audit: type=1400 audit(1574586324.117:5329): avc:  denied  { write } for  pid=1089 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
===============================
[ INFO: suspicious RCU usage. ]
4.9.202+ #0 Not tainted
-------------------------------
include/linux/radix-tree.h:199 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 0
2 locks held by syz-executor.2/1128:
 #0:  (&sb->s_type->i_mutex_key#10){+.+.+.}, at: [<0000000014ff9003>] inode_lock include/linux/fs.h:771 [inline]
 #0:  (&sb->s_type->i_mutex_key#10){+.+.+.}, at: [<0000000014ff9003>] shmem_add_seals+0x166/0x1020 mm/shmem.c:2610
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<00000000ab34a0fe>] spin_lock_irq include/linux/spinlock.h:332 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<00000000ab34a0fe>] shmem_tag_pins mm/shmem.c:2465 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<00000000ab34a0fe>] shmem_wait_for_pins mm/shmem.c:2506 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<00000000ab34a0fe>] shmem_add_seals+0x342/0x1020 mm/shmem.c:2622

stack backtrace:
CPU: 0 PID: 1128 Comm: syz-executor.2 Not tainted 4.9.202+ #0
 ffff8801aaf0fca0 ffffffff81b55d2b ffff8801d4667468 0000000000000000
 0000000000000002 00000000000000c7 ffff8801d230af80 ffff8801aaf0fcd0
 ffffffff81406867 ffffea0006580200 dffffc0000000000 ffff8801aaf0fd78
Call Trace:
 [<00000000bec8420d>] __dump_stack lib/dump_stack.c:15 [inline]
 [<00000000bec8420d>] dump_stack+0xcb/0x130 lib/dump_stack.c:56
 [<00000000deb6e511>] lockdep_rcu_suspicious.cold+0x10a/0x149 kernel/locking/lockdep.c:4458
 [<0000000025eb8ca4>] radix_tree_deref_slot include/linux/radix-tree.h:199 [inline]
 [<0000000025eb8ca4>] shmem_tag_pins mm/shmem.c:2467 [inline]
 [<0000000025eb8ca4>] shmem_wait_for_pins mm/shmem.c:2506 [inline]
 [<0000000025eb8ca4>] shmem_add_seals+0xa44/0x1020 mm/shmem.c:2622
 [<0000000010167a38>] shmem_fcntl+0xf7/0x130 mm/shmem.c:2657
 [<00000000cd99aa8a>] do_fcntl fs/fcntl.c:340 [inline]
 [<00000000cd99aa8a>] SYSC_fcntl fs/fcntl.c:376 [inline]
 [<00000000cd99aa8a>] SyS_fcntl+0x1d5/0xb50 fs/fcntl.c:361
 [<000000003fc622b5>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<000000002e04fb3b>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
binder: 1173:1182 BC_REQUEST_DEATH_NOTIFICATION invalid ref 1
binder: 1173:1182 got transaction with invalid handle, 1
binder: 1173:1182 transaction failed 29201/-22, size 96-24 line 3411
binder: undelivered TRANSACTION_ERROR: 29201
audit_printk_skb: 69 callbacks suppressed
audit: type=1400 audit(1574586327.987:5353): avc:  denied  { read } for  pid=1235 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.097:5354): avc:  denied  { create } for  pid=1245 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.167:5355): avc:  denied  { create } for  pid=1226 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.167:5356): avc:  denied  { write } for  pid=1226 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.357:5357): avc:  denied  { create } for  pid=1249 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.367:5358): avc:  denied  { write } for  pid=1249 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.387:5359): avc:  denied  { create } for  pid=1245 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.557:5361): avc:  denied  { read } for  pid=1249 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.557:5362): avc:  denied  { read } for  pid=1226 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586328.527:5360): avc:  denied  { write } for  pid=1245 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
binder: 1399:1423 BC_REQUEST_DEATH_NOTIFICATION invalid ref 1
binder: 1399:1423 transaction failed 29189/-22, size 96-24 line 3138
audit_printk_skb: 132 callbacks suppressed
audit: type=1400 audit(1574586333.087:5407): avc:  denied  { create } for  pid=1444 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586333.087:5408): avc:  denied  { create } for  pid=1446 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586333.087:5409): avc:  denied  { write } for  pid=1446 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586333.167:5410): avc:  denied  { write } for  pid=1444 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586333.407:5411): avc:  denied  { read } for  pid=1444 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586333.477:5412): avc:  denied  { read } for  pid=1446 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
binder: undelivered TRANSACTION_ERROR: 29189
audit: type=1400 audit(1574586334.957:5413): avc:  denied  { create } for  pid=1496 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586334.977:5414): avc:  denied  { write } for  pid=1496 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586334.997:5415): avc:  denied  { create } for  pid=1498 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574586334.997:5416): avc:  denied  { write } for  pid=1498 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1