===============================
[ INFO: suspicious RCU usage. ]
4.9.202+ #0 Not tainted
-------------------------------
include/linux/radix-tree.h:199 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 0
2 locks held by syz-executor.2/27302:
 #0:  (&sb->s_type->i_mutex_key#10){+.+.+.}, at: [<00000000070a0bc4>] inode_lock include/linux/fs.h:771 [inline]
 #0:  (&sb->s_type->i_mutex_key#10){+.+.+.}, at: [<00000000070a0bc4>] shmem_add_seals+0x166/0x1020 mm/shmem.c:2610
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<00000000d949eb98>] spin_lock_irq include/linux/spinlock.h:332 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<00000000d949eb98>] shmem_tag_pins mm/shmem.c:2465 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<00000000d949eb98>] shmem_wait_for_pins mm/shmem.c:2506 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<00000000d949eb98>] shmem_add_seals+0x342/0x1020 mm/shmem.c:2622

stack backtrace:
CPU: 1 PID: 27302 Comm: syz-executor.2 Not tainted 4.9.202+ #0
 ffff8801ca3ffca0 ffffffff81b55d2b ffff8801d446f468 0000000000000000
 0000000000000002 00000000000000c7 ffff88019fb04740 ffff8801ca3ffcd0
 ffffffff81406867 ffffea0006c72680 dffffc0000000000 ffff8801ca3ffd78
Call Trace:
 [<0000000029a741cb>] __dump_stack lib/dump_stack.c:15 [inline]
 [<0000000029a741cb>] dump_stack+0xcb/0x130 lib/dump_stack.c:56
 [<000000002b05a2d3>] lockdep_rcu_suspicious.cold+0x10a/0x149 kernel/locking/lockdep.c:4458
 [<0000000067b2ae34>] radix_tree_deref_slot include/linux/radix-tree.h:199 [inline]
 [<0000000067b2ae34>] shmem_tag_pins mm/shmem.c:2467 [inline]
 [<0000000067b2ae34>] shmem_wait_for_pins mm/shmem.c:2506 [inline]
 [<0000000067b2ae34>] shmem_add_seals+0xa44/0x1020 mm/shmem.c:2622
 [<000000008059f720>] shmem_fcntl+0xf7/0x130 mm/shmem.c:2657
 [<00000000e0538626>] do_fcntl fs/fcntl.c:340 [inline]
 [<00000000e0538626>] SYSC_fcntl fs/fcntl.c:376 [inline]
 [<00000000e0538626>] SyS_fcntl+0x1d5/0xb50 fs/fcntl.c:361
 [<000000007f51d32f>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<0000000044cb2bf4>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
audit: type=1400 audit(1574640671.999:1495): avc:  denied  { wake_alarm } for  pid=27312 comm="syz-executor.3" capability=35  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1
audit: type=1400 audit(1574640671.989:1494): avc:  denied  { create } for  pid=27312 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574640672.219:1496): avc:  denied  { write } for  pid=27312 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
selinux_nlmsg_perm: 12 callbacks suppressed
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pig=27395 comm=syz-executor.5
audit: type=1400 audit(1574640673.449:1497): avc:  denied  { create } for  pid=27377 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574640673.579:1498): avc:  denied  { write } for  pid=27377 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
audit: type=1400 audit(1574640675.059:1499): avc:  denied  { create } for  pid=27377 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
audit: type=1400 audit(1574640676.279:1500): avc:  denied  { prog_load } for  pid=27485 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
audit: type=1400 audit(1574640676.379:1501): avc:  denied  { write } for  pid=27485 comm="syz-executor.3" name="net" dev="proc" ino=49037 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=dir permissive=1
audit: type=1400 audit(1574640676.379:1502): avc:  denied  { add_name } for  pid=27485 comm="syz-executor.3" name="pfkey" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=dir permissive=1
audit: type=1400 audit(1574640676.389:1503): avc:  denied  { create } for  pid=27485 comm="syz-executor.3" name="pfkey" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:insmod_t:s0 tclass=file permissive=1
audit_printk_skb: 18 callbacks suppressed
audit: type=1400 audit(1574640677.139:1510): avc:  denied  { read } for  pid=27506 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574640677.699:1511): avc:  denied  { create } for  pid=27506 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock
EXT4-fs error (device loop3): ext4_iget:4769: inode #2: comm syz-executor.3: bogus i_mode (0)
EXT4-fs (loop3): get root inode failed
EXT4-fs (loop3): mount failed
audit: type=1400 audit(1574640680.079:1512): avc:  denied  { create } for  pid=27610 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574640680.329:1513): avc:  denied  { write } for  pid=27610 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574640680.619:1514): avc:  denied  { read } for  pid=27610 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1574640680.769:1515): avc:  denied  { create } for  pid=27610 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1