[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   71.968037][   T27] audit: type=1800 audit(1578764660.849:25): pid=9723 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   71.997633][   T27] audit: type=1800 audit(1578764660.849:26): pid=9723 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   72.046806][   T27] audit: type=1800 audit(1578764660.849:27): pid=9723 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.45' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   82.294600][ T9877] ==================================================================
[   82.294639][ T9877] BUG: KASAN: global-out-of-bounds in bit_putcs+0xd5d/0xf10
[   82.294647][ T9877] Read of size 1 at addr ffffffff8874115e by task syz-executor780/9877
[   82.294649][ T9877] 
[   82.294659][ T9877] CPU: 0 PID: 9877 Comm: syz-executor780 Not tainted 5.5.0-rc5-syzkaller #0
[   82.294664][ T9877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   82.294667][ T9877] Call Trace:
[   82.294678][ T9877]  dump_stack+0x197/0x210
[   82.294686][ T9877]  ? bit_putcs+0xd5d/0xf10
[   82.294700][ T9877]  print_address_description.constprop.0.cold+0x5/0x30b
[   82.294707][ T9877]  ? bit_putcs+0xd5d/0xf10
[   82.294715][ T9877]  ? bit_putcs+0xd5d/0xf10
[   82.294723][ T9877]  __kasan_report.cold+0x1b/0x41
[   82.294734][ T9877]  ? fb_get_color_depth.part.0+0x10/0x200
[   82.294740][ T9877]  ? bit_putcs+0xd5d/0xf10
[   82.294750][ T9877]  kasan_report+0x12/0x20
[   82.294759][ T9877]  __asan_report_load1_noabort+0x14/0x20
[   82.294766][ T9877]  bit_putcs+0xd5d/0xf10
[   82.294789][ T9877]  ? bit_cursor+0x1a60/0x1a60
[   82.294801][ T9877]  ? __sanitizer_cov_trace_cmp4+0x11/0x20
[   82.294810][ T9877]  ? fb_get_color_depth.part.0+0xcf/0x200
[   82.294821][ T9877]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   82.294831][ T9877]  fbcon_putcs+0x33c/0x3e0
[   82.294840][ T9877]  ? bit_cursor+0x1a60/0x1a60
[   82.294852][ T9877]  do_update_region+0x42b/0x6f0
[   82.294864][ T9877]  ? con_get_trans_old+0x2a0/0x2a0
[   82.294873][ T9877]  ? fbcon_set_palette+0x3c4/0x4a0
[   82.294881][ T9877]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   82.294889][ T9877]  ? var_to_display+0x810/0x810
[   82.294900][ T9877]  redraw_screen+0x676/0x7d0
[   82.294910][ T9877]  ? respond_string+0x2c0/0x2c0
[   82.294923][ T9877]  fbcon_do_set_font+0x829/0x960
[   82.294934][ T9877]  fbcon_copy_font+0x12c/0x190
[   82.294942][ T9877]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   82.294949][ T9877]  ? fbcon_do_set_font+0x960/0x960
[   82.294957][ T9877]  con_font_op+0x6b2/0x1270
[   82.294967][ T9877]  ? lock_downgrade+0x920/0x920
[   82.294974][ T9877]  ? con_write+0xd0/0xd0
[   82.294989][ T9877]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   82.294999][ T9877]  ? _copy_from_user+0x12c/0x1a0
[   82.295008][ T9877]  vt_ioctl+0x181a/0x26d0
[   82.295017][ T9877]  ? complete_change_console+0x3a0/0x3a0
[   82.295024][ T9877]  ? lock_downgrade+0x920/0x920
[   82.295032][ T9877]  ? rwlock_bug.part.0+0x90/0x90
[   82.295044][ T9877]  ? tomoyo_path_number_perm+0x214/0x520
[   82.295052][ T9877]  ? find_held_lock+0x35/0x130
[   82.295062][ T9877]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   82.295071][ T9877]  ? tty_jobctrl_ioctl+0x50/0xd40
[   82.295079][ T9877]  ? complete_change_console+0x3a0/0x3a0
[   82.295089][ T9877]  tty_ioctl+0xa37/0x14f0
[   82.295099][ T9877]  ? tty_vhangup+0x30/0x30
[   82.295107][ T9877]  ? tomoyo_path_number_perm+0x454/0x520
[   82.295117][ T9877]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   82.295125][ T9877]  ? tomoyo_path_number_perm+0x25e/0x520
[   82.295136][ T9877]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   82.295154][ T9877]  ? tty_vhangup+0x30/0x30
[   82.295164][ T9877]  do_vfs_ioctl+0x977/0x14e0
[   82.295175][ T9877]  ? compat_ioctl_preallocate+0x220/0x220
[   82.295182][ T9877]  ? __fget+0x37f/0x550
[   82.295193][ T9877]  ? ksys_dup3+0x3e0/0x3e0
[   82.295202][ T9877]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   82.295213][ T9877]  ? tomoyo_file_ioctl+0x23/0x30
[   82.295222][ T9877]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   82.295230][ T9877]  ? security_file_ioctl+0x8d/0xc0
[   82.295240][ T9877]  ksys_ioctl+0xab/0xd0
[   82.295249][ T9877]  __x64_sys_ioctl+0x73/0xb0
[   82.295260][ T9877]  do_syscall_64+0xfa/0x790
[   82.295271][ T9877]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   82.295277][ T9877] RIP: 0033:0x445919
[   82.295286][ T9877] Code: e8 fc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 12 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   82.295290][ T9877] RSP: 002b:00007ff2a0134db8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   82.295298][ T9877] RAX: ffffffffffffffda RBX: 00000000006dac58 RCX: 0000000000445919
[   82.295303][ T9877] RDX: 0000000020000540 RSI: 0000000000004b72 RDI: 0000000000000008
[   82.295307][ T9877] RBP: 00000000006dac50 R08: 0000000000000000 R09: 0000000000000000
[   82.295312][ T9877] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dac5c
[   82.295317][ T9877] R13: 00007ffed4d204ef R14: 00007ff2a01359c0 R15: 20c49ba5e353f7cf
[   82.295328][ T9877] 
[   82.295330][ T9877] The buggy address belongs to the variable:
[   82.295338][ T9877]  fontdata_8x16+0x10de/0x1120
[   82.295341][ T9877] 
[   82.295343][ T9877] Memory state around the buggy address:
[   82.295350][ T9877]  ffffffff88741000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   82.295356][ T9877]  ffffffff88741080: fa fa fa fa 06 fa fa fa fa fa fa fa 05 fa fa fa
[   82.295362][ T9877] >ffffffff88741100: fa fa fa fa 06 fa fa fa fa fa fa fa 00 00 03 fa
[   82.295366][ T9877]                                                     ^
[   82.295372][ T9877]  ffffffff88741180: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 00
[   82.295378][ T9877]  ffffffff88741200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   82.295381][ T9877] ==================================================================
[   82.295384][ T9877] Disabling lock debugging due to kernel taint
[   82.295388][ T9877] Kernel panic - not syncing: panic_on_warn set ...
[   82.295396][ T9877] CPU: 0 PID: 9877 Comm: syz-executor780 Tainted: G    B             5.5.0-rc5-syzkaller #0
[   82.295400][ T9877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   82.295402][ T9877] Call Trace:
[   82.295409][ T9877]  dump_stack+0x197/0x210
[   82.295419][ T9877]  panic+0x2e3/0x75c
[   82.295426][ T9877]  ? add_taint.cold+0x16/0x16
[   82.295438][ T9877]  ? trace_hardirqs_on+0x67/0x240
[   82.295445][ T9877]  ? trace_hardirqs_on+0x5e/0x240
[   82.295452][ T9877]  ? bit_putcs+0xd5d/0xf10
[   82.295459][ T9877]  end_report+0x47/0x4f
[   82.295465][ T9877]  ? bit_putcs+0xd5d/0xf10
[   82.295472][ T9877]  __kasan_report.cold+0xe/0x41
[   82.295481][ T9877]  ? fb_get_color_depth.part.0+0x10/0x200
[   82.295487][ T9877]  ? bit_putcs+0xd5d/0xf10
[   82.295494][ T9877]  kasan_report+0x12/0x20
[   82.295502][ T9877]  __asan_report_load1_noabort+0x14/0x20
[   82.295508][ T9877]  bit_putcs+0xd5d/0xf10
[   82.295520][ T9877]  ? bit_cursor+0x1a60/0x1a60
[   82.295529][ T9877]  ? __sanitizer_cov_trace_cmp4+0x11/0x20
[   82.295537][ T9877]  ? fb_get_color_depth.part.0+0xcf/0x200
[   82.295546][ T9877]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   82.295553][ T9877]  fbcon_putcs+0x33c/0x3e0
[   82.295560][ T9877]  ? bit_cursor+0x1a60/0x1a60
[   82.295569][ T9877]  do_update_region+0x42b/0x6f0
[   82.295578][ T9877]  ? con_get_trans_old+0x2a0/0x2a0
[   82.295585][ T9877]  ? fbcon_set_palette+0x3c4/0x4a0
[   82.295593][ T9877]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   82.295599][ T9877]  ? var_to_display+0x810/0x810
[   82.295608][ T9877]  redraw_screen+0x676/0x7d0
[   82.295616][ T9877]  ? respond_string+0x2c0/0x2c0
[   82.295626][ T9877]  fbcon_do_set_font+0x829/0x960
[   82.295634][ T9877]  fbcon_copy_font+0x12c/0x190
[   82.295642][ T9877]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   82.295648][ T9877]  ? fbcon_do_set_font+0x960/0x960
[   82.295654][ T9877]  con_font_op+0x6b2/0x1270
[   82.295661][ T9877]  ? lock_downgrade+0x920/0x920
[   82.295668][ T9877]  ? con_write+0xd0/0xd0
[   82.295678][ T9877]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   82.295685][ T9877]  ? _copy_from_user+0x12c/0x1a0
[   82.295693][ T9877]  vt_ioctl+0x181a/0x26d0
[   82.295700][ T9877]  ? complete_change_console+0x3a0/0x3a0
[   82.295706][ T9877]  ? lock_downgrade+0x920/0x920
[   82.295713][ T9877]  ? rwlock_bug.part.0+0x90/0x90
[   82.295721][ T9877]  ? tomoyo_path_number_perm+0x214/0x520
[   82.295728][ T9877]  ? find_held_lock+0x35/0x130
[   82.295736][ T9877]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   82.295744][ T9877]  ? tty_jobctrl_ioctl+0x50/0xd40
[   82.295750][ T9877]  ? complete_change_console+0x3a0/0x3a0
[   82.295758][ T9877]  tty_ioctl+0xa37/0x14f0
[   82.295766][ T9877]  ? tty_vhangup+0x30/0x30
[   82.295773][ T9877]  ? tomoyo_path_number_perm+0x454/0x520
[   82.295786][ T9877]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   82.295794][ T9877]  ? tomoyo_path_number_perm+0x25e/0x520
[   82.295803][ T9877]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   82.295815][ T9877]  ? tty_vhangup+0x30/0x30
[   82.295822][ T9877]  do_vfs_ioctl+0x977/0x14e0
[   82.295830][ T9877]  ? compat_ioctl_preallocate+0x220/0x220
[   82.295836][ T9877]  ? __fget+0x37f/0x550
[   82.295844][ T9877]  ? ksys_dup3+0x3e0/0x3e0
[   82.295851][ T9877]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   82.295861][ T9877]  ? tomoyo_file_ioctl+0x23/0x30
[   82.295868][ T9877]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   82.295875][ T9877]  ? security_file_ioctl+0x8d/0xc0
[   82.295882][ T9877]  ksys_ioctl+0xab/0xd0
[   82.295890][ T9877]  __x64_sys_ioctl+0x73/0xb0
[   82.295898][ T9877]  do_syscall_64+0xfa/0x790
[   82.295906][ T9877]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   82.295911][ T9877] RIP: 0033:0x445919
[   82.295918][ T9877] Code: e8 fc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 12 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   82.295921][ T9877] RSP: 002b:00007ff2a0134db8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   82.295928][ T9877] RAX: ffffffffffffffda RBX: 00000000006dac58 RCX: 0000000000445919
[   82.295932][ T9877] RDX: 0000000020000540 RSI: 0000000000004b72 RDI: 0000000000000008
[   82.295936][ T9877] RBP: 00000000006dac50 R08: 0000000000000000 R09: 0000000000000000
[   82.295940][ T9877] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dac5c
[   82.295944][ T9877] R13: 00007ffed4d204ef R14: 00007ff2a01359c0 R15: 20c49ba5e353f7cf
[   82.297414][ T9877] Kernel Offset: disabled
[   83.232528][ T9877] Rebooting in 86400 seconds..