================================================================== BUG: KASAN: global-out-of-bounds in memcpy include/linux/string.h:372 [inline] BUG: KASAN: global-out-of-bounds in soft_cursor+0x442/0xa50 drivers/video/fbdev/core/softcursor.c:70 Read of size 32 at addr ffffffff87cf4870 by task kworker/1:145/28534 CPU: 1 PID: 28534 Comm: kworker/1:145 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events_power_efficient fb_flashcursor Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 print_address_description.cold+0x5/0x1d3 mm/kasan/report.c:252 kasan_report_error.cold+0x8a/0x194 mm/kasan/report.c:351 kasan_report+0x6f/0x7b mm/kasan/report.c:409 memcpy+0x20/0x50 mm/kasan/kasan.c:302 memcpy include/linux/string.h:372 [inline] soft_cursor+0x442/0xa50 drivers/video/fbdev/core/softcursor.c:70 bit_cursor+0xf7a/0x1580 drivers/video/fbdev/core/bitblit.c:377 fb_flashcursor+0x356/0x3f0 drivers/video/fbdev/core/fbcon.c:373 process_one_work+0x793/0x14a0 kernel/workqueue.c:2116 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 The buggy address belongs to the variable: oid_index+0x1f0/0x9a0 Memory state around the buggy address: ffffffff87cf4700: fa fa fa fa 00 02 fa fa fa fa fa fa 00 01 fa fa ffffffff87cf4780: fa fa fa fa 00 00 02 fa fa fa fa fa 00 03 fa fa >ffffffff87cf4800: fa fa fa fa 06 fa fa fa fa fa fa fa 05 fa fa fa ^ ffffffff87cf4880: fa fa fa fa 07 fa fa fa fa fa fa fa 00 01 fa fa ffffffff87cf4900: fa fa fa fa 00 05 fa fa fa fa fa fa 03 fa fa fa ==================================================================