INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-next-kasan-gce-8,10.128.0.63' (ECDSA) to the list of known hosts.
2017/12/04 06:38:56 parsed 1 programs
2017/12/04 06:38:56 executed programs: 0
syzkaller login: [   52.224333] binder: 3101:3108 got new transaction with bad transaction stack, transaction 4 has target 3101:0
[   52.224341] binder: 3107:3112 got new transaction with bad transaction stack, transaction 3 has target 3107:0
[   52.224351] binder: 3107:3112 transaction failed 29201/-71, size 0-0 line 2859
[   52.224825] binder: 3109:3113 got new transaction with bad transaction stack, transaction 8 has target 3109:0
[   52.224832] binder: 3109:3113 transaction failed 29201/-71, size 0-0 line 2859
[   52.230549] binder: 3101:3108 transaction failed 29201/-71, size 0-0 line 2859
[   52.234539] binder: 3102:3110 got new transaction with bad transaction stack, transaction 13 has target 3102:0
[   52.235976] binder: 3102:3110 transaction failed 29201/-71, size 0-0 line 2859
[   52.237615] binder: 3119:3122 got new transaction with bad transaction stack, transaction 12 has target 3119:0
[   52.237623] binder: 3119:3122 transaction failed 29201/-71, size 0-0 line 2859
[   52.238103] binder: send failed reply for transaction 8 to 3109:3113
[   52.238948] binder: 3115:3118 got new transaction with bad transaction stack, transaction 16 has target 3115:0
[   52.238955] binder: 3115:3118 transaction failed 29201/-71, size 0-0 line 2859
[   52.244775] binder: 3109:3129 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.250346] binder: send failed reply for transaction 12 to 3119:3122
[   52.254645] binder: BINDER_SET_CONTEXT_MGR already set
[   52.254653] binder: 3115:3118 ioctl 40046207 0 returned -16
[   52.254836] binder_alloc: 3115: binder_alloc_buf, no vma
[   52.254860] binder: 3115:3118 transaction failed 29189/-3, size 0-0 line 2947
[   52.255095] binder: 3121:3124 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.256694] binder: send failed reply for transaction 16 to 3115:3118
[   52.260253] binder: 3102:3130 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.261299] binder: 3119:3122 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.261440] binder: undelivered TRANSACTION_ERROR: 29189
[   52.262863] binder: 3120:3155 got new transaction with bad transaction stack, transaction 30 has target 3120:0
[   52.262873] binder: 3120:3155 transaction failed 29201/-71, size 0-0 line 2859
[   52.270600] binder: send failed reply for transaction 28 to 3119:3122
[   52.270629] binder: send failed reply for transaction 29 to 3119:3137
[   52.282636] binder: send failed reply for transaction 3 to 3107:3112
[   52.282671] binder: undelivered TRANSACTION_ERROR: 29189
[   52.282677] binder: undelivered TRANSACTION_COMPLETE
[   52.282681] binder: undelivered TRANSACTION_ERROR: 29189
[   52.284377] binder: 3120:3138 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.284617] binder: undelivered TRANSACTION_ERROR: 29189
[   52.284637] binder: release 3109:3113 transaction 20 out, still active
[   52.284641] binder: undelivered TRANSACTION_COMPLETE
[   52.284650] binder: release 3109:3129 transaction 21 out, still active
[   52.284652] binder: undelivered TRANSACTION_COMPLETE
[   52.284673] binder: send failed reply for transaction 20, target dead
[   52.284678] binder: send failed reply for transaction 21, target dead
[   52.293960] binder: send failed reply for transaction 4 to 3101:3108
[   52.301005] binder: 3101:3125 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.303217] binder: 3107:3157 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.307416] binder: BINDER_SET_CONTEXT_MGR already set
[   52.307422] binder: 3120:3138 ioctl 40046207 0 returned -16
[   52.308821] binder_alloc: 3120: binder_alloc_buf, no vma
[   52.308834] binder: 3120:3138 transaction failed 29189/-3, size 0-0 line 2947
[   52.308913] binder_alloc: 3120: binder_alloc_buf, no vma
[   52.308923] binder: 3120:3123 transaction failed 29189/-3, size 0-0 line 2947
[   52.312209] binder: 3159:3160 got new transaction with bad transaction stack, transaction 41 has target 3159:0
[   52.312216] binder: 3159:3160 transaction failed 29201/-71, size 0-0 line 2859
[   52.325082] binder: send failed reply for transaction 13 to 3102:3110
[   52.326946] binder: release 3120:3155 transaction 30 out, still active
[   52.326949] binder: undelivered TRANSACTION_COMPLETE
[   52.326953] binder: undelivered TRANSACTION_ERROR: 29201
[   52.326973] binder: send failed reply for transaction 30, target dead
[   52.327000] binder: undelivered TRANSACTION_ERROR: 29189
[   52.327542] binder: 3158:3161 got new transaction with bad transaction stack, transaction 44 has target 3158:0
[   52.327549] binder: 3158:3161 transaction failed 29201/-71, size 0-0 line 2859
[   52.335212] binder: 3102:3130 got new transaction with bad transaction stack, transaction 47 has target 3102:0
[   52.335221] binder: 3102:3130 transaction failed 29201/-71, size 0-0 line 2859
[   52.336531] binder: send failed reply for transaction 23 to 3121:3139
[   52.336540] binder: send failed reply for transaction 24 to 3121:3124
[   52.339919] binder: send failed reply for transaction 36 to 3101:3108
[   52.339926] binder: send failed reply for transaction 37 to 3101:3125
[   52.339965] binder: undelivered TRANSACTION_ERROR: 29189
[   52.339977] binder: undelivered TRANSACTION_COMPLETE
[   52.339980] binder: undelivered TRANSACTION_ERROR: 29189
[   52.339986] binder: undelivered TRANSACTION_COMPLETE
[   52.339989] binder: undelivered TRANSACTION_ERROR: 29189
[   52.341494] binder: send failed reply for transaction 33 to 3107:3127
[   52.341502] binder: send failed reply for transaction 34 to 3107:3157
[   52.341538] binder: undelivered TRANSACTION_ERROR: 29189
[   52.341544] binder: undelivered TRANSACTION_COMPLETE
[   52.341548] binder: undelivered TRANSACTION_ERROR: 29189
[   52.341553] binder: undelivered TRANSACTION_COMPLETE
[   52.341556] binder: undelivered TRANSACTION_ERROR: 29189
[   52.342754] binder: 3121:3139 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.345745] binder: send failed reply for transaction 41 to 3159:3160
[   52.358862] binder: send failed reply for transaction 50 to 3121:3124
[   52.358870] binder: send failed reply for transaction 51 to 3121:3139
[   52.365732] binder: 3159:3176 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.365809] binder: undelivered TRANSACTION_COMPLETE
[   52.365813] binder: undelivered TRANSACTION_ERROR: 29189
[   52.365819] binder: undelivered TRANSACTION_ERROR: 29189
[   52.370702] binder: send failed reply for transaction 44 to 3158:3161
[   52.381739] binder: 3158:3182 DecRefs 0 refcount change on invalid ref 0 ret -22
[   52.388934] binder: 3174:3175 got new transaction with bad transaction stack, transaction 59 has target 3174:0
[   52.388941] binder: 3174:3175 transaction failed 29201/-71, size 0-0 line 2859
[   52.392481] binder: 3162:3164 got new transaction with bad transaction stack, transaction 63 has target 3162:0
[   52.392488] binder: 3162:3164 transaction failed 29201/-71, size 0-0 line 2859
[   52.394396] binder: 3170:3171 got new transaction with bad transaction stack, transaction 65 has target 3170:0
[   52.394404] binder: 3170:3171 transaction failed 29201/-71, size 0-0 line 2859
[   52.402683] binder: BINDER_SET_CONTEXT_MGR already set
[   52.402689] binder: 3170:3171 ioctl 40046207 0 returned -16
[   52.402766] binder_alloc: 3170: binder_alloc_buf, no vma
[   52.402782] binder: 3170:3171 transaction failed 29189/-3, size 0-0 line 2947
[   52.403564] binder: send failed reply for transaction 65 to 3170:3171
[   52.404972] binder: 3177:3178 got new transaction with bad transaction stack, transaction 69 has target 3177:0
[   52.404979] binder: 3177:3178 transaction failed 29201/-71, size 0-0 line 2859
[   52.408038] binder: send failed reply for transaction 53 to 3159:3160
[   52.408041] ------------[ cut here ]------------
[   52.408043] Unexpected reply error: 29189
[   52.408145] WARNING: CPU: 0 PID: 23 at drivers/android/binder.c:1985 binder_send_failed_reply+0x13b/0x390
[   52.408148] Kernel panic - not syncing: panic_on_warn set ...
[   52.408148] 
[   52.408153] CPU: 0 PID: 23 Comm: kworker/0:1 Not tainted 4.15.0-rc2-next-20171204+ #58
[   52.408156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   52.408161] Workqueue: events binder_deferred_func
[   52.408165] Call Trace:
[   52.408173]  dump_stack+0x194/0x257
[   52.408183]  ? arch_local_irq_restore+0x53/0x53
[   52.408199]  ? vsnprintf+0x1ed/0x1900
[   52.408211]  panic+0x1e4/0x41c
[   52.408216]  ? refcount_error_report+0x214/0x214
[   52.408223]  ? show_regs_print_info+0x65/0x65
[   52.408237]  ? __warn+0x1c1/0x200
[   52.408246]  ? binder_send_failed_reply+0x13b/0x390
[   52.408251]  __warn+0x1dc/0x200
[   52.408257]  ? binder_send_failed_reply+0x13b/0x390
[   52.408265]  report_bug+0x211/0x2d0
[   52.408280]  fixup_bug.part.11+0x37/0x80
[   52.408287]  do_error_trap+0x2d7/0x3e0
[   52.408291]  ? __down_trylock_console_sem+0x10d/0x1e0
[   52.408301]  ? math_error+0x400/0x400
[   52.408306]  ? vprintk_emit+0x3ea/0x590
[   52.408316]  ? vprintk_emit+0x3ea/0x590
[   52.408331]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   52.408344]  do_invalid_op+0x1b/0x20
[   52.408350]  invalid_op+0x22/0x40
[   52.408355] RIP: 0010:binder_send_failed_reply+0x13b/0x390
[   52.408358] RSP: 0018:ffff8801d9d070c8 EFLAGS: 00010286
[   52.408363] RAX: dffffc0000000008 RBX: ffff8801d50e4700 RCX: ffffffff815a03de
[   52.408366] RDX: 0000000000000000 RSI: 1ffff1003b39e129 RDI: 0000000000000293
[   52.408369] RBP: ffff8801d9d070f0 R08: 1ffff1003b3a0dac R09: 0000000000000000
[   52.408371] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801ceb3aac0
[   52.408374] R13: 0000000000007205 R14: 0000000000007205 R15: 0000000000000c57
[   52.408389]  ? vprintk_func+0x5e/0xc0
[   52.408401]  ? binder_send_failed_reply+0x13b/0x390
[   52.408411]  binder_cleanup_transaction+0xd2/0x140
[   52.408419]  binder_release_work+0x340/0x490
[   52.408430]  ? kzalloc.constprop.53+0x20/0x20
[   52.408443]  ? do_raw_spin_trylock+0x190/0x190
[   52.408452]  ? kfree+0xe4/0x250
[   52.408457]  ? binder_deferred_func+0xe8a/0x12f0
[   52.408468]  ? _raw_spin_unlock+0x22/0x30
[   52.408478]  binder_deferred_func+0xdf5/0x12f0
[   52.408499]  ? binder_cleanup_ref_olocked+0xab0/0xab0
[   52.408507]  ? mntput_no_expire+0x15e/0xa90
[   52.408517]  ? find_held_lock+0x39/0x1d0
[   52.408528]  ? check_noncircular+0x20/0x20
[   52.408543]  ? lock_acquire+0x1d5/0x580
[   52.408549]  ? process_one_work+0xb2f/0x1bc0
[   52.408568]  ? __lock_is_held+0xbc/0x140
[   52.408589]  process_one_work+0xbfd/0x1bc0
[   52.408609]  ? pwq_dec_nr_in_flight+0x450/0x450
[   52.408613]  ? finish_task_switch+0x1d3/0x740
[   52.408638]  ? perf_trace_lock_acquire+0xe3/0x980
[   52.408653]  ? perf_trace_lock+0x900/0x900
[   52.408657]  ? __sched_text_start+0x8/0x8
[   52.408669]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   52.408678]  ? select_task_rq_fair+0x2770/0x2770
[   52.408682]  ? check_noncircular+0x20/0x20
[   52.408695]  ? find_held_lock+0x39/0x1d0
[   52.408714]  ? lock_acquire+0x1d5/0x580
[   52.408719]  ? worker_thread+0x4a3/0x1990
[   52.408732]  ? lock_release+0xda0/0xda0
[   52.408739]  ? retint_kernel+0x10/0x10
[   52.408747]  ? do_raw_spin_trylock+0x190/0x190
[   52.408768]  worker_thread+0x223/0x1990
[   52.408797]  ? process_one_work+0x1bc0/0x1bc0
[   52.408807]  ? _raw_spin_unlock_irq+0x27/0x70
[   52.408815]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   52.408821]  ? trace_hardirqs_on+0xd/0x10
[   52.408828]  ? mmdrop+0x18/0x30
[   52.408833]  ? finish_task_switch+0x1f6/0x740
[   52.408843]  ? copy_overflow+0x20/0x20
[   52.408861]  ? __schedule+0x8f3/0x2060
[   52.408864]  ? check_noncircular+0x20/0x20
[   52.408886]  ? find_held_lock+0x39/0x1d0
[   52.408900]  ? find_held_lock+0x39/0x1d0
[   52.408918]  ? lock_downgrade+0x980/0x980
[   52.408925]  ? default_wake_function+0x30/0x50
[   52.408940]  ? __schedule+0x2060/0x2060
[   52.408944]  ? do_wait_intr+0x3e0/0x3e0
[   52.408953]  ? do_raw_spin_trylock+0x190/0x190
[   52.408961]  ? _raw_spin_unlock_irqrestore+0x31/0xba
[   52.408969]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   52.408975]  ? trace_hardirqs_on+0xd/0x10
[   52.408981]  ? __kthread_parkme+0x175/0x240
[   52.408991]  kthread+0x37a/0x440
[   52.408996]  ? process_one_work+0x1bc0/0x1bc0
[   52.408999]  ? kthread_stop+0x7b0/0x7b0
[   52.409008]  ret_from_fork+0x24/0x30
[   52.411699] Dumping ftrace buffer:
[   52.411729]    (ftrace buffer empty)
[   52.411732] Kernel Offset: disabled
[   53.330532] Rebooting in 86400 seconds..