===============================
[ INFO: suspicious RCU usage. ]
4.9.202+ #0 Not tainted
-------------------------------
include/linux/radix-tree.h:199 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 0
2 locks held by syz-executor.5/4199:
 #0:  (&sb->s_type->i_mutex_key#10){+.+.+.}, at: [<000000001fcda344>] inode_lock include/linux/fs.h:771 [inline]
 #0:  (&sb->s_type->i_mutex_key#10){+.+.+.}, at: [<000000001fcda344>] shmem_add_seals+0x166/0x1020 mm/shmem.c:2610
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<000000007c53e3de>] spin_lock_irq include/linux/spinlock.h:332 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<000000007c53e3de>] shmem_tag_pins mm/shmem.c:2465 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<000000007c53e3de>] shmem_wait_for_pins mm/shmem.c:2506 [inline]
 #1:  (&(&mapping->tree_lock)->rlock){..-...}, at: [<000000007c53e3de>] shmem_add_seals+0x342/0x1020 mm/shmem.c:2622

stack backtrace:
CPU: 1 PID: 4199 Comm: syz-executor.5 Not tainted 4.9.202+ #0
 ffff88019e0ffca0 ffffffff81b55d2b ffff8801d4744868 0000000000000000
 0000000000000002 00000000000000c7 ffff88019e738000 ffff88019e0ffcd0
 ffffffff81406867 ffffea0006622280 dffffc0000000000 ffff88019e0ffd78
Call Trace:
 [<000000000599c224>] __dump_stack lib/dump_stack.c:15 [inline]
 [<000000000599c224>] dump_stack+0xcb/0x130 lib/dump_stack.c:56
 [<00000000da3db305>] lockdep_rcu_suspicious.cold+0x10a/0x149 kernel/locking/lockdep.c:4458
 [<0000000098d970e4>] radix_tree_deref_slot include/linux/radix-tree.h:199 [inline]
 [<0000000098d970e4>] shmem_tag_pins mm/shmem.c:2467 [inline]
 [<0000000098d970e4>] shmem_wait_for_pins mm/shmem.c:2506 [inline]
 [<0000000098d970e4>] shmem_add_seals+0xa44/0x1020 mm/shmem.c:2622
 [<00000000bc42c014>] shmem_fcntl+0xf7/0x130 mm/shmem.c:2657
 [<00000000e21c9ac7>] do_fcntl fs/fcntl.c:340 [inline]
 [<00000000e21c9ac7>] SYSC_fcntl fs/fcntl.c:376 [inline]
 [<00000000e21c9ac7>] SyS_fcntl+0x1d5/0xb50 fs/fcntl.c:361
 [<0000000082447c07>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<000000008ca23a8d>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
binder: 4195:4203 unknown command 971791
binder: 4195:4203 ioctl c0306201 200000c0 returned -22
audit: type=1400 audit(1574629194.802:23): avc:  denied  { execmod } for  pid=4215 comm="syz-executor.1" path="/root/syzkaller-testdir388068268/syzkaller.UamhlP/20/bus" dev="sda1" ino=16610 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
EXT4-fs (loop4): bad geometry: block count 17587891078200 exceeds size of device (28672 blocks)
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
audit: type=1400 audit(1574629198.502:24): avc:  denied  { block_suspend } for  pid=4757 comm="syz-executor.0" capability=36  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1
IPv6: sit1: Disabled Multicast RS
device lo entered promiscuous mode
IPv6: sit2: Disabled Multicast RS
IPv6: sit3: Disabled Multicast RS
IPv6: sit4: Disabled Multicast RS
device lo left promiscuous mode
EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
audit: type=1400 audit(1574629200.432:25): avc:  denied  { mac_admin } for  pid=4858 comm="syz-executor.3" capability=33  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1
SELinux:  Context 000795b5 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a688 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
mmap: syz-executor.2 (4863) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt.
SELinux:  Context 000795b9 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a688 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
SELinux:  Context 000795ba 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a689 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
SELinux:  Context 000795c7 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a692 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
EXT4-fs (loop1): fragment/cluster size (2048) != block size (4096)
IPv6: sit5: Disabled Multicast RS
SELinux:  Context 000795ea 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a6b0 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31447 sclass=netlink_route_socket pig=5031 comm=syz-executor.5
SELinux:  Context 000795ee 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a6fb 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31447 sclass=netlink_route_socket pig=5043 comm=syz-executor.5
SELinux:  Context 000795f0 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a6fb 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
SELinux:  Context 000795f4 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a6fc 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
SELinux:  Context 000795f6 00000000 00000002 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
0007a6fd 00000000 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 is not valid (left unmapped).
EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
EXT4-fs error (device loop4): ext4_iget:4769: inode #2: comm syz-executor.4: bogus i_mode (164270)
EXT4-fs (loop4): get root inode failed
EXT4-fs (loop4): mount failed