[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.138' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   74.889280][   T27] audit: type=1400 audit(1599327599.545:8): avc:  denied  { execmem } for  pid=6849 comm="syz-executor740" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   74.966687][ T6849] ==================================================================
[   74.966730][ T6849] BUG: KASAN: global-out-of-bounds in vga16fb_imageblit+0x1c36/0x2210
[   74.966737][ T6849] Read of size 2 at addr ffffffff8899f6be by task syz-executor740/6849
[   74.966740][ T6849] 
[   74.966750][ T6849] CPU: 1 PID: 6849 Comm: syz-executor740 Not tainted 5.9.0-rc3-syzkaller #0
[   74.966755][ T6849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.966758][ T6849] Call Trace:
[   74.966770][ T6849]  dump_stack+0x198/0x1fd
[   74.966780][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.966787][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.966799][ T6849]  print_address_description.constprop.0.cold+0x5/0x497
[   74.966809][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.966820][ T6849]  ? lockdep_hardirqs_off+0x96/0xd0
[   74.966830][ T6849]  ? vprintk_func+0x97/0x1a6
[   74.966840][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.966847][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.966854][ T6849]  kasan_report.cold+0x1f/0x37
[   74.966866][ T6849]  ? lock_downgrade+0x830/0x830
[   74.966873][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.966883][ T6849]  vga16fb_imageblit+0x1c36/0x2210
[   74.966897][ T6849]  ? fb_pad_aligned_buffer+0xff/0x150
[   74.966910][ T6849]  soft_cursor+0x514/0xa30
[   74.966926][ T6849]  bit_cursor+0x1166/0x17d0
[   74.966940][ T6849]  ? kmalloc_array.constprop.0+0x20/0x20
[   74.966956][ T6849]  ? do_update_region+0x47c/0x630
[   74.966966][ T6849]  ? fb_get_color_depth+0x11a/0x240
[   74.966975][ T6849]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   74.966983][ T6849]  ? get_color+0x20e/0x410
[   74.966994][ T6849]  fbcon_cursor+0x537/0x660
[   74.967002][ T6849]  ? kmalloc_array.constprop.0+0x20/0x20
[   74.967009][ T6849]  ? fbcon_set_palette+0x3a8/0x490
[   74.967020][ T6849]  set_cursor+0x1d2/0x240
[   74.967030][ T6849]  redraw_screen+0x4b9/0x770
[   74.967038][ T6849]  ? vga16fb_update_fix+0x4a0/0x4a0
[   74.967047][ T6849]  ? vc_init+0x430/0x430
[   74.967058][ T6849]  ? fbcon_set_palette+0x3a8/0x490
[   74.967069][ T6849]  fbcon_modechanged+0x575/0x710
[   74.967080][ T6849]  fbcon_update_vcs+0x3a/0x50
[   74.967089][ T6849]  do_fb_ioctl+0x62e/0x690
[   74.967098][ T6849]  ? fb_set_suspend+0x1a0/0x1a0
[   74.967109][ T6849]  ? tomoyo_execute_permission+0x470/0x470
[   74.967125][ T6849]  ? lock_is_held_type+0xbb/0xf0
[   74.967134][ T6849]  ? nf_ct_l4proto_log_invalid+0x1d9/0x209
[   74.967147][ T6849]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   74.967156][ T6849]  ? do_vfs_ioctl+0x27d/0x1090
[   74.967177][ T6849]  ? __x64_sys_openat+0x13f/0x1f0
[   74.967190][ T6849]  fb_ioctl+0xdd/0x130
[   74.967197][ T6849]  ? do_fb_ioctl+0x690/0x690
[   74.967206][ T6849]  __x64_sys_ioctl+0x193/0x200
[   74.967217][ T6849]  do_syscall_64+0x2d/0x70
[   74.967226][ T6849]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   74.967234][ T6849] RIP: 0033:0x4403d9
[   74.967245][ T6849] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   74.967250][ T6849] RSP: 002b:00007ffc862886c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   74.967258][ T6849] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004403d9
[   74.967264][ T6849] RDX: 00000000200001c0 RSI: 0000000000004601 RDI: 0000000000000003
[   74.967269][ T6849] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   74.967274][ T6849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401be0
[   74.967279][ T6849] R13: 0000000000401c70 R14: 0000000000000000 R15: 0000000000000000
[   74.967291][ T6849] 
[   74.967294][ T6849] The buggy address belongs to the variable:
[   74.967302][ T6849]  transl_h+0x3e/0x40
[   74.967304][ T6849] 
[   74.967307][ T6849] Memory state around the buggy address:
[   74.967315][ T6849]  ffffffff8899f580: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
[   74.967321][ T6849]  ffffffff8899f600: 00 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9
[   74.967327][ T6849] >ffffffff8899f680: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 f9 f9 f9 f9
[   74.967331][ T6849]                                         ^
[   74.967337][ T6849]  ffffffff8899f700: 00 01 f9 f9 f9 f9 f9 f9 00 00 00 04 f9 f9 f9 f9
[   74.967348][ T6849]  ffffffff8899f780: 00 00 04 f9 f9 f9 f9 f9 00 00 00 00 00 00 02 f9
[   74.967351][ T6849] ==================================================================
[   74.967354][ T6849] Disabling lock debugging due to kernel taint
[   74.967358][ T6849] Kernel panic - not syncing: panic_on_warn set ...
[   74.967368][ T6849] CPU: 1 PID: 6849 Comm: syz-executor740 Tainted: G    B             5.9.0-rc3-syzkaller #0
[   74.967372][ T6849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.967374][ T6849] Call Trace:
[   74.967384][ T6849]  dump_stack+0x198/0x1fd
[   74.967392][ T6849]  ? vga16fb_imageblit+0x1b40/0x2210
[   74.967399][ T6849]  panic+0x347/0x7c0
[   74.967410][ T6849]  ? __warn_printk+0xf3/0xf3
[   74.967419][ T6849]  ? trace_hardirqs_on+0x55/0x220
[   74.967430][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.967436][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.967443][ T6849]  end_report+0x4d/0x53
[   74.967449][ T6849]  kasan_report.cold+0xd/0x37
[   74.967464][ T6849]  ? lock_downgrade+0x830/0x830
[   74.967471][ T6849]  ? vga16fb_imageblit+0x1c36/0x2210
[   74.967478][ T6849]  vga16fb_imageblit+0x1c36/0x2210
[   74.967487][ T6849]  ? fb_pad_aligned_buffer+0xff/0x150
[   74.967494][ T6849]  soft_cursor+0x514/0xa30
[   74.967504][ T6849]  bit_cursor+0x1166/0x17d0
[   74.967517][ T6849]  ? kmalloc_array.constprop.0+0x20/0x20
[   74.967525][ T6849]  ? do_update_region+0x47c/0x630
[   74.967533][ T6849]  ? fb_get_color_depth+0x11a/0x240
[   74.967540][ T6849]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   74.967546][ T6849]  ? get_color+0x20e/0x410
[   74.967553][ T6849]  fbcon_cursor+0x537/0x660
[   74.967560][ T6849]  ? kmalloc_array.constprop.0+0x20/0x20
[   74.967567][ T6849]  ? fbcon_set_palette+0x3a8/0x490
[   74.967574][ T6849]  set_cursor+0x1d2/0x240
[   74.967582][ T6849]  redraw_screen+0x4b9/0x770
[   74.967588][ T6849]  ? vga16fb_update_fix+0x4a0/0x4a0
[   74.967596][ T6849]  ? vc_init+0x430/0x430
[   74.967603][ T6849]  ? fbcon_set_palette+0x3a8/0x490
[   74.967610][ T6849]  fbcon_modechanged+0x575/0x710
[   74.967618][ T6849]  fbcon_update_vcs+0x3a/0x50
[   74.967625][ T6849]  do_fb_ioctl+0x62e/0x690
[   74.967633][ T6849]  ? fb_set_suspend+0x1a0/0x1a0
[   74.967640][ T6849]  ? tomoyo_execute_permission+0x470/0x470
[   74.967650][ T6849]  ? lock_is_held_type+0xbb/0xf0
[   74.967657][ T6849]  ? nf_ct_l4proto_log_invalid+0x1d9/0x209
[   74.967665][ T6849]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   74.967671][ T6849]  ? do_vfs_ioctl+0x27d/0x1090
[   74.967682][ T6849]  ? __x64_sys_openat+0x13f/0x1f0
[   74.967690][ T6849]  fb_ioctl+0xdd/0x130
[   74.967697][ T6849]  ? do_fb_ioctl+0x690/0x690
[   74.967704][ T6849]  __x64_sys_ioctl+0x193/0x200
[   74.967711][ T6849]  do_syscall_64+0x2d/0x70
[   74.967718][ T6849]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   74.967723][ T6849] RIP: 0033:0x4403d9
[   74.967729][ T6849] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   74.967733][ T6849] RSP: 002b:00007ffc862886c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   74.967740][ T6849] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004403d9
[   74.967744][ T6849] RDX: 00000000200001c0 RSI: 0000000000004601 RDI: 0000000000000003
[   74.967748][ T6849] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   74.967752][ T6849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401be0
[   74.967756][ T6849] R13: 0000000000401c70 R14: 0000000000000000 R15: 0000000000000000
[   74.969576][ T6849] Kernel Offset: disabled
[   75.721861][ T6849] Rebooting in 86400 seconds..