Warning: Permanently added '10.128.0.46' (ED25519) to the list of known hosts. executing program [ 34.756189][ T4225] [ 34.756838][ T4225] ===================================================== [ 34.758702][ T4225] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 34.760667][ T4225] 6.1.44-syzkaller #0 Not tainted [ 34.761993][ T4225] ----------------------------------------------------- [ 34.763884][ T4225] syz-executor355/4225 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 34.765976][ T4225] ffff800015b3c2e0 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 34.768439][ T4225] [ 34.768439][ T4225] and this task is already holding: [ 34.770347][ T4225] ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 34.772727][ T4225] which would create a new lock dependency: [ 34.774266][ T4225] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 34.776251][ T4225] [ 34.776251][ T4225] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 34.778699][ T4225] (noop_qdisc.q.lock){+.-.}-{2:2} [ 34.778716][ T4225] [ 34.778716][ T4225] ... which became SOFTIRQ-irq-safe at: [ 34.782028][ T4225] lock_acquire+0x26c/0x7cc [ 34.783254][ T4225] _raw_spin_lock+0x54/0x6c [ 34.784457][ T4225] net_tx_action+0x6ec/0x94c [ 34.785645][ T4225] __do_softirq+0x30c/0xea0 [ 34.786865][ T4225] ____do_softirq+0x14/0x20 [ 34.788119][ T4225] call_on_irq_stack+0x24/0x4c [ 34.789393][ T4225] do_softirq_own_stack+0x20/0x2c [ 34.790717][ T4225] do_softirq+0x120/0x20c [ 34.791877][ T4225] __local_bh_enable_ip+0x2c0/0x4d0 [ 34.793277][ T4225] local_bh_enable+0x28/0x34 [ 34.794475][ T4225] dev_deactivate_many+0x3d4/0xa8c [ 34.795847][ T4225] dev_deactivate+0x13c/0x1fc [ 34.797123][ T4225] linkwatch_do_dev+0x29c/0x3a4 [ 34.798410][ T4225] __linkwatch_run_queue+0x3a0/0x700 [ 34.799818][ T4225] linkwatch_event+0x58/0x68 [ 34.801121][ T4225] process_one_work+0x7ac/0x1404 [ 34.802462][ T4225] worker_thread+0x8e4/0xfec [ 34.803739][ T4225] kthread+0x250/0x2d8 [ 34.804892][ T4225] ret_from_fork+0x10/0x20 [ 34.806066][ T4225] [ 34.806066][ T4225] to a SOFTIRQ-irq-unsafe lock: [ 34.807918][ T4225] (fs_reclaim){+.+.}-{0:0} [ 34.807936][ T4225] [ 34.807936][ T4225] ... which became SOFTIRQ-irq-unsafe at: [ 34.811237][ T4225] ... [ 34.811243][ T4225] lock_acquire+0x26c/0x7cc [ 34.813107][ T4225] fs_reclaim_acquire+0x90/0x12c [ 34.814456][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 34.815886][ T4225] kmalloc_node_trace+0x44/0x90 [ 34.817191][ T4225] init_rescuer+0xa4/0x264 [ 34.818427][ T4225] workqueue_init+0x298/0x5b4 [ 34.819741][ T4225] kernel_init_freeable+0x33c/0x528 [ 34.821134][ T4225] kernel_init+0x24/0x29c [ 34.822344][ T4225] ret_from_fork+0x10/0x20 [ 34.823576][ T4225] [ 34.823576][ T4225] other info that might help us debug this: [ 34.823576][ T4225] [ 34.826355][ T4225] Possible interrupt unsafe locking scenario: [ 34.826355][ T4225] [ 34.828582][ T4225] CPU0 CPU1 [ 34.830020][ T4225] ---- ---- [ 34.831491][ T4225] lock(fs_reclaim); [ 34.832577][ T4225] local_irq_disable(); [ 34.834398][ T4225] lock(noop_qdisc.q.lock); [ 34.836315][ T4225] lock(fs_reclaim); [ 34.838037][ T4225] [ 34.838955][ T4225] lock(noop_qdisc.q.lock); [ 34.840252][ T4225] [ 34.840252][ T4225] *** DEADLOCK *** [ 34.840252][ T4225] [ 34.842424][ T4225] 2 locks held by syz-executor355/4225: [ 34.843889][ T4225] #0: ffff800017e6fcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 34.846374][ T4225] #1: ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 34.849037][ T4225] [ 34.849037][ T4225] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 34.851808][ T4225] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 34.853255][ T4225] HARDIRQ-ON-W at: [ 34.854328][ T4225] lock_acquire+0x26c/0x7cc [ 34.855946][ T4225] _raw_spin_lock+0x54/0x6c [ 34.857612][ T4225] __dev_queue_xmit+0xb14/0x38d8 [ 34.859357][ T4225] tx+0x90/0x134 [ 34.860742][ T4225] kthread+0x1ac/0x374 [ 34.862232][ T4225] kthread+0x250/0x2d8 [ 34.863738][ T4225] ret_from_fork+0x10/0x20 [ 34.865367][ T4225] IN-SOFTIRQ-W at: [ 34.866413][ T4225] lock_acquire+0x26c/0x7cc [ 34.868071][ T4225] _raw_spin_lock+0x54/0x6c [ 34.869713][ T4225] net_tx_action+0x6ec/0x94c [ 34.871141][ T4225] __do_softirq+0x30c/0xea0 [ 34.872396][ T4225] ____do_softirq+0x14/0x20 [ 34.873625][ T4225] call_on_irq_stack+0x24/0x4c [ 34.874879][ T4225] do_softirq_own_stack+0x20/0x2c [ 34.876525][ T4225] do_softirq+0x120/0x20c [ 34.878092][ T4225] __local_bh_enable_ip+0x2c0/0x4d0 [ 34.879898][ T4225] local_bh_enable+0x28/0x34 [ 34.881574][ T4225] dev_deactivate_many+0x3d4/0xa8c [ 34.883368][ T4225] dev_deactivate+0x13c/0x1fc [ 34.885079][ T4225] linkwatch_do_dev+0x29c/0x3a4 [ 34.886822][ T4225] __linkwatch_run_queue+0x3a0/0x700 [ 34.888635][ T4225] linkwatch_event+0x58/0x68 [ 34.890267][ T4225] process_one_work+0x7ac/0x1404 [ 34.892052][ T4225] worker_thread+0x8e4/0xfec [ 34.893727][ T4225] kthread+0x250/0x2d8 [ 34.895211][ T4225] ret_from_fork+0x10/0x20 [ 34.896775][ T4225] INITIAL USE at: [ 34.897837][ T4225] lock_acquire+0x26c/0x7cc [ 34.899482][ T4225] _raw_spin_lock+0x54/0x6c [ 34.901098][ T4225] __dev_queue_xmit+0xb14/0x38d8 [ 34.902817][ T4225] tx+0x90/0x134 [ 34.904197][ T4225] kthread+0x1ac/0x374 [ 34.905737][ T4225] kthread+0x250/0x2d8 [ 34.907283][ T4225] ret_from_fork+0x10/0x20 [ 34.908830][ T4225] } [ 34.909481][ T4225] ... key at: [] noop_qdisc+0x108/0x320 [ 34.911631][ T4225] [ 34.911631][ T4225] the dependencies between the lock to be acquired [ 34.911638][ T4225] and SOFTIRQ-irq-unsafe lock: [ 34.915331][ T4225] -> (fs_reclaim){+.+.}-{0:0} { [ 34.916612][ T4225] HARDIRQ-ON-W at: [ 34.917699][ T4225] lock_acquire+0x26c/0x7cc [ 34.919392][ T4225] fs_reclaim_acquire+0x90/0x12c [ 34.921244][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 34.923138][ T4225] kmalloc_node_trace+0x44/0x90 [ 34.924857][ T4225] init_rescuer+0xa4/0x264 [ 34.926497][ T4225] workqueue_init+0x298/0x5b4 [ 34.928143][ T4225] kernel_init_freeable+0x33c/0x528 [ 34.929969][ T4225] kernel_init+0x24/0x29c [ 34.931692][ T4225] ret_from_fork+0x10/0x20 [ 34.933338][ T4225] SOFTIRQ-ON-W at: [ 34.934429][ T4225] lock_acquire+0x26c/0x7cc [ 34.936066][ T4225] fs_reclaim_acquire+0x90/0x12c [ 34.937805][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 34.939717][ T4225] kmalloc_node_trace+0x44/0x90 [ 34.941488][ T4225] init_rescuer+0xa4/0x264 [ 34.943149][ T4225] workqueue_init+0x298/0x5b4 [ 34.944871][ T4225] kernel_init_freeable+0x33c/0x528 [ 34.946726][ T4225] kernel_init+0x24/0x29c [ 34.948383][ T4225] ret_from_fork+0x10/0x20 [ 34.950080][ T4225] INITIAL USE at: [ 34.951121][ T4225] lock_acquire+0x26c/0x7cc [ 34.952832][ T4225] fs_reclaim_acquire+0x90/0x12c [ 34.954638][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 34.956573][ T4225] kmalloc_node_trace+0x44/0x90 [ 34.958376][ T4225] init_rescuer+0xa4/0x264 [ 34.960014][ T4225] workqueue_init+0x298/0x5b4 [ 34.961675][ T4225] kernel_init_freeable+0x33c/0x528 [ 34.963507][ T4225] kernel_init+0x24/0x29c [ 34.965094][ T4225] ret_from_fork+0x10/0x20 [ 34.966662][ T4225] } [ 34.967335][ T4225] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 34.969475][ T4225] ... acquired at: [ 34.970519][ T4225] fs_reclaim_acquire+0x90/0x12c [ 34.971980][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 34.973487][ T4225] __kmalloc_node+0xcc/0x1d0 [ 34.974782][ T4225] kvmalloc_node+0x84/0x1e4 [ 34.976029][ T4225] get_dist_table+0xa0/0x354 [ 34.977325][ T4225] netem_change+0x7a4/0x1900 [ 34.978597][ T4225] netem_init+0x54/0xb8 [ 34.979745][ T4225] qdisc_create+0x70c/0xe64 [ 34.981083][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 34.982407][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 34.983765][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 34.985065][ T4225] rtnetlink_rcv+0x28/0x38 [ 34.986277][ T4225] netlink_unicast+0x660/0x8d4 [ 34.987588][ T4225] netlink_sendmsg+0x834/0xb18 [ 34.988956][ T4225] ____sys_sendmsg+0x558/0x844 [ 34.990256][ T4225] __sys_sendmsg+0x26c/0x33c [ 34.991552][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 34.992887][ T4225] invoke_syscall+0x98/0x2c0 [ 34.994183][ T4225] el0_svc_common+0x138/0x258 [ 34.995491][ T4225] do_el0_svc+0x64/0x218 [ 34.996685][ T4225] el0_svc+0x58/0x168 [ 34.997794][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 34.999174][ T4225] el0t_64_sync+0x18c/0x190 [ 35.000504][ T4225] [ 35.001110][ T4225] [ 35.001110][ T4225] stack backtrace: [ 35.002729][ T4225] CPU: 0 PID: 4225 Comm: syz-executor355 Not tainted 6.1.44-syzkaller #0 [ 35.005016][ T4225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.007735][ T4225] Call trace: [ 35.008663][ T4225] dump_backtrace+0x1c8/0x1f4 [ 35.009930][ T4225] show_stack+0x2c/0x3c [ 35.011050][ T4225] dump_stack_lvl+0x108/0x170 [ 35.012343][ T4225] dump_stack+0x1c/0x58 [ 35.013461][ T4225] __lock_acquire+0x6310/0x764c [ 35.014775][ T4225] lock_acquire+0x26c/0x7cc [ 35.016058][ T4225] fs_reclaim_acquire+0x90/0x12c [ 35.017387][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 35.018848][ T4225] __kmalloc_node+0xcc/0x1d0 [ 35.020112][ T4225] kvmalloc_node+0x84/0x1e4 [ 35.021389][ T4225] get_dist_table+0xa0/0x354 [ 35.022633][ T4225] netem_change+0x7a4/0x1900 [ 35.023888][ T4225] netem_init+0x54/0xb8 [ 35.025032][ T4225] qdisc_create+0x70c/0xe64 [ 35.026272][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 35.027619][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.028966][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 35.030266][ T4225] rtnetlink_rcv+0x28/0x38 [ 35.031523][ T4225] netlink_unicast+0x660/0x8d4 [ 35.032822][ T4225] netlink_sendmsg+0x834/0xb18 [ 35.034113][ T4225] ____sys_sendmsg+0x558/0x844 [ 35.035415][ T4225] __sys_sendmsg+0x26c/0x33c [ 35.036708][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 35.038069][ T4225] invoke_syscall+0x98/0x2c0 [ 35.039310][ T4225] el0_svc_common+0x138/0x258 [ 35.040572][ T4225] do_el0_svc+0x64/0x218 [ 35.041732][ T4225] el0_svc+0x58/0x168 [ 35.042813][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 35.044139][ T4225] el0t_64_sync+0x18c/0x190 [ 35.045424][ T4225] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.047964][ T4225] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4225, name: syz-executor355 [ 35.050456][ T4225] preempt_count: 201, expected: 0 [ 35.051733][ T4225] RCU nest depth: 0, expected: 0 [ 35.052946][ T4225] INFO: lockdep is turned off. [ 35.054157][ T4225] Preemption disabled at: [ 35.054166][ T4225] [] sch_tree_lock+0x120/0x1d4 [ 35.056901][ T4225] CPU: 0 PID: 4225 Comm: syz-executor355 Not tainted 6.1.44-syzkaller #0 [ 35.059014][ T4225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.061632][ T4225] Call trace: [ 35.062472][ T4225] dump_backtrace+0x1c8/0x1f4 [ 35.063655][ T4225] show_stack+0x2c/0x3c [ 35.064705][ T4225] dump_stack_lvl+0x108/0x170 [ 35.065868][ T4225] dump_stack+0x1c/0x58 [ 35.066941][ T4225] __might_resched+0x37c/0x4d8 [ 35.068214][ T4225] __might_sleep+0x90/0xe4 [ 35.069402][ T4225] __kmem_cache_alloc_node+0x74/0x388 [ 35.070847][ T4225] __kmalloc_node+0xcc/0x1d0 [ 35.072047][ T4225] kvmalloc_node+0x84/0x1e4 [ 35.073180][ T4225] get_dist_table+0xa0/0x354 [ 35.074432][ T4225] netem_change+0x7a4/0x1900 [ 35.075646][ T4225] netem_init+0x54/0xb8 [ 35.076744][ T4225] qdisc_create+0x70c/0xe64 [ 35.077936][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 35.079253][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.080584][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 35.081832][ T4225] rtnetlink_rcv+0x28/0x38 [ 35.082982][ T4225] netlink_unicast+0x660/0x8d4 [ 35.084211][ T4225] netlink_sendmsg+0x834/0xb18 [ 35.085433][ T4225] ____sys_sendmsg+0x558/0x844 [ 35.086672][ T4225] __sys_sendmsg+0x26c/0x33c [ 35.087883][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 35.089194][ T4225] invoke_syscall+0x98/0x2c0 [ 35.090406][ T4225] el0_svc_common+0x138/0x258 [ 35.091680][ T4225] do_el0_svc+0x64/0x218 [ 35.092798][ T4225] el0_svc+0x58/0x168 [ 35.093864][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 35.095150][ T4225] el0t_64_sync+0x18c/0x190