input input10: cannot allocate more than FF_MAX_EFFECTS effects =============================== [ INFO: suspicious RCU usage. ] 4.9.202+ #0 Not tainted ------------------------------- include/linux/radix-tree.h:199 suspicious rcu_dereference_check() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 0 2 locks held by syz-executor.1/15693: #0: (&sb->s_type->i_mutex_key#10){+.+.+.}, at: [<00000000b9d8cf89>] inode_lock include/linux/fs.h:771 [inline] #0: (&sb->s_type->i_mutex_key#10){+.+.+.}, at: [<00000000b9d8cf89>] shmem_add_seals+0x166/0x1020 mm/shmem.c:2610 #1: (&(&mapping->tree_lock)->rlock){..-...}, at: [<000000000a2ab7b4>] spin_lock_irq include/linux/spinlock.h:332 [inline] #1: (&(&mapping->tree_lock)->rlock){..-...}, at: [<000000000a2ab7b4>] shmem_tag_pins mm/shmem.c:2465 [inline] #1: (&(&mapping->tree_lock)->rlock){..-...}, at: [<000000000a2ab7b4>] shmem_wait_for_pins mm/shmem.c:2506 [inline] #1: (&(&mapping->tree_lock)->rlock){..-...}, at: [<000000000a2ab7b4>] shmem_add_seals+0x342/0x1020 mm/shmem.c:2622 stack backtrace: CPU: 1 PID: 15693 Comm: syz-executor.1 Not tainted 4.9.202+ #0 ffff8801a4d17ca0 ffffffff81b55d2b ffff8801a941bc28 0000000000000000 0000000000000002 00000000000000c7 ffff8801d033c740 ffff8801a4d17cd0 ffffffff81406867 ffffea0006d06880 dffffc0000000000 ffff8801a4d17d78 Call Trace: [<00000000abdd9130>] __dump_stack lib/dump_stack.c:15 [inline] [<00000000abdd9130>] dump_stack+0xcb/0x130 lib/dump_stack.c:56 [<00000000e3114329>] lockdep_rcu_suspicious.cold+0x10a/0x149 kernel/locking/lockdep.c:4458 [<00000000202126c2>] radix_tree_deref_slot include/linux/radix-tree.h:199 [inline] [<00000000202126c2>] shmem_tag_pins mm/shmem.c:2467 [inline] [<00000000202126c2>] shmem_wait_for_pins mm/shmem.c:2506 [inline] [<00000000202126c2>] shmem_add_seals+0xa44/0x1020 mm/shmem.c:2622 [<000000005284a8a9>] shmem_fcntl+0xf7/0x130 mm/shmem.c:2657 [<00000000e212070a>] do_fcntl fs/fcntl.c:340 [inline] [<00000000e212070a>] SYSC_fcntl fs/fcntl.c:376 [inline] [<00000000e212070a>] SyS_fcntl+0x1d5/0xb50 fs/fcntl.c:361 [<00000000e258fa41>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<000000009517c5ed>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb devpts: called with bogus options uinput: write device info first devpts: called with bogus options audit_printk_skb: 21 callbacks suppressed audit: type=1400 audit(1574622695.374:251): avc: denied { set_context_mgr } for pid=15786 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 audit: type=1400 audit(1574622695.404:252): avc: denied { create } for pid=15788 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622695.404:253): avc: denied { write } for pid=15788 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622695.784:254): avc: denied { create } for pid=15801 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622695.794:255): avc: denied { write } for pid=15801 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622695.914:256): avc: denied { read } for pid=15801 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622695.964:257): avc: denied { create } for pid=15801 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622695.964:258): avc: denied { write } for pid=15801 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 input: syz1 as /devices/virtual/input/input13 audit: type=1400 audit(1574622696.054:259): avc: denied { read } for pid=15801 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 uinput: write device info first audit: type=1400 audit(1574622697.084:260): avc: denied { create } for pid=15850 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 EXT4-fs (loop3): error: could not find journal device path: error -2 binder: 15871:15873 ERROR: BC_REGISTER_LOOPER called without request binder: 15871:15873 got reply transaction with no transaction stack binder: 15871:15873 transaction failed 29201/-71, size 0-0 line 3046 binder: 15871:15873 ERROR: BC_REGISTER_LOOPER called without request binder: 15871:15880 got reply transaction with no transaction stack binder: 15871:15880 transaction failed 29201/-71, size 0-0 line 3046 binder: undelivered death notification, 0000000000000000 SELinux: ebitmap start bit (-469762048) is beyond the end of the bitmap (1762192832) netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. audit_printk_skb: 51 callbacks suppressed audit: type=1400 audit(1574622700.444:278): avc: denied { read } for pid=15966 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622700.474:279): avc: denied { create } for pid=15966 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622700.524:280): avc: denied { create } for pid=15966 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622700.524:281): avc: denied { write } for pid=15966 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622700.944:282): avc: denied { map_create } for pid=15968 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit: type=1400 audit(1574622701.824:283): avc: denied { create } for pid=16027 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622701.894:284): avc: denied { write } for pid=16027 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622702.114:285): avc: denied { read } for pid=16027 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622702.324:286): avc: denied { create } for pid=16027 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1574622702.354:287): avc: denied { write } for pid=16027 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1