========================================================
WARNING: possible irq lock inversion dependency detected
5.6.0-syzkaller #0 Not tainted
--------------------------------------------------------
ksoftirqd/0/9 just changed the state of lock:
ffffffff89209098 (tasklist_lock){.+.?}-{2:2}, at: send_sigurg+0xcd/0x320 fs/fcntl.c:840
but this lock took another, SOFTIRQ-unsafe lock in the past:
 (&pid->wait_pidfd){+.+.}-{2:2}


and interrupts could create inverse lock ordering between them.


other info that might help us debug this:
 Possible interrupt unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&pid->wait_pidfd);
                               local_irq_disable();
                               lock(tasklist_lock);
                               lock(&pid->wait_pidfd);
  <Interrupt>
    lock(tasklist_lock);

 *** DEADLOCK ***

4 locks held by ksoftirqd/0/9:
 #0: ffffffff892e6750 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x9/0x30 include/linux/rcupdate.h:208
 #1: ffffffff892e6750 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:207
 #2: ffff88808e718460 (slock-AF_INET6/1){+.-.}-{2:2}, at: tcp_v6_rcv+0x364b/0x4780 net/ipv6/tcp_ipv6.c:1665
 #3: ffff8880609da1f8 (&f->f_owner.lock){.+.?}-{2:2}, at: send_sigurg+0x24/0x320 fs/fcntl.c:824

the shortest dependencies between 2nd lock and 1st lock:
 -> (&pid->wait_pidfd){+.+.}-{2:2} {
    HARDIRQ-ON-W at:
                      lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
                      __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
                      _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:151
                      spin_lock include/linux/spinlock.h:353 [inline]
                      proc_pid_make_inode+0x187/0x2d0 fs/proc/base.c:1880
                      proc_pid_instantiate+0x4b/0x1a0 fs/proc/base.c:3285
                      proc_pid_lookup+0x218/0x2f0 fs/proc/base.c:3320
                      proc_root_lookup+0x1b/0x50 fs/proc/root.c:243
                      __lookup_slow+0x240/0x370 fs/namei.c:1530
                      lookup_slow fs/namei.c:1547 [inline]
                      walk_component+0x442/0x680 fs/namei.c:1846
                      link_path_walk+0x66d/0xba0 fs/namei.c:2165
                      path_openat+0x21d/0x38b0 fs/namei.c:3342
                      do_filp_open+0x2b4/0x3a0 fs/namei.c:3375
                      do_sys_openat2+0x463/0x6f0 fs/open.c:1148
                      do_sys_open fs/open.c:1164 [inline]
                      ksys_open include/linux/syscalls.h:1386 [inline]
                      __do_sys_open fs/open.c:1170 [inline]
                      __se_sys_open fs/open.c:1168 [inline]
                      __x64_sys_open+0x1af/0x1e0 fs/open.c:1168
                      do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:295
                      entry_SYSCALL_64_after_hwframe+0x49/0xb3
    SOFTIRQ-ON-W at:
                      lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
                      __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
                      _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:151
                      spin_lock include/linux/spinlock.h:353 [inline]
                      proc_pid_make_inode+0x187/0x2d0 fs/proc/base.c:1880
                      proc_pid_instantiate+0x4b/0x1a0 fs/proc/base.c:3285
                      proc_pid_lookup+0x218/0x2f0 fs/proc/base.c:3320
                      proc_root_lookup+0x1b/0x50 fs/proc/root.c:243
                      __lookup_slow+0x240/0x370 fs/namei.c:1530
                      lookup_slow fs/namei.c:1547 [inline]
                      walk_component+0x442/0x680 fs/namei.c:1846
                      link_path_walk+0x66d/0xba0 fs/namei.c:2165
                      path_openat+0x21d/0x38b0 fs/namei.c:3342
                      do_filp_open+0x2b4/0x3a0 fs/namei.c:3375
                      do_sys_openat2+0x463/0x6f0 fs/open.c:1148
                      do_sys_open fs/open.c:1164 [inline]
                      ksys_open include/linux/syscalls.h:1386 [inline]
                      __do_sys_open fs/open.c:1170 [inline]
                      __se_sys_open fs/open.c:1168 [inline]
                      __x64_sys_open+0x1af/0x1e0 fs/open.c:1168
                      do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:295
                      entry_SYSCALL_64_after_hwframe+0x49/0xb3
    INITIAL USE at:
                     lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
                     __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
                     _raw_spin_lock_irqsave+0x9e/0xc0 kernel/locking/spinlock.c:159
                     __wake_up_common_lock kernel/sched/wait.c:122 [inline]
                     __wake_up+0xb8/0x150 kernel/sched/wait.c:142
                     do_notify_pidfd kernel/signal.c:1900 [inline]
                     do_notify_parent+0x167/0xce0 kernel/signal.c:1927
                     exit_notify kernel/exit.c:660 [inline]
                     do_exit+0x12c5/0x1f80 kernel/exit.c:816
                     call_usermodehelper_exec_async+0x47c/0x480 kernel/umh.c:125
                     ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
  }
  ... key      at: [<ffffffff8aae6790>] alloc_pid.__key+0x0/0x10
  ... acquired at:
   lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
   __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
   _raw_spin_lock_irqsave+0x9e/0xc0 kernel/locking/spinlock.c:159
   __wake_up_common_lock kernel/sched/wait.c:122 [inline]
   __wake_up+0xb8/0x150 kernel/sched/wait.c:142
   do_notify_pidfd kernel/signal.c:1900 [inline]
   do_notify_parent+0x167/0xce0 kernel/signal.c:1927
   exit_notify kernel/exit.c:660 [inline]
   do_exit+0x12c5/0x1f80 kernel/exit.c:816
   call_usermodehelper_exec_async+0x47c/0x480 kernel/umh.c:125
   ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352

-> (tasklist_lock){.+.?}-{2:2} {
   HARDIRQ-ON-R at:
                    lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
                    __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
                    _raw_read_lock+0x2d/0x40 kernel/locking/spinlock.c:223
                    do_wait+0x280/0x6a0 kernel/exit.c:1436
                    kernel_wait4+0x1d1/0x2c0 kernel/exit.c:1611
                    call_usermodehelper_exec_sync kernel/umh.c:150 [inline]
                    call_usermodehelper_exec_work+0xea/0x320 kernel/umh.c:187
                    process_one_work+0x76e/0xfd0 kernel/workqueue.c:2266
                    worker_thread+0xa7f/0x1450 kernel/workqueue.c:2412
                    kthread+0x353/0x380 kernel/kthread.c:268
                    ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
   IN-SOFTIRQ-R at:
                    lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
                    __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
                    _raw_read_lock+0x2d/0x40 kernel/locking/spinlock.c:223
                    send_sigurg+0xcd/0x320 fs/fcntl.c:840
                    sk_send_sigurg+0x6a/0xb0 net/core/sock.c:2855
                    tcp_check_urg net/ipv4/tcp_input.c:5353 [inline]
                    tcp_urg+0x270/0xad0 net/ipv4/tcp_input.c:5394
                    tcp_rcv_established+0x90b/0x1fa0 net/ipv4/tcp_input.c:5724
                    tcp_v6_do_rcv+0x4a5/0x1270 net/ipv6/tcp_ipv6.c:1438
                    tcp_v6_rcv+0x39d9/0x4780 net/ipv6/tcp_ipv6.c:1671
                    ip6_protocol_deliver_rcu+0x99b/0x1670 net/ipv6/ip6_input.c:433
                    ip6_input_finish net/ipv6/ip6_input.c:474 [inline]
                    NF_HOOK include/linux/netfilter.h:307 [inline]
                    ip6_input+0x10b/0x190 net/ipv6/ip6_input.c:483
                    __netif_receive_skb_one_core net/core/dev.c:5187 [inline]
                    __netif_receive_skb+0x136/0x370 net/core/dev.c:5301
                    process_backlog+0x4e8/0x950 net/core/dev.c:6133
                    napi_poll net/core/dev.c:6571 [inline]
                    net_rx_action+0x62f/0x1140 net/core/dev.c:6639
                    __do_softirq+0x268/0x80c kernel/softirq.c:292
                    run_ksoftirqd+0x60/0xf0 kernel/softirq.c:604
                    smpboot_thread_fn+0x572/0x970 kernel/smpboot.c:165
                    kthread+0x353/0x380 kernel/kthread.c:268
                    ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
   SOFTIRQ-ON-R at:
                    lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
                    __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
                    _raw_read_lock+0x2d/0x40 kernel/locking/spinlock.c:223
                    do_wait+0x280/0x6a0 kernel/exit.c:1436
                    kernel_wait4+0x1d1/0x2c0 kernel/exit.c:1611
                    call_usermodehelper_exec_sync kernel/umh.c:150 [inline]
                    call_usermodehelper_exec_work+0xea/0x320 kernel/umh.c:187
                    process_one_work+0x76e/0xfd0 kernel/workqueue.c:2266
                    worker_thread+0xa7f/0x1450 kernel/workqueue.c:2412
                    kthread+0x353/0x380 kernel/kthread.c:268
                    ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
   INITIAL USE at:
                   lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
                   __raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline]
                   _raw_write_lock_irq+0x67/0x80 kernel/locking/spinlock.c:311
                   copy_process+0x3076/0x5370 kernel/fork.c:2204
                   _do_fork+0x134/0x650 kernel/fork.c:2431
                   kernel_thread+0xdf/0x130 kernel/fork.c:2518
                   rest_init+0x1f/0x2a0 init/main.c:626
                   start_kernel+0x674/0x774 init/main.c:998
                   secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:242
 }
 ... key      at: [<ffffffff89209098>] tasklist_lock+0x18/0x40
 ... acquired at:
   mark_lock_irq kernel/locking/lockdep.c:3585 [inline]
   mark_lock+0x529/0x1b00 kernel/locking/lockdep.c:3935
   mark_usage kernel/locking/lockdep.c:3834 [inline]
   __lock_acquire+0xaa7/0x2b90 kernel/locking/lockdep.c:4298
   lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
   __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
   _raw_read_lock+0x2d/0x40 kernel/locking/spinlock.c:223
   send_sigurg+0xcd/0x320 fs/fcntl.c:840
   sk_send_sigurg+0x6a/0xb0 net/core/sock.c:2855
   tcp_check_urg net/ipv4/tcp_input.c:5353 [inline]
   tcp_urg+0x270/0xad0 net/ipv4/tcp_input.c:5394
   tcp_rcv_established+0x90b/0x1fa0 net/ipv4/tcp_input.c:5724
   tcp_v6_do_rcv+0x4a5/0x1270 net/ipv6/tcp_ipv6.c:1438
   tcp_v6_rcv+0x39d9/0x4780 net/ipv6/tcp_ipv6.c:1671
   ip6_protocol_deliver_rcu+0x99b/0x1670 net/ipv6/ip6_input.c:433
   ip6_input_finish net/ipv6/ip6_input.c:474 [inline]
   NF_HOOK include/linux/netfilter.h:307 [inline]
   ip6_input+0x10b/0x190 net/ipv6/ip6_input.c:483
   __netif_receive_skb_one_core net/core/dev.c:5187 [inline]
   __netif_receive_skb+0x136/0x370 net/core/dev.c:5301
   process_backlog+0x4e8/0x950 net/core/dev.c:6133
   napi_poll net/core/dev.c:6571 [inline]
   net_rx_action+0x62f/0x1140 net/core/dev.c:6639
   __do_softirq+0x268/0x80c kernel/softirq.c:292
   run_ksoftirqd+0x60/0xf0 kernel/softirq.c:604
   smpboot_thread_fn+0x572/0x970 kernel/smpboot.c:165
   kthread+0x353/0x380 kernel/kthread.c:268
   ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352


stack backtrace:
CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 5.6.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1e9/0x30e lib/dump_stack.c:118
 print_irq_inversion_bug+0xb67/0xe90 kernel/locking/lockdep.c:3447
 check_usage_forwards+0x13f/0x240 kernel/locking/lockdep.c:3472
 mark_lock_irq kernel/locking/lockdep.c:3585 [inline]
 mark_lock+0x529/0x1b00 kernel/locking/lockdep.c:3935
 mark_usage kernel/locking/lockdep.c:3834 [inline]
 __lock_acquire+0xaa7/0x2b90 kernel/locking/lockdep.c:4298
 lock_acquire+0x169/0x480 kernel/locking/lockdep.c:4923
 __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
 _raw_read_lock+0x2d/0x40 kernel/locking/spinlock.c:223
 send_sigurg+0xcd/0x320 fs/fcntl.c:840
 sk_send_sigurg+0x6a/0xb0 net/core/sock.c:2855
 tcp_check_urg net/ipv4/tcp_input.c:5353 [inline]
 tcp_urg+0x270/0xad0 net/ipv4/tcp_input.c:5394
 tcp_rcv_established+0x90b/0x1fa0 net/ipv4/tcp_input.c:5724
 tcp_v6_do_rcv+0x4a5/0x1270 net/ipv6/tcp_ipv6.c:1438
 tcp_v6_rcv+0x39d9/0x4780 net/ipv6/tcp_ipv6.c:1671
 ip6_protocol_deliver_rcu+0x99b/0x1670 net/ipv6/ip6_input.c:433
 ip6_input_finish net/ipv6/ip6_input.c:474 [inline]
 NF_HOOK include/linux/netfilter.h:307 [inline]
 ip6_input+0x10b/0x190 net/ipv6/ip6_input.c:483
 __netif_receive_skb_one_core net/core/dev.c:5187 [inline]
 __netif_receive_skb+0x136/0x370 net/core/dev.c:5301
 process_backlog+0x4e8/0x950 net/core/dev.c:6133
 napi_poll net/core/dev.c:6571 [inline]
 net_rx_action+0x62f/0x1140 net/core/dev.c:6639
 __do_softirq+0x268/0x80c kernel/softirq.c:292
 run_ksoftirqd+0x60/0xf0 kernel/softirq.c:604
 smpboot_thread_fn+0x572/0x970 kernel/smpboot.c:165
 kthread+0x353/0x380 kernel/kthread.c:268
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352