Warning: Permanently added '10.128.0.228' (ED25519) to the list of known hosts. executing program [ 37.855579][ T4216] [ 37.856201][ T4216] ===================================================== [ 37.858019][ T4216] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 37.859955][ T4216] 6.1.44-syzkaller #0 Not tainted [ 37.861318][ T4216] ----------------------------------------------------- [ 37.863139][ T4216] syz-executor284/4216 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 37.865253][ T4216] ffff800015b3c2e0 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 37.867776][ T4216] [ 37.867776][ T4216] and this task is already holding: [ 37.869703][ T4216] ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 37.872104][ T4216] which would create a new lock dependency: [ 37.873641][ T4216] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 37.875607][ T4216] [ 37.875607][ T4216] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 37.878041][ T4216] (noop_qdisc.q.lock){+.-.}-{2:2} [ 37.878059][ T4216] [ 37.878059][ T4216] ... which became SOFTIRQ-irq-safe at: [ 37.881408][ T4216] lock_acquire+0x26c/0x7cc [ 37.882650][ T4216] _raw_spin_lock+0x54/0x6c [ 37.883902][ T4216] net_tx_action+0x6ec/0x94c [ 37.885121][ T4216] __do_softirq+0x30c/0xea0 [ 37.886283][ T4216] ____do_softirq+0x14/0x20 [ 37.887475][ T4216] call_on_irq_stack+0x24/0x4c [ 37.888705][ T4216] do_softirq_own_stack+0x20/0x2c [ 37.890056][ T4216] do_softirq+0x120/0x20c [ 37.891255][ T4216] __local_bh_enable_ip+0x2c0/0x4d0 [ 37.892607][ T4216] local_bh_enable+0x28/0x34 [ 37.893813][ T4216] dev_deactivate_many+0x3d4/0xa8c [ 37.895177][ T4216] dev_deactivate+0x13c/0x1fc [ 37.896438][ T4216] linkwatch_do_dev+0x29c/0x3a4 [ 37.897677][ T4216] __linkwatch_run_queue+0x3a0/0x700 [ 37.899093][ T4216] linkwatch_event+0x58/0x68 [ 37.900306][ T4216] process_one_work+0x7ac/0x1404 [ 37.901617][ T4216] worker_thread+0x8e4/0xfec [ 37.902930][ T4216] kthread+0x250/0x2d8 [ 37.904012][ T4216] ret_from_fork+0x10/0x20 [ 37.905169][ T4216] [ 37.905169][ T4216] to a SOFTIRQ-irq-unsafe lock: [ 37.907005][ T4216] (fs_reclaim){+.+.}-{0:0} [ 37.907023][ T4216] [ 37.907023][ T4216] ... which became SOFTIRQ-irq-unsafe at: [ 37.910278][ T4216] ... [ 37.910284][ T4216] lock_acquire+0x26c/0x7cc [ 37.912167][ T4216] fs_reclaim_acquire+0x90/0x12c [ 37.913477][ T4216] __kmem_cache_alloc_node+0x58/0x388 [ 37.914970][ T4216] kmalloc_node_trace+0x44/0x90 [ 37.916221][ T4216] init_rescuer+0xa4/0x264 [ 37.917418][ T4216] workqueue_init+0x298/0x5b4 [ 37.918661][ T4216] kernel_init_freeable+0x33c/0x528 [ 37.920050][ T4216] kernel_init+0x24/0x29c [ 37.921203][ T4216] ret_from_fork+0x10/0x20 [ 37.922379][ T4216] [ 37.922379][ T4216] other info that might help us debug this: [ 37.922379][ T4216] [ 37.925021][ T4216] Possible interrupt unsafe locking scenario: [ 37.925021][ T4216] [ 37.927136][ T4216] CPU0 CPU1 [ 37.928561][ T4216] ---- ---- [ 37.929935][ T4216] lock(fs_reclaim); [ 37.930962][ T4216] local_irq_disable(); [ 37.932758][ T4216] lock(noop_qdisc.q.lock); [ 37.934693][ T4216] lock(fs_reclaim); [ 37.936404][ T4216] [ 37.937370][ T4216] lock(noop_qdisc.q.lock); [ 37.938581][ T4216] [ 37.938581][ T4216] *** DEADLOCK *** [ 37.938581][ T4216] [ 37.940745][ T4216] 2 locks held by syz-executor284/4216: [ 37.942177][ T4216] #0: ffff800017e6fcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 37.944716][ T4216] #1: ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 37.947291][ T4216] [ 37.947291][ T4216] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 37.949971][ T4216] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 37.951381][ T4216] HARDIRQ-ON-W at: [ 37.952443][ T4216] lock_acquire+0x26c/0x7cc [ 37.954090][ T4216] _raw_spin_lock+0x54/0x6c [ 37.955698][ T4216] __dev_queue_xmit+0xb14/0x38d8 [ 37.957524][ T4216] tx+0x90/0x134 [ 37.958889][ T4216] kthread+0x1ac/0x374 [ 37.960340][ T4216] kthread+0x250/0x2d8 [ 37.961884][ T4216] ret_from_fork+0x10/0x20 [ 37.963553][ T4216] IN-SOFTIRQ-W at: [ 37.964591][ T4216] lock_acquire+0x26c/0x7cc [ 37.966208][ T4216] _raw_spin_lock+0x54/0x6c [ 37.967795][ T4216] net_tx_action+0x6ec/0x94c [ 37.969403][ T4216] __do_softirq+0x30c/0xea0 [ 37.971008][ T4216] ____do_softirq+0x14/0x20 [ 37.972609][ T4216] call_on_irq_stack+0x24/0x4c [ 37.974355][ T4216] do_softirq_own_stack+0x20/0x2c [ 37.976163][ T4216] do_softirq+0x120/0x20c [ 37.977689][ T4216] __local_bh_enable_ip+0x2c0/0x4d0 [ 37.979467][ T4216] local_bh_enable+0x28/0x34 [ 37.981128][ T4216] dev_deactivate_many+0x3d4/0xa8c [ 37.982970][ T4216] dev_deactivate+0x13c/0x1fc [ 37.984614][ T4216] linkwatch_do_dev+0x29c/0x3a4 [ 37.986346][ T4216] __linkwatch_run_queue+0x3a0/0x700 [ 37.988185][ T4216] linkwatch_event+0x58/0x68 [ 37.989844][ T4216] process_one_work+0x7ac/0x1404 [ 37.991615][ T4216] worker_thread+0x8e4/0xfec [ 37.993230][ T4216] kthread+0x250/0x2d8 [ 37.994760][ T4216] ret_from_fork+0x10/0x20 [ 37.996314][ T4216] INITIAL USE at: [ 37.997355][ T4216] lock_acquire+0x26c/0x7cc [ 37.998951][ T4216] _raw_spin_lock+0x54/0x6c [ 38.000526][ T4216] __dev_queue_xmit+0xb14/0x38d8 [ 38.002333][ T4216] tx+0x90/0x134 [ 38.003659][ T4216] kthread+0x1ac/0x374 [ 38.005186][ T4216] kthread+0x250/0x2d8 [ 38.006668][ T4216] ret_from_fork+0x10/0x20 [ 38.008278][ T4216] } [ 38.008917][ T4216] ... key at: [] noop_qdisc+0x108/0x320 [ 38.010908][ T4216] [ 38.010908][ T4216] the dependencies between the lock to be acquired [ 38.010915][ T4216] and SOFTIRQ-irq-unsafe lock: [ 38.014472][ T4216] -> (fs_reclaim){+.+.}-{0:0} { [ 38.015786][ T4216] HARDIRQ-ON-W at: [ 38.016803][ T4216] lock_acquire+0x26c/0x7cc [ 38.018422][ T4216] fs_reclaim_acquire+0x90/0x12c [ 38.020185][ T4216] __kmem_cache_alloc_node+0x58/0x388 [ 38.022037][ T4216] kmalloc_node_trace+0x44/0x90 [ 38.023714][ T4216] init_rescuer+0xa4/0x264 [ 38.025296][ T4216] workqueue_init+0x298/0x5b4 [ 38.026938][ T4216] kernel_init_freeable+0x33c/0x528 [ 38.028755][ T4216] kernel_init+0x24/0x29c [ 38.030294][ T4216] ret_from_fork+0x10/0x20 [ 38.031873][ T4216] SOFTIRQ-ON-W at: [ 38.032931][ T4216] lock_acquire+0x26c/0x7cc [ 38.034574][ T4216] fs_reclaim_acquire+0x90/0x12c [ 38.036286][ T4216] __kmem_cache_alloc_node+0x58/0x388 [ 38.038160][ T4216] kmalloc_node_trace+0x44/0x90 [ 38.039853][ T4216] init_rescuer+0xa4/0x264 [ 38.041461][ T4216] workqueue_init+0x298/0x5b4 [ 38.043171][ T4216] kernel_init_freeable+0x33c/0x528 [ 38.044949][ T4216] kernel_init+0x24/0x29c [ 38.046590][ T4216] ret_from_fork+0x10/0x20 [ 38.048219][ T4216] INITIAL USE at: [ 38.049252][ T4216] lock_acquire+0x26c/0x7cc [ 38.050900][ T4216] fs_reclaim_acquire+0x90/0x12c [ 38.052645][ T4216] __kmem_cache_alloc_node+0x58/0x388 [ 38.054457][ T4216] kmalloc_node_trace+0x44/0x90 [ 38.056150][ T4216] init_rescuer+0xa4/0x264 [ 38.057723][ T4216] workqueue_init+0x298/0x5b4 [ 38.059366][ T4216] kernel_init_freeable+0x33c/0x528 [ 38.061149][ T4216] kernel_init+0x24/0x29c [ 38.062683][ T4216] ret_from_fork+0x10/0x20 [ 38.064253][ T4216] } [ 38.064946][ T4216] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 38.067047][ T4216] ... acquired at: [ 38.068046][ T4216] fs_reclaim_acquire+0x90/0x12c [ 38.069359][ T4216] __kmem_cache_alloc_node+0x58/0x388 [ 38.070827][ T4216] __kmalloc_node+0xcc/0x1d0 [ 38.072063][ T4216] kvmalloc_node+0x84/0x1e4 [ 38.073335][ T4216] get_dist_table+0xa0/0x354 [ 38.074606][ T4216] netem_change+0x754/0x1900 [ 38.075819][ T4216] netem_init+0x54/0xb8 [ 38.076935][ T4216] qdisc_create+0x70c/0xe64 [ 38.078154][ T4216] tc_modify_qdisc+0x9f0/0x1840 [ 38.079484][ T4216] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.080820][ T4216] netlink_rcv_skb+0x20c/0x3b8 [ 38.082130][ T4216] rtnetlink_rcv+0x28/0x38 [ 38.083336][ T4216] netlink_unicast+0x660/0x8d4 [ 38.084692][ T4216] netlink_sendmsg+0x834/0xb18 [ 38.085956][ T4216] ____sys_sendmsg+0x558/0x844 [ 38.087232][ T4216] __sys_sendmsg+0x26c/0x33c [ 38.088490][ T4216] __arm64_sys_sendmsg+0x80/0x94 [ 38.089819][ T4216] invoke_syscall+0x98/0x2c0 [ 38.091056][ T4216] el0_svc_common+0x138/0x258 [ 38.092333][ T4216] do_el0_svc+0x64/0x218 [ 38.093540][ T4216] el0_svc+0x58/0x168 [ 38.094654][ T4216] el0t_64_sync_handler+0x84/0xf0 [ 38.096017][ T4216] el0t_64_sync+0x18c/0x190 [ 38.097240][ T4216] [ 38.097854][ T4216] [ 38.097854][ T4216] stack backtrace: [ 38.099398][ T4216] CPU: 1 PID: 4216 Comm: syz-executor284 Not tainted 6.1.44-syzkaller #0 [ 38.101621][ T4216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 38.104279][ T4216] Call trace: [ 38.105122][ T4216] dump_backtrace+0x1c8/0x1f4 [ 38.106362][ T4216] show_stack+0x2c/0x3c [ 38.107486][ T4216] dump_stack_lvl+0x108/0x170 [ 38.108692][ T4216] dump_stack+0x1c/0x58 [ 38.109797][ T4216] __lock_acquire+0x6310/0x764c [ 38.111088][ T4216] lock_acquire+0x26c/0x7cc [ 38.112288][ T4216] fs_reclaim_acquire+0x90/0x12c [ 38.113563][ T4216] __kmem_cache_alloc_node+0x58/0x388 [ 38.114994][ T4216] __kmalloc_node+0xcc/0x1d0 [ 38.116213][ T4216] kvmalloc_node+0x84/0x1e4 [ 38.117449][ T4216] get_dist_table+0xa0/0x354 [ 38.118691][ T4216] netem_change+0x754/0x1900 [ 38.119937][ T4216] netem_init+0x54/0xb8 [ 38.121039][ T4216] qdisc_create+0x70c/0xe64 [ 38.122242][ T4216] tc_modify_qdisc+0x9f0/0x1840 [ 38.123548][ T4216] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.124849][ T4216] netlink_rcv_skb+0x20c/0x3b8 [ 38.126109][ T4216] rtnetlink_rcv+0x28/0x38 [ 38.127313][ T4216] netlink_unicast+0x660/0x8d4 [ 38.128667][ T4216] netlink_sendmsg+0x834/0xb18 [ 38.129951][ T4216] ____sys_sendmsg+0x558/0x844 [ 38.131207][ T4216] __sys_sendmsg+0x26c/0x33c [ 38.132421][ T4216] __arm64_sys_sendmsg+0x80/0x94 [ 38.133778][ T4216] invoke_syscall+0x98/0x2c0 [ 38.135015][ T4216] el0_svc_common+0x138/0x258 [ 38.136251][ T4216] do_el0_svc+0x64/0x218 [ 38.137394][ T4216] el0_svc+0x58/0x168 [ 38.138452][ T4216] el0t_64_sync_handler+0x84/0xf0 [ 38.139749][ T4216] el0t_64_sync+0x18c/0x190 [ 38.140957][ T4216] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 38.143335][ T4216] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4216, name: syz-executor284 [ 38.145791][ T4216] preempt_count: 201, expected: 0 [ 38.147044][ T4216] RCU nest depth: 0, expected: 0 [ 38.148287][ T4216] INFO: lockdep is turned off. [ 38.149569][ T4216] Preemption disabled at: [ 38.149577][ T4216] [] sch_tree_lock+0x120/0x1d4 [ 38.152304][ T4216] CPU: 1 PID: 4216 Comm: syz-executor284 Not tainted 6.1.44-syzkaller #0 [ 38.154481][ T4216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 38.157012][ T4216] Call trace: [ 38.157854][ T4216] dump_backtrace+0x1c8/0x1f4 [ 38.159031][ T4216] show_stack+0x2c/0x3c [ 38.160089][ T4216] dump_stack_lvl+0x108/0x170 [ 38.161319][ T4216] dump_stack+0x1c/0x58 [ 38.162467][ T4216] __might_resched+0x37c/0x4d8 [ 38.163735][ T4216] __might_sleep+0x90/0xe4 [ 38.164899][ T4216] __kmem_cache_alloc_node+0x74/0x388 [ 38.166302][ T4216] __kmalloc_node+0xcc/0x1d0 [ 38.167530][ T4216] kvmalloc_node+0x84/0x1e4 [ 38.168756][ T4216] get_dist_table+0xa0/0x354 [ 38.169957][ T4216] netem_change+0x754/0x1900 [ 38.171143][ T4216] netem_init+0x54/0xb8 [ 38.172252][ T4216] qdisc_create+0x70c/0xe64 [ 38.173409][ T4216] tc_modify_qdisc+0x9f0/0x1840 [ 38.174706][ T4216] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.175984][ T4216] netlink_rcv_skb+0x20c/0x3b8 [ 38.177285][ T4216] rtnetlink_rcv+0x28/0x38 [ 38.178444][ T4216] netlink_unicast+0x660/0x8d4 [ 38.179740][ T4216] netlink_sendmsg+0x834/0xb18 [ 38.180962][ T4216] ____sys_sendmsg+0x558/0x844 [ 38.182221][ T4216] __sys_sendmsg+0x26c/0x33c [ 38.183413][ T4216] __arm64_sys_sendmsg+0x80/0x94 [ 38.184704][ T4216] invoke_syscall+0x98/0x2c0 [ 38.185931][ T4216] el0_svc_common+0x138/0x258 [ 38.187169][ T4216] do_el0_svc+0x64/0x218 [ 38.188339][ T4216] el0_svc+0x58/0x168 [ 38.189363][ T4216] el0t_64_sync_handler+0x84/0xf0 [ 38.190741][ T4216] el0t_64_sync+0x18c/0x190