[   18.921157][ T5530] 8021q: adding VLAN 0 to HW filter on device bond0
[   18.927187][ T5530] eql: remember to turn off Van-Jacobson compression on your slave devices
[   18.984133][  T876] gvnic 0000:00:00.0 enp0s0: Device link is up.
[   18.990673][ T5440] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.169' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   39.924973][ T5944] ==================================================================
[   39.924986][ T5944] BUG: KASAN: use-after-free in fbcon_get_font+0x240/0x8cc
[   39.925006][ T5944] Write of size 22062 at addr ffff0000e1bfabd6 by task syz-executor329/5944
[   39.925017][ T5944] 
[   39.925021][ T5944] CPU: 0 PID: 5944 Comm: syz-executor329 Not tainted 6.3.0-rc1-syzkaller-gfe15c26ee26e #0
[   39.925033][ T5944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   39.925040][ T5944] Call trace:
[   39.925044][ T5944]  dump_backtrace+0x1c8/0x1f4
[   39.925055][ T5944]  show_stack+0x2c/0x3c
[   39.925064][ T5944]  dump_stack_lvl+0xd0/0x124
[   39.925074][ T5944]  print_report+0x174/0x514
[   39.925085][ T5944]  kasan_report+0xd4/0x130
[   39.925095][ T5944]  kasan_check_range+0x264/0x2a4
[   39.925105][ T5944]  __asan_memset+0x40/0x70
[   39.925117][ T5944]  fbcon_get_font+0x240/0x8cc
[   39.925128][ T5944]  con_font_op+0x468/0xfa0
[   39.925138][ T5944]  vt_ioctl+0x1a90/0x252c
[   39.925149][ T5944]  tty_ioctl+0x8a4/0xd8c
[   39.925159][ T5944]  __arm64_sys_ioctl+0x14c/0x1c8
[   39.925173][ T5944]  invoke_syscall+0x98/0x2c0
[   39.925185][ T5944]  el0_svc_common+0x138/0x258
[   39.925198][ T5944]  do_el0_svc+0x64/0x198
[   39.925211][ T5944]  el0_svc+0x58/0x168
[   39.925220][ T5944]  el0t_64_sync_handler+0x84/0xf0
[   39.925229][ T5944]  el0t_64_sync+0x190/0x194
[   39.925239][ T5944] 
[   39.925241][ T5944] The buggy address belongs to the physical page:
[   39.925246][ T5944] page:00000000c3c989b0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x121800
[   39.925259][ T5944] head:00000000c3c989b0 order:10 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   39.925270][ T5944] flags: 0x5ffc00000010000(head|node=0|zone=2|lastcpupid=0x7ff)
[   39.925286][ T5944] raw: 05ffc00000010000 0000000000000000 dead000000000122 0000000000000000
[   39.925296][ T5944] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   39.925302][ T5944] page dumped because: kasan: bad access detected
[   39.925307][ T5944] 
[   39.925309][ T5944] Memory state around the buggy address:
[   39.925332][ T5944]  ffff0000e1bfff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   39.925339][ T5944]  ffff0000e1bfff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   39.925346][ T5944] >ffff0000e1c00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   39.925352][ T5944]                    ^
[   39.925357][ T5944]  ffff0000e1c00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   39.925364][ T5944]  ffff0000e1c00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   39.925370][ T5944] ==================================================================
[   39.925376][ T5944] Disabling lock debugging due to kernel taint