Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   40.266877] audit: type=1800 audit(1575368828.014:33): pid=7454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   44.451121] kauditd_printk_skb: 1 callbacks suppressed
[   44.451134] audit: type=1400 audit(1575368832.194:35): avc:  denied  { map } for  pid=7630 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.103' (ECDSA) to the list of known hosts.
executing program
[   51.044017] audit: type=1400 audit(1575368838.794:36): avc:  denied  { map } for  pid=7642 comm="syz-executor961" path="/root/syz-executor961368758" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
executing program
executing program
executing program
executing program
executing program
executing program
[   51.153037] ==================================================================
[   51.153061] BUG: KASAN: slab-out-of-bounds in soft_cursor+0x439/0xa30
[   51.153068] Read of size 9 at addr ffff88808e2fc470 by task kworker/0:2/2675
[   51.153070] 
[   51.153080] CPU: 0 PID: 2675 Comm: kworker/0:2 Not tainted 4.19.87-syzkaller #0
[   51.153085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   51.153093] Workqueue: events_power_efficient fb_flashcursor
[   51.153097] Call Trace:
[   51.153110]  dump_stack+0x197/0x210
[   51.153119]  ? soft_cursor+0x439/0xa30
[   51.153130]  print_address_description.cold+0x7c/0x20d
[   51.153138]  ? soft_cursor+0x439/0xa30
[   51.153149]  kasan_report.cold+0x8c/0x2ba
[   51.153161]  check_memory_region+0x123/0x190
[   51.153169]  memcpy+0x24/0x50
[   51.153177]  soft_cursor+0x439/0xa30
[   51.153187]  ? lockdep_hardirqs_on+0x415/0x5d0
[   51.153201]  bit_cursor+0x12fc/0x1a60
[   51.153213]  ? bit_clear+0x530/0x530
[   51.153228]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   51.153236]  ? get_color+0x225/0x430
[   51.153243]  ? bit_clear+0x530/0x530
[   51.153251]  fb_flashcursor+0x3a6/0x450
[   51.153263]  process_one_work+0x989/0x1750
[   51.153277]  ? pwq_dec_nr_in_flight+0x320/0x320
[   51.153284]  ? lock_acquire+0x16f/0x3f0
[   51.153293]  ? kasan_check_write+0x14/0x20
[   51.153300]  ? do_raw_spin_lock+0xc8/0x240
[   51.153311]  worker_thread+0x98/0xe40
[   51.153319]  ? trace_hardirqs_on+0x67/0x220
[   51.153334]  kthread+0x354/0x420
[   51.153342]  ? process_one_work+0x1750/0x1750
[   51.153350]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[   51.153359]  ret_from_fork+0x24/0x30
[   51.153369] 
[   51.153373] Allocated by task 7646:
[   51.153381]  save_stack+0x45/0xd0
[   51.153387]  kasan_kmalloc+0xce/0xf0
[   51.153393]  __kmalloc+0x15d/0x750
[   51.153399]  fbcon_set_font+0x32d/0x860
[   51.153406]  con_font_op+0xe18/0x1250
[   51.153412]  vt_ioctl+0xd2e/0x2530
[   51.153419]  tty_ioctl+0x7f3/0x1510
[   51.153426]  do_vfs_ioctl+0xd5f/0x1380
[   51.153432]  ksys_ioctl+0xab/0xd0
[   51.153438]  __x64_sys_ioctl+0x73/0xb0
[   51.153445]  do_syscall_64+0xfd/0x620
[   51.153452]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   51.153454] 
[   51.153457] Freed by task 3699:
[   51.153464]  save_stack+0x45/0xd0
[   51.153470]  __kasan_slab_free+0x102/0x150
[   51.153477]  kasan_slab_free+0xe/0x10
[   51.153482]  kfree+0xcf/0x220
[   51.153490]  skb_free_head+0x99/0xc0
[   51.153497]  skb_release_data+0x619/0x8d0
[   51.153503]  skb_release_all+0x4d/0x60
[   51.153509]  kfree_skb+0xe8/0x390
[   51.153518]  unix_stream_connect+0x106a/0x10ba
[   51.153526]  __sys_connect+0x264/0x330
[   51.153532]  __x64_sys_connect+0x73/0xb0
[   51.153539]  do_syscall_64+0xfd/0x620
[   51.153545]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   51.153547] 
[   51.153553] The buggy address belongs to the object at ffff88808e2fc340
[   51.153553]  which belongs to the cache kmalloc-512 of size 512
[   51.153559] The buggy address is located 304 bytes inside of
[   51.153559]  512-byte region [ffff88808e2fc340, ffff88808e2fc540)
[   51.153562] The buggy address belongs to the page:
[   51.153569] page:ffffea000238bf00 count:1 mapcount:0 mapping:ffff88812c31c940 index:0x0
[   51.153575] flags: 0xfffe0000000100(slab)
[   51.153586] raw: 00fffe0000000100 ffffea00026dd188 ffffea00026cfc88 ffff88812c31c940
[   51.153594] raw: 0000000000000000 ffff88808e2fc0c0 0000000100000006 0000000000000000
[   51.153598] page dumped because: kasan: bad access detected
[   51.153600] 
[   51.153602] Memory state around the buggy address:
[   51.153608]  ffff88808e2fc300: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   51.153615]  ffff88808e2fc380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.153625] >ffff88808e2fc400: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[   51.153630]                                                              ^
[   51.153640]  ffff88808e2fc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.153649]  ffff88808e2fc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.153654] ==================================================================
[   51.153658] Disabling lock debugging due to kernel taint
[   51.153664] Kernel panic - not syncing: panic_on_warn set ...
[   51.153664] 
[   51.153677] CPU: 0 PID: 2675 Comm: kworker/0:2 Tainted: G    B             4.19.87-syzkaller #0
[   51.153683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   51.153691] Workqueue: events_power_efficient fb_flashcursor
[   51.153694] Call Trace:
[   51.153701]  dump_stack+0x197/0x210
[   51.153709]  ? soft_cursor+0x439/0xa30
[   51.153715]  panic+0x26a/0x50e
[   51.153721]  ? __warn_printk+0xf3/0xf3
[   51.153729]  ? lock_downgrade+0x880/0x880
[   51.153737]  ? trace_hardirqs_on+0x67/0x220
[   51.153743]  ? trace_hardirqs_on+0x5e/0x220
[   51.153756]  ? soft_cursor+0x439/0xa30
[   51.153763]  kasan_end_report+0x47/0x4f
[   51.153770]  kasan_report.cold+0xa9/0x2ba
[   51.153778]  check_memory_region+0x123/0x190
[   51.153785]  memcpy+0x24/0x50
[   51.153796]  soft_cursor+0x439/0xa30
[   51.153804]  ? lockdep_hardirqs_on+0x415/0x5d0
[   51.153813]  bit_cursor+0x12fc/0x1a60
[   51.153822]  ? bit_clear+0x530/0x530
[   51.153832]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   51.153839]  ? get_color+0x225/0x430
[   51.153845]  ? bit_clear+0x530/0x530
[   51.153852]  fb_flashcursor+0x3a6/0x450
[   51.153860]  process_one_work+0x989/0x1750
[   51.153870]  ? pwq_dec_nr_in_flight+0x320/0x320
[   51.153877]  ? lock_acquire+0x16f/0x3f0
[   51.153885]  ? kasan_check_write+0x14/0x20
[   51.153891]  ? do_raw_spin_lock+0xc8/0x240
[   51.153899]  worker_thread+0x98/0xe40
[   51.153906]  ? trace_hardirqs_on+0x67/0x220
[   51.153916]  kthread+0x354/0x420
[   51.153923]  ? process_one_work+0x1750/0x1750
[   51.153931]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[   51.153937]  ret_from_fork+0x24/0x30
[   51.155294] Kernel Offset: disabled
[   51.707587] Rebooting in 86400 seconds..