===================================================== WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected 5.10.90 #1 Not tainted ----------------------------------------------------- syz-executor.1/288 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: ffff888042a70b40 (&new->fa_lock){...-}-{2:2}, at: kill_fasync_rcu fs/fcntl.c:1005 [inline] ffff888042a70b40 (&new->fa_lock){...-}-{2:2}, at: kill_fasync fs/fcntl.c:1026 [inline] ffff888042a70b40 (&new->fa_lock){...-}-{2:2}, at: kill_fasync+0x138/0x480 fs/fcntl.c:1019 and this task is already holding: ffff88806cf393c0 (batched_entropy_u64.lock){-.-.}-{2:2}, at: get_random_u64+0x46/0x1d0 drivers/char/random.c:2200 which would create a new lock dependency: (batched_entropy_u64.lock){-.-.}-{2:2} -> (&new->fa_lock){...-}-{2:2} but this new dependency connects a HARDIRQ-irq-safe lock: (batched_entropy_u64.lock){-.-.}-{2:2} ... which became HARDIRQ-irq-safe at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x27/0x40 kernel/locking/spinlock.c:151 spin_lock include/linux/spinlock.h:354 [inline] invalidate_batched_entropy+0xdf/0x1c0 drivers/char/random.c:2253 crng_fast_load+0x243/0x260 drivers/char/random.c:896 add_interrupt_randomness+0x523/0x650 drivers/char/random.c:1283 handle_irq_event_percpu kernel/irq/handle.c:198 [inline] handle_irq_event+0x13f/0x290 kernel/irq/handle.c:213 handle_edge_irq+0x249/0xd00 kernel/irq/chip.c:822 asm_call_irq_on_stack+0x12/0x20 __run_irq_on_irqstack arch/x86/include/asm/irq_stack.h:48 [inline] run_irq_on_irqstack_cond arch/x86/include/asm/irq_stack.h:101 [inline] handle_irq arch/x86/kernel/irq.c:230 [inline] __common_interrupt arch/x86/kernel/irq.c:249 [inline] common_interrupt+0xdd/0x190 arch/x86/kernel/irq.c:239 asm_common_interrupt+0x1e/0x40 arch/x86/include/asm/idtentry.h:626 native_safe_halt arch/x86/include/asm/irqflags.h:60 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:103 [inline] default_idle+0xe/0x10 arch/x86/kernel/process.c:689 default_idle_call+0x87/0xd0 kernel/sched/idle.c:112 cpuidle_idle_call kernel/sched/idle.c:194 [inline] do_idle+0x3a9/0x520 kernel/sched/idle.c:300 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:396 start_kernel+0x47a/0x49b init/main.c:1058 secondary_startup_64_no_verify+0xc2/0xcb to a HARDIRQ-irq-unsafe lock: (&f->f_owner.lock){.+.?}-{2:2} ... which became HARDIRQ-irq-unsafe at: ... lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x58/0x70 kernel/locking/spinlock.c:223 f_getown_ex fs/fcntl.c:206 [inline] do_fcntl+0x74f/0xfc0 fs/fcntl.c:387 __do_sys_fcntl fs/fcntl.c:463 [inline] __se_sys_fcntl fs/fcntl.c:448 [inline] __x64_sys_fcntl+0x165/0x1e0 fs/fcntl.c:448 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 other info that might help us debug this: Chain exists of: batched_entropy_u64.lock --> &new->fa_lock --> &f->f_owner.lock Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&f->f_owner.lock); local_irq_disable(); lock(batched_entropy_u64.lock); lock(&new->fa_lock); lock(batched_entropy_u64.lock); *** DEADLOCK *** 2 locks held by syz-executor.1/288: #0: ffff88806cf393c0 (batched_entropy_u64.lock){-.-.}-{2:2}, at: get_random_u64+0x46/0x1d0 drivers/char/random.c:2200 #1: ffffffff84df6960 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x41/0x480 fs/fcntl.c:1024 the dependencies between HARDIRQ-irq-safe lock and the holding lock: -> (batched_entropy_u64.lock){-.-.}-{2:2} { IN-HARDIRQ-W at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x27/0x40 kernel/locking/spinlock.c:151 spin_lock include/linux/spinlock.h:354 [inline] invalidate_batched_entropy+0xdf/0x1c0 drivers/char/random.c:2253 crng_fast_load+0x243/0x260 drivers/char/random.c:896 add_interrupt_randomness+0x523/0x650 drivers/char/random.c:1283 handle_irq_event_percpu kernel/irq/handle.c:198 [inline] handle_irq_event+0x13f/0x290 kernel/irq/handle.c:213 handle_edge_irq+0x249/0xd00 kernel/irq/chip.c:822 asm_call_irq_on_stack+0x12/0x20 __run_irq_on_irqstack arch/x86/include/asm/irq_stack.h:48 [inline] run_irq_on_irqstack_cond arch/x86/include/asm/irq_stack.h:101 [inline] handle_irq arch/x86/kernel/irq.c:230 [inline] __common_interrupt arch/x86/kernel/irq.c:249 [inline] common_interrupt+0xdd/0x190 arch/x86/kernel/irq.c:239 asm_common_interrupt+0x1e/0x40 arch/x86/include/asm/idtentry.h:626 native_safe_halt arch/x86/include/asm/irqflags.h:60 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:103 [inline] default_idle+0xe/0x10 arch/x86/kernel/process.c:689 default_idle_call+0x87/0xd0 kernel/sched/idle.c:112 cpuidle_idle_call kernel/sched/idle.c:194 [inline] do_idle+0x3a9/0x520 kernel/sched/idle.c:300 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:396 start_kernel+0x47a/0x49b init/main.c:1058 secondary_startup_64_no_verify+0xc2/0xcb IN-SOFTIRQ-W at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x27/0x40 kernel/locking/spinlock.c:151 spin_lock include/linux/spinlock.h:354 [inline] invalidate_batched_entropy+0xdf/0x1c0 drivers/char/random.c:2253 crng_reseed+0x848/0xd00 drivers/char/random.c:978 credit_entropy_bits.constprop.0+0x315/0x3d0 drivers/char/random.c:734 add_timer_randomness+0x1c6/0x240 drivers/char/random.c:1198 add_disk_randomness+0xbc/0x310 drivers/char/random.c:1327 scsi_end_request+0x4d4/0x840 drivers/scsi/scsi_lib.c:574 scsi_io_completion+0x194/0x12c0 drivers/scsi/scsi_lib.c:967 scsi_softirq_done+0x11b/0x490 drivers/scsi/scsi_lib.c:1445 blk_done_softirq+0x22f/0x360 block/blk-mq.c:586 __do_softirq+0x1b8/0x867 kernel/softirq.c:298 asm_call_irq_on_stack+0x12/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0x80/0xa0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:393 [inline] __irq_exit_rcu kernel/softirq.c:423 [inline] irq_exit_rcu+0x110/0x1a0 kernel/softirq.c:435 common_interrupt+0xa1/0x190 arch/x86/kernel/irq.c:239 asm_common_interrupt+0x1e/0x40 arch/x86/include/asm/idtentry.h:626 native_safe_halt arch/x86/include/asm/irqflags.h:60 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:103 [inline] default_idle+0xe/0x10 arch/x86/kernel/process.c:689 default_idle_call+0x87/0xd0 kernel/sched/idle.c:112 cpuidle_idle_call kernel/sched/idle.c:194 [inline] do_idle+0x3a9/0x520 kernel/sched/idle.c:300 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:396 start_kernel+0x47a/0x49b init/main.c:1058 secondary_startup_64_no_verify+0xc2/0xcb INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x36/0x50 kernel/locking/spinlock.c:159 get_random_u64+0x46/0x1d0 drivers/char/random.c:2200 get_random_long include/linux/random.h:61 [inline] get_random_canary include/linux/random.h:83 [inline] dup_task_struct kernel/fork.c:911 [inline] copy_process+0x7cd/0x66c0 kernel/fork.c:1948 kernel_clone+0xe7/0xa20 kernel/fork.c:2467 kernel_thread+0xb5/0xf0 kernel/fork.c:2519 rest_init+0x23/0x389 init/main.c:688 start_kernel+0x47a/0x49b init/main.c:1058 secondary_startup_64_no_verify+0xc2/0xcb } ... key at: [] 0xffff88806ce393c0 the dependencies between the lock to be acquired and HARDIRQ-irq-unsafe lock: -> (&f->f_owner.lock){.+.?}-{2:2} { HARDIRQ-ON-R at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x58/0x70 kernel/locking/spinlock.c:223 f_getown_ex fs/fcntl.c:206 [inline] do_fcntl+0x74f/0xfc0 fs/fcntl.c:387 __do_sys_fcntl fs/fcntl.c:463 [inline] __se_sys_fcntl fs/fcntl.c:448 [inline] __x64_sys_fcntl+0x165/0x1e0 fs/fcntl.c:448 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 IN-SOFTIRQ-R at: ieee80211 phy29: Selected rate control algorithm 'minstrel_ht' lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x42/0x90 kernel/locking/spinlock.c:231 send_sigio+0x24/0x340 fs/fcntl.c:787 kill_fasync_rcu fs/fcntl.c:1012 [inline] kill_fasync fs/fcntl.c:1026 [inline] kill_fasync+0x1fa/0x480 fs/fcntl.c:1019 sock_wake_async+0xd2/0x160 net/socket.c:1320 sk_wake_async include/net/sock.h:2290 [inline] sk_wake_async include/net/sock.h:2286 [inline] sock_def_error_report+0x356/0x4f0 net/core/sock.c:2895 tcp_reset+0x179/0x3e0 net/ipv4/tcp_input.c:4256 tcp_rcv_synsent_state_process net/ipv4/tcp_input.c:6090 [inline] tcp_rcv_state_process+0x2e8c/0x4aa0 net/ipv4/tcp_input.c:6354 tcp_v6_do_rcv+0x7b0/0x1290 net/ipv6/tcp_ipv6.c:1522 tcp_v6_rcv+0x2e44/0x3390 net/ipv6/tcp_ipv6.c:1730 ip6_protocol_deliver_rcu+0x2fa/0x16f0 net/ipv6/ip6_input.c:423 ip6_input_finish+0x64/0x170 net/ipv6/ip6_input.c:464 NF_HOOK include/linux/netfilter.h:301 [inline] NF_HOOK include/linux/netfilter.h:295 [inline] ip6_input+0x9c/0xd0 net/ipv6/ip6_input.c:473 dst_input include/net/dst.h:449 [inline] ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline] ip6_rcv_finish net/ipv6/ip6_input.c:66 [inline] NF_HOOK include/linux/netfilter.h:301 [inline] NF_HOOK include/linux/netfilter.h:295 [inline] ipv6_rcv+0x172/0x270 net/ipv6/ip6_input.c:297 __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5356 __netif_receive_skb+0x27/0x1c0 net/core/dev.c:5470 process_backlog+0x38f/0x7e0 net/core/dev.c:6376 napi_poll net/core/dev.c:6827 [inline] net_rx_action+0x3ff/0xfe0 net/core/dev.c:6897 __do_softirq+0x1b8/0x867 kernel/softirq.c:298 run_ksoftirqd kernel/softirq.c:653 [inline] run_ksoftirqd+0x21/0x50 kernel/softirq.c:645 smpboot_thread_fn+0x3f5/0x860 kernel/smpboot.c:164 kthread+0x38f/0x470 kernel/kthread.c:313 ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:296 SOFTIRQ-ON-R at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x58/0x70 kernel/locking/spinlock.c:223 f_getown_ex fs/fcntl.c:206 [inline] do_fcntl+0x74f/0xfc0 fs/fcntl.c:387 __do_sys_fcntl fs/fcntl.c:463 [inline] __se_sys_fcntl fs/fcntl.c:448 [inline] __x64_sys_fcntl+0x165/0x1e0 fs/fcntl.c:448 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline] _raw_write_lock_irq+0x2f/0x40 kernel/locking/spinlock.c:311 f_modown+0x2a/0x390 fs/fcntl.c:90 __f_setown fs/fcntl.c:109 [inline] f_setown+0xd9/0x230 fs/fcntl.c:137 sock_ioctl+0x28a/0x700 net/socket.c:1117 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x196/0x210 fs/ioctl.c:739 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 INITIAL READ USE at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x6d/0x90 kernel/locking/spinlock.c:231 send_sigio+0x24/0x340 fs/fcntl.c:787 kill_fasync_rcu fs/fcntl.c:1012 [inline] kill_fasync fs/fcntl.c:1026 [inline] kill_fasync+0x1fa/0x480 fs/fcntl.c:1019 sock_wake_async+0xd2/0x160 net/socket.c:1320 sk_wake_async include/net/sock.h:2290 [inline] sk_wake_async include/net/sock.h:2286 [inline] sock_def_error_report+0x356/0x4f0 net/core/sock.c:2895 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=41604 comm=syz-executor.5 tcp_reset+0x179/0x3e0 net/ipv4/tcp_input.c:4256 tcp_rcv_synsent_state_process net/ipv4/tcp_input.c:6090 [inline] tcp_rcv_state_process+0x2e8c/0x4aa0 net/ipv4/tcp_input.c:6354 tcp_v6_do_rcv+0x7b0/0x1290 net/ipv6/tcp_ipv6.c:1522 sk_backlog_rcv include/net/sock.h:1012 [inline] __release_sock+0x139/0x3b0 net/core/sock.c:2540 release_sock+0x54/0x1b0 net/core/sock.c:3072 inet_wait_for_connect net/ipv4/af_inet.c:594 [inline] __inet_stream_connect+0x57e/0xd50 net/ipv4/af_inet.c:686 inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:725 __sys_connect_file+0x157/0x1a0 net/socket.c:1841 __sys_connect+0x161/0x190 net/socket.c:1858 __do_sys_connect net/socket.c:1868 [inline] __se_sys_connect net/socket.c:1865 [inline] __x64_sys_connect+0x6f/0xb0 net/socket.c:1865 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 } ... key at: [] __key.5+0x0/0x40 ... acquired at: __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x6d/0x90 kernel/locking/spinlock.c:231 send_sigio+0x24/0x340 fs/fcntl.c:787 kill_fasync_rcu fs/fcntl.c:1012 [inline] kill_fasync fs/fcntl.c:1026 [inline] kill_fasync+0x1fa/0x480 fs/fcntl.c:1019 sock_wake_async+0xd2/0x160 net/socket.c:1320 sk_wake_async include/net/sock.h:2290 [inline] sk_wake_async include/net/sock.h:2286 [inline] sock_def_error_report+0x356/0x4f0 net/core/sock.c:2895 tcp_reset+0x179/0x3e0 net/ipv4/tcp_input.c:4256 tcp_rcv_synsent_state_process net/ipv4/tcp_input.c:6090 [inline] tcp_rcv_state_process+0x2e8c/0x4aa0 net/ipv4/tcp_input.c:6354 tcp_v6_do_rcv+0x7b0/0x1290 net/ipv6/tcp_ipv6.c:1522 sk_backlog_rcv include/net/sock.h:1012 [inline] __release_sock+0x139/0x3b0 net/core/sock.c:2540 Option ' ' to dns_resolver key: bad/missing value release_sock+0x54/0x1b0 net/core/sock.c:3072 inet_wait_for_connect net/ipv4/af_inet.c:594 [inline] __inet_stream_connect+0x57e/0xd50 net/ipv4/af_inet.c:686 inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:725 __sys_connect_file+0x157/0x1a0 net/socket.c:1841 __sys_connect+0x161/0x190 net/socket.c:1858 __do_sys_connect net/socket.c:1868 [inline] __se_sys_connect net/socket.c:1865 [inline] __x64_sys_connect+0x6f/0xb0 net/socket.c:1865 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 -> (&new->fa_lock){...-}-{2:2} { IN-SOFTIRQ-R at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x42/0x90 kernel/locking/spinlock.c:231 kill_fasync_rcu fs/fcntl.c:1005 [inline] kill_fasync fs/fcntl.c:1026 [inline] kill_fasync+0x138/0x480 fs/fcntl.c:1019 sock_wake_async+0xd2/0x160 net/socket.c:1320 sk_wake_async include/net/sock.h:2290 [inline] sk_wake_async include/net/sock.h:2286 [inline] sock_def_error_report+0x356/0x4f0 net/core/sock.c:2895 tcp_reset+0x179/0x3e0 net/ipv4/tcp_input.c:4256 tcp_rcv_synsent_state_process net/ipv4/tcp_input.c:6090 [inline] tcp_rcv_state_process+0x2e8c/0x4aa0 net/ipv4/tcp_input.c:6354 tcp_v6_do_rcv+0x7b0/0x1290 net/ipv6/tcp_ipv6.c:1522 tcp_v6_rcv+0x2e44/0x3390 net/ipv6/tcp_ipv6.c:1730 ip6_protocol_deliver_rcu+0x2fa/0x16f0 net/ipv6/ip6_input.c:423 ip6_input_finish+0x64/0x170 net/ipv6/ip6_input.c:464 NF_HOOK include/linux/netfilter.h:301 [inline] NF_HOOK include/linux/netfilter.h:295 [inline] ip6_input+0x9c/0xd0 net/ipv6/ip6_input.c:473 dst_input include/net/dst.h:449 [inline] ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline] ip6_rcv_finish net/ipv6/ip6_input.c:66 [inline] NF_HOOK include/linux/netfilter.h:301 [inline] NF_HOOK include/linux/netfilter.h:295 [inline] ipv6_rcv+0x172/0x270 net/ipv6/ip6_input.c:297 __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5356 __netif_receive_skb+0x27/0x1c0 net/core/dev.c:5470 process_backlog+0x38f/0x7e0 net/core/dev.c:6376 napi_poll net/core/dev.c:6827 [inline] net_rx_action+0x3ff/0xfe0 net/core/dev.c:6897 __do_softirq+0x1b8/0x867 kernel/softirq.c:298 run_ksoftirqd kernel/softirq.c:653 [inline] run_ksoftirqd+0x21/0x50 kernel/softirq.c:645 smpboot_thread_fn+0x3f5/0x860 kernel/smpboot.c:164 kthread+0x38f/0x470 kernel/kthread.c:313 ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:296 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline] _raw_write_lock_irq+0x2f/0x40 kernel/locking/spinlock.c:311 fasync_remove_entry+0xb6/0x1f0 fs/fcntl.c:882 fasync_helper+0x9e/0xb0 fs/fcntl.c:985 sock_fasync+0x94/0x140 net/socket.c:1291 __fput+0x743/0x980 fs/file_table.c:278 task_work_run+0xe2/0x1a0 kernel/task_work.c:151 get_signal+0xfaf/0x2200 kernel/signal.c:2552 arch_do_signal+0x88/0x1b70 arch/x86/kernel/signal.c:805 exit_to_user_mode_loop kernel/entry/common.c:161 [inline] exit_to_user_mode_prepare+0xf7/0x160 kernel/entry/common.c:191 syscall_exit_to_user_mode+0x38/0x230 kernel/entry/common.c:266 entry_SYSCALL_64_after_hwframe+0x44/0xa9 INITIAL READ USE at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x6d/0x90 kernel/locking/spinlock.c:231 kill_fasync_rcu fs/fcntl.c:1005 [inline] kill_fasync fs/fcntl.c:1026 [inline] kill_fasync+0x138/0x480 fs/fcntl.c:1019 sock_wake_async+0xd2/0x160 net/socket.c:1320 sk_wake_async include/net/sock.h:2290 [inline] sk_wake_async include/net/sock.h:2286 [inline] sock_def_error_report+0x356/0x4f0 net/core/sock.c:2895 tcp_reset+0x179/0x3e0 net/ipv4/tcp_input.c:4256 tcp_rcv_synsent_state_process net/ipv4/tcp_input.c:6090 [inline] tcp_rcv_state_process+0x2e8c/0x4aa0 net/ipv4/tcp_input.c:6354 tcp_v6_do_rcv+0x7b0/0x1290 net/ipv6/tcp_ipv6.c:1522 sk_backlog_rcv include/net/sock.h:1012 [inline] __release_sock+0x139/0x3b0 net/core/sock.c:2540 release_sock+0x54/0x1b0 net/core/sock.c:3072 inet_wait_for_connect net/ipv4/af_inet.c:594 [inline] __inet_stream_connect+0x57e/0xd50 net/ipv4/af_inet.c:686 inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:725 __sys_connect_file+0x157/0x1a0 net/socket.c:1841 __sys_connect+0x161/0x190 net/socket.c:1858 __do_sys_connect net/socket.c:1868 [inline] __se_sys_connect net/socket.c:1865 [inline] __x64_sys_connect+0x6f/0xb0 net/socket.c:1865 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 } ... key at: [] __key.0+0x0/0x40 ... acquired at: lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x6d/0x90 kernel/locking/spinlock.c:231 kill_fasync_rcu fs/fcntl.c:1005 [inline] kill_fasync fs/fcntl.c:1026 [inline] kill_fasync+0x138/0x480 fs/fcntl.c:1019 account drivers/char/random.c:1381 [inline] extract_entropy drivers/char/random.c:1508 [inline] crng_reseed+0xae0/0xd00 drivers/char/random.c:958 _extract_crng+0x1e6/0x250 drivers/char/random.c:1006 crng_reseed+0x776/0xd00 drivers/char/random.c:962 _extract_crng+0x1e6/0x250 drivers/char/random.c:1006 extract_crng drivers/char/random.c:1026 [inline] get_random_u64+0x159/0x1d0 drivers/char/random.c:2202 get_random_long include/linux/random.h:61 [inline] get_random_canary include/linux/random.h:83 [inline] dup_task_struct kernel/fork.c:911 [inline] copy_process+0x7cd/0x66c0 kernel/fork.c:1948 kernel_clone+0xe7/0xa20 kernel/fork.c:2467 __do_sys_clone+0xc8/0x110 kernel/fork.c:2584 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 stack backtrace: CPU: 1 PID: 288 Comm: syz-executor.1 Not tainted 5.10.90 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x107/0x163 lib/dump_stack.c:118 print_bad_irq_dependency kernel/locking/lockdep.c:2560 [inline] check_irq_usage.cold+0x481/0x58d kernel/locking/lockdep.c:2799 check_prev_add kernel/locking/lockdep.c:2990 [inline] check_prevs_add kernel/locking/lockdep.c:3111 [inline] validate_chain kernel/locking/lockdep.c:3726 [inline] __lock_acquire+0x29fb/0x5b00 kernel/locking/lockdep.c:4952 lock_acquire kernel/locking/lockdep.c:5562 [inline] lock_acquire+0x197/0x490 kernel/locking/lockdep.c:5527 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x6d/0x90 kernel/locking/spinlock.c:231 kill_fasync_rcu fs/fcntl.c:1005 [inline] kill_fasync fs/fcntl.c:1026 [inline] kill_fasync+0x138/0x480 fs/fcntl.c:1019 account drivers/char/random.c:1381 [inline] extract_entropy drivers/char/random.c:1508 [inline] crng_reseed+0xae0/0xd00 drivers/char/random.c:958 _extract_crng+0x1e6/0x250 drivers/char/random.c:1006 crng_reseed+0x776/0xd00 drivers/char/random.c:962 _extract_crng+0x1e6/0x250 drivers/char/random.c:1006 extract_crng drivers/char/random.c:1026 [inline] get_random_u64+0x159/0x1d0 drivers/char/random.c:2202 get_random_long include/linux/random.h:61 [inline] get_random_canary include/linux/random.h:83 [inline] dup_task_struct kernel/fork.c:911 [inline] copy_process+0x7cd/0x66c0 kernel/fork.c:1948 kernel_clone+0xe7/0xa20 kernel/fork.c:2467 __do_sys_clone+0xc8/0x110 kernel/fork.c:2584 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7f51f042810b Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 RSP: 002b:00007ffea706e530 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f51f042810b RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 RBP: 0000000000000001 R08: 0000000000000000 R09: 000055555693f400 R10: 000055555693f6d0 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffea706e610 ieee80211 phy30: Selected rate control algorithm 'minstrel_ht' SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=41887 comm=syz-executor.5 ieee80211 phy31: Selected rate control algorithm 'minstrel_ht' SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=42022 comm=syz-executor.5 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=42226 comm=syz-executor.1