IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready ================================================================== BUG: KASAN: slab-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffff8800b43494c0 Read of size 16 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Not tainted 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487450 ffffffff82c7f386 0000000000000010 ffff8801274874e0 ffff8800b4348d80 ffff88012bc00800 ffff8801274874d0 ffffffff81740207 ffff8800add8e400 ffffffff86f0eda0 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] soft_cursor+0x72e/0xc20 drivers/video/console/softcursor.c:70 [] bit_cursor+0x14ac/0x21a0 drivers/video/console/bitblit.c:386 [] fbcon_cursor+0x453/0x650 drivers/video/console/fbcon.c:1332 [] hide_cursor+0x95/0x2d0 drivers/tty/vt/vt.c:605 [] redraw_screen+0x292/0x7d0 drivers/tty/vt/vt.c:688 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc >ffff8800b4349480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d0 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d0 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d0 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000246 ffff880127487450 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d1 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d1 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d1 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d2 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d2 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d2 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d3 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d3 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d3 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d4 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d4 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d4 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d5 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d5 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d5 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d6 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d6 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d6 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d7 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d7 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d7 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d8 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d8 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d8 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [] bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 [] fbcon_putcs+0x374/0x5a0 drivers/video/console/fbcon.c:1283 [] do_update_region+0x3f7/0x7c0 drivers/tty/vt/vt.c:383 [] redraw_screen+0x531/0x7d0 drivers/tty/vt/vt.c:713 [] vc_do_resize+0xd70/0x1350 drivers/tty/vt/vt.c:953 [] vc_resize+0x3d/0x60 drivers/tty/vt/vt.c:972 [] vt_ioctl+0x14fb/0x24e0 drivers/tty/vt/vt_ioctl.c:900 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Object at ffff8800b4348d80, in cache kmalloc-2048 Object allocated with size 1040 bytes. Allocation: PID = 7735 [] save_stack_trace+0x26/0x50 arch/x86/kernel/stacktrace.c:67 [] save_stack+0x46/0xd0 mm/kasan/kasan.c:450 [] set_track mm/kasan/kasan.c:462 [inline] [] kasan_kmalloc+0xc9/0xe0 mm/kasan/kasan.c:532 [] __do_kmalloc mm/slab.c:3545 [inline] [] __kmalloc+0x169/0x6d0 mm/slab.c:3554 [] kmalloc include/linux/slab.h:483 [inline] [] fbcon_set_font+0x269/0x820 drivers/video/console/fbcon.c:2595 [] con_font_set drivers/tty/vt/vt.c:4156 [inline] [] con_font_op+0xc1d/0xfa0 drivers/tty/vt/vt.c:4221 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffff8800b4349080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8800b4349100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8800b4349180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8800b4349200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8800b4349280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-out-of-bounds in __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] at addr ffff8800b43491d9 BUG: KASAN: slab-out-of-bounds in bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] at addr ffff8800b43491d9 BUG: KASAN: slab-out-of-bounds in bit_putcs+0xc43/0xd20 drivers/video/console/bitblit.c:185 at addr ffff8800b43491d9 Read of size 1 by task syz-executor.0/7739 CPU: 1 PID: 7739 Comm: syz-executor.0 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0dd577e ffff880127487398 ffffffff82c7f386 ffff8800ba6357e2 ffff880127487428 ffff8800b4348d80 ffff88012bc00800 ffff880127487418 ffffffff81740207 0000000000000010 ffff880100000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] object_err mm/kasan/report.c:139 [inline] [] print_address_description mm/kasan/report.c:179 [inline] [] kasan_report_error+0x1e7/0x5c0 mm/kasan/report.c:275 [] kasan_report mm/kasan/report.c:297 [inline] [] __asan_report_load1_noabort+0x3e/0x40 mm/kasan/report.c:315 [] __fb_pad_aligned_buffer include/linux/fb.h:670 [inline] [] bit_putcs_aligned drivers/video/console/bitblit.c:96 [inline] [