possible deadlock in shmem

Kernel	Title	Repro	Cause bisect	Count	Last	Reported	Patched	Status
upstream	possible deadlock in shmem_fallocate mm			8087	2594d	2637d	0/28	closed as invalid on 2017/11/05 09:38
linux-4.19	possible deadlock in shmem_fallocate			1	1942d	1942d	0/1	auto-closed as invalid on 2019/11/29 05:22
android-49	possible deadlock in shmem_fallocate	C		2441	1817d	2054d	0/3	public: reported C repro on 2019/04/11 08:44
android-414	possible deadlock in shmem_fallocate	C		7876	1817d	2054d	0/1	public: reported C repro on 2019/04/11 00:00
upstream	possible deadlock in shmem_fallocate (3) mm			1	1906d	1902d	0/28	auto-closed as invalid on 2019/11/05 02:34
upstream	possible deadlock in shmem_fallocate (4) mm	C	done	81	1580d	1794d	15/28	fixed on 2020/09/16 22:51
upstream	possible deadlock in shmem_fallocate (2) mm	C		1325	2089d	2298d	11/28	fixed on 2019/03/28 12:00

binder: 17808:17810 unknown command 1074055543 binder: 17808:17810 ioctl c0306201 20000280 returned -22 binder: 17808:17810 ioctl 80045430 7faaf0239bcc returned -22 ====================================================== WARNING: possible circular locking dependency detected 4.19.123-syzkaller #0 Not tainted ------------------------------------------------------ khugepaged/1085 is trying to acquire lock: 0000000037b7e4d9 (&sb->s_type->i_mutex_key#15){+.+.}, at: inode_lock include/linux/fs.h:748 [inline] 0000000037b7e4d9 (&sb->s_type->i_mutex_key#15){+.+.}, at: shmem_fallocate+0x15a/0xd40 mm/shmem.c:2681 but task is already holding lock: 000000003d421473 (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/compiler.h:193 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (fs_reclaim){+.+.}: fs_reclaim_acquire mm/page_alloc.c:4343 [inline] prepare_alloc_pages mm/page_alloc.c:4340 [inline] __alloc_pages_nodemask+0x4b7/0x6a0 mm/page_alloc.c:4392 alloc_pages_vma+0xd9/0x580 mm/mempolicy.c:2161 shmem_alloc_page+0xb0/0x170 mm/shmem.c:1494 shmem_alloc_and_acct_page+0x160/0x960 mm/shmem.c:1519 shmem_getpage_gfp+0x3fb/0x3840 mm/shmem.c:1797 shmem_getpage mm/shmem.c:132 [inline] shmem_write_begin+0x108/0x1e0 mm/shmem.c:2433 generic_perform_write+0x1f8/0x4d0 mm/filemap.c:3162 __generic_file_write_iter+0x24c/0x610 mm/filemap.c:3287 generic_file_write_iter+0x37f/0x729 mm/filemap.c:3315 call_write_iter include/linux/fs.h:1821 [inline] new_sync_write fs/read_write.c:474 [inline] __vfs_write+0x512/0x760 fs/read_write.c:487 vfs_write+0x206/0x550 fs/read_write.c:549 ksys_write+0x12b/0x2a0 fs/read_write.c:599 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (&sb->s_type->i_mutex_key#15){+.+.}: down_write+0x34/0x90 kernel/locking/rwsem.c:70 inode_lock include/linux/fs.h:748 [inline] shmem_fallocate+0x15a/0xd40 mm/shmem.c:2681 ashmem_shrink_scan drivers/staging/android/ashmem.c:489 [inline] ashmem_shrink_scan+0x34d/0x500 drivers/staging/android/ashmem.c:464 do_shrink_slab+0x3c7/0xa20 mm/vmscan.c:537 shrink_slab mm/vmscan.c:693 [inline] shrink_slab+0x16f/0x550 mm/vmscan.c:666 shrink_node+0x2e6/0x1350 mm/vmscan.c:2740 shrink_zones mm/vmscan.c:2969 [inline] do_try_to_free_pages+0x3a3/0x1090 mm/vmscan.c:3027 try_to_free_pages+0x2c5/0x7c0 mm/vmscan.c:3242 __perform_reclaim mm/page_alloc.c:3799 [inline] __alloc_pages_direct_reclaim mm/page_alloc.c:3820 [inline] __alloc_pages_slowpath+0x938/0x26a0 mm/page_alloc.c:4210 __alloc_pages_nodemask+0x5b6/0x6a0 mm/page_alloc.c:4418 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] khugepaged_alloc_page+0x8e/0x180 mm/khugepaged.c:773 collapse_huge_page+0x114/0x3ba0 mm/khugepaged.c:963 khugepaged_scan_pmd mm/khugepaged.c:1219 [inline] khugepaged_scan_mm_slot mm/khugepaged.c:1757 [inline] khugepaged_do_scan mm/khugepaged.c:1838 [inline] khugepaged+0x2ee9/0x3f70 mm/khugepaged.c:1883 kthread+0x34a/0x420 kernel/kthread.c:246 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(fs_reclaim); lock(&sb->s_type->i_mutex_key#15); lock(fs_reclaim); lock(&sb->s_type->i_mutex_key#15); *** DEADLOCK *** 2 locks held by khugepaged/1085: #0: 000000003d421473 (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/compiler.h:193 #1: 000000003c81ce6e (shrinker_rwsem){++++}, at: shrink_slab mm/vmscan.c:683 [inline] #1: 000000003c81ce6e (shrinker_rwsem){++++}, at: shrink_slab+0xc7/0x550 mm/vmscan.c:666 stack backtrace: CPU: 1 PID: 1085 Comm: khugepaged Not tainted 4.19.123-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x188/0x20d lib/dump_stack.c:118 print_circular_bug.isra.0.cold+0x1c4/0x282 kernel/locking/lockdep.c:1221 check_prev_add kernel/locking/lockdep.c:1865 [inline] check_prevs_add kernel/locking/lockdep.c:1978 [inline] validate_chain kernel/locking/lockdep.c:2419 [inline] __lock_acquire+0x2e19/0x49c0 kernel/locking/lockdep.c:3415 lock_acquire+0x170/0x400 kernel/locking/lockdep.c:3907 down_write+0x34/0x90 kernel/locking/rwsem.c:70 inode_lock include/linux/fs.h:748 [inline] shmem_fallocate+0x15a/0xd40 mm/shmem.c:2681 ashmem_shrink_scan drivers/staging/android/ashmem.c:489 [inline] ashmem_shrink_scan+0x34d/0x500 drivers/staging/android/ashmem.c:464 do_shrink_slab+0x3c7/0xa20 mm/vmscan.c:537 shrink_slab mm/vmscan.c:693 [inline] shrink_slab+0x16f/0x550 mm/vmscan.c:666 shrink_node+0x2e6/0x1350 mm/vmscan.c:2740 shrink_zones mm/vmscan.c:2969 [inline] do_try_to_free_pages+0x3a3/0x1090 mm/vmscan.c:3027 try_to_free_pages+0x2c5/0x7c0 mm/vmscan.c:3242 __perform_reclaim mm/page_alloc.c:3799 [inline] __alloc_pages_direct_reclaim mm/page_alloc.c:3820 [inline] __alloc_pages_slowpath+0x938/0x26a0 mm/page_alloc.c:4210 __alloc_pages_nodemask+0x5b6/0x6a0 mm/page_alloc.c:4418 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] khugepaged_alloc_page+0x8e/0x180 mm/khugepaged.c:773 collapse_huge_page+0x114/0x3ba0 mm/khugepaged.c:963 khugepaged_scan_pmd mm/khugepaged.c:1219 [inline] khugepaged_scan_mm_slot mm/khugepaged.c:1757 [inline] khugepaged_do_scan mm/khugepaged.c:1838 [inline] khugepaged+0x2ee9/0x3f70 mm/khugepaged.c:1883 kthread+0x34a/0x420 kernel/kthread.c:246 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 binder: 17808:17810 unknown command 1074055543 binder: 17808:17810 ioctl c0306201 20000280 returned -22 binder: 17808:17810 ioctl 80045430 7faaf0239bcc returned -22 validate_nla: 36 callbacks suppressed netlink: 'syz-executor.1': attribute type 5 has an invalid length. netlink: 'syz-executor.1': attribute type 5 has an invalid length. netlink: 'syz-executor.1': attribute type 5 has an invalid length. netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder_alloc: 17873: binder_alloc_buf, no vma binder: BINDER_SET_CONTEXT_MGR already set binder: 17873:17877 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 17873:17877 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder_alloc: 17873: binder_alloc_buf, no vma netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 17873:17887 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 17873:17877 ioctl 40046207 0 returned -16 netlink: 'syz-executor.1': attribute type 5 has an invalid length. netlink: 'syz-executor.1': attribute type 5 has an invalid length. netlink: 'syz-executor.1': attribute type 5 has an invalid length. netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder_alloc: 17962: binder_alloc_buf, no vma binder: 17962:17967 ioctl c0306201 20000240 returned -14 binder: 17980:17982 unknown command 1073741824 binder: 17980:17982 ioctl c0306201 20000280 returned -22 binder: 17980:17982 unknown command 1073741824 binder: 17980:17982 ioctl c0306201 20000280 returned -22 binder: 17988:17991 unknown command 1464663858 binder: 17988:17991 ioctl c0306201 20000280 returned -22 binder: 17988:17991 ioctl 8982 20000040 returned -22 binder: 17988:17997 unknown command 1464663858 binder: 17988:17997 ioctl c0306201 20000280 returned -22 binder: 17988:17997 ioctl 8982 20000040 returned -22 binder_alloc: 18012: binder_alloc_buf, no vma binder: 18012:18018 ioctl c0585611 20000180 returned -22 binder: 18012:18018 ioctl c0585611 20000180 returned -22 binder_alloc: 18029: binder_alloc_buf, no vma binder: BINDER_SET_CONTEXT_MGR already set binder: 18029:18034 ioctl 40046207 0 returned -16 binder_alloc: 18045: binder_alloc_buf, no vma binder_alloc: 18062: binder_alloc_buf, no vma binder: BINDER_SET_CONTEXT_MGR already set binder: 18062:18065 ioctl 40046207 0 returned -16 binder_alloc: 18062: binder_alloc_buf, no vma binder: BINDER_SET_CONTEXT_MGR already set binder: 18062:18070 ioctl 40046207 0 returned -16 binder_alloc: 18075: binder_alloc_buf, no vma binder: 18077:18082 unknown command 1075127045 binder: 18077:18082 ioctl c0306201 20000200 returned -22 binder_alloc: 18075: binder_alloc_buf, no vma binder: BINDER_SET_CONTEXT_MGR already set binder: 18094:18102 unknown command 90885 binder: 18091:18098 ioctl 40046207 0 returned -16 binder: 18094:18102 ioctl c0306201 20000200 returned -22 binder: 18091:18098 unknown command 0 binder: 18091:18098 ioctl c0306201 20000200 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18091:18098 ioctl 40046207 0 returned -16 binder: 18091:18098 ioctl 40345622 20000000 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18122:18128 ioctl 40046207 0 returned -16 binder: 18121:18125 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18122:18128 ioctl 40046207 0 returned -16 binder: 18121:18125 ioctl 40046207 0 returned -16 binder: 18122:18128 ioctl 808c563d 20000180 returned -22 binder: 18121:18125 ioctl 89e0 20000180 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18121:18131 ioctl 40046207 0 returned -16 binder: 18122:18130 ioctl 40046207 0 returned -16 binder: 18121:18133 unknown command 0 binder: BINDER_SET_CONTEXT_MGR already set binder: 18121:18134 ioctl 89e0 20000180 returned -22 binder: 18121:18125 ioctl 40046207 0 returned -16 binder: 18121:18133 ioctl c0306201 20000240 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18122:18130 ioctl 40046207 0 returned -16 binder: 18122:18136 ioctl 808c563d 20000180 returned -22 binder: 18094:18111 unknown command 90885 binder: 18094:18111 ioctl c0306201 20000200 returned -22 binder: BINDER_SET_CONTEXT_MGR already set validate_nla: 32 callbacks suppressed netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 18143:18147 ioctl 40046207 0 returned -16 netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: BINDER_SET_CONTEXT_MGR already set binder: 18143:18147 ioctl 40046207 0 returned -16 binder: 18143:18147 ioctl 40087705 20000040 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18153:18158 ioctl 40046207 0 returned -16 binder: 18143:18147 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18143:18165 ioctl 40087705 20000040 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18143:18160 ioctl 40046207 0 returned -16 netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 18153:18158 ioctl 40046207 0 returned -16 binder: 18153:18158 ioctl c0105303 20000040 returned -22 netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: BINDER_SET_CONTEXT_MGR already set binder: 18155:18164 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18153:18170 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18153:18170 ioctl 40046207 0 returned -16 binder: 18169:18175 unknown command 0 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18169:18175 ioctl c0306201 20000200 returned -22 binder: 18171:18177 ioctl 40046207 0 returned -16 netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 18174:18178 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: BINDER_SET_CONTEXT_MGR already set binder: 18171:18177 ioctl 40046207 0 returned -16 binder: 18174:18178 ioctl 40046207 0 returned -16 binder: 18171:18177 ioctl 4008ae8a 20000180 returned -22 binder: 18169:18175 unknown command 0 binder: BINDER_SET_CONTEXT_MGR already set binder: 18169:18175 ioctl c0306201 20000200 returned -22 binder: 18171:18177 ioctl 4008ae9c 200002c0 returned -22 binder: 18174:18178 ioctl 40046207 0 returned -16 binder: 18174:18188 unknown command 1802723700 binder: BINDER_SET_CONTEXT_MGR already set binder: 18174:18188 ioctl c0306201 20000240 returned -22 binder: 18174:18187 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18171:18191 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18171:18191 ioctl 40046207 0 returned -16 netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 18171:18177 ioctl 4008ae8a 20000180 returned -22 netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 18171:18191 ioctl 4008ae9c 200002c0 returned -22 binder_alloc: 18194: binder_alloc_buf, no vma binder: BINDER_SET_CONTEXT_MGR already set binder_alloc: 18194: binder_alloc_buf, no vma netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 18201:18204 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set netlink: 'syz-executor.1': attribute type 5 has an invalid length. binder: 18201:18204 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18208:18211 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18201:18204 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18201:18213 ioctl 40046207 0 returned -16 binder: 18208:18211 unknown command -639748091 binder: 18208:18211 ioctl c0306201 20000200 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18208:18211 ioctl 40046207 0 returned -16 binder: 18208:18211 ioctl 4b68 20000040 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18208:18211 ioctl 40046207 0 returned -16 binder: 18208:18220 ioctl 4b68 20000040 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18224:18232 unknown command 1074004229 binder: 18227:18230 ioctl 40046207 0 returned -16 binder: 18224:18232 ioctl c0306201 20000200 returned -22 binder: 18224:18232 ioctl 40087708 20000040 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18223:18239 ioctl 40046207 0 returned -16 binder: 18224:18232 unknown command 1074004229 binder: 18224:18244 ioctl 40087708 20000040 returned -22 binder: 18224:18232 ioctl c0306201 20000200 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18223:18239 ioctl 40046207 0 returned -16 binder: 18227:18230 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18249:18254 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18249:18254 ioctl 40046207 0 returned -16 binder: 18249:18254 ioctl 80885659 20000440 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18249:18265 ioctl 40046207 0 returned -16 binder: 18249:18265 ioctl 80885659 20000440 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18275:18281 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18275:18281 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18275:18281 ioctl 40046207 0 returned -16 binder: 18275:18291 unknown command 4 binder: BINDER_SET_CONTEXT_MGR already set binder: 18275:18290 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18275:18291 ioctl c0306201 20000240 returned -22 binder: 18287:18294 ioctl 40046207 0 returned -16 binder: 18280:18296 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18287:18294 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18287:18294 unknown command -1897380089 binder: 18287:18294 ioctl c0306201 20000280 returned -22 binder: 18280:18296 ioctl 40046207 0 returned -16 netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. binder: BINDER_SET_CONTEXT_MGR already set binder: 18287:18308 ioctl 40046207 0 returned -16 binder: 18310:18316 ioctl 7010 0 returned -22 binder: 18287:18294 unknown command -1897380089 binder: 18287:18294 ioctl c0306201 20000280 returned -22 binder: 18310:18316 ioctl 7010 0 returned -22 binder: 18321:18325 unknown command 1076102917 binder: 18321:18325 ioctl c0306201 20000200 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18321:18325 unknown command 1076102917 binder: 18327:18330 ioctl 40046207 0 returned -16 binder: 18321:18325 ioctl c0306201 20000200 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18327:18330 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18327:18330 ioctl 40087708 200011c0 returned -22 binder: 18327:18338 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18327:18330 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18350:18357 unknown command 1560568581 binder: 18348:18353 ioctl 40046207 0 returned -16 binder: 18350:18357 ioctl c0306201 20000200 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18350:18357 unknown command 3 binder: BINDER_SET_CONTEXT_MGR already set binder: 18358:18360 ioctl 40046207 0 returned -16 binder: 18348:18361 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18350:18357 ioctl c0306201 200002c0 returned -22 binder: 18358:18360 ioctl 40046207 0 returned -16 binder: 18348:18361 unknown command 1392796421 binder: 18358:18360 ioctl 800443d3 20000040 returned -22 binder: 18348:18361 ioctl c0306201 20000200 returned -22 binder: 18350:18367 ioctl 89e0 20000180 returned -22 binder: 18348:18353 unknown command 0 binder: 18348:18353 ioctl c0306201 20000280 returned -22 binder: 18350:18367 unknown command 1560568581 binder: 18350:18367 ioctl c0306201 20000200 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18358:18360 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18358:18370 ioctl 40046207 0 returned -16 binder: 18350:18357 unknown command 3 binder: 18350:18357 ioctl c0306201 200002c0 returned -22 binder: 18350:18367 ioctl 89e0 20000180 returned -22 binder: 18358:18376 ioctl 800443d3 20000040 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 18375:18380 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18375:18380 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder_alloc: 18383: binder_alloc_buf, no vma binder: 18375:18380 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18383:18384 ioctl 40046207 0 returned -16 binder: 18375:18388 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18383:18384 ioctl 40046207 0 returned -16 binder: 18375:18389 ioctl 40046207 0 returned -16 binder_alloc: 18383: binder_alloc_buf, no vma binder: BINDER_SET_CONTEXT_MGR already set binder: 18375:18389 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18383:18384 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18383:18390 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder_alloc: binder_alloc_mmap_handler: 18400 20701000-20702000 already mapped failed -16 binder: 18399:18404 ioctl 40046207 0 returned -16 binder_alloc: binder_alloc_mmap_handler: 18400 20701000-20702000 already mapped failed -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18399:18404 ioctl 40046207 0 returned -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 18398:18403 ioctl 40046207 0 returned -16 binder: 18399:18404 ioctl 80404518 20000180 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 18398:18415 ioctl 40046207 0 returned -16 binder: 18399:18404 ioctl 40046207 0 returned -16

Crashes (2):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2020/05/17 02:24	linux-4.19.y	258f0cf7ac3b	37bccd4e	.config	console log	report					ci2-linux-4-19
2020/03/10 04:26	linux-4.19.y	7472c4028e23	35f53e45	.config	console log	report					ci2-linux-4-19

Crashes (2):

Assets (help?)