Warning: Permanently added '10.128.0.48' (ED25519) to the list of known hosts. executing program [ 35.563452][ T4217] [ 35.564172][ T4217] ===================================================== [ 35.566094][ T4217] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.568082][ T4217] 6.1.45-syzkaller #0 Not tainted [ 35.569398][ T4217] ----------------------------------------------------- [ 35.571237][ T4217] syz-executor222/4217 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.573352][ T4217] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.575857][ T4217] [ 35.575857][ T4217] and this task is already holding: [ 35.577802][ T4217] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.580222][ T4217] which would create a new lock dependency: [ 35.581766][ T4217] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.583758][ T4217] [ 35.583758][ T4217] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.586223][ T4217] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.586240][ T4217] [ 35.586240][ T4217] ... which became SOFTIRQ-irq-safe at: [ 35.589562][ T4217] lock_acquire+0x26c/0x7cc [ 35.590740][ T4217] _raw_spin_lock+0x54/0x6c [ 35.591911][ T4217] net_tx_action+0x6ec/0x94c [ 35.593136][ T4217] __do_softirq+0x30c/0xea0 [ 35.594303][ T4217] ____do_softirq+0x14/0x20 [ 35.595444][ T4217] call_on_irq_stack+0x24/0x4c [ 35.596668][ T4217] do_softirq_own_stack+0x20/0x2c [ 35.597983][ T4217] do_softirq+0x120/0x20c [ 35.599108][ T4217] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.600459][ T4217] local_bh_enable+0x28/0x34 [ 35.601675][ T4217] dev_deactivate_many+0x3d4/0xa8c [ 35.602996][ T4217] dev_deactivate+0x13c/0x1fc [ 35.604179][ T4217] linkwatch_do_dev+0x29c/0x3a4 [ 35.605612][ T4217] __linkwatch_run_queue+0x3a0/0x700 [ 35.607041][ T4217] linkwatch_event+0x58/0x68 [ 35.608285][ T4217] process_one_work+0x7ac/0x1404 [ 35.609546][ T4217] worker_thread+0x8e4/0xfec [ 35.610706][ T4217] kthread+0x250/0x2d8 [ 35.611733][ T4217] ret_from_fork+0x10/0x20 [ 35.612870][ T4217] [ 35.612870][ T4217] to a SOFTIRQ-irq-unsafe lock: [ 35.614693][ T4217] (fs_reclaim){+.+.}-{0:0} [ 35.614711][ T4217] [ 35.614711][ T4217] ... which became SOFTIRQ-irq-unsafe at: [ 35.617762][ T4217] ... [ 35.617769][ T4217] lock_acquire+0x26c/0x7cc [ 35.619709][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.621008][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.622398][ T4217] kmalloc_node_trace+0x44/0x90 [ 35.623683][ T4217] init_rescuer+0xa4/0x264 [ 35.624936][ T4217] workqueue_init+0x298/0x5b4 [ 35.626206][ T4217] kernel_init_freeable+0x33c/0x528 [ 35.627604][ T4217] kernel_init+0x24/0x29c [ 35.628742][ T4217] ret_from_fork+0x10/0x20 [ 35.629898][ T4217] [ 35.629898][ T4217] other info that might help us debug this: [ 35.629898][ T4217] [ 35.632586][ T4217] Possible interrupt unsafe locking scenario: [ 35.632586][ T4217] [ 35.634774][ T4217] CPU0 CPU1 [ 35.636182][ T4217] ---- ---- [ 35.637671][ T4217] lock(fs_reclaim); [ 35.638692][ T4217] local_irq_disable(); [ 35.640397][ T4217] lock(noop_qdisc.q.lock); [ 35.642210][ T4217] lock(fs_reclaim); [ 35.643869][ T4217] [ 35.644782][ T4217] lock(noop_qdisc.q.lock); [ 35.645944][ T4217] [ 35.645944][ T4217] *** DEADLOCK *** [ 35.645944][ T4217] [ 35.648048][ T4217] 2 locks held by syz-executor222/4217: [ 35.649529][ T4217] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.651936][ T4217] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.654483][ T4217] [ 35.654483][ T4217] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.657222][ T4217] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.658688][ T4217] HARDIRQ-ON-W at: [ 35.659742][ T4217] lock_acquire+0x26c/0x7cc [ 35.661500][ T4217] _raw_spin_lock+0x54/0x6c [ 35.663086][ T4217] __dev_queue_xmit+0xb14/0x38d8 [ 35.664813][ T4217] tx+0x90/0x134 [ 35.666139][ T4217] kthread+0x1ac/0x374 [ 35.667612][ T4217] kthread+0x250/0x2d8 [ 35.669110][ T4217] ret_from_fork+0x10/0x20 [ 35.670689][ T4217] IN-SOFTIRQ-W at: [ 35.671690][ T4217] lock_acquire+0x26c/0x7cc [ 35.673256][ T4217] _raw_spin_lock+0x54/0x6c [ 35.674883][ T4217] net_tx_action+0x6ec/0x94c [ 35.676508][ T4217] __do_softirq+0x30c/0xea0 [ 35.678117][ T4217] ____do_softirq+0x14/0x20 [ 35.679735][ T4217] call_on_irq_stack+0x24/0x4c [ 35.681380][ T4217] do_softirq_own_stack+0x20/0x2c [ 35.683105][ T4217] do_softirq+0x120/0x20c [ 35.684686][ T4217] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.686517][ T4217] local_bh_enable+0x28/0x34 [ 35.688131][ T4217] dev_deactivate_many+0x3d4/0xa8c [ 35.689950][ T4217] dev_deactivate+0x13c/0x1fc [ 35.691611][ T4217] linkwatch_do_dev+0x29c/0x3a4 [ 35.693302][ T4217] __linkwatch_run_queue+0x3a0/0x700 [ 35.695136][ T4217] linkwatch_event+0x58/0x68 [ 35.696803][ T4217] process_one_work+0x7ac/0x1404 [ 35.698439][ T4217] worker_thread+0x8e4/0xfec [ 35.699995][ T4217] kthread+0x250/0x2d8 [ 35.701447][ T4217] ret_from_fork+0x10/0x20 [ 35.702942][ T4217] INITIAL USE at: [ 35.703893][ T4217] lock_acquire+0x26c/0x7cc [ 35.705413][ T4217] _raw_spin_lock+0x54/0x6c [ 35.706883][ T4217] __dev_queue_xmit+0xb14/0x38d8 [ 35.708510][ T4217] tx+0x90/0x134 [ 35.709862][ T4217] kthread+0x1ac/0x374 [ 35.711276][ T4217] kthread+0x250/0x2d8 [ 35.712667][ T4217] ret_from_fork+0x10/0x20 [ 35.714181][ T4217] } [ 35.714800][ T4217] ... key at: [] noop_qdisc+0x108/0x320 [ 35.716721][ T4217] [ 35.716721][ T4217] the dependencies between the lock to be acquired [ 35.716728][ T4217] and SOFTIRQ-irq-unsafe lock: [ 35.720066][ T4217] -> (fs_reclaim){+.+.}-{0:0} { [ 35.721282][ T4217] HARDIRQ-ON-W at: [ 35.722279][ T4217] lock_acquire+0x26c/0x7cc [ 35.723844][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.725520][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.727262][ T4217] kmalloc_node_trace+0x44/0x90 [ 35.728857][ T4217] init_rescuer+0xa4/0x264 [ 35.730436][ T4217] workqueue_init+0x298/0x5b4 [ 35.732007][ T4217] kernel_init_freeable+0x33c/0x528 [ 35.733701][ T4217] kernel_init+0x24/0x29c [ 35.735233][ T4217] ret_from_fork+0x10/0x20 [ 35.736731][ T4217] SOFTIRQ-ON-W at: [ 35.737702][ T4217] lock_acquire+0x26c/0x7cc [ 35.739290][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.740937][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.742684][ T4217] kmalloc_node_trace+0x44/0x90 [ 35.744308][ T4217] init_rescuer+0xa4/0x264 [ 35.745873][ T4217] workqueue_init+0x298/0x5b4 [ 35.747419][ T4217] kernel_init_freeable+0x33c/0x528 [ 35.749075][ T4217] kernel_init+0x24/0x29c [ 35.750585][ T4217] ret_from_fork+0x10/0x20 [ 35.752092][ T4217] INITIAL USE at: [ 35.753055][ T4217] lock_acquire+0x26c/0x7cc [ 35.754581][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.756181][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.757907][ T4217] kmalloc_node_trace+0x44/0x90 [ 35.759519][ T4217] init_rescuer+0xa4/0x264 [ 35.760985][ T4217] workqueue_init+0x298/0x5b4 [ 35.762541][ T4217] kernel_init_freeable+0x33c/0x528 [ 35.764224][ T4217] kernel_init+0x24/0x29c [ 35.765733][ T4217] ret_from_fork+0x10/0x20 [ 35.767218][ T4217] } [ 35.767834][ T4217] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 35.769791][ T4217] ... acquired at: [ 35.770742][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.772029][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.773419][ T4217] __kmalloc_node+0xcc/0x1d0 [ 35.774634][ T4217] kvmalloc_node+0x84/0x1e4 [ 35.775787][ T4217] get_dist_table+0xa0/0x354 [ 35.776990][ T4217] netem_change+0x7a4/0x1900 [ 35.778194][ T4217] netem_init+0x54/0xb8 [ 35.779269][ T4217] qdisc_create+0x70c/0xe64 [ 35.780422][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 35.781666][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.782936][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 35.784169][ T4217] rtnetlink_rcv+0x28/0x38 [ 35.785323][ T4217] netlink_unicast+0x660/0x8d4 [ 35.786610][ T4217] netlink_sendmsg+0x834/0xb18 [ 35.787832][ T4217] ____sys_sendmsg+0x558/0x844 [ 35.789073][ T4217] __sys_sendmsg+0x26c/0x33c [ 35.790261][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 35.791528][ T4217] invoke_syscall+0x98/0x2c0 [ 35.792672][ T4217] el0_svc_common+0x138/0x258 [ 35.793878][ T4217] do_el0_svc+0x64/0x218 [ 35.795015][ T4217] el0_svc+0x58/0x168 [ 35.796060][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 35.797361][ T4217] el0t_64_sync+0x18c/0x190 [ 35.798520][ T4217] [ 35.799119][ T4217] [ 35.799119][ T4217] stack backtrace: [ 35.800594][ T4217] CPU: 0 PID: 4217 Comm: syz-executor222 Not tainted 6.1.45-syzkaller #0 [ 35.802670][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.805156][ T4217] Call trace: [ 35.805942][ T4217] dump_backtrace+0x1c8/0x1f4 [ 35.807101][ T4217] show_stack+0x2c/0x3c [ 35.808147][ T4217] dump_stack_lvl+0x108/0x170 [ 35.809255][ T4217] dump_stack+0x1c/0x58 [ 35.810272][ T4217] __lock_acquire+0x6310/0x764c [ 35.811441][ T4217] lock_acquire+0x26c/0x7cc [ 35.812561][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.813790][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.815097][ T4217] __kmalloc_node+0xcc/0x1d0 [ 35.816255][ T4217] kvmalloc_node+0x84/0x1e4 [ 35.817368][ T4217] get_dist_table+0xa0/0x354 [ 35.818495][ T4217] netem_change+0x7a4/0x1900 [ 35.819629][ T4217] netem_init+0x54/0xb8 [ 35.820655][ T4217] qdisc_create+0x70c/0xe64 [ 35.821762][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 35.822948][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.824199][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 35.825370][ T4217] rtnetlink_rcv+0x28/0x38 [ 35.826431][ T4217] netlink_unicast+0x660/0x8d4 [ 35.827625][ T4217] netlink_sendmsg+0x834/0xb18 [ 35.828805][ T4217] ____sys_sendmsg+0x558/0x844 [ 35.830005][ T4217] __sys_sendmsg+0x26c/0x33c [ 35.831139][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 35.832358][ T4217] invoke_syscall+0x98/0x2c0 [ 35.833493][ T4217] el0_svc_common+0x138/0x258 [ 35.834657][ T4217] do_el0_svc+0x64/0x218 [ 35.835714][ T4217] el0_svc+0x58/0x168 [ 35.836712][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 35.837939][ T4217] el0t_64_sync+0x18c/0x190 [ 35.839121][ T4217] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.841306][ T4217] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4217, name: syz-executor222 [ 35.843523][ T4217] preempt_count: 201, expected: 0 [ 35.844790][ T4217] RCU nest depth: 0, expected: 0 [ 35.845955][ T4217] INFO: lockdep is turned off. [ 35.847097][ T4217] Preemption disabled at: [ 35.847105][ T4217] [] sch_tree_lock+0x120/0x1d4 [ 35.849594][ T4217] CPU: 0 PID: 4217 Comm: syz-executor222 Not tainted 6.1.45-syzkaller #0 [ 35.851553][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.853898][ T4217] Call trace: [ 35.854691][ T4217] dump_backtrace+0x1c8/0x1f4 [ 35.855777][ T4217] show_stack+0x2c/0x3c [ 35.856811][ T4217] dump_stack_lvl+0x108/0x170 [ 35.857897][ T4217] dump_stack+0x1c/0x58 [ 35.858893][ T4217] __might_resched+0x37c/0x4d8 [ 35.860029][ T4217] __might_sleep+0x90/0xe4 [ 35.861063][ T4217] __kmem_cache_alloc_node+0x74/0x388 [ 35.862384][ T4217] __kmalloc_node+0xcc/0x1d0 [ 35.863485][ T4217] kvmalloc_node+0x84/0x1e4 [ 35.864600][ T4217] get_dist_table+0xa0/0x354 [ 35.865702][ T4217] netem_change+0x7a4/0x1900 [ 35.866846][ T4217] netem_init+0x54/0xb8 [ 35.867824][ T4217] qdisc_create+0x70c/0xe64 [ 35.868875][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 35.870039][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.871183][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 35.872351][ T4217] rtnetlink_rcv+0x28/0x38 [ 35.873399][ T4217] netlink_unicast+0x660/0x8d4 [ 35.874529][ T4217] netlink_sendmsg+0x834/0xb18 [ 35.875672][ T4217] ____sys_sendmsg+0x558/0x844 [ 35.876841][ T4217] __sys_sendmsg+0x26c/0x33c [ 35.877920][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 35.879069][ T4217] invoke_syscall+0x98/0x2c0 [ 35.880198][ T4217] el0_svc_common+0x138/0x258 [ 35.881320][ T4217] do_el0_svc+0x64/0x218 [ 35.882344][ T4217] el0_svc+0x58/0x168 [ 35.883282][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 35.884500][ T4217] el0t_64_sync+0x18c/0x190