Date
Feb. 5, 2025, 2:09 p.m.
| Environment | |
|---|---|
| qemu-armv7 | |
| qemu-x86_64 |
[ 144.274660] ================================================================== [ 144.275419] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x134/0x320 [ 144.276458] Read of size 1 at addr c4fc8f80 by task kunit_try_catch/111 [ 144.277091] [ 144.277790] CPU: 0 PID: 111 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.278762] Hardware name: Generic DT based system [ 144.279469] unwind_backtrace from show_stack+0x18/0x1c [ 144.280359] show_stack from dump_stack_lvl+0x58/0x70 [ 144.281175] dump_stack_lvl from print_report+0x164/0x51c [ 144.281926] print_report from kasan_report+0xc8/0x104 [ 144.282705] kasan_report from kmalloc_oob_right+0x134/0x320 [ 144.283549] kmalloc_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.284443] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.285408] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.286570] kthread from ret_from_fork+0x14/0x30 [ 144.287316] Exception stack(0xf9e93fb0 to 0xf9e93ff8) [ 144.287905] 3fa0: 00000000 00000000 00000000 00000000 [ 144.288933] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.289894] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.290654] [ 144.290970] Allocated by task 111: [ 144.291582] kasan_set_track+0x3c/0x5c [ 144.292224] __kasan_kmalloc+0x8c/0x94 [ 144.292893] kmalloc_oob_right+0xa0/0x320 [ 144.293571] kunit_try_run_case+0x11c/0x2e4 [ 144.294321] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.295086] kthread+0x184/0x1a8 [ 144.295592] ret_from_fork+0x14/0x30 [ 144.296368] [ 144.296739] The buggy address belongs to the object at c4fc8f00 [ 144.296739] which belongs to the cache kmalloc-128 of size 128 [ 144.298153] The buggy address is located 13 bytes to the right of [ 144.298153] allocated 115-byte region [c4fc8f00, c4fc8f73) [ 144.299346] [ 144.299612] The buggy address belongs to the physical page: [ 144.300225] page:0207a5d0 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fc8 [ 144.301186] flags: 0x800(slab|zone=0) [ 144.301640] page_type: 0xffffffff() [ 144.302192] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.303111] raw: 00000000 [ 144.303543] page dumped because: kasan: bad access detected [ 144.304120] [ 144.304416] Memory state around the buggy address: [ 144.304986] c4fc8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.305740] c4fc8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 144.306974] >c4fc8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.307666] ^ [ 144.308106] c4fc9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.308797] c4fc9080: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.309523] ================================================================== [ 144.238609] ================================================================== [ 144.239357] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x100/0x320 [ 144.240173] Write of size 1 at addr c4fc8f78 by task kunit_try_catch/111 [ 144.240725] [ 144.241081] CPU: 0 PID: 111 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.242019] Hardware name: Generic DT based system [ 144.242540] unwind_backtrace from show_stack+0x18/0x1c [ 144.243345] show_stack from dump_stack_lvl+0x58/0x70 [ 144.243992] dump_stack_lvl from print_report+0x164/0x51c [ 144.244618] print_report from kasan_report+0xc8/0x104 [ 144.245331] kasan_report from kmalloc_oob_right+0x100/0x320 [ 144.246322] kmalloc_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.247165] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.248323] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.249192] kthread from ret_from_fork+0x14/0x30 [ 144.249805] Exception stack(0xf9e93fb0 to 0xf9e93ff8) [ 144.250420] 3fa0: 00000000 00000000 00000000 00000000 [ 144.251392] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.252357] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.253082] [ 144.253370] Allocated by task 111: [ 144.253722] kasan_set_track+0x3c/0x5c [ 144.254345] __kasan_kmalloc+0x8c/0x94 [ 144.255016] kmalloc_oob_right+0xa0/0x320 [ 144.255587] kunit_try_run_case+0x11c/0x2e4 [ 144.256367] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.257247] kthread+0x184/0x1a8 [ 144.257676] ret_from_fork+0x14/0x30 [ 144.258200] [ 144.258459] The buggy address belongs to the object at c4fc8f00 [ 144.258459] which belongs to the cache kmalloc-128 of size 128 [ 144.259592] The buggy address is located 5 bytes to the right of [ 144.259592] allocated 115-byte region [c4fc8f00, c4fc8f73) [ 144.260865] [ 144.261104] The buggy address belongs to the physical page: [ 144.261771] page:0207a5d0 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fc8 [ 144.262751] flags: 0x800(slab|zone=0) [ 144.263212] page_type: 0xffffffff() [ 144.263864] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.264924] raw: 00000000 [ 144.265253] page dumped because: kasan: bad access detected [ 144.266197] [ 144.266514] Memory state around the buggy address: [ 144.267219] c4fc8e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 144.268098] c4fc8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.268945] >c4fc8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 144.269627] ^ [ 144.270487] c4fc8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.271240] c4fc9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.271969] ================================================================== [ 144.194227] ================================================================== [ 144.195587] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xcc/0x320 [ 144.197558] Write of size 1 at addr c4fc8f73 by task kunit_try_catch/111 [ 144.198212] [ 144.199090] CPU: 0 PID: 111 Comm: kunit_try_catch Tainted: G N 6.6.76-rc1 #1 [ 144.200305] Hardware name: Generic DT based system [ 144.201430] unwind_backtrace from show_stack+0x18/0x1c [ 144.202257] show_stack from dump_stack_lvl+0x58/0x70 [ 144.202952] dump_stack_lvl from print_report+0x164/0x51c [ 144.203668] print_report from kasan_report+0xc8/0x104 [ 144.204431] kasan_report from kmalloc_oob_right+0xcc/0x320 [ 144.205235] kmalloc_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.206351] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.207101] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.207731] kthread from ret_from_fork+0x14/0x30 [ 144.208404] Exception stack(0xf9e93fb0 to 0xf9e93ff8) [ 144.209250] 3fa0: 00000000 00000000 00000000 00000000 [ 144.210132] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.211033] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.211935] [ 144.212270] Allocated by task 111: [ 144.212902] kasan_set_track+0x3c/0x5c [ 144.213534] __kasan_kmalloc+0x8c/0x94 [ 144.214046] kmalloc_oob_right+0xa0/0x320 [ 144.214595] kunit_try_run_case+0x11c/0x2e4 [ 144.215149] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.215975] kthread+0x184/0x1a8 [ 144.216444] ret_from_fork+0x14/0x30 [ 144.216960] [ 144.217457] The buggy address belongs to the object at c4fc8f00 [ 144.217457] which belongs to the cache kmalloc-128 of size 128 [ 144.218939] The buggy address is located 0 bytes to the right of [ 144.218939] allocated 115-byte region [c4fc8f00, c4fc8f73) [ 144.220376] [ 144.220904] The buggy address belongs to the physical page: [ 144.221914] page:0207a5d0 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fc8 [ 144.223467] flags: 0x800(slab|zone=0) [ 144.224494] page_type: 0xffffffff() [ 144.225706] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.226667] raw: 00000000 [ 144.227358] page dumped because: kasan: bad access detected [ 144.228034] [ 144.228385] Memory state around the buggy address: [ 144.229183] c4fc8e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 144.229938] c4fc8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.230900] >c4fc8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 144.231646] ^ [ 144.232518] c4fc8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.233232] c4fc9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.234002] ==================================================================
[ 46.575813] ================================================================== [ 46.577068] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xcf/0x330 [ 46.578236] Write of size 1 at addr ffff888102840473 by task kunit_try_catch/134 [ 46.579108] [ 46.580127] CPU: 0 PID: 134 Comm: kunit_try_catch Tainted: G N 6.6.76-rc1 #1 [ 46.581104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.582548] Call Trace: [ 46.583012] <TASK> [ 46.583686] dump_stack_lvl+0x4e/0x90 [ 46.584344] print_report+0xd2/0x660 [ 46.584873] ? __virt_addr_valid+0x156/0x1e0 [ 46.585398] ? kasan_complete_mode_report_info+0x2a/0x200 [ 46.586068] kasan_report+0xff/0x140 [ 46.586556] ? kmalloc_oob_right+0xcf/0x330 [ 46.587076] ? kmalloc_oob_right+0xcf/0x330 [ 46.587657] __asan_store1+0x69/0x70 [ 46.588134] kmalloc_oob_right+0xcf/0x330 [ 46.588704] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 46.589358] ? __schedule+0x70b/0x1190 [ 46.589935] ? ktime_get_ts64+0x118/0x140 [ 46.590545] kunit_try_run_case+0x126/0x290 [ 46.591066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.591684] ? __kasan_check_write+0x18/0x20 [ 46.592267] ? trace_preempt_on+0x20/0xa0 [ 46.592816] ? __kthread_parkme+0x4f/0xd0 [ 46.593395] ? preempt_count_sub+0x50/0x80 [ 46.593945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.594503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.595309] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.595970] kthread+0x19e/0x1e0 [ 46.596421] ? __pfx_kthread+0x10/0x10 [ 46.596897] ret_from_fork+0x41/0x70 [ 46.597453] ? __pfx_kthread+0x10/0x10 [ 46.597963] ret_from_fork_asm+0x1b/0x30 [ 46.598619] </TASK> [ 46.599159] [ 46.599516] Allocated by task 134: [ 46.600170] kasan_save_stack+0x3c/0x60 [ 46.600694] kasan_set_track+0x29/0x40 [ 46.601215] kasan_save_alloc_info+0x22/0x30 [ 46.601703] __kasan_kmalloc+0xb7/0xc0 [ 46.602231] kmalloc_trace+0x4c/0xb0 [ 46.602694] kmalloc_oob_right+0x9f/0x330 [ 46.603272] kunit_try_run_case+0x126/0x290 [ 46.603792] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.604497] kthread+0x19e/0x1e0 [ 46.604964] ret_from_fork+0x41/0x70 [ 46.605525] ret_from_fork_asm+0x1b/0x30 [ 46.606209] [ 46.606649] The buggy address belongs to the object at ffff888102840400 [ 46.606649] which belongs to the cache kmalloc-128 of size 128 [ 46.608081] The buggy address is located 0 bytes to the right of [ 46.608081] allocated 115-byte region [ffff888102840400, ffff888102840473) [ 46.609213] [ 46.609702] The buggy address belongs to the physical page: [ 46.610545] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102840 [ 46.611961] flags: 0x200000000000800(slab|node=0|zone=2) [ 46.613040] page_type: 0xffffffff() [ 46.614274] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 46.614996] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 46.615813] page dumped because: kasan: bad access detected [ 46.616289] [ 46.616540] Memory state around the buggy address: [ 46.617446] ffff888102840300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.618275] ffff888102840380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.619042] >ffff888102840400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 46.619852] ^ [ 46.620675] ffff888102840480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.621531] ffff888102840500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.622451] ================================================================== [ 46.671212] ================================================================== [ 46.671716] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x144/0x330 [ 46.672213] Read of size 1 at addr ffff888102840480 by task kunit_try_catch/134 [ 46.673136] [ 46.673448] CPU: 0 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.674441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.675535] Call Trace: [ 46.675939] <TASK> [ 46.676324] dump_stack_lvl+0x4e/0x90 [ 46.677000] print_report+0xd2/0x660 [ 46.677633] ? __virt_addr_valid+0x156/0x1e0 [ 46.678237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 46.679066] kasan_report+0xff/0x140 [ 46.679684] ? kmalloc_oob_right+0x144/0x330 [ 46.680305] ? kmalloc_oob_right+0x144/0x330 [ 46.680984] __asan_load1+0x66/0x70 [ 46.681598] kmalloc_oob_right+0x144/0x330 [ 46.682260] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 46.682836] ? __schedule+0x70b/0x1190 [ 46.683565] ? ktime_get_ts64+0x118/0x140 [ 46.684171] kunit_try_run_case+0x126/0x290 [ 46.684799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.685337] ? __kasan_check_write+0x18/0x20 [ 46.685947] ? trace_preempt_on+0x20/0xa0 [ 46.686482] ? __kthread_parkme+0x4f/0xd0 [ 46.687069] ? preempt_count_sub+0x50/0x80 [ 46.687656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.688209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.689018] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.689707] kthread+0x19e/0x1e0 [ 46.690221] ? __pfx_kthread+0x10/0x10 [ 46.690786] ret_from_fork+0x41/0x70 [ 46.691389] ? __pfx_kthread+0x10/0x10 [ 46.691936] ret_from_fork_asm+0x1b/0x30 [ 46.692589] </TASK> [ 46.692959] [ 46.693234] Allocated by task 134: [ 46.693709] kasan_save_stack+0x3c/0x60 [ 46.694236] kasan_set_track+0x29/0x40 [ 46.694769] kasan_save_alloc_info+0x22/0x30 [ 46.695434] __kasan_kmalloc+0xb7/0xc0 [ 46.695973] kmalloc_trace+0x4c/0xb0 [ 46.696415] kmalloc_oob_right+0x9f/0x330 [ 46.697116] kunit_try_run_case+0x126/0x290 [ 46.697694] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.698394] kthread+0x19e/0x1e0 [ 46.698946] ret_from_fork+0x41/0x70 [ 46.699505] ret_from_fork_asm+0x1b/0x30 [ 46.700047] [ 46.700323] The buggy address belongs to the object at ffff888102840400 [ 46.700323] which belongs to the cache kmalloc-128 of size 128 [ 46.701474] The buggy address is located 13 bytes to the right of [ 46.701474] allocated 115-byte region [ffff888102840400, ffff888102840473) [ 46.702585] [ 46.702922] The buggy address belongs to the physical page: [ 46.703460] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102840 [ 46.704373] flags: 0x200000000000800(slab|node=0|zone=2) [ 46.704967] page_type: 0xffffffff() [ 46.705534] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 46.706353] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 46.707125] page dumped because: kasan: bad access detected [ 46.707690] [ 46.707953] Memory state around the buggy address: [ 46.708554] ffff888102840380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.709288] ffff888102840400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 46.709947] >ffff888102840480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.710614] ^ [ 46.711107] ffff888102840500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.711803] ffff888102840580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.712556] ================================================================== [ 46.625274] ================================================================== [ 46.626063] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x108/0x330 [ 46.626932] Write of size 1 at addr ffff888102840478 by task kunit_try_catch/134 [ 46.627633] [ 46.628036] CPU: 0 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.629116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.630009] Call Trace: [ 46.630465] <TASK> [ 46.630838] dump_stack_lvl+0x4e/0x90 [ 46.631520] print_report+0xd2/0x660 [ 46.632154] ? __virt_addr_valid+0x156/0x1e0 [ 46.632710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 46.633681] kasan_report+0xff/0x140 [ 46.634326] ? kmalloc_oob_right+0x108/0x330 [ 46.634597] ? kmalloc_oob_right+0x108/0x330 [ 46.635015] __asan_store1+0x69/0x70 [ 46.635718] kmalloc_oob_right+0x108/0x330 [ 46.636447] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 46.637214] ? __schedule+0x70b/0x1190 [ 46.637899] ? ktime_get_ts64+0x118/0x140 [ 46.638479] kunit_try_run_case+0x126/0x290 [ 46.638938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.639453] ? __kasan_check_write+0x18/0x20 [ 46.640037] ? trace_preempt_on+0x20/0xa0 [ 46.640564] ? __kthread_parkme+0x4f/0xd0 [ 46.641258] ? preempt_count_sub+0x50/0x80 [ 46.641942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.642580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.643405] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.644205] kthread+0x19e/0x1e0 [ 46.644749] ? __pfx_kthread+0x10/0x10 [ 46.645319] ret_from_fork+0x41/0x70 [ 46.646006] ? __pfx_kthread+0x10/0x10 [ 46.646567] ret_from_fork_asm+0x1b/0x30 [ 46.647258] </TASK> [ 46.647623] [ 46.647962] Allocated by task 134: [ 46.648405] kasan_save_stack+0x3c/0x60 [ 46.649044] kasan_set_track+0x29/0x40 [ 46.649583] kasan_save_alloc_info+0x22/0x30 [ 46.650204] __kasan_kmalloc+0xb7/0xc0 [ 46.650798] kmalloc_trace+0x4c/0xb0 [ 46.651361] kmalloc_oob_right+0x9f/0x330 [ 46.651994] kunit_try_run_case+0x126/0x290 [ 46.652576] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.653340] kthread+0x19e/0x1e0 [ 46.653882] ret_from_fork+0x41/0x70 [ 46.654444] ret_from_fork_asm+0x1b/0x30 [ 46.655046] [ 46.655380] The buggy address belongs to the object at ffff888102840400 [ 46.655380] which belongs to the cache kmalloc-128 of size 128 [ 46.656540] The buggy address is located 5 bytes to the right of [ 46.656540] allocated 115-byte region [ffff888102840400, ffff888102840473) [ 46.657861] [ 46.658209] The buggy address belongs to the physical page: [ 46.658675] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102840 [ 46.659704] flags: 0x200000000000800(slab|node=0|zone=2) [ 46.660418] page_type: 0xffffffff() [ 46.661000] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 46.661792] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 46.662589] page dumped because: kasan: bad access detected [ 46.663101] [ 46.663424] Memory state around the buggy address: [ 46.664087] ffff888102840300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.664941] ffff888102840380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.665591] >ffff888102840400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 46.666250] ^ [ 46.666969] ffff888102840480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.667707] ffff888102840500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.668501] ==================================================================