KASAN: null-ptr-deref Read in soft

Date	Name	Commit	Repro	Result
2023/05/28	linux-5.15.y (ToT)	1fe619a7d252	syz	[report] KASAN: null-ptr-deref Read in soft_cursor
2023/05/28	upstream (ToT)	416839029e38	syz	Didn't crash

Date

Name

Commit

Repro

Result

2023/05/28

linux-5.15.y (ToT)

1fe619a7d252

syz

[report] KASAN: null-ptr-deref Read in soft_cursor

2023/05/28

upstream (ToT)

416839029e38

syz

Didn't crash

Kernel	Title	Rank 🛈	Repro	Fix bisect	Count	Last	Reported	Patched	Status
upstream	general protection fault in soft_cursor fbdev	11	C		3	895d	895d	22/29	fixed on 2023/07/01 16:05
linux-4.14	KASAN: use-after-free Read in soft_cursor	19	C	inconclusive	7	1654d	2165d	0/1	upstream: reported C repro on 2019/12/04 13:11
linux-4.19	KASAN: slab-out-of-bounds Read in soft_cursor (2)	17	C	done	8	1630d	1752d	1/1	fixed on 2021/06/23 17:43
linux-4.14	KASAN: slab-out-of-bounds Read in soft_cursor	17	C	unreliable	57	1635d	2166d	0/1	upstream: reported C repro on 2019/12/03 14:54
upstream	KASAN: slab-out-of-bounds Read in soft_cursor (2) fbdev	17			3	18d	46d	0/29	upstream: reported on 2025/09/22 12:50
upstream	KASAN: global-out-of-bounds Read in soft_cursor (2) fbdev	17			1	258d	254d	0/29	auto-obsoleted due to no activity on 2025/05/23 01:13
linux-4.19	KASAN: global-out-of-bounds Read in soft_cursor	17	C	done	22	1628d	2095d	1/1	fixed on 2021/06/24 08:01
linux-4.14	KASAN: global-out-of-bounds Read in soft_cursor	17	C	error	19	1154d	2153d	0/1	upstream: reported C repro on 2019/12/16 00:09

Rank 🛈

upstream

general protection fault in soft_cursor fbdev

895d

22/29

fixed on 2023/07/01 16:05

linux-4.14

KASAN: use-after-free Read in soft_cursor

inconclusive

1654d

2165d

0/1

upstream: reported C repro on 2019/12/04 13:11

linux-4.19

KASAN: slab-out-of-bounds Read in soft_cursor (2)

done

1630d

1752d

1/1

fixed on 2021/06/23 17:43

linux-4.14

KASAN: slab-out-of-bounds Read in soft_cursor

unreliable

1635d

2166d

0/1

upstream: reported C repro on 2019/12/03 14:54

upstream

KASAN: slab-out-of-bounds Read in soft_cursor (2) fbdev

18d

46d

0/29

upstream: reported on 2025/09/22 12:50

upstream

KASAN: global-out-of-bounds Read in soft_cursor (2) fbdev

258d

254d

0/29

auto-obsoleted due to no activity on 2025/05/23 01:13

linux-4.19

KASAN: global-out-of-bounds Read in soft_cursor

done

1628d

2095d

1/1

fixed on 2021/06/24 08:01

linux-4.14

KASAN: global-out-of-bounds Read in soft_cursor

error

1154d

2153d

0/1

upstream: reported C repro on 2019/12/16 00:09

Created	Duration	User	Patch	Repo	Result
2024/12/24 15:21	16m	retest repro		linux-5.15.y	OK log
2024/10/15 01:13	0m	retest repro		linux-5.15.y	error

Created

Duration

User

Patch

Repo

Result

2024/12/24 15:21

16m

retest repro

linux-5.15.y

OK log

2024/10/15 01:13

retest repro

linux-5.15.y

error


Created	Duration	User	Repo	Result
2024/11/18 10:09	57m	fix candidate	upstream	error job log
2024/10/15 05:12	0m	fix candidate	upstream	error job log
2024/08/27 19:05	0m	fix candidate	upstream	error job log
2024/05/30 17:43	0m	fix candidate	upstream	error job log
2024/04/01 16:48	1m	fix candidate	upstream	error job log
2024/02/08 17:15	25m	fix candidate	upstream	error job log
2024/01/04 06:34	0m	fix candidate	upstream	error job log
2023/12/04 18:00	1m	fix candidate	upstream	error job log
2023/10/25 06:40	31m	fix candidate	upstream	error job log
2023/09/04 06:11	0m	fix candidate	upstream	error job log

================================================================== BUG: KASAN: null-ptr-deref in soft_cursor+0x384/0x6b4 drivers/video/fbdev/core/softcursor.c:70 Read of size 16 at addr 0000000000000200 by task kworker/u4:1/136 CPU: 0 PID: 136 Comm: kworker/u4:1 Not tainted 5.15.113-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023 Workqueue: events_power_efficient fb_flashcursor Call trace: dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106 __kasan_report mm/kasan/report.c:438 [inline] kasan_report+0x168/0x1e4 mm/kasan/report.c:451 kasan_check_range+0x274/0x2b4 mm/kasan/generic.c:189 memcpy+0x90/0xe8 mm/kasan/shadow.c:65 soft_cursor+0x384/0x6b4 drivers/video/fbdev/core/softcursor.c:70 bit_cursor+0x113c/0x1a64 drivers/video/fbdev/core/bitblit.c:377 fb_flashcursor+0x2d4/0x3e0 drivers/video/fbdev/core/fbcon.c:387 process_one_work+0x790/0x11b8 kernel/workqueue.c:2307 worker_thread+0x910/0x1034 kernel/workqueue.c:2454 kthread+0x37c/0x45c kernel/kthread.c:319 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870 ================================================================== wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50

Crashes (1):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2023/05/28 00:20	linux-5.15.y	1fe619a7d252	cf184559	.config	console log	report	syz			[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-arm64	KASAN: null-ptr-deref Read in soft_cursor

Crashes (1):

Assets (help?)