================================
WARNING: inconsistent lock state
4.19.106-syzkaller #0 Not tainted
--------------------------------
inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
syz-executor.0/8394 [HC0[0]:SC1[1]:HE1:SE0] takes:
000000002f341af8 (&(&local->client_conns_lock)->rlock){+.?.}, at: spin_lock include/linux/spinlock.h:329 [inline]
000000002f341af8 (&(&local->client_conns_lock)->rlock){+.?.}, at: rxrpc_put_one_client_conn net/rxrpc/conn_client.c:949 [inline]
000000002f341af8 (&(&local->client_conns_lock)->rlock){+.?.}, at: rxrpc_put_client_conn+0x666/0xc00 net/rxrpc/conn_client.c:1002
{SOFTIRQ-ON-W} state was registered at:
  __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
  _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144
  spin_lock include/linux/spinlock.h:329 [inline]
  rxrpc_get_client_conn net/rxrpc/conn_client.c:309 [inline]
  rxrpc_connect_call+0x301/0x4630 net/rxrpc/conn_client.c:702
  rxrpc_new_client_call+0x8c6/0x1850 net/rxrpc/call_object.c:291
  rxrpc_new_client_call_for_sendmsg net/rxrpc/sendmsg.c:596 [inline]
  rxrpc_do_sendmsg+0xf2e/0x1bc1 net/rxrpc/sendmsg.c:652
  rxrpc_sendmsg+0x4a8/0x5b0 net/rxrpc/af_rxrpc.c:593
  sock_sendmsg_nosec net/socket.c:622 [inline]
  sock_sendmsg+0xcf/0x120 net/socket.c:632
  ___sys_sendmsg+0x3e2/0x920 net/socket.c:2115
  __sys_sendmmsg+0x195/0x470 net/socket.c:2210
  __do_sys_sendmmsg net/socket.c:2239 [inline]
  __se_sys_sendmmsg net/socket.c:2236 [inline]
  __x64_sys_sendmmsg+0x99/0x100 net/socket.c:2236
  do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
  entry_SYSCALL_64_after_hwframe+0x49/0xbe
irq event stamp: 30059874
hardirqs last  enabled at (30059874): [<ffffffff871f84d7>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last  enabled at (30059874): [<ffffffff871f84d7>] _raw_spin_unlock_irqrestore+0x67/0xe0 kernel/locking/spinlock.c:184
hardirqs last disabled at (30059873): [<ffffffff871f8746>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]
hardirqs last disabled at (30059873): [<ffffffff871f8746>] _raw_spin_lock_irqsave+0x66/0xbf kernel/locking/spinlock.c:152
softirqs last  enabled at (30052878): [<ffffffff87400650>] __do_softirq+0x650/0x93c kernel/softirq.c:318
softirqs last disabled at (30059857): [<ffffffff813e406b>] invoke_softirq kernel/softirq.c:372 [inline]
softirqs last disabled at (30059857): [<ffffffff813e406b>] irq_exit+0x17b/0x1c0 kernel/softirq.c:412

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&(&local->client_conns_lock)->rlock);
  <Interrupt>
    lock(&(&local->client_conns_lock)->rlock);

 *** DEADLOCK ***

1 lock held by syz-executor.0/8394:
 #0: 000000007a6e1960 (rcu_callback){....}, at: __rcu_reclaim kernel/rcu/rcu.h:226 [inline]
 #0: 000000007a6e1960 (rcu_callback){....}, at: rcu_do_batch kernel/rcu/tree.c:2584 [inline]
 #0: 000000007a6e1960 (rcu_callback){....}, at: invoke_rcu_callbacks kernel/rcu/tree.c:2897 [inline]
 #0: 000000007a6e1960 (rcu_callback){....}, at: __rcu_process_callbacks kernel/rcu/tree.c:2864 [inline]
 #0: 000000007a6e1960 (rcu_callback){....}, at: rcu_process_callbacks+0xbff/0x17f0 kernel/rcu/tree.c:2881

stack backtrace:
CPU: 0 PID: 8394 Comm: syz-executor.0 Not tainted 4.19.106-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x188/0x20d lib/dump_stack.c:118
 print_usage_bug.cold+0x327/0x425 kernel/locking/lockdep.c:2540
 valid_state kernel/locking/lockdep.c:2553 [inline]
 mark_lock_irq kernel/locking/lockdep.c:2747 [inline]
 mark_lock+0xc71/0x11b0 kernel/locking/lockdep.c:3127
 mark_irqflags kernel/locking/lockdep.c:3005 [inline]
 __lock_acquire+0xc62/0x49c0 kernel/locking/lockdep.c:3368
 lock_acquire+0x170/0x400 kernel/locking/lockdep.c:3903
 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
 _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144
 spin_lock include/linux/spinlock.h:329 [inline]
 rxrpc_put_one_client_conn net/rxrpc/conn_client.c:949 [inline]
 rxrpc_put_client_conn+0x666/0xc00 net/rxrpc/conn_client.c:1002
 rxrpc_put_connection net/rxrpc/ar-internal.h:951 [inline]
 rxrpc_rcu_destroy_call+0xb6/0x1e0 net/rxrpc/call_object.c:657
 __rcu_reclaim kernel/rcu/rcu.h:236 [inline]
 rcu_do_batch kernel/rcu/tree.c:2584 [inline]
 invoke_rcu_callbacks kernel/rcu/tree.c:2897 [inline]
 __rcu_process_callbacks kernel/rcu/tree.c:2864 [inline]
 rcu_process_callbacks+0xb2d/0x17f0 kernel/rcu/tree.c:2881
 __do_softirq+0x26c/0x93c kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:372 [inline]
 irq_exit+0x17b/0x1c0 kernel/softirq.c:412
 exiting_irq arch/x86/include/asm/apic.h:544 [inline]
 smp_apic_timer_interrupt+0x136/0x550 arch/x86/kernel/apic/apic.c:1094
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:893
 </IRQ>
RIP: 0010:do_syscall_64+0xfd/0x620 arch/x86/entry/common.c:293
Code: 48 21 f3 48 8d 3c dd 40 46 60 87 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 c3 04 00 00 48 89 ef ff 14 dd 40 46 60 87 48 8d 7d 50 <48> ba 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 80 3c 11 00 0f
RSP: 0018:ffff8880924bff28 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
RAX: 0000000000000000 RBX: 0000000000000023 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815942ee RDI: ffff8880924bffa8
RBP: ffff8880924bff58 R08: ffff88809ef085c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff88b25618 R14: 0000000000000000 R15: 0000000000000000
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45a920
Code: c0 5b 5d c3 66 0f 1f 44 00 00 8b 04 24 48 83 c4 18 5b 5d c3 66 0f 1f 44 00 00 83 3d 11 e0 82 00 00 75 14 b8 23 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 d4 d1 fb ff c3 48 83 ec 08 e8 ea 46 00 00
RSP: 002b:00007ffcadcd2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
RAX: ffffffffffffffda RBX: 000000000021f6df RCX: 000000000045a920
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffcadcd2170
RBP: 000000000000236e R08: 0000000000000001 R09: 00000000025e3940
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b
R13: 00007ffcadcd21c0 R14: 000000000021f374 R15: 00007ffcadcd21d0
audit: type=1800 audit(1582891575.991:3787): pid=31951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=16531 res=0
audit: type=1800 audit(1582891576.951:3788): pid=32748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=17053 res=0
ptrace attach of "/root/syz-executor.0"[8394] was attempted by " ��      ��              0       p       ��      ��              ��      �       ��                 ����                                                                                                                                                                                                                                                                                     �                                                                       �\x09                                                                                                                                                                                                                                                                                                                                                                                                                                                     @      =                 
nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pig=1303 comm=syz-executor.5
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5122 sclass=netlink_route_socket pig=1987 comm=syz-executor.4
audit: type=1804 audit(1582891578.801:3789): pid=2047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir679560620/syzkaller.OYTA4v/3984/bus" dev="sda1" ino=17043 res=1
audit: type=1804 audit(1582891579.661:3790): pid=2414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir679560620/syzkaller.OYTA4v/3985/bus" dev="sda1" ino=17043 res=1
netlink: 1180 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 1180 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 1180 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 1180 bytes leftover after parsing attributes in process `syz-executor.4'.
audit: type=1800 audit(1582891581.911:3791): pid=3481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=17043 res=0
netlink: 1180 bytes leftover after parsing attributes in process `syz-executor.4'.
9pnet: p9_fd_create_tcp (3883): problem connecting socket to 127.0.0.1
netlink: 1180 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 1180 bytes leftover after parsing attributes in process `syz-executor.4'.
audit: type=1800 audit(1582891584.271:3792): pid=4133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=17096 res=0