> Could you test this patch? I found that bug a month ago but didn't submit
> yet.
I don't have a reproducer now. I manually analzed a root cause of the
crash using a fuzzer's log. The log reported a race on 'alloc->vma'.
Because I don't have a reproducer, I can't test the patch. I'm sorry.
__
Reporting the crash: KASAN: null-ptr-deref Write in binder_update_page_range
This crash has been found in v4.18-rc3 using RaceFuzzer (a modified
version of Syzkaller), which we describe more at the end of this
report.
Our analysis shows that the race occurs when invoking two syscalls
concurrently
