Warning: Permanently added '10.128.0.97' (ED25519) to the list of known hosts. executing program [ 43.222245][ T4218] [ 43.222899][ T4218] ===================================================== [ 43.224751][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 43.226703][ T4218] 6.1.45-syzkaller #0 Not tainted [ 43.228003][ T4218] ----------------------------------------------------- [ 43.229812][ T4218] syz-executor357/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 43.231949][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 43.234432][ T4218] [ 43.234432][ T4218] and this task is already holding: [ 43.236315][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 43.238736][ T4218] which would create a new lock dependency: [ 43.240260][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 43.242237][ T4218] [ 43.242237][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 43.244644][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 43.244661][ T4218] [ 43.244661][ T4218] ... which became SOFTIRQ-irq-safe at: [ 43.248038][ T4218] lock_acquire+0x26c/0x7cc [ 43.249217][ T4218] _raw_spin_lock+0x54/0x6c [ 43.250386][ T4218] net_tx_action+0x6ec/0x94c [ 43.251613][ T4218] __do_softirq+0x30c/0xea0 [ 43.252766][ T4218] ____do_softirq+0x14/0x20 [ 43.253913][ T4218] call_on_irq_stack+0x24/0x4c [ 43.255181][ T4218] do_softirq_own_stack+0x20/0x2c [ 43.256518][ T4218] do_softirq+0x120/0x20c [ 43.257686][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 43.259082][ T4218] local_bh_enable+0x28/0x34 [ 43.260290][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 43.261649][ T4218] dev_deactivate+0x13c/0x1fc [ 43.262886][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 43.264202][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 43.265601][ T4218] linkwatch_event+0x58/0x68 [ 43.266796][ T4218] process_one_work+0x7ac/0x1404 [ 43.268077][ T4218] worker_thread+0x8e4/0xfec [ 43.269320][ T4218] kthread+0x250/0x2d8 [ 43.270403][ T4218] ret_from_fork+0x10/0x20 [ 43.271584][ T4218] [ 43.271584][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 43.273359][ T4218] (fs_reclaim){+.+.}-{0:0} [ 43.273376][ T4218] [ 43.273376][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 43.276558][ T4218] ... [ 43.276563][ T4218] lock_acquire+0x26c/0x7cc [ 43.278419][ T4218] fs_reclaim_acquire+0x90/0x12c [ 43.279698][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 43.281135][ T4218] kmalloc_node_trace+0x44/0x90 [ 43.282450][ T4218] init_rescuer+0xa4/0x264 [ 43.283569][ T4218] workqueue_init+0x298/0x5b4 [ 43.284818][ T4218] kernel_init_freeable+0x33c/0x528 [ 43.286190][ T4218] kernel_init+0x24/0x29c [ 43.287360][ T4218] ret_from_fork+0x10/0x20 [ 43.288522][ T4218] [ 43.288522][ T4218] other info that might help us debug this: [ 43.288522][ T4218] [ 43.291222][ T4218] Possible interrupt unsafe locking scenario: [ 43.291222][ T4218] [ 43.293390][ T4218] CPU0 CPU1 [ 43.294810][ T4218] ---- ---- [ 43.296209][ T4218] lock(fs_reclaim); [ 43.297253][ T4218] local_irq_disable(); [ 43.298993][ T4218] lock(noop_qdisc.q.lock); [ 43.300838][ T4218] lock(fs_reclaim); [ 43.302518][ T4218] [ 43.303439][ T4218] lock(noop_qdisc.q.lock); [ 43.304676][ T4218] [ 43.304676][ T4218] *** DEADLOCK *** [ 43.304676][ T4218] [ 43.306742][ T4218] 2 locks held by syz-executor357/4218: [ 43.308180][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 43.310727][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 43.313370][ T4218] [ 43.313370][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 43.316175][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 43.317671][ T4218] HARDIRQ-ON-W at: [ 43.318716][ T4218] lock_acquire+0x26c/0x7cc [ 43.320324][ T4218] _raw_spin_lock+0x54/0x6c [ 43.321959][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 43.323734][ T4218] tx+0x90/0x134 [ 43.325072][ T4218] kthread+0x1ac/0x374 [ 43.326595][ T4218] kthread+0x250/0x2d8 [ 43.328036][ T4218] ret_from_fork+0x10/0x20 [ 43.329656][ T4218] IN-SOFTIRQ-W at: [ 43.330717][ T4218] lock_acquire+0x26c/0x7cc [ 43.332304][ T4218] _raw_spin_lock+0x54/0x6c [ 43.333906][ T4218] net_tx_action+0x6ec/0x94c [ 43.335536][ T4218] __do_softirq+0x30c/0xea0 [ 43.337185][ T4218] ____do_softirq+0x14/0x20 [ 43.338746][ T4218] call_on_irq_stack+0x24/0x4c [ 43.340360][ T4218] do_softirq_own_stack+0x20/0x2c [ 43.342101][ T4218] do_softirq+0x120/0x20c [ 43.343656][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 43.345409][ T4218] local_bh_enable+0x28/0x34 [ 43.347072][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 43.348857][ T4218] dev_deactivate+0x13c/0x1fc [ 43.350474][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 43.352189][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 43.353986][ T4218] linkwatch_event+0x58/0x68 [ 43.355631][ T4218] process_one_work+0x7ac/0x1404 [ 43.357412][ T4218] worker_thread+0x8e4/0xfec [ 43.359137][ T4218] kthread+0x250/0x2d8 [ 43.360682][ T4218] ret_from_fork+0x10/0x20 [ 43.362225][ T4218] INITIAL USE at: [ 43.363263][ T4218] lock_acquire+0x26c/0x7cc [ 43.364823][ T4218] _raw_spin_lock+0x54/0x6c [ 43.366367][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 43.368065][ T4218] tx+0x90/0x134 [ 43.369344][ T4218] kthread+0x1ac/0x374 [ 43.370847][ T4218] kthread+0x250/0x2d8 [ 43.372288][ T4218] ret_from_fork+0x10/0x20 [ 43.373914][ T4218] } [ 43.374564][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 43.376592][ T4218] [ 43.376592][ T4218] the dependencies between the lock to be acquired [ 43.376599][ T4218] and SOFTIRQ-irq-unsafe lock: [ 43.380159][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 43.381478][ T4218] HARDIRQ-ON-W at: [ 43.382564][ T4218] lock_acquire+0x26c/0x7cc [ 43.384160][ T4218] fs_reclaim_acquire+0x90/0x12c [ 43.385855][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 43.387699][ T4218] kmalloc_node_trace+0x44/0x90 [ 43.389450][ T4218] init_rescuer+0xa4/0x264 [ 43.391124][ T4218] workqueue_init+0x298/0x5b4 [ 43.392795][ T4218] kernel_init_freeable+0x33c/0x528 [ 43.394615][ T4218] kernel_init+0x24/0x29c [ 43.396138][ T4218] ret_from_fork+0x10/0x20 [ 43.397736][ T4218] SOFTIRQ-ON-W at: [ 43.398800][ T4218] lock_acquire+0x26c/0x7cc [ 43.400394][ T4218] fs_reclaim_acquire+0x90/0x12c [ 43.402108][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 43.403933][ T4218] kmalloc_node_trace+0x44/0x90 [ 43.405617][ T4218] init_rescuer+0xa4/0x264 [ 43.407155][ T4218] workqueue_init+0x298/0x5b4 [ 43.408836][ T4218] kernel_init_freeable+0x33c/0x528 [ 43.410569][ T4218] kernel_init+0x24/0x29c [ 43.412139][ T4218] ret_from_fork+0x10/0x20 [ 43.413713][ T4218] INITIAL USE at: [ 43.414726][ T4218] lock_acquire+0x26c/0x7cc [ 43.416353][ T4218] fs_reclaim_acquire+0x90/0x12c [ 43.418152][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 43.419999][ T4218] kmalloc_node_trace+0x44/0x90 [ 43.421712][ T4218] init_rescuer+0xa4/0x264 [ 43.423310][ T4218] workqueue_init+0x298/0x5b4 [ 43.424964][ T4218] kernel_init_freeable+0x33c/0x528 [ 43.426742][ T4218] kernel_init+0x24/0x29c [ 43.428271][ T4218] ret_from_fork+0x10/0x20 [ 43.429808][ T4218] } [ 43.430425][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 43.432488][ T4218] ... acquired at: [ 43.433453][ T4218] fs_reclaim_acquire+0x90/0x12c [ 43.434768][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 43.436220][ T4218] __kmalloc_node+0xcc/0x1d0 [ 43.437479][ T4218] kvmalloc_node+0x84/0x1e4 [ 43.438696][ T4218] get_dist_table+0xa0/0x354 [ 43.439955][ T4218] netem_change+0x7a4/0x1900 [ 43.441158][ T4218] netem_init+0x54/0xb8 [ 43.442281][ T4218] qdisc_create+0x70c/0xe64 [ 43.443477][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 43.444785][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 43.446115][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 43.447407][ T4218] rtnetlink_rcv+0x28/0x38 [ 43.448590][ T4218] netlink_unicast+0x660/0x8d4 [ 43.449873][ T4218] netlink_sendmsg+0x834/0xb18 [ 43.451177][ T4218] ____sys_sendmsg+0x558/0x844 [ 43.452460][ T4218] __sys_sendmsg+0x26c/0x33c [ 43.453701][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 43.455055][ T4218] invoke_syscall+0x98/0x2c0 [ 43.456354][ T4218] el0_svc_common+0x138/0x258 [ 43.457640][ T4218] do_el0_svc+0x64/0x218 [ 43.458791][ T4218] el0_svc+0x58/0x168 [ 43.459857][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 43.461188][ T4218] el0t_64_sync+0x18c/0x190 [ 43.462441][ T4218] [ 43.463025][ T4218] [ 43.463025][ T4218] stack backtrace: [ 43.464590][ T4218] CPU: 1 PID: 4218 Comm: syz-executor357 Not tainted 6.1.45-syzkaller #0 [ 43.466795][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 43.469404][ T4218] Call trace: [ 43.470245][ T4218] dump_backtrace+0x1c8/0x1f4 [ 43.471509][ T4218] show_stack+0x2c/0x3c [ 43.472637][ T4218] dump_stack_lvl+0x108/0x170 [ 43.473911][ T4218] dump_stack+0x1c/0x58 [ 43.475002][ T4218] __lock_acquire+0x6310/0x764c [ 43.476276][ T4218] lock_acquire+0x26c/0x7cc [ 43.477435][ T4218] fs_reclaim_acquire+0x90/0x12c [ 43.478729][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 43.480105][ T4218] __kmalloc_node+0xcc/0x1d0 [ 43.481349][ T4218] kvmalloc_node+0x84/0x1e4 [ 43.482598][ T4218] get_dist_table+0xa0/0x354 [ 43.483772][ T4218] netem_change+0x7a4/0x1900 [ 43.484995][ T4218] netem_init+0x54/0xb8 [ 43.486051][ T4218] qdisc_create+0x70c/0xe64 [ 43.487225][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 43.488470][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 43.489755][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 43.490999][ T4218] rtnetlink_rcv+0x28/0x38 [ 43.492149][ T4218] netlink_unicast+0x660/0x8d4 [ 43.493423][ T4218] netlink_sendmsg+0x834/0xb18 [ 43.494675][ T4218] ____sys_sendmsg+0x558/0x844 [ 43.495888][ T4218] __sys_sendmsg+0x26c/0x33c [ 43.497158][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 43.498440][ T4218] invoke_syscall+0x98/0x2c0 [ 43.499633][ T4218] el0_svc_common+0x138/0x258 [ 43.500848][ T4218] do_el0_svc+0x64/0x218 [ 43.501997][ T4218] el0_svc+0x58/0x168 [ 43.503068][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 43.504369][ T4218] el0t_64_sync+0x18c/0x190 [ 43.505605][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 43.507952][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor357 [ 43.510297][ T4218] preempt_count: 201, expected: 0 [ 43.511568][ T4218] RCU nest depth: 0, expected: 0 [ 43.512809][ T4218] INFO: lockdep is turned off. [ 43.514068][ T4218] Preemption disabled at: [ 43.514076][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 43.516828][ T4218] CPU: 1 PID: 4218 Comm: syz-executor357 Not tainted 6.1.45-syzkaller #0 [ 43.518948][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 43.521449][ T4218] Call trace: [ 43.522283][ T4218] dump_backtrace+0x1c8/0x1f4 [ 43.523462][ T4218] show_stack+0x2c/0x3c [ 43.524569][ T4218] dump_stack_lvl+0x108/0x170 [ 43.525794][ T4218] dump_stack+0x1c/0x58 [ 43.526850][ T4218] __might_resched+0x37c/0x4d8 [ 43.528093][ T4218] __might_sleep+0x90/0xe4 [ 43.529260][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 43.530667][ T4218] __kmalloc_node+0xcc/0x1d0 [ 43.531861][ T4218] kvmalloc_node+0x84/0x1e4 [ 43.533013][ T4218] get_dist_table+0xa0/0x354 [ 43.534198][ T4218] netem_change+0x7a4/0x1900 [ 43.535402][ T4218] netem_init+0x54/0xb8 [ 43.536478][ T4218] qdisc_create+0x70c/0xe64 [ 43.537657][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 43.538912][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 43.540238][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 43.541542][ T4218] rtnetlink_rcv+0x28/0x38 [ 43.542692][ T4218] netlink_unicast+0x660/0x8d4 [ 43.543941][ T4218] netlink_sendmsg+0x834/0xb18 [ 43.545159][ T4218] ____sys_sendmsg+0x558/0x844 [ 43.546410][ T4218] __sys_sendmsg+0x26c/0x33c [ 43.547585][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 43.548899][ T4218] invoke_syscall+0x98/0x2c0 [ 43.550073][ T4218] el0_svc_common+0x138/0x258 [ 43.551246][ T4218] do_el0_svc+0x64/0x218 [ 43.552349][ T4218] el0_svc+0x58/0x168 [ 43.553422][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 43.554775][ T4218] el0t_64_sync+0x18c/0x190