bisecting cause commit starting from 6794862a16ef41f753abd75c03a152836e4c8028 building syzkaller on 5a5826a14e99564bdd4de163d3ac368056e5d992 testing commit 6794862a16ef41f753abd75c03a152836e4c8028 with gcc (GCC) 8.1.0 kernel signature: 682bfbfad3f28184a352daaa14969e98d7b2bbda all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 3d19bc3fb24a80cb344835f8ab5e9f940f9e3b6a all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: 37d0ee9d0cb783ff751b1c166f699e89210b1d8b all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: 4ed5fbcd77cf7c63a3a4130b1b7e7420360fc2df all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 kernel signature: 5e7dc22f0e9e34e98761c5902ee1d84ece658866 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 kernel signature: 52317c13862130130f7a7d5cfb6d83d3382eebc3 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 kernel signature: 0bd23b5816795daa7a45637fd87324896d1bad3a all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 kernel signature: b6bc8632d3cfea0a4717d2b9af3973aedfe4d85f all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 kernel signature: 8a89cdc0697d9c4f4841c4784cb9190330b6a681 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.17 testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0 kernel signature: b2221f739a66aeea1d635e62b912fcdd26b6b984 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.16 testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0 kernel signature: f526f02d2074065a46187d7c920e6c4c1753ed49 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.15 testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0 kernel signature: 86b1fc369c0e8ac3d8075a0d70587a10a7cd165e all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.14 testing commit bebc6082da0a9f5d47a1ea2edc099bf671058bd4 with gcc (GCC) 8.1.0 kernel signature: 318ff11fd827826f7b30bbcde8c03e5f421e99d6 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.13 testing commit 569dbb88e80deb68974ef6fdd6a13edb9d686261 with gcc (GCC) 8.1.0 kernel signature: 2aa9dd49305947dae9d6b4b4abaa3a5dc93f877b all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.12 testing commit 6f7da290413ba713f0cdd9ff1a2a9bb129ef4f6c with gcc (GCC) 8.1.0 kernel signature: a307068d15de0a361d0604a482f1537c6fd3f737 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.11 testing commit a351e9b9fc24e982ec2f0e76379a49826036da12 with gcc (GCC) 7.3.0 kernel signature: 0530aabaa97e2ea779b2007c0e8a3767ed1470da all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.10 testing commit c470abd4fde40ea6a0846a2beab642a578c0b8cd with gcc (GCC) 5.5.0 kernel signature: 7f99b2963cec036198c95e07275cc771e6a83c61 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.9 testing commit 69973b830859bc6529a7a0468ba0d80ee5117826 with gcc (GCC) 5.5.0 kernel signature: 01b54a3fe2982193d93bf3f4cd70a56d278b3ee2 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.8 testing commit c8d2bc9bc39ebea8437fd974fdbc21847bb897a3 with gcc (GCC) 5.5.0 kernel signature: 3dd02bb40ce47d826c1a68dbfe36b7672f1fdf1b all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.7 testing commit 523d939ef98fd712632d93a5a2b588e477a7565e with gcc (GCC) 5.5.0 kernel signature: b6d4421c7bef9de35948f53549aecb3c8b803c63 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font testing release v4.6 testing commit 2dcd0af568b0cf583645c8a317dd12e344b1c72a with gcc (GCC) 5.5.0 kernel signature: ba04323d362d5ab295570d6a0022e0ceafd5bce1 all runs: crashed: KASAN: global-out-of-bounds Read in fbcon_get_font revisions tested: 21, total time: 3h27m21.922929001s (build: 1h51m13.031319396s, test: 1h33m33.78739897s) the crash already happened on the oldest tested release commit msg: Linux 4.6 crash: KASAN: global-out-of-bounds Read in fbcon_get_font BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde2c0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x220/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde2c0 00000000000000ae ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde180: 00 00 00 00 02 fa fa fa fa fa fa fa 00 00 00 00 ffffffff85fde200: 02 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa >ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa ^ ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde2e0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x240/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde2e0 00000000000000af ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde180: 00 00 00 00 02 fa fa fa fa fa fa fa 00 00 00 00 ffffffff85fde200: 02 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa >ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa ^ ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde300 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x260/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde300 00000000000000b0 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde200: 02 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa >ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ^ ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde320 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x280/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde320 00000000000000b1 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde200: 02 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa >ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ^ ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde340 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x2a0/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde340 00000000000000b2 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde200: 02 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa >ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ^ ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde360 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x2c0/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde360 00000000000000b3 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde200: 02 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa >ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ^ ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde380 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x2e0/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde380 00000000000000b4 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa >ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ^ ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde3a0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x300/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde3a0 00000000000000b5 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa >ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ^ ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde3c0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x320/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde3c0 00000000000000b6 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa >ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ^ ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde3e0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x340/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde3e0 00000000000000b7 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde280: 01 fa fa fa fa fa fa fa 00 00 02 fa fa fa fa fa ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa >ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ^ ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde400 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x360/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde400 00000000000000b8 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa >ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ^ ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde420 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x380/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde420 00000000000000b9 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa >ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ^ ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde440 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x3a0/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde440 00000000000000ba ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa >ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ^ ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde460 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x3c0/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde460 00000000000000bb ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde300: 04 fa fa fa fa fa fa fa 00 01 fa fa fa fa fa fa ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa >ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ^ ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde480 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x3e0/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde480 00000000000000bc ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa >ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ^ ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde4a0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x400/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde4a0 00000000000000bd ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa >ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ^ ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde4c0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x420/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde4c0 00000000000000be ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa >ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ^ ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde4e0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x440/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde4e0 00000000000000bf ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde380: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa >ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ^ ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde520 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x480/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde520 00000000000000c1 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa >ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ^ ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde540 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x4a0/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde540 00000000000000c2 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde400: 07 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa >ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ^ ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde580 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x4e0/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde580 00000000000000c4 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 >ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ^ ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde5a0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x500/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde5a0 00000000000000c5 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 >ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ^ ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde5e0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x540/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde5e0 00000000000000c7 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde480: 00 00 00 05 fa fa fa fa 00 00 00 fa fa fa fa fa ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 >ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ^ ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde600 Read of size 32 by task syz-executor.1/19849 Address belongs to variable oid_index+0x560/0x580 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde600 00000000000000c8 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa >ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ^ ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ffffffff85fde700: 00 00 00 04 fa fa fa fa 00 00 00 00 03 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde620 Read of size 32 by task syz-executor.1/19849 Address belongs to variable __func__.34671+0x0/0x40 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde620 00000000000000c9 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa >ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ^ ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ffffffff85fde700: 00 00 00 04 fa fa fa fa 00 00 00 00 03 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde640 Read of size 32 by task syz-executor.1/19849 Address belongs to variable __func__.34671+0x20/0x40 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde640 00000000000000ca ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa >ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ^ ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ffffffff85fde700: 00 00 00 04 fa fa fa fa 00 00 00 00 03 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde660 Read of size 32 by task syz-executor.1/19849 Address belongs to variable str__msr__trace_system_name+0x0/0x980 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde660 00000000000000cb ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde500: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00 ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa >ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ^ ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ffffffff85fde700: 00 00 00 04 fa fa fa fa 00 00 00 00 03 fa fa fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde680 Read of size 32 by task syz-executor.1/19849 Address belongs to variable str__msr__trace_system_name+0x20/0x980 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde680 00000000000000cc ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa >ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ^ ffffffff85fde700: 00 00 00 04 fa fa fa fa 00 00 00 00 03 fa fa fa ffffffff85fde780: fa fa fa fa 00 00 07 fa fa fa fa fa 00 00 01 fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde6c0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable str__msr__trace_system_name+0x60/0x980 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde6c0 00000000000000ce ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa >ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ^ ffffffff85fde700: 00 00 00 04 fa fa fa fa 00 00 00 00 03 fa fa fa ffffffff85fde780: fa fa fa fa 00 00 07 fa fa fa fa fa 00 00 01 fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde6e0 Read of size 32 by task syz-executor.1/19849 Address belongs to variable str__msr__trace_system_name+0x80/0x980 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde6e0 00000000000000cf ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde580: 03 fa fa fa fa fa fa fa 00 00 00 00 02 fa fa fa ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa >ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa ^ ffffffff85fde700: 00 00 00 04 fa fa fa fa 00 00 00 00 03 fa fa fa ffffffff85fde780: fa fa fa fa 00 00 07 fa fa fa fa fa 00 00 01 fa ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde700 Read of size 32 by task syz-executor.1/19849 Address belongs to variable str__msr__trace_system_name+0xa0/0x980 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde700 00000000000000d0 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275 [] kasan_report+0x34/0x40 mm/kasan/report.c:297 [] check_memory_region mm/kasan/kasan.c:285 [inline] [] __asan_loadN+0x12a/0x180 mm/kasan/kasan.c:678 [] memcpy+0x1d/0x40 mm/kasan/kasan.c:318 [] fbcon_get_font+0x221/0x560 drivers/video/console/fbcon.c:2406 [] con_font_get drivers/tty/vt/vt.c:4072 [inline] [] con_font_op+0x564/0xfa0 drivers/tty/vt/vt.c:4223 [] vt_ioctl+0x434/0x24e0 drivers/tty/vt/vt_ioctl.c:915 [] tty_ioctl+0x5d4/0x20f0 drivers/tty/tty_io.c:2988 [] vfs_ioctl fs/ioctl.c:43 [inline] [] do_vfs_ioctl+0x17f/0xe70 fs/ioctl.c:674 [] SYSC_ioctl fs/ioctl.c:689 [inline] [] SyS_ioctl+0x74/0x80 fs/ioctl.c:680 [] entry_SYSCALL_64_fastpath+0x23/0xc1 Memory state around the buggy address: ffffffff85fde600: fa fa fa fa 00 03 fa fa fa fa fa fa 04 fa fa fa ffffffff85fde680: fa fa fa fa 00 00 00 00 00 00 00 03 fa fa fa fa >ffffffff85fde700: 00 00 00 04 fa fa fa fa 00 00 00 00 03 fa fa fa ^ ffffffff85fde780: fa fa fa fa 00 00 07 fa fa fa fa fa 00 00 01 fa ffffffff85fde800: fa fa fa fa 04 fa fa fa fa fa fa fa 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: global-out-of-bounds in memcpy+0x1d/0x40 mm/kasan/kasan.c:318 at addr ffffffff85fde720 Read of size 32 by task syz-executor.1/19849 Address belongs to variable str__msr__trace_system_name+0xc0/0x980 CPU: 0 PID: 19849 Comm: syz-executor.1 Tainted: G B 4.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 1ffffffff0d9577e ffff88012787f7a0 ffffffff82c4dd46 0000000000000020 ffff88012787f830 ffffffff85fde720 00000000000000d1 ffff88012787f820 ffffffff817405ba 0000000000000010 0000000000000000 0000000000000286 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xe6/0x120 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:190 [inline] [] kasan_report_error+0x59a/0x5c0 mm/kasan/report.c:275