MEMBER # [ 255.304109] lkdtm: trying to memcpy() past the end of a struct member... # [ 255.311614] ------------[ cut here ]------------ # [ 255.315897] WARNING: CPU: 1 PID: 5274 at drivers/misc/lkdtm/fortify.c:122 lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 # [ 255.326229] memcpy: detected field-spanning write (size 15) of single field "target.a" at drivers/misc/lkdtm/fortify.c:122 (size 10) # [ 255.338397] Modules linked in: fuse snd_soc_hdmi_codec snd_soc_stm32_sai_sub snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm brcmfmac snd_timer snd brcmutil soundcore hci_uart adv7511 btbcm cfg80211 stm32_adc_core bluetooth ecdh_generic snd_soc_stm32_sai ecc stm_drm drm_dma_helper nvmem_stm32_romem etnaviv gpu_sched stm32_crc32 stm32_ipcc display_connector # [ 255.374926] CPU: 1 UID: 0 PID: 5274 Comm: cat Tainted: G B D W 6.12.0-rc3-next-20241017 #1 # [ 255.384441] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN # [ 255.389690] Hardware name: STM32 (Device Tree Support) # [ 255.395140] Call trace: # [ 255.395155] unwind_backtrace from show_stack+0x18/0x1c # [ 255.403460] show_stack from dump_stack_lvl+0xa8/0xb8 # [ 255.408733] dump_stack_lvl from __warn+0x84/0x134 # [ 255.413811] __warn from warn_slowpath_fmt+0x12c/0x198 # [ 255.419292] warn_slowpath_fmt from lkdtm_FORTIFY_MEM_MEMBER+0x1cc/0x248 # [ 255.426281] lkdtm_FORTIFY_MEM_MEMBER from lkdtm_do_action+0x24/0x4c # [ 255.432855] lkdtm_do_action from direct_entry+0x11c/0x140 # [ 255.438620] direct_entry from full_proxy_write+0x5c/0x8c # [ 255.444290] full_proxy_write from vfs_write+0xbc/0x3cc # [ 255.449857] vfs_write from ksys_write+0x78/0xf8 # [ 255.454717] ksys_write from ret_fast_syscall+0x0/0x1c # [ 255.460181] Exception stack(0xf2bd1fa8 to 0xf2bd1ff0) # [ 255.465540] 1fa0: 00000013 00000013 00000001 b6de8000 00000013 00000001 # [ 255.474016] 1fc0: 00000013 00000013 7ff00000 00000004 00000001 b6de8000 00020000 0050fe38 # [ 255.482486] 1fe0: 00000004 becbd788 b6eae33b b6e27616 # [ 255.487838] ---[ end trace 0000000000000000 ]--- # [ 255.492766] lkdtm: FAIL: fortify did not block a memcpy() struct member write overflow! # [ 255.501032] lkdtm: Unexpected! This kernel (6.12.0-rc3-next-20241017 armv7l) was built with CONFIG_FORTIFY_SOURCE=y # FORTIFY_MEM_MEMBER: saw 'detected field-spanning write': ok ok 84 selftests: lkdtm: FORTIFY_MEM_MEMBER.sh # timeout set to 45 # selftests: lkdtm: PPC_SLB_MULTIHIT.sh # Skipped: test 'PPC_SLB_MULTIHIT' missing in /sys/kernel/debug/provoke-crash/DIRECT! ok 85 selftests: lkdtm: PPC_SLB_MULTIHIT.sh # SKIP # timeout set to 45 # selftests: lkdtm: stack-entropy.sh <6>[ 256.855461] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.859683] lkdtm: Starting stack offset tracking for pid 5319 <6>[ 256.866233] lkdtm: Stack offset: 0 <6>[ 256.889033] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.893615] lkdtm: Stack offset: 0 <6>[ 256.899152] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.903376] lkdtm: Stack offset: 0 <6>[ 256.909810] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.913995] lkdtm: Stack offset: 0 <6>[ 256.919774] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.924112] lkdtm: Stack offset: 0 <6>[ 256.930007] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.934223] lkdtm: Stack offset: 0 <6>[ 256.940678] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.944871] lkdtm: Stack offset: 0 <6>[ 256.950777] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.955000] lkdtm: Stack offset: 0 <6>[ 256.960829] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.965013] lkdtm: Stack offset: 0 <6>[ 256.970811] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.974981] lkdtm: Stack offset: 0 <6>[ 256.980935] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.985348] lkdtm: Stack offset: 0 <6>[ 256.990964] lkdtm: Performing direct entry REPORT_STACK <6>[ 256.995125] lkdtm: Stack offset: 0 <6>[ 257.001019] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.005213] lkdtm: Stack offset: 0 <6>[ 257.010814] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.014957] lkdtm: Stack offset: 0 <6>[ 257.020555] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.024690] lkdtm: Stack offset: 0 <6>[ 257.030357] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.034491] lkdtm: Stack offset: 0 <6>[ 257.039901] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.044051] lkdtm: Stack offset: 0 <6>[ 257.049600] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.053784] lkdtm: Stack offset: 0 <6>[ 257.059430] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.063565] lkdtm: Stack offset: 0 <6>[ 257.069070] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.073244] lkdtm: Stack offset: 0 <6>[ 257.078777] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.082937] lkdtm: Stack offset: 0 <6>[ 257.088544] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.092711] lkdtm: Stack offset: 0 <6>[ 257.098304] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.102439] lkdtm: Stack offset: 0 <6>[ 257.107934] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.112080] lkdtm: Stack offset: 0 <6>[ 257.117773] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.121918] lkdtm: Stack offset: 0 <6>[ 257.148510] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.152705] lkdtm: Stack offset: 0 <6>[ 257.164598] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.171823] lkdtm: Stack offset: 0 <6>[ 257.175905] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.180350] lkdtm: Stack offset: 0 <6>[ 257.184477] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.189682] lkdtm: Stack offset: 0 <6>[ 257.195734] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.200380] lkdtm: Stack offset: 0 <6>[ 257.204496] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.209177] lkdtm: Stack offset: 0 <6>[ 257.213390] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.218338] lkdtm: Stack offset: 0 <6>[ 257.222497] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.227468] lkdtm: Stack offset: 0 <6>[ 257.231684] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.236664] lkdtm: Stack offset: 0 <6>[ 257.241292] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.245899] lkdtm: Stack offset: 0 <6>[ 257.250066] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.255045] lkdtm: Stack offset: 0 <6>[ 257.259314] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.264157] lkdtm: Stack offset: 0 <6>[ 257.268425] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.273396] lkdtm: Stack offset: 0 <6>[ 257.277613] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.282586] lkdtm: Stack offset: 0 <6>[ 257.286758] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.291755] lkdtm: Stack offset: 0 <6>[ 257.295943] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.300923] lkdtm: Stack offset: 0 <6>[ 257.305105] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.310121] lkdtm: Stack offset: 0 <6>[ 257.314383] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.319246] lkdtm: Stack offset: 0 <6>[ 257.323491] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.328462] lkdtm: Stack offset: 0 <6>[ 257.332671] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.337641] lkdtm: Stack offset: 0 <6>[ 257.341797] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.346790] lkdtm: Stack offset: 0 <6>[ 257.350980] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.355956] lkdtm: Stack offset: 0 <6>[ 257.360308] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.365147] lkdtm: Stack offset: 0 <6>[ 257.369313] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.374401] lkdtm: Stack offset: 0 <6>[ 257.378619] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.383480] lkdtm: Stack offset: 0 <6>[ 257.387761] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.392755] lkdtm: Stack offset: 0 <6>[ 257.396947] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.402232] lkdtm: Stack offset: 0 <6>[ 257.406150] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.411063] lkdtm: Stack offset: 0 <6>[ 257.415281] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.420253] lkdtm: Stack offset: 0 <6>[ 257.424459] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.429422] lkdtm: Stack offset: 0 <6>[ 257.433625] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.438620] lkdtm: Stack offset: 0 <6>[ 257.442793] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.447784] lkdtm: Stack offset: 0 <6>[ 257.451976] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.456961] lkdtm: Stack offset: 0 <6>[ 257.462514] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.470457] lkdtm: Stack offset: 0 <6>[ 257.477480] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.481724] lkdtm: Stack offset: 0 <6>[ 257.494535] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.498725] lkdtm: Stack offset: 0 <6>[ 257.504753] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.509087] lkdtm: Stack offset: 0 <6>[ 257.513807] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.518532] lkdtm: Stack offset: 0 <6>[ 257.526391] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.530555] lkdtm: Stack offset: 0 <6>[ 257.535423] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.539776] lkdtm: Stack offset: 0 <6>[ 257.544587] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.548932] lkdtm: Stack offset: 0 <6>[ 257.553705] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.558176] lkdtm: Stack offset: 0 <6>[ 257.562772] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.567514] lkdtm: Stack offset: 0 <6>[ 257.571946] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.576661] lkdtm: Stack offset: 0 <6>[ 257.581144] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.585618] lkdtm: Stack offset: 0 <6>[ 257.590423] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.594858] lkdtm: Stack offset: 0 <6>[ 257.599568] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.604028] lkdtm: Stack offset: 0 <6>[ 257.608702] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.613242] lkdtm: Stack offset: 0 <6>[ 257.617848] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.622413] lkdtm: Stack offset: 0 <6>[ 257.626991] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.631570] lkdtm: Stack offset: 0 <6>[ 257.636092] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.640804] lkdtm: Stack offset: 0 <6>[ 257.645527] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.649873] lkdtm: Stack offset: 0 <6>[ 257.654650] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.659108] lkdtm: Stack offset: 0 <6>[ 257.663794] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.668519] lkdtm: Stack offset: 0 <6>[ 257.672992] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.677511] lkdtm: Stack offset: 0 <6>[ 257.682114] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.686770] lkdtm: Stack offset: 0 <6>[ 257.691317] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.695780] lkdtm: Stack offset: 0 <6>[ 257.700060] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.705055] lkdtm: Stack offset: 0 <6>[ 257.709445] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.714223] lkdtm: Stack offset: 0 <6>[ 257.718388] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.723357] lkdtm: Stack offset: 0 <6>[ 257.727599] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.732597] lkdtm: Stack offset: 0 <6>[ 257.736774] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.741794] lkdtm: Stack offset: 0 <6>[ 257.745968] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.750962] lkdtm: Stack offset: 0 <6>[ 257.755157] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.760085] lkdtm: Stack offset: 0 <6>[ 257.764317] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.769278] lkdtm: Stack offset: 0 <6>[ 257.773490] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.778459] lkdtm: Stack offset: 0 <6>[ 257.782658] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.788421] lkdtm: Stack offset: 0 <6>[ 257.793782] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.797971] lkdtm: Stack offset: 0 <6>[ 257.803562] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.809413] lkdtm: Stack offset: 0 <6>[ 257.817787] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.824712] lkdtm: Stack offset: 0 <6>[ 257.830355] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.834525] lkdtm: Stack offset: 0 <6>[ 257.838840] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.844162] lkdtm: Stack offset: 0 <6>[ 257.848679] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.852959] lkdtm: Stack offset: 0 <6>[ 257.857709] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.862066] lkdtm: Stack offset: 0 <6>[ 257.866822] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.871293] lkdtm: Stack offset: 0 <6>[ 257.875523] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.880491] lkdtm: Stack offset: 0 <6>[ 257.884685] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.889878] lkdtm: Stack offset: 0 <6>[ 257.893870] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.899010] lkdtm: Stack offset: 0 <6>[ 257.903081] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.908062] lkdtm: Stack offset: 0 <6>[ 257.912336] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.917209] lkdtm: Stack offset: 0 <6>[ 257.921376] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.926345] lkdtm: Stack offset: 0 <6>[ 257.930660] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.935532] lkdtm: Stack offset: 0 <6>[ 257.939793] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.944783] lkdtm: Stack offset: 0 <6>[ 257.949319] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.953885] lkdtm: Stack offset: 0 <6>[ 257.958127] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.963117] lkdtm: Stack offset: 0 <6>[ 257.967404] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.972255] lkdtm: Stack offset: 0 <6>[ 257.976510] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.981482] lkdtm: Stack offset: 0 <6>[ 257.985674] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.990643] lkdtm: Stack offset: 0 <6>[ 257.994790] lkdtm: Performing direct entry REPORT_STACK <6>[ 257.999884] lkdtm: Stack offset: 0 <6>[ 258.004074] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.009348] lkdtm: Stack offset: 0 <6>[ 258.013349] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.018242] lkdtm: Stack offset: 0 <6>[ 258.022420] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.027394] lkdtm: Stack offset: 0 <6>[ 258.031614] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.036646] lkdtm: Stack offset: 0 <6>[ 258.040816] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.045792] lkdtm: Stack offset: 0 <6>[ 258.049947] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.054937] lkdtm: Stack offset: 0 <6>[ 258.059124] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.064102] lkdtm: Stack offset: 0 <6>[ 258.068385] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.073240] lkdtm: Stack offset: 0 <6>[ 258.077478] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.082477] lkdtm: Stack offset: 0 <6>[ 258.086678] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.091648] lkdtm: Stack offset: 0 <6>[ 258.095803] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.100791] lkdtm: Stack offset: 0 <6>[ 258.106591] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.110763] lkdtm: Stack offset: 0 <6>[ 258.117363] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.121559] lkdtm: Stack offset: 0 <6>[ 258.133320] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.141410] lkdtm: Stack offset: 0 <6>[ 258.147029] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.153391] lkdtm: Stack offset: 0 <6>[ 258.157490] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.161929] lkdtm: Stack offset: 0 <6>[ 258.166340] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.171448] lkdtm: Stack offset: 0 <6>[ 258.178082] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.182299] lkdtm: Stack offset: 0 <6>[ 258.187681] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.194583] lkdtm: Stack offset: 0 <6>[ 258.201964] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.206238] lkdtm: Stack offset: 0 <6>[ 258.210541] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.215732] lkdtm: Stack offset: 0 <6>[ 258.220180] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.224566] lkdtm: Stack offset: 0 <6>[ 258.228838] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.233702] lkdtm: Stack offset: 0 <6>[ 258.238011] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.242994] lkdtm: Stack offset: 0 <6>[ 258.247604] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.252051] lkdtm: Stack offset: 0 <6>[ 258.256768] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.261436] lkdtm: Stack offset: 0 <6>[ 258.265983] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.270651] lkdtm: Stack offset: 0 <6>[ 258.275356] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.279638] lkdtm: Stack offset: 0 <6>[ 258.284312] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.288769] lkdtm: Stack offset: 0 <6>[ 258.293572] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.297923] lkdtm: Stack offset: 0 <6>[ 258.302703] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.307170] lkdtm: Stack offset: 0 <6>[ 258.311766] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.316326] lkdtm: Stack offset: 0 <6>[ 258.320871] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.325540] lkdtm: Stack offset: 0 <6>[ 258.330322] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.334656] lkdtm: Stack offset: 0 <6>[ 258.339472] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.343824] lkdtm: Stack offset: 0 <6>[ 258.348636] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.352991] lkdtm: Stack offset: 0 <6>[ 258.357719] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.362208] lkdtm: Stack offset: 0 <6>[ 258.366848] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.371419] lkdtm: Stack offset: 0 <6>[ 258.375969] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.380550] lkdtm: Stack offset: 0 <6>[ 258.385181] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.389746] lkdtm: Stack offset: 0 <6>[ 258.394433] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.398913] lkdtm: Stack offset: 0 <6>[ 258.403691] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.408159] lkdtm: Stack offset: 0 <6>[ 258.412762] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.417321] lkdtm: Stack offset: 0 <6>[ 258.421870] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.426437] lkdtm: Stack offset: 0 <6>[ 258.431112] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.435680] lkdtm: Stack offset: 0 <6>[ 258.440296] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.444850] lkdtm: Stack offset: 0 <6>[ 258.449505] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.453957] lkdtm: Stack offset: 0 <6>[ 258.458172] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.463173] lkdtm: Stack offset: 0 <6>[ 258.467504] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.472357] lkdtm: Stack offset: 0 <6>[ 258.476541] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.481777] lkdtm: Stack offset: 0 <6>[ 258.489686] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.493862] lkdtm: Stack offset: 0 <6>[ 258.499838] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.504330] lkdtm: Stack offset: 0 <6>[ 258.513157] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.523788] lkdtm: Stack offset: 0 <6>[ 258.528021] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.532341] lkdtm: Stack offset: 0 <6>[ 258.536862] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.541763] lkdtm: Stack offset: 0 <6>[ 258.549262] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.553493] lkdtm: Stack offset: 0 <6>[ 258.558113] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.562679] lkdtm: Stack offset: 0 <6>[ 258.567393] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.571853] lkdtm: Stack offset: 0 <6>[ 258.576582] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.581038] lkdtm: Stack offset: 0 <6>[ 258.585703] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.590382] lkdtm: Stack offset: 0 <6>[ 258.594867] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.599481] lkdtm: Stack offset: 0 <6>[ 258.603985] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.608563] lkdtm: Stack offset: 0 <6>[ 258.613129] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.617745] lkdtm: Stack offset: 0 <6>[ 258.622453] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.626898] lkdtm: Stack offset: 0 <6>[ 258.631681] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.636054] lkdtm: Stack offset: 0 <6>[ 258.640811] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.645285] lkdtm: Stack offset: 0 <6>[ 258.649849] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.654416] lkdtm: Stack offset: 0 <6>[ 258.659086] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.663658] lkdtm: Stack offset: 0 <6>[ 258.668168] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.672821] lkdtm: Stack offset: 0 <6>[ 258.676996] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.681988] lkdtm: Stack offset: 0 <6>[ 258.686176] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.691404] lkdtm: Stack offset: 0 <6>[ 258.695549] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.700355] lkdtm: Stack offset: 0 <6>[ 258.704613] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.709666] lkdtm: Stack offset: 0 <6>[ 258.713750] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.718789] lkdtm: Stack offset: 0 <6>[ 258.723489] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.727845] lkdtm: Stack offset: 0 <6>[ 258.732251] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.737126] lkdtm: Stack offset: 0 <6>[ 258.741368] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.746246] lkdtm: Stack offset: 0 <6>[ 258.750469] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.755465] lkdtm: Stack offset: 0 <6>[ 258.759702] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.764576] lkdtm: Stack offset: 0 <6>[ 258.768831] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.773823] lkdtm: Stack offset: 0 <6>[ 258.778009] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.782987] lkdtm: Stack offset: 0 <6>[ 258.787165] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.792098] lkdtm: Stack offset: 0 <6>[ 258.796424] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.801287] lkdtm: Stack offset: 0 <6>[ 258.805601] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.811789] lkdtm: Stack offset: 0 <6>[ 258.816261] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.820435] lkdtm: Stack offset: 0 <6>[ 258.824976] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.831775] lkdtm: Stack offset: 0 <6>[ 258.843557] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.847738] lkdtm: Stack offset: 0 <6>[ 258.852688] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.856962] lkdtm: Stack offset: 0 <6>[ 258.861621] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.866690] lkdtm: Stack offset: 0 <6>[ 258.871047] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.875358] lkdtm: Stack offset: 0 <6>[ 258.879642] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.884512] lkdtm: Stack offset: 0 <6>[ 258.888757] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.893586] lkdtm: Stack offset: 0 <6>[ 258.897794] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.902875] lkdtm: Stack offset: 0 <6>[ 258.907033] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.912013] lkdtm: Stack offset: 0 <6>[ 258.916381] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.921272] lkdtm: Stack offset: 0 <6>[ 258.925635] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.930412] lkdtm: Stack offset: 0 <6>[ 258.934625] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.939602] lkdtm: Stack offset: 0 <6>[ 258.943781] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.948771] lkdtm: Stack offset: 0 <6>[ 258.952958] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.957975] lkdtm: Stack offset: 0 <6>[ 258.962158] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.967105] lkdtm: Stack offset: 0 <6>[ 258.971344] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.976305] lkdtm: Stack offset: 0 <6>[ 258.980516] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.985483] lkdtm: Stack offset: 0 <6>[ 258.989675] lkdtm: Performing direct entry REPORT_STACK <6>[ 258.994644] lkdtm: Stack offset: 0 <6>[ 258.998792] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.003885] lkdtm: Stack offset: 0 <6>[ 259.008068] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.013042] lkdtm: Stack offset: 0 <6>[ 259.017297] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.022167] lkdtm: Stack offset: 0 <6>[ 259.026462] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.031330] lkdtm: Stack offset: 0 <6>[ 259.035494] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.040565] lkdtm: Stack offset: 0 <6>[ 259.044755] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.049744] lkdtm: Stack offset: 0 <6>[ 259.053970] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.058846] lkdtm: Stack offset: 0 <6>[ 259.063312] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.068055] lkdtm: Stack offset: 0 <6>[ 259.072180] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.077218] lkdtm: Stack offset: 0 <6>[ 259.081451] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.086443] lkdtm: Stack offset: 0 <6>[ 259.090653] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.095650] lkdtm: Stack offset: 0 <6>[ 259.099805] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.104790] lkdtm: Stack offset: 0 <6>[ 259.108971] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.113943] lkdtm: Stack offset: 0 <6>[ 259.118113] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.123099] lkdtm: Stack offset: 0 <6>[ 259.127473] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.132239] lkdtm: Stack offset: 0 <6>[ 259.136541] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.141515] lkdtm: Stack offset: 0 <6>[ 259.145813] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.150689] lkdtm: Stack offset: 0 <6>[ 259.154919] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.159938] lkdtm: Stack offset: 0 <6>[ 259.172343] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.176555] lkdtm: Stack offset: 0 <6>[ 259.181072] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.185801] lkdtm: Stack offset: 0 <6>[ 259.190141] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.194886] lkdtm: Stack offset: 0 <6>[ 259.199995] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.204241] lkdtm: Stack offset: 0 <6>[ 259.208655] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.213593] lkdtm: Stack offset: 0 <6>[ 259.217805] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.222632] lkdtm: Stack offset: 0 <6>[ 259.226895] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.231833] lkdtm: Stack offset: 0 <6>[ 259.235986] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.241003] lkdtm: Stack offset: 0 <6>[ 259.245400] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.250071] lkdtm: Stack offset: 0 <6>[ 259.255029] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.259312] lkdtm: Stack offset: 0 <6>[ 259.263659] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.268426] lkdtm: Stack offset: 0 <6>[ 259.272751] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.277592] lkdtm: Stack offset: 0 <6>[ 259.281860] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.286920] lkdtm: Stack offset: 0 <6>[ 259.291334] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.296174] lkdtm: Stack offset: 0 <6>[ 259.300311] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.305322] lkdtm: Stack offset: 0 <6>[ 259.309443] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.314315] lkdtm: Stack offset: 0 <6>[ 259.318651] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.323522] lkdtm: Stack offset: 0 <6>[ 259.327712] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.332684] lkdtm: Stack offset: 0 <6>[ 259.336939] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.341965] lkdtm: Stack offset: 0 <6>[ 259.346134] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.351043] lkdtm: Stack offset: 0 <6>[ 259.355371] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.360251] lkdtm: Stack offset: 0 <6>[ 259.364467] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.369434] lkdtm: Stack offset: 0 <6>[ 259.373648] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.378618] lkdtm: Stack offset: 0 <6>[ 259.382819] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.387805] lkdtm: Stack offset: 0 <6>[ 259.391994] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.396982] lkdtm: Stack offset: 0 <6>[ 259.401159] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.406084] lkdtm: Stack offset: 0 <6>[ 259.410395] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.415360] lkdtm: Stack offset: 0 <6>[ 259.419563] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.424530] lkdtm: Stack offset: 0 <6>[ 259.428732] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.433704] lkdtm: Stack offset: 0 <6>[ 259.437855] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.442847] lkdtm: Stack offset: 0 <6>[ 259.447071] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.452049] lkdtm: Stack offset: 0 <6>[ 259.456308] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.461163] lkdtm: Stack offset: 0 <6>[ 259.465459] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.470403] lkdtm: Stack offset: 0 <6>[ 259.474539] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.479602] lkdtm: Stack offset: 0 <6>[ 259.483765] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.488752] lkdtm: Stack offset: 0 <6>[ 259.492945] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.497921] lkdtm: Stack offset: 0 <6>[ 259.502095] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.507081] lkdtm: Stack offset: 0 <6>[ 259.511472] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.516242] lkdtm: Stack offset: 0 <6>[ 259.520478] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.525437] lkdtm: Stack offset: 0 <6>[ 259.529708] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.534574] lkdtm: Stack offset: 0 <6>[ 259.538914] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.543827] lkdtm: Stack offset: 0 <6>[ 259.548104] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.552998] lkdtm: Stack offset: 0 <6>[ 259.557335] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.562243] lkdtm: Stack offset: 0 <6>[ 259.566460] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.571335] lkdtm: Stack offset: 0 <6>[ 259.576265] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.580558] lkdtm: Stack offset: 0 <6>[ 259.587403] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.591595] lkdtm: Stack offset: 0 <6>[ 259.595945] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.600854] lkdtm: Stack offset: 0 <6>[ 259.605099] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.610147] lkdtm: Stack offset: 0 <6>[ 259.615684] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.619874] lkdtm: Stack offset: 0 <6>[ 259.624796] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.629505] lkdtm: Stack offset: 0 <6>[ 259.633964] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.638337] lkdtm: Stack offset: 0 <6>[ 259.642930] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.647399] lkdtm: Stack offset: 0 <6>[ 259.652171] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.656606] lkdtm: Stack offset: 0 <6>[ 259.661303] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.665760] lkdtm: Stack offset: 0 <6>[ 259.670584] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.674931] lkdtm: Stack offset: 0 <6>[ 259.679688] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.684152] lkdtm: Stack offset: 0 <6>[ 259.688812] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.693491] lkdtm: Stack offset: 0 <6>[ 259.698000] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.702606] lkdtm: Stack offset: 0 <6>[ 259.707131] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.711718] lkdtm: Stack offset: 0 <6>[ 259.716391] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.720832] lkdtm: Stack offset: 0 <6>[ 259.725598] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.730048] lkdtm: Stack offset: 0 <6>[ 259.734712] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.739161] lkdtm: Stack offset: 0 <6>[ 259.743499] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.748346] lkdtm: Stack offset: 0 <6>[ 259.752601] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.757587] lkdtm: Stack offset: 0 <6>[ 259.761771] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.766769] lkdtm: Stack offset: 0 <6>[ 259.770982] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.775955] lkdtm: Stack offset: 0 <6>[ 259.780128] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.785105] lkdtm: Stack offset: 0 <6>[ 259.789406] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.794253] lkdtm: Stack offset: 0 <6>[ 259.798503] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.803472] lkdtm: Stack offset: 0 <6>[ 259.807677] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.812646] lkdtm: Stack offset: 0 <6>[ 259.816782] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.821877] lkdtm: Stack offset: 0 <6>[ 259.826070] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.831041] lkdtm: Stack offset: 0 <6>[ 259.835326] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.840171] lkdtm: Stack offset: 0 <6>[ 259.844486] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.849335] lkdtm: Stack offset: 0 <6>[ 259.853589] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.858551] lkdtm: Stack offset: 0 <6>[ 259.862753] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.867743] lkdtm: Stack offset: 0 <6>[ 259.871930] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.876915] lkdtm: Stack offset: 0 <6>[ 259.881091] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.886067] lkdtm: Stack offset: 0 <6>[ 259.890311] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.895249] lkdtm: Stack offset: 0 <6>[ 259.899428] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.904394] lkdtm: Stack offset: 0 <6>[ 259.908696] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.913561] lkdtm: Stack offset: 0 <6>[ 259.917897] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.922780] lkdtm: Stack offset: 0 <6>[ 259.927003] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.932046] lkdtm: Stack offset: 0 <6>[ 259.936335] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.941123] lkdtm: Stack offset: 0 <6>[ 259.945465] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.950307] lkdtm: Stack offset: 0 <6>[ 259.954663] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.959452] lkdtm: Stack offset: 0 <6>[ 259.963964] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.968671] lkdtm: Stack offset: 0 <6>[ 259.972895] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.977903] lkdtm: Stack offset: 0 <6>[ 259.982140] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.986990] lkdtm: Stack offset: 0 <6>[ 259.991338] lkdtm: Performing direct entry REPORT_STACK <6>[ 259.996322] lkdtm: Stack offset: 0 <6>[ 260.000564] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.005329] lkdtm: Stack offset: 0 <6>[ 260.009718] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.014598] lkdtm: Stack offset: 0 <6>[ 260.018858] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.023757] lkdtm: Stack offset: 0 <6>[ 260.028120] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.032902] lkdtm: Stack offset: 0 <6>[ 260.037593] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.042049] lkdtm: Stack offset: 0 <6>[ 260.046886] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.051275] lkdtm: Stack offset: 0 <6>[ 260.055929] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.060428] lkdtm: Stack offset: 0 <6>[ 260.065045] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.069636] lkdtm: Stack offset: 0 <6>[ 260.074126] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.078841] lkdtm: Stack offset: 0 <6>[ 260.083750] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.088140] lkdtm: Stack offset: 0 <6>[ 260.092730] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.097223] lkdtm: Stack offset: 0 <6>[ 260.101887] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.106360] lkdtm: Stack offset: 0 <6>[ 260.110927] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.115492] lkdtm: Stack offset: 0 <6>[ 260.120062] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.124764] lkdtm: Stack offset: 0 <6>[ 260.129479] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.133844] lkdtm: Stack offset: 0 <6>[ 260.138707] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.143102] lkdtm: Stack offset: 0 <6>[ 260.147821] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.152181] lkdtm: Stack offset: 0 <6>[ 260.156540] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.161391] lkdtm: Stack offset: 0 <6>[ 260.165614] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.170564] lkdtm: Stack offset: 0 <6>[ 260.174775] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.179732] lkdtm: Stack offset: 0 <6>[ 260.184017] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.189003] lkdtm: Stack offset: 0 <6>[ 260.193252] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.198091] lkdtm: Stack offset: 0 <6>[ 260.202408] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.207255] lkdtm: Stack offset: 0 <6>[ 260.211583] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.216468] lkdtm: Stack offset: 0 <6>[ 260.220677] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.225652] lkdtm: Stack offset: 0 <6>[ 260.229808] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.234898] lkdtm: Stack offset: 0 <6>[ 260.239081] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.244056] lkdtm: Stack offset: 0 <6>[ 260.248319] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.253229] lkdtm: Stack offset: 0 <6>[ 260.257406] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.262377] lkdtm: Stack offset: 0 <6>[ 260.266593] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.271558] lkdtm: Stack offset: 0 <6>[ 260.275738] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.280705] lkdtm: Stack offset: 0 <6>[ 260.284870] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.289959] lkdtm: Stack offset: 0 <6>[ 260.294145] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.299070] lkdtm: Stack offset: 0 <6>[ 260.303288] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.308266] lkdtm: Stack offset: 0 <6>[ 260.312564] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.317581] lkdtm: Stack offset: 0 <6>[ 260.323575] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.327760] lkdtm: Stack offset: 0 <6>[ 260.332730] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.337072] lkdtm: Stack offset: 0 <6>[ 260.341787] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.346221] lkdtm: Stack offset: 0 <6>[ 260.350933] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.355319] lkdtm: Stack offset: 0 <6>[ 260.360034] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.364508] lkdtm: Stack offset: 0 <6>[ 260.369296] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.373663] lkdtm: Stack offset: 0 <6>[ 260.378521] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.383022] lkdtm: Stack offset: 0 <6>[ 260.397900] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.402311] lkdtm: Stack offset: 0 <6>[ 260.406831] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.411289] lkdtm: Stack offset: 0 <6>[ 260.415964] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.420440] lkdtm: Stack offset: 0 <6>[ 260.425141] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.429624] lkdtm: Stack offset: 0 <6>[ 260.434410] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.438848] lkdtm: Stack offset: 0 <6>[ 260.443571] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.448061] lkdtm: Stack offset: 0 <6>[ 260.452730] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.457417] lkdtm: Stack offset: 0 <6>[ 260.461880] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.466482] lkdtm: Stack offset: 0 <6>[ 260.471001] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.475578] lkdtm: Stack offset: 0 <6>[ 260.480096] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.484827] lkdtm: Stack offset: 0 <6>[ 260.489417] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.493859] lkdtm: Stack offset: 0 <6>[ 260.498633] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.503092] lkdtm: Stack offset: 0 <6>[ 260.507751] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.512262] lkdtm: Stack offset: 0 <6>[ 260.516825] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.521392] lkdtm: Stack offset: 0 <6>[ 260.526056] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.530628] lkdtm: Stack offset: 0 <6>[ 260.535149] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.539788] lkdtm: Stack offset: 0 <6>[ 260.543956] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.548957] lkdtm: Stack offset: 0 <6>[ 260.553152] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.558167] lkdtm: Stack offset: 0 <6>[ 260.562468] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.567321] lkdtm: Stack offset: 0 <6>[ 260.571480] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.576476] lkdtm: Stack offset: 0 <6>[ 260.580675] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.585641] lkdtm: Stack offset: 0 <6>[ 260.589916] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.594907] lkdtm: Stack offset: 0 <6>[ 260.599093] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.604086] lkdtm: Stack offset: 0 <6>[ 260.608336] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.613179] lkdtm: Stack offset: 0 <6>[ 260.617460] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.622426] lkdtm: Stack offset: 0 <6>[ 260.626587] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.631548] lkdtm: Stack offset: 0 <6>[ 260.635735] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.640732] lkdtm: Stack offset: 0 <6>[ 260.644882] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.649971] lkdtm: Stack offset: 0 <6>[ 260.654272] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.659124] lkdtm: Stack offset: 0 <6>[ 260.663347] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.668307] lkdtm: Stack offset: 0 <6>[ 260.672501] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.677467] lkdtm: Stack offset: 0 <6>[ 260.681740] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.686619] lkdtm: Stack offset: 0 <6>[ 260.690877] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.695775] lkdtm: Stack offset: 0 <6>[ 260.700009] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.705154] lkdtm: Stack offset: 0 <6>[ 260.711407] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.715645] lkdtm: Stack offset: 0 <6>[ 260.720484] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.724978] lkdtm: Stack offset: 0 <6>[ 260.729638] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.734021] lkdtm: Stack offset: 0 <6>[ 260.738890] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.743209] lkdtm: Stack offset: 0 <6>[ 260.747922] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.752306] lkdtm: Stack offset: 0 <6>[ 260.757071] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.761560] lkdtm: Stack offset: 0 <6>[ 260.766425] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.770757] lkdtm: Stack offset: 0 <6>[ 260.775616] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.779903] lkdtm: Stack offset: 0 <6>[ 260.784681] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.789029] lkdtm: Stack offset: 0 <6>[ 260.793731] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.798239] lkdtm: Stack offset: 0 <6>[ 260.802930] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.807411] lkdtm: Stack offset: 0 <6>[ 260.812056] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.816633] lkdtm: Stack offset: 0 <6>[ 260.821310] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.825759] lkdtm: Stack offset: 0 <6>[ 260.830429] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.835073] lkdtm: Stack offset: 0 <6>[ 260.839678] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.844339] lkdtm: Stack offset: 0 <6>[ 260.848831] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.853306] lkdtm: Stack offset: 0 <6>[ 260.857886] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.862462] lkdtm: Stack offset: 0 <6>[ 260.867062] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.871635] lkdtm: Stack offset: 0 <6>[ 260.876156] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.880802] lkdtm: Stack offset: 0 <6>[ 260.885488] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.889937] lkdtm: Stack offset: 0 <6>[ 260.894750] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.899238] lkdtm: Stack offset: 0 <6>[ 260.903864] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.908336] lkdtm: Stack offset: 0 <6>[ 260.912982] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.917597] lkdtm: Stack offset: 0 <6>[ 260.922166] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.926731] lkdtm: Stack offset: 0 <6>[ 260.931435] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.935877] lkdtm: Stack offset: 0 <6>[ 260.940555] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.945011] lkdtm: Stack offset: 0 <6>[ 260.949750] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.954235] lkdtm: Stack offset: 0 <6>[ 260.958849] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.963413] lkdtm: Stack offset: 0 <6>[ 260.967991] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.972576] lkdtm: Stack offset: 0 <6>[ 260.977181] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.981725] lkdtm: Stack offset: 0 <6>[ 260.986518] lkdtm: Performing direct entry REPORT_STACK <6>[ 260.990961] lkdtm: Stack offset: 0 <6>[ 260.995672] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.000127] lkdtm: Stack offset: 0 <6>[ 261.004846] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.009343] lkdtm: Stack offset: 0 <6>[ 261.014006] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.018478] lkdtm: Stack offset: 0 <6>[ 261.023070] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.027654] lkdtm: Stack offset: 0 <6>[ 261.032169] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.036810] lkdtm: Stack offset: 0 <6>[ 261.041496] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.045938] lkdtm: Stack offset: 0 <6>[ 261.050671] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.055261] lkdtm: Stack offset: 0 <6>[ 261.059895] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.064356] lkdtm: Stack offset: 0 <6>[ 261.069088] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.073564] lkdtm: Stack offset: 0 <6>[ 261.078487] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.082766] lkdtm: Stack offset: 0 <6>[ 261.087635] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.091913] lkdtm: Stack offset: 0 <6>[ 261.096854] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.101142] lkdtm: Stack offset: 0 <6>[ 261.105897] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.110276] lkdtm: Stack offset: 0 <6>[ 261.115038] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.119415] lkdtm: Stack offset: 0 <6>[ 261.124312] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.128581] lkdtm: Stack offset: 0 <6>[ 261.133817] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.138033] lkdtm: Stack offset: 0 <6>[ 261.145647] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.149852] lkdtm: Stack offset: 0 <6>[ 261.155899] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.160080] lkdtm: Stack offset: 0 <6>[ 261.164956] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.169419] lkdtm: Stack offset: 0 <6>[ 261.173948] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.178506] lkdtm: Stack offset: 0 <6>[ 261.183174] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.187629] lkdtm: Stack offset: 0 <6>[ 261.192165] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.196848] lkdtm: Stack offset: 0 <6>[ 261.201546] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.205999] lkdtm: Stack offset: 0 <6>[ 261.210690] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.215146] lkdtm: Stack offset: 0 <6>[ 261.219837] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.224612] lkdtm: Stack offset: 0 <6>[ 261.229026] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.233645] lkdtm: Stack offset: 0 <6>[ 261.238136] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.242709] lkdtm: Stack offset: 0 <6>[ 261.247411] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.251875] lkdtm: Stack offset: 0 <6>[ 261.256627] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.261084] lkdtm: Stack offset: 0 <6>[ 261.265731] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.270298] lkdtm: Stack offset: 0 <6>[ 261.274847] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.279465] lkdtm: Stack offset: 0 <6>[ 261.284160] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.288576] lkdtm: Stack offset: 0 <6>[ 261.293293] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.297742] lkdtm: Stack offset: 0 <6>[ 261.302539] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.306982] lkdtm: Stack offset: 0 <6>[ 261.311642] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.316122] lkdtm: Stack offset: 0 <6>[ 261.320781] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.325348] lkdtm: Stack offset: 0 <6>[ 261.329912] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.334512] lkdtm: Stack offset: 0 <6>[ 261.339081] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.343649] lkdtm: Stack offset: 0 <6>[ 261.348425] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.352875] lkdtm: Stack offset: 0 <6>[ 261.357577] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.362021] lkdtm: Stack offset: 0 <6>[ 261.366742] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.371297] lkdtm: Stack offset: 0 <6>[ 261.375836] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.380438] lkdtm: Stack offset: 0 <6>[ 261.384986] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.389592] lkdtm: Stack offset: 0 <6>[ 261.394145] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.398713] lkdtm: Stack offset: 0 <6>[ 261.403501] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.407941] lkdtm: Stack offset: 0 <6>[ 261.412615] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.417073] lkdtm: Stack offset: 0 <6>[ 261.421731] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.426283] lkdtm: Stack offset: 0 <6>[ 261.430840] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.435426] lkdtm: Stack offset: 0 <6>[ 261.440033] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.444668] lkdtm: Stack offset: 0 <6>[ 261.449541] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.453819] lkdtm: Stack offset: 0 <6>[ 261.458633] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.463015] lkdtm: Stack offset: 0 <6>[ 261.467773] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.472167] lkdtm: Stack offset: 0 <6>[ 261.476875] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.481359] lkdtm: Stack offset: 0 <6>[ 261.486304] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.490463] lkdtm: Stack offset: 0 <6>[ 261.495403] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.499680] lkdtm: Stack offset: 0 <6>[ 261.504551] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.508924] lkdtm: Stack offset: 0 <6>[ 261.513805] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.518094] lkdtm: Stack offset: 0 <6>[ 261.522891] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.527275] lkdtm: Stack offset: 0 <6>[ 261.531989] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.536375] lkdtm: Stack offset: 0 <6>[ 261.541261] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.545528] lkdtm: Stack offset: 0 <6>[ 261.550477] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.554755] lkdtm: Stack offset: 0 <6>[ 261.559625] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.563913] lkdtm: Stack offset: 0 <6>[ 261.568687] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.573162] lkdtm: Stack offset: 0 <6>[ 261.577768] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.582267] lkdtm: Stack offset: 0 <6>[ 261.586963] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.591434] lkdtm: Stack offset: 0 <6>[ 261.596134] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.600622] lkdtm: Stack offset: 0 <6>[ 261.605165] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.609846] lkdtm: Stack offset: 0 <6>[ 261.614533] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.619177] lkdtm: Stack offset: 0 <6>[ 261.623714] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.628329] lkdtm: Stack offset: 0 <6>[ 261.632842] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.637429] lkdtm: Stack offset: 0 <6>[ 261.642018] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.646522] lkdtm: Stack offset: 0 <6>[ 261.651140] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.655686] lkdtm: Stack offset: 0 <6>[ 261.660472] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.664921] lkdtm: Stack offset: 0 <6>[ 261.669038] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.674122] lkdtm: Stack offset: 0 <6>[ 261.678434] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.683206] lkdtm: Stack offset: 0 <6>[ 261.687449] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.692414] lkdtm: Stack offset: 0 <6>[ 261.696617] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.701620] lkdtm: Stack offset: 0 <6>[ 261.705788] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.710775] lkdtm: Stack offset: 0 <6>[ 261.714949] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.719929] lkdtm: Stack offset: 0 <6>[ 261.724271] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.729116] lkdtm: Stack offset: 0 <6>[ 261.733392] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.738359] lkdtm: Stack offset: 0 <6>[ 261.742567] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.747552] lkdtm: Stack offset: 0 <6>[ 261.751715] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.756726] lkdtm: Stack offset: 0 <6>[ 261.760894] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.765953] lkdtm: Stack offset: 0 <6>[ 261.770032] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.775012] lkdtm: Stack offset: 0 <6>[ 261.779290] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.784135] lkdtm: Stack offset: 0 <6>[ 261.788766] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.793432] lkdtm: Stack offset: 0 <6>[ 261.797661] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.802532] lkdtm: Stack offset: 0 <6>[ 261.806781] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.811781] lkdtm: Stack offset: 0 <6>[ 261.815963] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.820936] lkdtm: Stack offset: 0 <6>[ 261.825105] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.830116] lkdtm: Stack offset: 0 <6>[ 261.834381] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.839242] lkdtm: Stack offset: 0 <6>[ 261.843495] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.848452] lkdtm: Stack offset: 0 <6>[ 261.852750] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.857622] lkdtm: Stack offset: 0 <6>[ 261.861834] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.866839] lkdtm: Stack offset: 0 <6>[ 261.871066] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.875969] lkdtm: Stack offset: 0 <6>[ 261.880291] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.885178] lkdtm: Stack offset: 0 <6>[ 261.889528] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.894394] lkdtm: Stack offset: 0 <6>[ 261.898883] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.903569] lkdtm: Stack offset: 0 <6>[ 261.907864] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.912649] lkdtm: Stack offset: 0 <6>[ 261.917157] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.921847] lkdtm: Stack offset: 0 <6>[ 261.926274] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.931035] lkdtm: Stack offset: 0 <6>[ 261.936320] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.940487] lkdtm: Stack offset: 0 <6>[ 261.945471] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.949813] lkdtm: Stack offset: 0 <6>[ 261.954582] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.958968] lkdtm: Stack offset: 0 <6>[ 261.963735] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.968118] lkdtm: Stack offset: 0 <6>[ 261.972824] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.977276] lkdtm: Stack offset: 0 <6>[ 261.981892] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.986473] lkdtm: Stack offset: 0 <6>[ 261.991139] lkdtm: Performing direct entry REPORT_STACK <6>[ 261.995554] lkdtm: Stack offset: 0 <6>[ 262.000288] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.004742] lkdtm: Stack offset: 0 <6>[ 262.009563] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.013909] lkdtm: Stack offset: 0 <6>[ 262.018674] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.023140] lkdtm: Stack offset: 0 <6>[ 262.027834] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.032302] lkdtm: Stack offset: 0 <6>[ 262.037002] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.041470] lkdtm: Stack offset: 0 <6>[ 262.046135] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.050696] lkdtm: Stack offset: 0 <6>[ 262.055418] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.059878] lkdtm: Stack offset: 0 <6>[ 262.064559] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.069020] lkdtm: Stack offset: 0 <6>[ 262.073686] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.078270] lkdtm: Stack offset: 0 <6>[ 262.082839] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.087407] lkdtm: Stack offset: 0 <6>[ 262.091978] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.096551] lkdtm: Stack offset: 0 <6>[ 262.101143] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.105694] lkdtm: Stack offset: 0 <6>[ 262.110485] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.114928] lkdtm: Stack offset: 0 <6>[ 262.119644] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.124104] lkdtm: Stack offset: 0 <6>[ 262.128757] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.133323] lkdtm: Stack offset: 0 <6>[ 262.137871] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.142439] lkdtm: Stack offset: 0 <6>[ 262.147021] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.151593] lkdtm: Stack offset: 0 <6>[ 262.156299] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.160751] lkdtm: Stack offset: 0 <6>[ 262.165523] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.169984] lkdtm: Stack offset: 0 <6>[ 262.174102] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.179214] lkdtm: Stack offset: 0 <6>[ 262.183466] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.188358] lkdtm: Stack offset: 0 <6>[ 262.192578] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.197548] lkdtm: Stack offset: 0 <6>[ 262.201727] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.206705] lkdtm: Stack offset: 0 <6>[ 262.210859] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.215949] lkdtm: Stack offset: 0 <6>[ 262.220129] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.225119] lkdtm: Stack offset: 0 <6>[ 262.229388] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.234247] lkdtm: Stack offset: 0 <6>[ 262.238383] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.243454] lkdtm: Stack offset: 0 <6>[ 262.247775] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.252560] lkdtm: Stack offset: 0 <6>[ 262.256886] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.261783] lkdtm: Stack offset: 0 <6>[ 262.266016] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.271041] lkdtm: Stack offset: 0 <6>[ 262.275267] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.280140] lkdtm: Stack offset: 0 <6>[ 262.284460] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.289335] lkdtm: Stack offset: 0 <6>[ 262.293640] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.298520] lkdtm: Stack offset: 0 <6>[ 262.302818] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.307691] lkdtm: Stack offset: 0 <6>[ 262.312045] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.316837] lkdtm: Stack offset: 0 <6>[ 262.321740] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.326052] lkdtm: Stack offset: 0 <6>[ 262.330838] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.335258] lkdtm: Stack offset: 0 <6>[ 262.339934] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.344530] lkdtm: Stack offset: 0 <6>[ 262.349828] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.354017] lkdtm: Stack offset: 0 <6>[ 262.358939] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.363281] lkdtm: Stack offset: 0 <6>[ 262.368100] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.372479] lkdtm: Stack offset: 0 <6>[ 262.377343] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.381612] lkdtm: Stack offset: 0 <6>[ 262.386165] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.390738] lkdtm: Stack offset: 0 <6>[ 262.395436] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.399879] lkdtm: Stack offset: 0 <6>[ 262.404630] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.409113] lkdtm: Stack offset: 0 <6>[ 262.413795] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.418463] lkdtm: Stack offset: 0 <6>[ 262.422973] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.427590] lkdtm: Stack offset: 0 <6>[ 262.432096] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.436668] lkdtm: Stack offset: 0 <6>[ 262.441177] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.445825] lkdtm: Stack offset: 0 <6>[ 262.450529] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.454977] lkdtm: Stack offset: 0 <6>[ 262.459706] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.464171] lkdtm: Stack offset: 0 <6>[ 262.468846] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.473331] lkdtm: Stack offset: 0 <6>[ 262.477979] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.482550] lkdtm: Stack offset: 0 <6>[ 262.487108] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.491720] lkdtm: Stack offset: 0 <6>[ 262.496381] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.500821] lkdtm: Stack offset: 0 <6>[ 262.505574] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.510041] lkdtm: Stack offset: 0 <6>[ 262.514782] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.519272] lkdtm: Stack offset: 0 <6>[ 262.523821] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.528397] lkdtm: Stack offset: 0 <6>[ 262.533057] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.537660] lkdtm: Stack offset: 0 <6>[ 262.542160] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.546812] lkdtm: Stack offset: 0 <6>[ 262.550982] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.555973] lkdtm: Stack offset: 0 <6>[ 262.560159] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.565142] lkdtm: Stack offset: 0 <6>[ 262.569447] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.574313] lkdtm: Stack offset: 0 <6>[ 262.578513] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.583516] lkdtm: Stack offset: 0 <6>[ 262.587722] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.592698] lkdtm: Stack offset: 0 <6>[ 262.596850] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.601866] lkdtm: Stack offset: 0 <6>[ 262.606024] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.610997] lkdtm: Stack offset: 0 <6>[ 262.615367] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.620230] lkdtm: Stack offset: 0 <6>[ 262.624378] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.629338] lkdtm: Stack offset: 0 <6>[ 262.633648] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.638540] lkdtm: Stack offset: 0 <6>[ 262.642800] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.647764] lkdtm: Stack offset: 0 <6>[ 262.651976] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.656989] lkdtm: Stack offset: 0 <6>[ 262.661123] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.666325] lkdtm: Stack offset: 0 <6>[ 262.672432] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.676618] lkdtm: Stack offset: 0 <6>[ 262.681565] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.685948] lkdtm: Stack offset: 0 <6>[ 262.690740] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.695047] lkdtm: Stack offset: 0 <6>[ 262.699867] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.704169] lkdtm: Stack offset: 0 <6>[ 262.708950] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.713329] lkdtm: Stack offset: 0 <6>[ 262.718129] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.722557] lkdtm: Stack offset: 0 <6>[ 262.727403] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.731881] lkdtm: Stack offset: 0 <6>[ 262.737886] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.742084] lkdtm: Stack offset: 0 <6>[ 262.746825] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.751329] lkdtm: Stack offset: 0 <6>[ 262.755864] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.760541] lkdtm: Stack offset: 0 <6>[ 262.765181] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.769603] lkdtm: Stack offset: 0 <6>[ 262.774438] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.778806] lkdtm: Stack offset: 0 <6>[ 262.783566] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.788019] lkdtm: Stack offset: 0 <6>[ 262.792703] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.797249] lkdtm: Stack offset: 0 <6>[ 262.801855] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.806510] lkdtm: Stack offset: 0 <6>[ 262.810990] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.815677] lkdtm: Stack offset: 0 <6>[ 262.820170] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.824741] lkdtm: Stack offset: 0 <6>[ 262.829509] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.833851] lkdtm: Stack offset: 0 <6>[ 262.838613] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.843080] lkdtm: Stack offset: 0 <6>[ 262.847740] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.852214] lkdtm: Stack offset: 0 <6>[ 262.856871] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.861439] lkdtm: Stack offset: 0 <6>[ 262.866007] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.870580] lkdtm: Stack offset: 0 <6>[ 262.875290] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.879741] lkdtm: Stack offset: 0 <6>[ 262.884540] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.888881] lkdtm: Stack offset: 0 <6>[ 262.893686] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.898141] lkdtm: Stack offset: 0 <6>[ 262.902837] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.907312] lkdtm: Stack offset: 0 <6>[ 262.911867] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.916532] lkdtm: Stack offset: 0 <6>[ 262.921094] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.925668] lkdtm: Stack offset: 0 <6>[ 262.930176] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.934816] lkdtm: Stack offset: 0 <6>[ 262.939680] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.944042] lkdtm: Stack offset: 0 <6>[ 262.948765] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.953249] lkdtm: Stack offset: 0 <6>[ 262.957862] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.962335] lkdtm: Stack offset: 0 <6>[ 262.966998] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.971597] lkdtm: Stack offset: 0 <6>[ 262.976140] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.980708] lkdtm: Stack offset: 0 <6>[ 262.985509] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.989853] lkdtm: Stack offset: 0 <6>[ 262.994630] lkdtm: Performing direct entry REPORT_STACK <6>[ 262.999082] lkdtm: Stack offset: 0 <6>[ 263.003763] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.008256] lkdtm: Stack offset: 0 <6>[ 263.012963] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.017435] lkdtm: Stack offset: 0 <6>[ 263.022022] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.026596] lkdtm: Stack offset: 0 <6>[ 263.031562] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.035832] lkdtm: Stack offset: 0 <6>[ 263.040730] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.045017] lkdtm: Stack offset: 0 <6>[ 263.049762] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.054149] lkdtm: Stack offset: 0 <6>[ 263.058935] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.063294] lkdtm: Stack offset: 0 <6>[ 263.068152] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.072480] lkdtm: Stack offset: 0 <6>[ 263.077483] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.081657] lkdtm: Stack offset: 0 <6>[ 263.086647] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.090924] lkdtm: Stack offset: 0 <6>[ 263.095786] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.100077] lkdtm: Stack offset: 0 <6>[ 263.104823] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.109249] lkdtm: Stack offset: 0 <6>[ 263.114014] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.118497] lkdtm: Stack offset: 0 <6>[ 263.123253] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.127614] lkdtm: Stack offset: 0 <6>[ 263.132491] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.136773] lkdtm: Stack offset: 0 <6>[ 263.141666] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.145941] lkdtm: Stack offset: 0 <6>[ 263.150678] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.155130] lkdtm: Stack offset: 0 <6>[ 263.159775] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.164350] lkdtm: Stack offset: 0 <6>[ 263.169005] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.173458] lkdtm: Stack offset: 0 <6>[ 263.178137] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.182706] lkdtm: Stack offset: 0 <6>[ 263.187423] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.191862] lkdtm: Stack offset: 0 <6>[ 263.196551] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.201245] lkdtm: Stack offset: 0 <6>[ 263.205757] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.210379] lkdtm: Stack offset: 0 <6>[ 263.214939] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.219405] lkdtm: Stack offset: 0 <6>[ 263.223973] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.228551] lkdtm: Stack offset: 0 <6>[ 263.233160] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.237710] lkdtm: Stack offset: 0 <6>[ 263.242503] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.246954] lkdtm: Stack offset: 0 <6>[ 263.251601] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.256056] lkdtm: Stack offset: 0 <6>[ 263.260797] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.265268] lkdtm: Stack offset: 0 <6>[ 263.269944] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.274510] lkdtm: Stack offset: 0 <6>[ 263.279096] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.283667] lkdtm: Stack offset: 0 <6>[ 263.288166] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.292809] lkdtm: Stack offset: 0 <6>[ 263.297512] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.301956] lkdtm: Stack offset: 0 <6>[ 263.306743] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.311233] lkdtm: Stack offset: 0 <6>[ 263.315897] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.320373] lkdtm: Stack offset: 0 <6>[ 263.325010] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.329482] lkdtm: Stack offset: 0 <6>[ 263.334126] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.338734] lkdtm: Stack offset: 0 <6>[ 263.343434] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.347940] lkdtm: Stack offset: 0 <6>[ 263.352664] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.357022] lkdtm: Stack offset: 0 <6>[ 263.361772] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.366279] lkdtm: Stack offset: 0 <6>[ 263.370833] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.375399] lkdtm: Stack offset: 0 <6>[ 263.379981] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.384556] lkdtm: Stack offset: 0 <6>[ 263.389154] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.393709] lkdtm: Stack offset: 0 <6>[ 263.398516] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.402959] lkdtm: Stack offset: 0 <6>[ 263.407657] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.412117] lkdtm: Stack offset: 0 <6>[ 263.416763] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.421345] lkdtm: Stack offset: 0 <6>[ 263.426301] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.430458] lkdtm: Stack offset: 0 <6>[ 263.435307] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.439667] lkdtm: Stack offset: 0 <6>[ 263.444577] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.448868] lkdtm: Stack offset: 0 <6>[ 263.453727] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.458011] lkdtm: Stack offset: 0 <6>[ 263.462881] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.467277] lkdtm: Stack offset: 0 <6>[ 263.472538] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.476713] lkdtm: Stack offset: 0 <6>[ 263.481681] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.485969] lkdtm: Stack offset: 0 <6>[ 263.490783] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.495262] lkdtm: Stack offset: 0 <6>[ 263.499941] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.504384] lkdtm: Stack offset: 0 <6>[ 263.509175] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.513537] lkdtm: Stack offset: 0 <6>[ 263.518250] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.522644] lkdtm: Stack offset: 0 <6>[ 263.527572] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.531874] lkdtm: Stack offset: 0 <6>[ 263.536656] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.541013] lkdtm: Stack offset: 0 <6>[ 263.545788] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.550219] lkdtm: Stack offset: 0 <6>[ 263.554890] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.559359] lkdtm: Stack offset: 0 <6>[ 263.563967] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.568535] lkdtm: Stack offset: 0 <6>[ 263.573098] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.577706] lkdtm: Stack offset: 0 <6>[ 263.582620] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.586999] lkdtm: Stack offset: 0 <6>[ 263.591612] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.596069] lkdtm: Stack offset: 0 <6>[ 263.600765] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.605250] lkdtm: Stack offset: 0 <6>[ 263.609852] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.614421] lkdtm: Stack offset: 0 <6>[ 263.619006] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.623579] lkdtm: Stack offset: 0 <6>[ 263.628108] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.632817] lkdtm: Stack offset: 0 <6>[ 263.637500] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.641945] lkdtm: Stack offset: 0 <6>[ 263.646615] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.651079] lkdtm: Stack offset: 0 <6>[ 263.655822] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.660290] lkdtm: Stack offset: 0 <6>[ 263.664871] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.669477] lkdtm: Stack offset: 0 <6>[ 263.674048] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.678660] lkdtm: Stack offset: 0 <6>[ 263.683169] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.687806] lkdtm: Stack offset: 0 <6>[ 263.692070] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.697054] lkdtm: Stack offset: 0 <6>[ 263.701335] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.706175] lkdtm: Stack offset: 0 <6>[ 263.710456] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.715300] lkdtm: Stack offset: 0 <6>[ 263.719536] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.724506] lkdtm: Stack offset: 0 <6>[ 263.728812] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.733725] lkdtm: Stack offset: 0 <6>[ 263.737894] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.742885] lkdtm: Stack offset: 0 <6>[ 263.747067] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.752052] lkdtm: Stack offset: 0 <6>[ 263.756416] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.761262] lkdtm: Stack offset: 0 <6>[ 263.765408] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.770476] lkdtm: Stack offset: 0 <6>[ 263.774668] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.779635] lkdtm: Stack offset: 0 <6>[ 263.783767] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.788851] lkdtm: Stack offset: 0 <6>[ 263.793065] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.797944] lkdtm: Stack offset: 0 <6>[ 263.802314] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.807225] lkdtm: Stack offset: 0 <6>[ 263.811408] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.816278] lkdtm: Stack offset: 0 <6>[ 263.820691] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.825472] lkdtm: Stack offset: 0 <6>[ 263.829836] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.834742] lkdtm: Stack offset: 0 <6>[ 263.839009] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.843915] lkdtm: Stack offset: 0 <6>[ 263.848170] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.853041] lkdtm: Stack offset: 0 <6>[ 263.857699] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.862223] lkdtm: Stack offset: 0 <6>[ 263.866740] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.871455] lkdtm: Stack offset: 0 <6>[ 263.875836] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.880635] lkdtm: Stack offset: 0 <6>[ 263.884882] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.889919] lkdtm: Stack offset: 0 <6>[ 263.894438] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.898926] lkdtm: Stack offset: 0 <6>[ 263.903845] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.908154] lkdtm: Stack offset: 0 <6>[ 263.912901] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.917279] lkdtm: Stack offset: 0 <6>[ 263.922062] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.926424] lkdtm: Stack offset: 0 <6>[ 263.931027] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.935609] lkdtm: Stack offset: 0 <6>[ 263.940433] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.944800] lkdtm: Stack offset: 0 <6>[ 263.949511] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.953996] lkdtm: Stack offset: 0 <6>[ 263.958703] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.963162] lkdtm: Stack offset: 0 <6>[ 263.967821] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.972379] lkdtm: Stack offset: 0 <6>[ 263.976932] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.981502] lkdtm: Stack offset: 0 <6>[ 263.986123] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.990736] lkdtm: Stack offset: 0 <6>[ 263.995416] lkdtm: Performing direct entry REPORT_STACK <6>[ 263.999855] lkdtm: Stack offset: 0 <6>[ 264.004618] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.009077] lkdtm: Stack offset: 0 <6>[ 264.013730] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.018217] lkdtm: Stack offset: 0 <6>[ 264.022839] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.027404] lkdtm: Stack offset: 0 <6>[ 264.031984] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.036560] lkdtm: Stack offset: 0 <6>[ 264.041168] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.045736] lkdtm: Stack offset: 0 <6>[ 264.050047] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.054930] lkdtm: Stack offset: 0 <6>[ 264.059112] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.064089] lkdtm: Stack offset: 0 <6>[ 264.068450] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.073296] lkdtm: Stack offset: 0 <6>[ 264.077444] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.082516] lkdtm: Stack offset: 0 <6>[ 264.086707] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.091676] lkdtm: Stack offset: 0 <6>[ 264.095825] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.100810] lkdtm: Stack offset: 0 <6>[ 264.105000] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.109985] lkdtm: Stack offset: 0 <6>[ 264.114369] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.119113] lkdtm: Stack offset: 0 <6>[ 264.123372] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.128330] lkdtm: Stack offset: 0 <6>[ 264.132642] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.137514] lkdtm: Stack offset: 0 <6>[ 264.141720] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.146692] lkdtm: Stack offset: 0 <6>[ 264.150857] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.155929] lkdtm: Stack offset: 0 <6>[ 264.160110] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.165100] lkdtm: Stack offset: 0 <6>[ 264.169359] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.174254] lkdtm: Stack offset: 0 <6>[ 264.178434] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.183391] lkdtm: Stack offset: 0 <6>[ 264.187685] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.192558] lkdtm: Stack offset: 0 <6>[ 264.196816] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.201802] lkdtm: Stack offset: 0 <6>[ 264.206047] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.210930] lkdtm: Stack offset: 0 <6>[ 264.215137] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.220078] lkdtm: Stack offset: 0 <6>[ 264.224478] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.229274] lkdtm: Stack offset: 0 <6>[ 264.233589] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.238459] lkdtm: Stack offset: 0 <6>[ 264.243442] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.247654] lkdtm: Stack offset: 0 <6>[ 264.252064] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.256913] lkdtm: Stack offset: 0 <6>[ 264.264019] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.268292] lkdtm: Stack offset: 0 <6>[ 264.277792] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.282378] lkdtm: Stack offset: 0 <6>[ 264.288768] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.292974] lkdtm: Stack offset: 0 <6>[ 264.299441] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.303683] lkdtm: Stack offset: 0 <6>[ 264.307864] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.312832] lkdtm: Stack offset: 0 <6>[ 264.317042] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.322050] lkdtm: Stack offset: 0 <6>[ 264.326324] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.331453] lkdtm: Stack offset: 0 <6>[ 264.335551] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.340383] lkdtm: Stack offset: 0 <6>[ 264.344571] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.349579] lkdtm: Stack offset: 0 <6>[ 264.353771] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.358967] lkdtm: Stack offset: 0 <6>[ 264.362956] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.368085] lkdtm: Stack offset: 0 <6>[ 264.372075] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.377072] lkdtm: Stack offset: 0 <6>[ 264.381326] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.386265] lkdtm: Stack offset: 0 <6>[ 264.390428] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.395397] lkdtm: Stack offset: 0 <6>[ 264.399687] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.404653] lkdtm: Stack offset: 0 <6>[ 264.408818] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.413856] lkdtm: Stack offset: 0 <6>[ 264.418058] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.422954] lkdtm: Stack offset: 0 <6>[ 264.427142] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.432085] lkdtm: Stack offset: 0 <6>[ 264.436421] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.441281] lkdtm: Stack offset: 0 <6>[ 264.445591] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.450459] lkdtm: Stack offset: 0 <6>[ 264.454735] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.459729] lkdtm: Stack offset: 0 <6>[ 264.463882] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.468873] lkdtm: Stack offset: 0 <6>[ 264.473048] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.478032] lkdtm: Stack offset: 0 <6>[ 264.482269] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.487229] lkdtm: Stack offset: 0 <6>[ 264.491398] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.496365] lkdtm: Stack offset: 0 <6>[ 264.500746] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.505515] lkdtm: Stack offset: 0 <6>[ 264.509764] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.514748] lkdtm: Stack offset: 0 <6>[ 264.518937] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.523940] lkdtm: Stack offset: 0 <6>[ 264.528123] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.533109] lkdtm: Stack offset: 0 <6>[ 264.537370] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.542231] lkdtm: Stack offset: 0 <6>[ 264.546478] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.551448] lkdtm: Stack offset: 0 <6>[ 264.555641] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.560614] lkdtm: Stack offset: 0 <6>[ 264.564832] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.569817] lkdtm: Stack offset: 0 <6>[ 264.574052] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.578946] lkdtm: Stack offset: 0 <6>[ 264.583143] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.588166] lkdtm: Stack offset: 0 <6>[ 264.592471] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.597347] lkdtm: Stack offset: 0 <6>[ 264.601660] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.606545] lkdtm: Stack offset: 0 <6>[ 264.610842] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.615725] lkdtm: Stack offset: 0 <6>[ 264.619970] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.624871] lkdtm: Stack offset: 0 <6>[ 264.629430] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.634059] lkdtm: Stack offset: 0 <6>[ 264.641000] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.645224] lkdtm: Stack offset: 0 <6>[ 264.649943] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.654515] lkdtm: Stack offset: 0 <6>[ 264.659176] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.663826] lkdtm: Stack offset: 0 <6>[ 264.669723] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.673914] lkdtm: Stack offset: 0 <6>[ 264.678817] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.683229] lkdtm: Stack offset: 0 <6>[ 264.687876] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.692442] lkdtm: Stack offset: 0 <6>[ 264.696917] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.701479] lkdtm: Stack offset: 0 <6>[ 264.706142] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.710668] lkdtm: Stack offset: 0 <6>[ 264.715323] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.719786] lkdtm: Stack offset: 0 <6>[ 264.724614] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.728976] lkdtm: Stack offset: 0 <6>[ 264.733717] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.738217] lkdtm: Stack offset: 0 <6>[ 264.742839] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.747413] lkdtm: Stack offset: 0 <6>[ 264.752012] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.756585] lkdtm: Stack offset: 0 <6>[ 264.761148] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.765717] lkdtm: Stack offset: 0 <6>[ 264.770390] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.774851] lkdtm: Stack offset: 0 <6>[ 264.779611] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.784068] lkdtm: Stack offset: 0 <6>[ 264.788801] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.793279] lkdtm: Stack offset: 0 <6>[ 264.797836] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.802406] lkdtm: Stack offset: 0 <6>[ 264.806986] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.811657] lkdtm: Stack offset: 0 <6>[ 264.816164] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.820811] lkdtm: Stack offset: 0 <6>[ 264.825506] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.829949] lkdtm: Stack offset: 0 <6>[ 264.834664] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.839135] lkdtm: Stack offset: 0 <6>[ 264.843797] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.848269] lkdtm: Stack offset: 0 <6>[ 264.852959] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.857529] lkdtm: Stack offset: 0 <6>[ 264.862678] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.866833] lkdtm: Stack offset: 0 <6>[ 264.871620] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.876098] lkdtm: Stack offset: 0 <6>[ 264.880755] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.885223] lkdtm: Stack offset: 0 <6>[ 264.889897] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.894529] lkdtm: Stack offset: 0 <6>[ 264.899038] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.903615] lkdtm: Stack offset: 0 <6>[ 264.908138] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.912785] lkdtm: Stack offset: 0 <6>[ 264.917560] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.921904] lkdtm: Stack offset: 0 <6>[ 264.926732] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.931098] lkdtm: Stack offset: 0 <6>[ 264.935845] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.940324] lkdtm: Stack offset: 0 <6>[ 264.944894] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.949462] lkdtm: Stack offset: 0 <6>[ 264.954102] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.958709] lkdtm: Stack offset: 0 <6>[ 264.963527] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.967798] lkdtm: Stack offset: 0 <6>[ 264.972710] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.976997] lkdtm: Stack offset: 0 <6>[ 264.984681] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.988908] lkdtm: Stack offset: 0 <6>[ 264.993912] lkdtm: Performing direct entry REPORT_STACK <6>[ 264.998132] lkdtm: Stack offset: 0 <6>[ 265.002928] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.007306] lkdtm: Stack offset: 0 <6>[ 265.012132] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.016449] lkdtm: Stack offset: 0 <6>[ 265.021721] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.025924] lkdtm: Stack offset: 0 <6>[ 265.034626] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.039098] lkdtm: Stack offset: 0 <6>[ 265.043820] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.048256] lkdtm: Stack offset: 0 <6>[ 265.053461] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.057642] lkdtm: Stack offset: 0 <6>[ 265.062649] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.066851] lkdtm: Stack offset: 0 <6>[ 265.071578] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.076079] lkdtm: Stack offset: 0 <6>[ 265.080815] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.085234] lkdtm: Stack offset: 0 <6>[ 265.089869] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.094460] lkdtm: Stack offset: 0 <6>[ 265.099039] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.103612] lkdtm: Stack offset: 0 <6>[ 265.108132] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.112741] lkdtm: Stack offset: 0 <6>[ 265.117665] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.122050] lkdtm: Stack offset: 0 <6>[ 265.126656] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.131115] lkdtm: Stack offset: 0 <6>[ 265.135765] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.140280] lkdtm: Stack offset: 0 <6>[ 265.144847] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.149426] lkdtm: Stack offset: 0 <6>[ 265.154106] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.158679] lkdtm: Stack offset: 0 <6>[ 265.163289] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.167739] lkdtm: Stack offset: 0 <6>[ 265.172522] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.176965] lkdtm: Stack offset: 0 <6>[ 265.181704] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.186169] lkdtm: Stack offset: 0 <6>[ 265.190791] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.195383] lkdtm: Stack offset: 0 <6>[ 265.199939] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.204544] lkdtm: Stack offset: 0 <6>[ 265.209090] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.213701] lkdtm: Stack offset: 0 <6>[ 265.218304] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.222838] lkdtm: Stack offset: 0 <6>[ 265.227578] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.232032] lkdtm: Stack offset: 0 <6>[ 265.236703] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.241173] lkdtm: Stack offset: 0 <6>[ 265.245827] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.250385] lkdtm: Stack offset: 0 <6>[ 265.254924] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.259664] lkdtm: Stack offset: 0 <6>[ 265.264160] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.268758] lkdtm: Stack offset: 0 <6>[ 265.273454] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.277896] lkdtm: Stack offset: 0 <6>[ 265.282657] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.287104] lkdtm: Stack offset: 0 <6>[ 265.291779] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.296269] lkdtm: Stack offset: 0 <6>[ 265.300829] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.305493] lkdtm: Stack offset: 0 <6>[ 265.310049] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.314630] lkdtm: Stack offset: 0 <6>[ 265.319142] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.323794] lkdtm: Stack offset: 0 <6>[ 265.328491] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.332962] lkdtm: Stack offset: 0 <6>[ 265.337707] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.342181] lkdtm: Stack offset: 0 <6>[ 265.346833] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.351311] lkdtm: Stack offset: 0 <6>[ 265.356120] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.360505] lkdtm: Stack offset: 0 <6>[ 265.365283] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.369650] lkdtm: Stack offset: 0 <6>[ 265.374606] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.378882] lkdtm: Stack offset: 0 <6>[ 265.383807] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.388094] lkdtm: Stack offset: 0 <6>[ 265.392885] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.397385] lkdtm: Stack offset: 0 <6>[ 265.403597] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.407815] lkdtm: Stack offset: 0 <6>[ 265.412778] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.417010] lkdtm: Stack offset: 0 <6>[ 265.421940] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.426280] lkdtm: Stack offset: 0 <6>[ 265.431512] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.435744] lkdtm: Stack offset: 0 <6>[ 265.440719] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.444891] lkdtm: Stack offset: 0 <6>[ 265.453166] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.457372] lkdtm: Stack offset: 0 <6>[ 265.462021] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.467151] lkdtm: Stack offset: 0 <6>[ 265.471310] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.475769] lkdtm: Stack offset: 0 <6>[ 265.480574] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.484947] lkdtm: Stack offset: 0 <6>[ 265.489745] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.494237] lkdtm: Stack offset: 0 <6>[ 265.498848] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.503314] lkdtm: Stack offset: 0 <6>[ 265.507990] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.512545] lkdtm: Stack offset: 0 <6>[ 265.517122] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.521885] lkdtm: Stack offset: 0 <6>[ 265.526423] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.530873] lkdtm: Stack offset: 0 <6>[ 265.535535] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.540099] lkdtm: Stack offset: 0 <6>[ 265.544743] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.549232] lkdtm: Stack offset: 0 <6>[ 265.553896] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.558368] lkdtm: Stack offset: 0 <6>[ 265.563042] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.567615] lkdtm: Stack offset: 0 <6>[ 265.572144] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.576703] lkdtm: Stack offset: 0 <6>[ 265.581545] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.585888] lkdtm: Stack offset: 0 <6>[ 265.590668] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.595131] lkdtm: Stack offset: 0 <6>[ 265.599774] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.604348] lkdtm: Stack offset: 0 <6>[ 265.608904] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.613492] lkdtm: Stack offset: 0 <6>[ 265.618057] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.622641] lkdtm: Stack offset: 0 <6>[ 265.627170] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.631807] lkdtm: Stack offset: 0 <6>[ 265.636611] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.640961] lkdtm: Stack offset: 0 <6>[ 265.645689] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.650155] lkdtm: Stack offset: 0 <6>[ 265.654844] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.659458] lkdtm: Stack offset: 0 <6>[ 265.663947] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.668516] lkdtm: Stack offset: 0 <6>[ 265.673162] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.677779] lkdtm: Stack offset: 0 <6>[ 265.682473] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.686917] lkdtm: Stack offset: 0 <6>[ 265.691581] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.696039] lkdtm: Stack offset: 0 <6>[ 265.700806] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.705275] lkdtm: Stack offset: 0 <6>[ 265.709847] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.714416] lkdtm: Stack offset: 0 <6>[ 265.719024] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.723617] lkdtm: Stack offset: 0 <6>[ 265.728444] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.732813] lkdtm: Stack offset: 0 <6>[ 265.737692] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.741959] lkdtm: Stack offset: 0 <6>[ 265.746757] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.751150] lkdtm: Stack offset: 0 <6>[ 265.755876] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.760360] lkdtm: Stack offset: 0 <6>[ 265.765101] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.769486] lkdtm: Stack offset: 0 <6>[ 265.774405] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.778683] lkdtm: Stack offset: 0 <6>[ 265.784421] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.788623] lkdtm: Stack offset: 0 <6>[ 265.795800] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.800002] lkdtm: Stack offset: 0 <6>[ 265.804805] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.809314] lkdtm: Stack offset: 0 <6>[ 265.814121] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.818756] lkdtm: Stack offset: 0 <6>[ 265.823315] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.827638] lkdtm: Stack offset: 0 <6>[ 265.832458] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.836755] lkdtm: Stack offset: 0 <6>[ 265.841521] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.845899] lkdtm: Stack offset: 0 <6>[ 265.850654] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.855144] lkdtm: Stack offset: 0 <6>[ 265.859850] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.864316] lkdtm: Stack offset: 0 <6>[ 265.868962] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.873444] lkdtm: Stack offset: 0 <6>[ 265.878025] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.882615] lkdtm: Stack offset: 0 <6>[ 265.887765] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.892139] lkdtm: Stack offset: 0 <6>[ 265.896753] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.901292] lkdtm: Stack offset: 0 <6>[ 265.905856] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.910356] lkdtm: Stack offset: 0 <6>[ 265.914551] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.919512] lkdtm: Stack offset: 0 <6>[ 265.923722] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.928694] lkdtm: Stack offset: 0 <6>[ 265.932845] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.937945] lkdtm: Stack offset: 0 <6>[ 265.942144] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.947069] lkdtm: Stack offset: 0 <6>[ 265.951454] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.956237] lkdtm: Stack offset: 0 <6>[ 265.960456] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.965422] lkdtm: Stack offset: 0 <6>[ 265.969639] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.974632] lkdtm: Stack offset: 0 <6>[ 265.978777] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.983751] lkdtm: Stack offset: 0 <6>[ 265.988031] lkdtm: Performing direct entry REPORT_STACK <6>[ 265.993019] lkdtm: Stack offset: 0 <6>[ 265.997274] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.002125] lkdtm: Stack offset: 0 <6>[ 266.006342] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.011305] lkdtm: Stack offset: 0 <6>[ 266.015512] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.020475] lkdtm: Stack offset: 0 <6>[ 266.024670] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.029658] lkdtm: Stack offset: 0 <6>[ 266.033810] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.038967] lkdtm: Stack offset: 0 <6>[ 266.043055] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.048044] lkdtm: Stack offset: 0 <6>[ 266.052322] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.057163] lkdtm: Stack offset: 0 <6>[ 266.061472] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.066323] lkdtm: Stack offset: 0 <6>[ 266.070556] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.075518] lkdtm: Stack offset: 0 <6>[ 266.079786] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.084774] lkdtm: Stack offset: 0 <6>[ 266.088957] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.093934] lkdtm: Stack offset: 0 <6>[ 266.098113] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.103127] lkdtm: Stack offset: 0 <6>[ 266.107394] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.112255] lkdtm: Stack offset: 0 <6>[ 266.116567] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.121416] lkdtm: Stack offset: 0 <6>[ 266.125831] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.130612] lkdtm: Stack offset: 0 <6>[ 266.134882] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.139874] lkdtm: Stack offset: 0 <6>[ 266.144130] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.148962] lkdtm: Stack offset: 0 <6>[ 266.153386] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.158158] lkdtm: Stack offset: 0 <6>[ 266.162513] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.167482] lkdtm: Stack offset: 0 <6>[ 266.172066] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.176558] lkdtm: Stack offset: 0 <6>[ 266.180858] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.185737] lkdtm: Stack offset: 0 <6>[ 266.189991] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.194905] lkdtm: Stack offset: 0 <6>[ 266.199429] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.204231] lkdtm: Stack offset: 0 <6>[ 266.212094] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.216289] lkdtm: Stack offset: 0 <6>[ 266.220724] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.225777] lkdtm: Stack offset: 0 <6>[ 266.230275] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.234788] lkdtm: Stack offset: 0 <6>[ 266.239396] lkdtm: Performing direct entry REPORT_STACK <6>[ 266.243847] lkdtm: Stack offset: 0 # Bits of stack entropy: 1 # Stack entropy is low! Booted without 'randomize_kstack_offset=y'? not ok 86 selftests: lkdtm: stack-entropy.sh # exit=1 lkdtm_PANIC_sh skip lkdtm_PANIC_STOP_IRQOFF_sh skip lkdtm_BUG_sh pass lkdtm_WARNING_sh pass lkdtm_WARNING_MESSAGE_sh pass lkdtm_EXCEPTION_sh pass lkdtm_LOOP_sh skip lkdtm_EXHAUST_STACK_sh skip lkdtm_CORRUPT_STACK_sh skip lkdtm_CORRUPT_STACK_STRONG_sh skip lkdtm_ARRAY_BOUNDS_sh pass lkdtm_CORRUPT_LIST_ADD_sh pass lkdtm_CORRUPT_LIST_DEL_sh pass lkdtm_STACK_GUARD_PAGE_LEADING_sh pass lkdtm_STACK_GUARD_PAGE_TRAILING_sh pass lkdtm_REPORT_STACK_CANARY_sh pass lkdtm_UNSET_SMEP_sh skip lkdtm_DOUBLE_FAULT_sh skip lkdtm_CORRUPT_PAC_sh skip lkdtm_UNALIGNED_LOAD_STORE_WRITE_sh skip lkdtm_SLAB_LINEAR_OVERFLOW_sh pass lkdtm_VMALLOC_LINEAR_OVERFLOW_sh pass lkdtm_WRITE_AFTER_FREE_sh skip lkdtm_READ_AFTER_FREE_sh pass lkdtm_WRITE_BUDDY_AFTER_FREE_sh skip lkdtm_READ_BUDDY_AFTER_FREE_sh pass lkdtm_SLAB_INIT_ON_ALLOC_sh pass lkdtm_BUDDY_INIT_ON_ALLOC_sh pass lkdtm_SLAB_FREE_DOUBLE_sh pass lkdtm_SLAB_FREE_CROSS_sh pass lkdtm_SLAB_FREE_PAGE_sh pass lkdtm_SOFTLOCKUP_sh skip lkdtm_HARDLOCKUP_sh skip lkdtm_SMP_CALL_LOCKUP_sh skip lkdtm_SPINLOCKUP_sh skip lkdtm_HUNG_TASK_sh skip lkdtm_EXEC_DATA_sh pass lkdtm_EXEC_STACK_sh pass lkdtm_EXEC_KMALLOC_sh pass lkdtm_EXEC_VMALLOC_sh pass lkdtm_EXEC_RODATA_sh pass lkdtm_EXEC_USERSPACE_sh pass lkdtm_EXEC_NULL_sh pass lkdtm_ACCESS_USERSPACE_sh pass lkdtm_ACCESS_NULL_sh pass lkdtm_WRITE_RO_sh pass lkdtm_WRITE_RO_AFTER_INIT_sh pass lkdtm_WRITE_KERN_sh pass lkdtm_WRITE_OPD_sh skip lkdtm_REFCOUNT_INC_OVERFLOW_sh pass lkdtm_REFCOUNT_ADD_OVERFLOW_sh pass lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW_sh pass lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW_sh pass lkdtm_REFCOUNT_DEC_ZERO_sh pass lkdtm_REFCOUNT_DEC_NEGATIVE_sh pass lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE_sh pass lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE_sh pass lkdtm_REFCOUNT_INC_ZERO_sh pass lkdtm_REFCOUNT_ADD_ZERO_sh pass lkdtm_REFCOUNT_INC_SATURATED_sh pass lkdtm_REFCOUNT_DEC_SATURATED_sh pass lkdtm_REFCOUNT_ADD_SATURATED_sh pass lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED_sh pass lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED_sh pass lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED_sh pass lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED_sh pass lkdtm_REFCOUNT_TIMING_sh skip lkdtm_ATOMIC_TIMING_sh skip lkdtm_USERCOPY_SLAB_SIZE_TO_sh pass lkdtm_USERCOPY_SLAB_SIZE_FROM_sh pass lkdtm_USERCOPY_SLAB_WHITELIST_TO_sh pass lkdtm_USERCOPY_SLAB_WHITELIST_FROM_sh pass lkdtm_USERCOPY_STACK_FRAME_TO_sh pass lkdtm_USERCOPY_STACK_FRAME_FROM_sh pass lkdtm_USERCOPY_STACK_BEYOND_sh pass lkdtm_USERCOPY_KERNEL_sh pass lkdtm_STACKLEAK_ERASING_sh skip lkdtm_CFI_FORWARD_PROTO_sh fail lkdtm_CFI_BACKWARD_sh fail lkdtm_FORTIFY_STRSCPY_sh pass lkdtm_FORTIFY_STR_OBJECT_sh pass lkdtm_FORTIFY_STR_MEMBER_sh pass lkdtm_FORTIFY_MEM_OBJECT_sh pass lkdtm_FORTIFY_MEM_MEMBER_sh pass lkdtm_PPC_SLB_MULTIHIT_sh skip lkdtm_stack-entropy_sh fail + ../../utils/send-to-lava.sh ./output/result.txt + set +x / #