================================================================== BUG: KASAN: global-out-of-bounds in soft_cursor+0x95a/0xa20 drivers/video/fbdev/core/softcursor.c:61 Read of size 1 at addr ffffffff8875c44b by task kworker/0:1/12 CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.7.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events_power_efficient fb_flashcursor Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x188/0x20d lib/dump_stack.c:118 print_address_description.constprop.0.cold+0x5/0x413 mm/kasan/report.c:383 __kasan_report mm/kasan/report.c:513 [inline] kasan_report.cold+0x1f/0x37 mm/kasan/report.c:530 soft_cursor+0x95a/0xa20 drivers/video/fbdev/core/softcursor.c:61 bit_cursor+0x11c8/0x1870 drivers/video/fbdev/core/bitblit.c:386 fb_flashcursor+0x371/0x3e0 drivers/video/fbdev/core/fbcon.c:417 process_one_work+0x965/0x16a0 kernel/workqueue.c:2268 worker_thread+0x96/0xe20 kernel/workqueue.c:2414 kthread+0x388/0x470 kernel/kthread.c:268 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:351 The buggy address belongs to the variable: __func__.45663+0xb/0x1c0 Memory state around the buggy address: ffffffff8875c300: 00 00 00 fa fa fa fa fa 00 00 00 00 00 01 fa fa ffffffff8875c380: fa fa fa fa 00 00 00 00 01 fa fa fa fa fa fa fa >ffffffff8875c400: 00 00 00 00 fa fa fa fa 00 03 fa fa fa fa fa fa ^ ffffffff8875c480: 00 01 fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff8875c500: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ==================================================================