=============================
WARNING: suspicious RCU usage
4.19.84 #0 Not tainted
-----------------------------
include/linux/radix-tree.h:241 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
2 locks held by syz-executor.5/7830:
 #0: 000000003afad443 (&sb->s_type->i_mutex_key#12){+.+.}, at: inode_lock include/linux/fs.h:747 [inline]
 #0: 000000003afad443 (&sb->s_type->i_mutex_key#12){+.+.}, at: memfd_add_seals mm/memfd.c:199 [inline]
 #0: 000000003afad443 (&sb->s_type->i_mutex_key#12){+.+.}, at: memfd_fcntl+0x235/0x1750 mm/memfd.c:249
 #1: 000000008193f8a1 (&(&(&mapping->i_pages)->xa_lock)->rlock){-.-.}, at: spin_lock_irq include/linux/spinlock.h:354 [inline]
 #1: 000000008193f8a1 (&(&(&mapping->i_pages)->xa_lock)->rlock){-.-.}, at: memfd_tag_pins mm/memfd.c:42 [inline]
 #1: 000000008193f8a1 (&(&(&mapping->i_pages)->xa_lock)->rlock){-.-.}, at: memfd_wait_for_pins mm/memfd.c:83 [inline]
 #1: 000000008193f8a1 (&(&(&mapping->i_pages)->xa_lock)->rlock){-.-.}, at: memfd_add_seals mm/memfd.c:217 [inline]
 #1: 000000008193f8a1 (&(&(&mapping->i_pages)->xa_lock)->rlock){-.-.}, at: memfd_fcntl+0x4bc/0x1750 mm/memfd.c:249

stack backtrace:
CPU: 1 PID: 7830 Comm: syz-executor.5 Not tainted 4.19.84 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x197/0x210 lib/dump_stack.c:118
 lockdep_rcu_suspicious+0x153/0x15d kernel/locking/lockdep.c:4539
 radix_tree_deref_slot include/linux/radix-tree.h:241 [inline]
 radix_tree_deref_slot include/linux/radix-tree.h:239 [inline]
 memfd_tag_pins mm/memfd.c:44 [inline]
 memfd_wait_for_pins mm/memfd.c:83 [inline]
 memfd_add_seals mm/memfd.c:217 [inline]
 memfd_fcntl+0xfdf/0x1750 mm/memfd.c:249
 do_fcntl+0x200/0x1020 fs/fcntl.c:421
 __do_sys_fcntl fs/fcntl.c:463 [inline]
 __se_sys_fcntl fs/fcntl.c:448 [inline]
 __x64_sys_fcntl+0x16d/0x1e0 fs/fcntl.c:448
 do_syscall_64+0xfd/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45a669
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f8037807c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a669
RDX: 0000000000000008 RSI: 0000000000000409 RDI: 0000000000000005
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f80378086d4
R13: 00000000004c10a8 R14: 00000000004d3ca0 R15: 00000000ffffffff
TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=29816 sclass=netlink_route_socket pig=7846 comm=syz-executor.2
IPVS: ftp: loaded support on port[0] = 21
L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
ptrace attach of "/root/syz-executor.1"[7887] was attempted by "/root/syz-executor.1"[7888]
IPVS: ftp: loaded support on port[0] = 21
audit: type=1804 audit(1573931190.491:42): pid=8131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir942557977/syzkaller.RzJWIn/21/bus" dev="sda1" ino=16589 res=1
netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
audit: type=1400 audit(1573931191.011:43): avc:  denied  { prog_load } for  pid=8153 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
audit: type=1804 audit(1573931191.151:44): pid=8164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir942557977/syzkaller.RzJWIn/21/bus" dev="sda1" ino=16589 res=1
audit: type=1400 audit(1573931191.591:45): avc:  denied  { name_connect } for  pid=8180 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1
audit: type=1400 audit(1573931191.771:46): avc:  denied  { create } for  pid=8180 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
audit: type=1400 audit(1573931191.821:47): avc:  denied  { write } for  pid=8180 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
device bond0 entered promiscuous mode
device bond_slave_0 entered promiscuous mode
device bond_slave_1 entered promiscuous mode
8021q: adding VLAN 0 to HW filter on device bond0
device bond0 left promiscuous mode
device bond_slave_0 left promiscuous mode
device bond_slave_1 left promiscuous mode
device bond0 entered promiscuous mode
device bond_slave_0 entered promiscuous mode
device bond_slave_1 entered promiscuous mode
8021q: adding VLAN 0 to HW filter on device bond0
device bond0 left promiscuous mode
device bond_slave_0 left promiscuous mode
device bond_slave_1 left promiscuous mode
device bond0 entered promiscuous mode
device bond_slave_0 entered promiscuous mode
device bond_slave_1 entered promiscuous mode
8021q: adding VLAN 0 to HW filter on device bond0
mmap: syz-executor.1 (8244): VmData 18530304 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35595 sclass=netlink_route_socket pig=8238 comm=syz-executor.3
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35595 sclass=netlink_route_socket pig=8238 comm=syz-executor.3
audit: type=1400 audit(1573931193.001:48): avc:  denied  { map } for  pid=8267 comm="syz-executor.5" path="/dev/ashmem" dev="devtmpfs" ino=15103 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=chr_file permissive=1
netlink: 'syz-executor.2': attribute type 1 has an invalid length.
audit: type=1400 audit(1573931193.081:49): avc:  denied  { ioctl } for  pid=8269 comm="syz-executor.2" path="socket:[30856]" dev="sockfs" ino=30856 ioctlcmd=0x8904 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
audit: type=1400 audit(1573931193.451:50): avc:  denied  { prog_run } for  pid=8302 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
netlink: 'syz-executor.2': attribute type 1 has an invalid length.
netlink: 'syz-executor.2': attribute type 1 has an invalid length.
nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
audit: type=1400 audit(1573931194.961:51): avc:  denied  { map } for  pid=8377 comm="syz-executor.1" path=2F6D656D66643A08E107202864656C6574656429 dev="tmpfs" ino=30207 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:tmpfs_t:s0 tclass=file permissive=1
EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 117768208)!
EXT4-fs (loop2): group descriptors corrupted!
BFS-fs: bfs_fill_super(): loop5 is unclean, continuing
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=4608 sclass=netlink_tcpdiag_socket pig=8473 comm=syz-executor.5
netlink: 68 bytes leftover after parsing attributes in process `syz-executor.1'.
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=4608 sclass=netlink_tcpdiag_socket pig=8473 comm=syz-executor.5
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8478 comm=syz-executor.1
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8478 comm=syz-executor.1
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8478 comm=syz-executor.1
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8478 comm=syz-executor.1
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8478 comm=syz-executor.1
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8478 comm=syz-executor.1
XFS (loop5): Invalid superblock magic number