syzbot |
sign-in | mailing list | source | docs |
================================================================== BUG: KASAN: global-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:655 [inline] BUG: KASAN: global-out-of-bounds in bit_putcs_aligned drivers/video/fbdev/core/bitblit.c:96 [inline] BUG: KASAN: global-out-of-bounds in bit_putcs+0x9b8/0xe30 drivers/video/fbdev/core/bitblit.c:185 Read of size 1 at addr ffff8000128f7550 by task syz.5.545/6759 CPU: 1 PID: 6759 Comm: syz.5.545 Not tainted 6.1.116-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call trace: dump_backtrace+0x1c8/0x1f4 arch/arm64/kernel/stacktrace.c:158 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x174/0x4c0 mm/kasan/report.c:395 kasan_report+0xd4/0x130 mm/kasan/report.c:495 __asan_report_load1_noabort+0x2c/0x38 mm/kasan/report_generic.c:348 __fb_pad_aligned_buffer include/linux/fb.h:655 [inline] bit_putcs_aligned drivers/video/fbdev/core/bitblit.c:96 [inline] bit_putcs+0x9b8/0xe30 drivers/video/fbdev/core/bitblit.c:185 fbcon_putcs+0x318/0x4e8 drivers/video/fbdev/core/fbcon.c:1284 do_update_region+0x2ec/0x5f8 drivers/tty/vt/vt.c:666 update_region+0x1e0/0x478 drivers/tty/vt/vt.c:694 vcs_write+0x988/0x1160 drivers/tty/vt/vc_screen.c:698 vfs_write+0x2a4/0x91c fs/read_write.c:582 ksys_write+0x15c/0x26c fs/read_write.c:637 __do_sys_write fs/read_write.c:649 [inline] __se_sys_write fs/read_write.c:646 [inline] __arm64_sys_write+0x7c/0x90 fs/read_write.c:646 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:204 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 The buggy address belongs to the variable: fontdata_8x16+0x12f0/0x1480 The buggy address belongs to the virtual mapping at [ffff800012390000, ffff800015570000) created by: map_kernel+0x1b0/0x4a8 arch/arm64/mm/mmu.c:786 The buggy address belongs to the physical page: page:000000001fb0536f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1a86f7 flags: 0x5ffc00000001000(reserved|node=0|zone=2|lastcpupid=0x7ff) raw: 05ffc00000001000 fffffc0005a1bdc8 fffffc0005a1bdc8 0000000000000000 raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff8000128f7400: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 ffff8000128f7480: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 >ffff8000128f7500: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 ^ ffff8000128f7580: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 ffff8000128f7600: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 ==================================================================
Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2024/11/11 05:01 | linux-6.1.y | d7039b844a1c | 6b856513 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-6-1-kasan-arm64 | KASAN: global-out-of-bounds Read in bit_putcs |