Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   68.581973][   T25] kauditd_printk_skb: 6 callbacks suppressed
[   68.581984][   T25] audit: type=1800 audit(1575390072.977:39): pid=9421 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   68.610081][   T25] audit: type=1800 audit(1575390072.977:40): pid=9421 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   70.808407][   T25] audit: type=1400 audit(1575390075.197:41): avc:  denied  { map } for  pid=9596 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.1.40' (ECDSA) to the list of known hosts.
executing program
[   77.281752][   T25] audit: type=1400 audit(1575390081.677:42): avc:  denied  { map } for  pid=9608 comm="syz-executor881" path="/root/syz-executor881794909" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   77.365348][ T9608] ==================================================================
[   77.365391][ T9608] BUG: KASAN: global-out-of-bounds in vga16fb_imageblit+0x1c8b/0x2200
[   77.365399][ T9608] Read of size 2 at addr ffffffff8874d45e by task syz-executor881/9608
[   77.365401][ T9608] 
[   77.365411][ T9608] CPU: 0 PID: 9608 Comm: syz-executor881 Not tainted 5.4.0-syzkaller #0
[   77.365416][ T9608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   77.365419][ T9608] Call Trace:
[   77.365432][ T9608]  dump_stack+0x197/0x210
[   77.365441][ T9608]  ? vga16fb_imageblit+0x1c8b/0x2200
[   77.365457][ T9608]  print_address_description.constprop.0.cold+0x5/0x30b
[   77.365465][ T9608]  ? vga16fb_imageblit+0x1c8b/0x2200
[   77.365473][ T9608]  ? vga16fb_imageblit+0x1c8b/0x2200
[   77.365481][ T9608]  __kasan_report.cold+0x1b/0x41
[   77.365491][ T9608]  ? vga16fb_imageblit+0x1c8b/0x2200
[   77.365500][ T9608]  kasan_report+0x12/0x20
[   77.365509][ T9608]  __asan_report_load2_noabort+0x14/0x20
[   77.365517][ T9608]  vga16fb_imageblit+0x1c8b/0x2200
[   77.365526][ T9608]  ? mark_lock+0x11f/0x1220
[   77.365541][ T9608]  soft_cursor+0x4fb/0xa30
[   77.365548][ T9608]  ? lockdep_hardirqs_on+0x421/0x5e0
[   77.365562][ T9608]  bit_cursor+0x12fc/0x1a60
[   77.365575][ T9608]  ? bit_clear+0x530/0x530
[   77.365583][ T9608]  ? fbcon_putcs+0x33c/0x3e0
[   77.365590][ T9608]  ? fbcon_putcs+0x343/0x3e0
[   77.365605][ T9608]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   77.365614][ T9608]  ? get_color+0x225/0x430
[   77.365623][ T9608]  fbcon_cursor+0x487/0x660
[   77.365631][ T9608]  ? bit_clear+0x530/0x530
[   77.365643][ T9608]  set_cursor+0x1fb/0x280
[   77.365651][ T9608]  redraw_screen+0x4e1/0x7d0
[   77.365658][ T9608]  ? efifb_probe.cold+0x181f/0x181f
[   77.365667][ T9608]  ? respond_string+0x2c0/0x2c0
[   77.365676][ T9608]  ? fbcon_set_palette+0x3c4/0x4a0
[   77.365686][ T9608]  fbcon_modechanged+0x5c3/0x790
[   77.365698][ T9608]  fbcon_update_vcs+0x42/0x50
[   77.365705][ T9608]  fb_set_var+0xb32/0xdd0
[   77.365714][ T9608]  ? fb_blank+0x1a0/0x1a0
[   77.365727][ T9608]  ? ___preempt_schedule+0x16/0x18
[   77.365738][ T9608]  ? __mutex_lock+0xf73/0x13c0
[   77.365752][ T9608]  ? down+0x70/0x90
[   77.365771][ T9608]  ? do_fb_ioctl+0x335/0x7d0
[   77.365783][ T9608]  do_fb_ioctl+0x390/0x7d0
[   77.365791][ T9608]  ? fb_mmap+0x520/0x520
[   77.365798][ T9608]  ? tomoyo_path_number_perm+0x214/0x520
[   77.365807][ T9608]  ? find_held_lock+0x35/0x130
[   77.365815][ T9608]  ? tomoyo_path_number_perm+0x214/0x520
[   77.365826][ T9608]  ? lock_downgrade+0x920/0x920
[   77.365833][ T9608]  ? lockdep_hardirqs_on+0x421/0x5e0
[   77.365843][ T9608]  ? tomoyo_path_number_perm+0x454/0x520
[   77.365862][ T9608]  ? ___might_sleep+0x163/0x2c0
[   77.365873][ T9608]  fb_ioctl+0xe6/0x130
[   77.365879][ T9608]  ? do_fb_ioctl+0x7d0/0x7d0
[   77.365888][ T9608]  do_vfs_ioctl+0x977/0x14e0
[   77.365897][ T9608]  ? compat_ioctl_preallocate+0x220/0x220
[   77.365905][ T9608]  ? selinux_file_mprotect+0x620/0x620
[   77.365913][ T9608]  ? kmem_cache_free+0x26b/0x320
[   77.365924][ T9608]  ? do_sys_open+0x31d/0x5d0
[   77.365935][ T9608]  ? tomoyo_file_ioctl+0x23/0x30
[   77.365943][ T9608]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   77.365955][ T9608]  ? security_file_ioctl+0x8d/0xc0
[   77.365964][ T9608]  ksys_ioctl+0xab/0xd0
[   77.365973][ T9608]  __x64_sys_ioctl+0x73/0xb0
[   77.365983][ T9608]  do_syscall_64+0xfa/0x790
[   77.365994][ T9608]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   77.366001][ T9608] RIP: 0033:0x440309
[   77.366011][ T9608] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   77.366016][ T9608] RSP: 002b:00007fffba5f8cb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   77.366024][ T9608] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440309
[   77.366029][ T9608] RDX: 0000000020000340 RSI: 0000000000004601 RDI: 0000000000000003
[   77.366033][ T9608] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   77.366038][ T9608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401b90
[   77.366043][ T9608] R13: 0000000000401c20 R14: 0000000000000000 R15: 0000000000000000
[   77.366053][ T9608] 
[   77.366056][ T9608] The buggy address belongs to the variable:
[   77.366064][ T9608]  transl_h+0x3e/0x40
[   77.366066][ T9608] 
[   77.366069][ T9608] Memory state around the buggy address:
[   77.366076][ T9608]  ffffffff8874d300: 00 00 00 00 fa fa fa fa 00 00 00 00 fa fa fa fa
[   77.366082][ T9608]  ffffffff8874d380: 00 00 00 00 00 fa fa fa fa fa fa fa 04 fa fa fa
[   77.366088][ T9608] >ffffffff8874d400: fa fa fa fa 00 00 00 00 fa fa fa fa 00 00 00 00
[   77.366091][ T9608]                                                     ^
[   77.366097][ T9608]  ffffffff8874d480: fa fa fa fa 00 01 fa fa fa fa fa fa 00 00 00 04
[   77.366103][ T9608]  ffffffff8874d500: fa fa fa fa 00 00 04 fa fa fa fa fa 00 00 00 00
[   77.366105][ T9608] ==================================================================
[   77.366108][ T9608] Disabling lock debugging due to kernel taint
[   77.366113][ T9608] Kernel panic - not syncing: panic_on_warn set ...
[   77.366121][ T9608] CPU: 0 PID: 9608 Comm: syz-executor881 Tainted: G    B             5.4.0-syzkaller #0
[   77.366124][ T9608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   77.366126][ T9608] Call Trace:
[   77.366134][ T9608]  dump_stack+0x197/0x210
[   77.366143][ T9608]  panic+0x2e3/0x75c
[   77.366150][ T9608]  ? add_taint.cold+0x16/0x16
[   77.366160][ T9608]  ? trace_hardirqs_on+0x67/0x240
[   77.366167][ T9608]  ? trace_hardirqs_on+0x5e/0x240
[   77.366175][ T9608]  ? vga16fb_imageblit+0x1c8b/0x2200
[   77.366182][ T9608]  end_report+0x47/0x4f
[   77.366189][ T9608]  ? vga16fb_imageblit+0x1c8b/0x2200
[   77.366195][ T9608]  __kasan_report.cold+0xe/0x41
[   77.366204][ T9608]  ? vga16fb_imageblit+0x1c8b/0x2200
[   77.366211][ T9608]  kasan_report+0x12/0x20
[   77.366218][ T9608]  __asan_report_load2_noabort+0x14/0x20
[   77.366225][ T9608]  vga16fb_imageblit+0x1c8b/0x2200
[   77.366231][ T9608]  ? mark_lock+0x11f/0x1220
[   77.366242][ T9608]  soft_cursor+0x4fb/0xa30
[   77.366248][ T9608]  ? lockdep_hardirqs_on+0x421/0x5e0
[   77.366258][ T9608]  bit_cursor+0x12fc/0x1a60
[   77.366267][ T9608]  ? bit_clear+0x530/0x530
[   77.366274][ T9608]  ? fbcon_putcs+0x33c/0x3e0
[   77.366280][ T9608]  ? fbcon_putcs+0x343/0x3e0
[   77.366290][ T9608]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   77.366297][ T9608]  ? get_color+0x225/0x430
[   77.366305][ T9608]  fbcon_cursor+0x487/0x660
[   77.366312][ T9608]  ? bit_clear+0x530/0x530
[   77.366320][ T9608]  set_cursor+0x1fb/0x280
[   77.366327][ T9608]  redraw_screen+0x4e1/0x7d0
[   77.366334][ T9608]  ? efifb_probe.cold+0x181f/0x181f
[   77.366340][ T9608]  ? respond_string+0x2c0/0x2c0
[   77.366348][ T9608]  ? fbcon_set_palette+0x3c4/0x4a0
[   77.366356][ T9608]  fbcon_modechanged+0x5c3/0x790
[   77.366365][ T9608]  fbcon_update_vcs+0x42/0x50
[   77.366371][ T9608]  fb_set_var+0xb32/0xdd0
[   77.366378][ T9608]  ? fb_blank+0x1a0/0x1a0
[   77.366386][ T9608]  ? ___preempt_schedule+0x16/0x18
[   77.366394][ T9608]  ? __mutex_lock+0xf73/0x13c0
[   77.366401][ T9608]  ? down+0x70/0x90
[   77.366412][ T9608]  ? do_fb_ioctl+0x335/0x7d0
[   77.366421][ T9608]  do_fb_ioctl+0x390/0x7d0
[   77.366427][ T9608]  ? fb_mmap+0x520/0x520
[   77.366433][ T9608]  ? tomoyo_path_number_perm+0x214/0x520
[   77.366441][ T9608]  ? find_held_lock+0x35/0x130
[   77.366448][ T9608]  ? tomoyo_path_number_perm+0x214/0x520
[   77.366460][ T9608]  ? lock_downgrade+0x920/0x920
[   77.366467][ T9608]  ? lockdep_hardirqs_on+0x421/0x5e0
[   77.366474][ T9608]  ? tomoyo_path_number_perm+0x454/0x520
[   77.366486][ T9608]  ? ___might_sleep+0x163/0x2c0
[   77.366494][ T9608]  fb_ioctl+0xe6/0x130
[   77.366499][ T9608]  ? do_fb_ioctl+0x7d0/0x7d0
[   77.366506][ T9608]  do_vfs_ioctl+0x977/0x14e0
[   77.366514][ T9608]  ? compat_ioctl_preallocate+0x220/0x220
[   77.366520][ T9608]  ? selinux_file_mprotect+0x620/0x620
[   77.366527][ T9608]  ? kmem_cache_free+0x26b/0x320
[   77.366534][ T9608]  ? do_sys_open+0x31d/0x5d0
[   77.366542][ T9608]  ? tomoyo_file_ioctl+0x23/0x30
[   77.366550][ T9608]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   77.366557][ T9608]  ? security_file_ioctl+0x8d/0xc0
[   77.366564][ T9608]  ksys_ioctl+0xab/0xd0
[   77.366571][ T9608]  __x64_sys_ioctl+0x73/0xb0
[   77.366579][ T9608]  do_syscall_64+0xfa/0x790
[   77.366588][ T9608]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   77.366592][ T9608] RIP: 0033:0x440309
[   77.366599][ T9608] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   77.366603][ T9608] RSP: 002b:00007fffba5f8cb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   77.366609][ T9608] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440309
[   77.366613][ T9608] RDX: 0000000020000340 RSI: 0000000000004601 RDI: 0000000000000003
[   77.366617][ T9608] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   77.366621][ T9608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401b90
[   77.366625][ T9608] R13: 0000000000401c20 R14: 0000000000000000 R15: 0000000000000000
[   77.368022][ T9608] Kernel Offset: disabled
[   78.245105][ T9608] Rebooting in 86400 seconds..