Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   38.085817] audit: type=1800 audit(1575317337.409:33): pid=7375 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
[   38.108369] audit: type=1800 audit(1575317337.409:34): pid=7375 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   39.784352] audit: type=1400 audit(1575317339.109:35): avc:  denied  { map } for  pid=7551 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.10.39' (ECDSA) to the list of known hosts.
executing program
[   65.689780] audit: type=1400 audit(1575317365.009:36): avc:  denied  { map } for  pid=7564 comm="syz-executor743" path="/root/syz-executor743339208" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   65.772443] ==================================================================
[   65.772472] BUG: KASAN: global-out-of-bounds in vga16fb_imageblit+0x1c8b/0x2200
[   65.772479] Read of size 2 at addr ffffffff87ef13de by task syz-executor743/7564
[   65.772481] 
[   65.772491] CPU: 1 PID: 7564 Comm: syz-executor743 Not tainted 4.19.87-syzkaller #0
[   65.772497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.772500] Call Trace:
[   65.772512]  dump_stack+0x197/0x210
[   65.772521]  ? vga16fb_imageblit+0x1c8b/0x2200
[   65.772532]  print_address_description.cold+0x5/0x20d
[   65.772540]  ? vga16fb_imageblit+0x1c8b/0x2200
[   65.772548]  kasan_report.cold+0x8c/0x2ba
[   65.772559]  __asan_report_load2_noabort+0x14/0x20
[   65.772566]  vga16fb_imageblit+0x1c8b/0x2200
[   65.772582]  soft_cursor+0x4fb/0xa30
[   65.772593]  ? lockdep_hardirqs_on+0x415/0x5d0
[   65.772607]  bit_cursor+0x12fc/0x1a60
[   65.772619]  ? bit_clear+0x530/0x530
[   65.772625]  ? fbcon_putcs+0x42b/0x4f0
[   65.772632]  ? fbcon_putcs+0x271/0x4f0
[   65.772646]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   65.772654]  ? get_color+0x225/0x430
[   65.772663]  fbcon_cursor+0x58a/0x7b0
[   65.772677]  ? bit_clear+0x530/0x530
[   65.772689]  set_cursor+0x1fb/0x280
[   65.772698]  redraw_screen+0x60f/0x8e0
[   65.772705]  ? efifb_probe.cold+0x17e9/0x17e9
[   65.772714]  ? con_flush_chars+0xa0/0xa0
[   65.772723]  ? fbcon_set_palette+0x227/0x610
[   65.772733]  fbcon_modechanged+0x5f3/0x900
[   65.772744]  fbcon_event_notify+0x1bd/0x1dba
[   65.772753]  ? lock_acquire+0x16f/0x3f0
[   65.772765]  notifier_call_chain+0xc2/0x230
[   65.772778]  blocking_notifier_call_chain+0x94/0xb0
[   65.772790]  fb_notifier_call_chain+0x25/0x30
[   65.772798]  fb_set_var+0xc8f/0xe80
[   65.772808]  ? fb_set_suspend+0x130/0x130
[   65.772817]  ? lock_acquire+0x16f/0x3f0
[   65.772824]  ? lock_fb_info+0x1f/0x80
[   65.772838]  ? __mutex_lock+0x3cd/0x1300
[   65.772845]  ? mark_held_locks+0x100/0x100
[   65.772853]  ? lock_acquire+0x16f/0x3f0
[   65.772860]  ? lock_fb_info+0x1f/0x80
[   65.772871]  ? mutex_trylock+0x1e0/0x1e0
[   65.772877]  ? down+0x70/0x90
[   65.772893]  ? do_fb_ioctl+0x3e1/0xab0
[   65.772903]  ? mutex_lock_nested+0x16/0x20
[   65.772913]  do_fb_ioctl+0x450/0xab0
[   65.772921]  ? fb_read+0x580/0x580
[   65.772930]  ? kasan_check_read+0x11/0x20
[   65.772940]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   65.772951]  ? avc_has_extended_perms+0xa78/0x10f0
[   65.772963]  ? avc_ss_reset+0x190/0x190
[   65.772972]  ? __kasan_slab_free+0x102/0x150
[   65.772979]  ? kasan_slab_free+0xe/0x10
[   65.772985]  ? kmem_cache_free+0x86/0x260
[   65.772994]  ? putname+0xef/0x130
[   65.773001]  ? do_sys_open+0x318/0x550
[   65.773008]  ? __x64_sys_openat+0x9d/0x100
[   65.773017]  ? do_syscall_64+0xfd/0x620
[   65.773025]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   65.773048]  fb_ioctl+0xe6/0x130
[   65.773055]  ? do_fb_ioctl+0xab0/0xab0
[   65.773063]  do_vfs_ioctl+0xd5f/0x1380
[   65.773071]  ? selinux_file_ioctl+0x46f/0x5e0
[   65.773078]  ? selinux_file_ioctl+0x125/0x5e0
[   65.773086]  ? ioctl_preallocate+0x210/0x210
[   65.773094]  ? selinux_file_mprotect+0x620/0x620
[   65.773102]  ? kmem_cache_free+0x222/0x260
[   65.773113]  ? do_sys_open+0x31d/0x550
[   65.773124]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   65.773131]  ? security_file_ioctl+0x8d/0xc0
[   65.773140]  ksys_ioctl+0xab/0xd0
[   65.773150]  __x64_sys_ioctl+0x73/0xb0
[   65.773158]  do_syscall_64+0xfd/0x620
[   65.773173]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   65.773180] RIP: 0033:0x440309
[   65.773189] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   65.773194] RSP: 002b:00007ffcefe08b58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   65.773202] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440309
[   65.773207] RDX: 0000000020000340 RSI: 0000000000004601 RDI: 0000000000000003
[   65.773212] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   65.773216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401b90
[   65.773221] R13: 0000000000401c20 R14: 0000000000000000 R15: 0000000000000000
[   65.773231] 
[   65.773234] The buggy address belongs to the variable:
[   65.773242]  transl_h+0x3e/0x40
[   65.773244] 
[   65.773247] Memory state around the buggy address:
[   65.773255]  ffffffff87ef1280: 00 00 00 00 fa fa fa fa 00 00 00 00 fa fa fa fa
[   65.773261]  ffffffff87ef1300: 00 00 00 00 00 fa fa fa fa fa fa fa 04 fa fa fa
[   65.773266] >ffffffff87ef1380: fa fa fa fa 00 00 00 00 fa fa fa fa 00 00 00 00
[   65.773270]                                                     ^
[   65.773275]  ffffffff87ef1400: fa fa fa fa 00 01 fa fa fa fa fa fa 00 00 00 04
[   65.773281]  ffffffff87ef1480: fa fa fa fa 00 00 04 fa fa fa fa fa 00 00 00 00
[   65.773284] ==================================================================
[   65.773287] Disabling lock debugging due to kernel taint
[   65.773291] Kernel panic - not syncing: panic_on_warn set ...
[   65.773291] 
[   65.773299] CPU: 1 PID: 7564 Comm: syz-executor743 Tainted: G    B             4.19.87-syzkaller #0
[   65.773303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.773305] Call Trace:
[   65.773312]  dump_stack+0x197/0x210
[   65.773320]  ? vga16fb_imageblit+0x1c8b/0x2200
[   65.773326]  panic+0x26a/0x50e
[   65.773332]  ? __warn_printk+0xf3/0xf3
[   65.773340]  ? lock_downgrade+0x880/0x880
[   65.773349]  ? trace_hardirqs_on+0x67/0x220
[   65.773355]  ? trace_hardirqs_on+0x5e/0x220
[   65.773363]  ? vga16fb_imageblit+0x1c8b/0x2200
[   65.773370]  kasan_end_report+0x47/0x4f
[   65.773377]  kasan_report.cold+0xa9/0x2ba
[   65.773386]  __asan_report_load2_noabort+0x14/0x20
[   65.773393]  vga16fb_imageblit+0x1c8b/0x2200
[   65.773403]  soft_cursor+0x4fb/0xa30
[   65.773410]  ? lockdep_hardirqs_on+0x415/0x5d0
[   65.773420]  bit_cursor+0x12fc/0x1a60
[   65.773428]  ? bit_clear+0x530/0x530
[   65.773434]  ? fbcon_putcs+0x42b/0x4f0
[   65.773441]  ? fbcon_putcs+0x271/0x4f0
[   65.773450]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   65.773456]  ? get_color+0x225/0x430
[   65.773464]  fbcon_cursor+0x58a/0x7b0
[   65.773470]  ? bit_clear+0x530/0x530
[   65.773478]  set_cursor+0x1fb/0x280
[   65.773486]  redraw_screen+0x60f/0x8e0
[   65.773492]  ? efifb_probe.cold+0x17e9/0x17e9
[   65.773500]  ? con_flush_chars+0xa0/0xa0
[   65.773507]  ? fbcon_set_palette+0x227/0x610
[   65.773515]  fbcon_modechanged+0x5f3/0x900
[   65.773523]  fbcon_event_notify+0x1bd/0x1dba
[   65.773531]  ? lock_acquire+0x16f/0x3f0
[   65.773540]  notifier_call_chain+0xc2/0x230
[   65.773550]  blocking_notifier_call_chain+0x94/0xb0
[   65.773558]  fb_notifier_call_chain+0x25/0x30
[   65.773565]  fb_set_var+0xc8f/0xe80
[   65.773573]  ? fb_set_suspend+0x130/0x130
[   65.773580]  ? lock_acquire+0x16f/0x3f0
[   65.773587]  ? lock_fb_info+0x1f/0x80
[   65.773596]  ? __mutex_lock+0x3cd/0x1300
[   65.773603]  ? mark_held_locks+0x100/0x100
[   65.773610]  ? lock_acquire+0x16f/0x3f0
[   65.773616]  ? lock_fb_info+0x1f/0x80
[   65.773625]  ? mutex_trylock+0x1e0/0x1e0
[   65.773630]  ? down+0x70/0x90
[   65.773641]  ? do_fb_ioctl+0x3e1/0xab0
[   65.773650]  ? mutex_lock_nested+0x16/0x20
[   65.773657]  do_fb_ioctl+0x450/0xab0
[   65.773665]  ? fb_read+0x580/0x580
[   65.773672]  ? kasan_check_read+0x11/0x20
[   65.773680]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   65.773687]  ? avc_has_extended_perms+0xa78/0x10f0
[   65.773696]  ? avc_ss_reset+0x190/0x190
[   65.773704]  ? __kasan_slab_free+0x102/0x150
[   65.773710]  ? kasan_slab_free+0xe/0x10
[   65.773716]  ? kmem_cache_free+0x86/0x260
[   65.773723]  ? putname+0xef/0x130
[   65.773729]  ? do_sys_open+0x318/0x550
[   65.773735]  ? __x64_sys_openat+0x9d/0x100
[   65.773742]  ? do_syscall_64+0xfd/0x620
[   65.773748]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   65.773763]  fb_ioctl+0xe6/0x130
[   65.773770]  ? do_fb_ioctl+0xab0/0xab0
[   65.773776]  do_vfs_ioctl+0xd5f/0x1380
[   65.773783]  ? selinux_file_ioctl+0x46f/0x5e0
[   65.773790]  ? selinux_file_ioctl+0x125/0x5e0
[   65.773797]  ? ioctl_preallocate+0x210/0x210
[   65.773803]  ? selinux_file_mprotect+0x620/0x620
[   65.773810]  ? kmem_cache_free+0x222/0x260
[   65.773818]  ? do_sys_open+0x31d/0x550
[   65.773827]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   65.773833]  ? security_file_ioctl+0x8d/0xc0
[   65.773841]  ksys_ioctl+0xab/0xd0
[   65.773848]  __x64_sys_ioctl+0x73/0xb0
[   65.773856]  do_syscall_64+0xfd/0x620
[   65.773864]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   65.773868] RIP: 0033:0x440309
[   65.773874] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   65.773878] RSP: 002b:00007ffcefe08b58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   65.773884] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440309
[   65.773889] RDX: 0000000020000340 RSI: 0000000000004601 RDI: 0000000000000003
[   65.773893] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   65.773897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401b90
[   65.773901] R13: 0000000000401c20 R14: 0000000000000000 R15: 0000000000000000
[   65.775108] Kernel Offset: disabled
[   66.648010] Rebooting in 86400 seconds..