Warning: Permanently added '10.128.0.32' (ED25519) to the list of known hosts. executing program [ 33.895580][ T4217] [ 33.896230][ T4217] ===================================================== [ 33.898049][ T4217] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 33.900059][ T4217] 6.1.45-syzkaller #0 Not tainted [ 33.901374][ T4217] ----------------------------------------------------- [ 33.903202][ T4217] syz-executor398/4217 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 33.905363][ T4217] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 33.907866][ T4217] [ 33.907866][ T4217] and this task is already holding: [ 33.909802][ T4217] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 33.912258][ T4217] which would create a new lock dependency: [ 33.913836][ T4217] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 33.915890][ T4217] [ 33.915890][ T4217] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 33.918440][ T4217] (noop_qdisc.q.lock){+.-.}-{2:2} [ 33.918458][ T4217] [ 33.918458][ T4217] ... which became SOFTIRQ-irq-safe at: [ 33.921862][ T4217] lock_acquire+0x26c/0x7cc [ 33.923097][ T4217] _raw_spin_lock+0x54/0x6c [ 33.924304][ T4217] net_tx_action+0x6ec/0x94c [ 33.925563][ T4217] __do_softirq+0x30c/0xea0 [ 33.926794][ T4217] ____do_softirq+0x14/0x20 [ 33.927989][ T4217] call_on_irq_stack+0x24/0x4c [ 33.929237][ T4217] do_softirq_own_stack+0x20/0x2c [ 33.930495][ T4217] do_softirq+0x120/0x20c [ 33.931734][ T4217] __local_bh_enable_ip+0x2c0/0x4d0 [ 33.933198][ T4217] local_bh_enable+0x28/0x34 [ 33.934448][ T4217] dev_deactivate_many+0x3d4/0xa8c [ 33.935857][ T4217] dev_deactivate+0x13c/0x1fc [ 33.937142][ T4217] linkwatch_do_dev+0x29c/0x3a4 [ 33.938434][ T4217] __linkwatch_run_queue+0x3a0/0x700 [ 33.939790][ T4217] linkwatch_event+0x58/0x68 [ 33.941019][ T4217] process_one_work+0x7ac/0x1404 [ 33.942359][ T4217] worker_thread+0x8e4/0xfec [ 33.943573][ T4217] kthread+0x250/0x2d8 [ 33.944666][ T4217] ret_from_fork+0x10/0x20 [ 33.945880][ T4217] [ 33.945880][ T4217] to a SOFTIRQ-irq-unsafe lock: [ 33.947724][ T4217] (fs_reclaim){+.+.}-{0:0} [ 33.947742][ T4217] [ 33.947742][ T4217] ... which became SOFTIRQ-irq-unsafe at: [ 33.950987][ T4217] ... [ 33.950994][ T4217] lock_acquire+0x26c/0x7cc [ 33.952906][ T4217] fs_reclaim_acquire+0x90/0x12c [ 33.954215][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 33.955676][ T4217] kmalloc_node_trace+0x44/0x90 [ 33.957036][ T4217] init_rescuer+0xa4/0x264 [ 33.958266][ T4217] workqueue_init+0x298/0x5b4 [ 33.959572][ T4217] kernel_init_freeable+0x33c/0x528 [ 33.960980][ T4217] kernel_init+0x24/0x29c [ 33.962157][ T4217] ret_from_fork+0x10/0x20 [ 33.963317][ T4217] [ 33.963317][ T4217] other info that might help us debug this: [ 33.963317][ T4217] [ 33.965972][ T4217] Possible interrupt unsafe locking scenario: [ 33.965972][ T4217] [ 33.968229][ T4217] CPU0 CPU1 [ 33.969654][ T4217] ---- ---- [ 33.971046][ T4217] lock(fs_reclaim); [ 33.972163][ T4217] local_irq_disable(); [ 33.973920][ T4217] lock(noop_qdisc.q.lock); [ 33.975781][ T4217] lock(fs_reclaim); [ 33.977542][ T4217] [ 33.978469][ T4217] lock(noop_qdisc.q.lock); [ 33.979766][ T4217] [ 33.979766][ T4217] *** DEADLOCK *** [ 33.979766][ T4217] [ 33.981937][ T4217] 2 locks held by syz-executor398/4217: [ 33.983407][ T4217] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 33.986081][ T4217] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 33.988725][ T4217] [ 33.988725][ T4217] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 33.991566][ T4217] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 33.993021][ T4217] HARDIRQ-ON-W at: [ 33.994127][ T4217] lock_acquire+0x26c/0x7cc [ 33.995773][ T4217] _raw_spin_lock+0x54/0x6c [ 33.997505][ T4217] __dev_queue_xmit+0xb14/0x38d8 [ 33.999301][ T4217] tx+0x90/0x134 [ 34.000713][ T4217] kthread+0x1ac/0x374 [ 34.002266][ T4217] kthread+0x250/0x2d8 [ 34.003810][ T4217] ret_from_fork+0x10/0x20 [ 34.005488][ T4217] IN-SOFTIRQ-W at: [ 34.006518][ T4217] lock_acquire+0x26c/0x7cc [ 34.008174][ T4217] _raw_spin_lock+0x54/0x6c [ 34.009858][ T4217] net_tx_action+0x6ec/0x94c [ 34.011553][ T4217] __do_softirq+0x30c/0xea0 [ 34.013256][ T4217] ____do_softirq+0x14/0x20 [ 34.014918][ T4217] call_on_irq_stack+0x24/0x4c [ 34.016650][ T4217] do_softirq_own_stack+0x20/0x2c [ 34.018471][ T4217] do_softirq+0x120/0x20c [ 34.020079][ T4217] __local_bh_enable_ip+0x2c0/0x4d0 [ 34.021950][ T4217] local_bh_enable+0x28/0x34 [ 34.023638][ T4217] dev_deactivate_many+0x3d4/0xa8c [ 34.025401][ T4217] dev_deactivate+0x13c/0x1fc [ 34.027069][ T4217] linkwatch_do_dev+0x29c/0x3a4 [ 34.028771][ T4217] __linkwatch_run_queue+0x3a0/0x700 [ 34.030632][ T4217] linkwatch_event+0x58/0x68 [ 34.032221][ T4217] process_one_work+0x7ac/0x1404 [ 34.033962][ T4217] worker_thread+0x8e4/0xfec [ 34.035629][ T4217] kthread+0x250/0x2d8 [ 34.037157][ T4217] ret_from_fork+0x10/0x20 [ 34.038767][ T4217] INITIAL USE at: [ 34.039775][ T4217] lock_acquire+0x26c/0x7cc [ 34.041410][ T4217] _raw_spin_lock+0x54/0x6c [ 34.043014][ T4217] __dev_queue_xmit+0xb14/0x38d8 [ 34.044729][ T4217] tx+0x90/0x134 [ 34.046194][ T4217] kthread+0x1ac/0x374 [ 34.047727][ T4217] kthread+0x250/0x2d8 [ 34.049249][ T4217] ret_from_fork+0x10/0x20 [ 34.050884][ T4217] } [ 34.051533][ T4217] ... key at: [] noop_qdisc+0x108/0x320 [ 34.053546][ T4217] [ 34.053546][ T4217] the dependencies between the lock to be acquired [ 34.053553][ T4217] and SOFTIRQ-irq-unsafe lock: [ 34.057144][ T4217] -> (fs_reclaim){+.+.}-{0:0} { [ 34.058570][ T4217] HARDIRQ-ON-W at: [ 34.059646][ T4217] lock_acquire+0x26c/0x7cc [ 34.061275][ T4217] fs_reclaim_acquire+0x90/0x12c [ 34.063093][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 34.065162][ T4217] kmalloc_node_trace+0x44/0x90 [ 34.066942][ T4217] init_rescuer+0xa4/0x264 [ 34.068500][ T4217] workqueue_init+0x298/0x5b4 [ 34.070190][ T4217] kernel_init_freeable+0x33c/0x528 [ 34.071996][ T4217] kernel_init+0x24/0x29c [ 34.073552][ T4217] ret_from_fork+0x10/0x20 [ 34.075222][ T4217] SOFTIRQ-ON-W at: [ 34.076271][ T4217] lock_acquire+0x26c/0x7cc [ 34.077932][ T4217] fs_reclaim_acquire+0x90/0x12c [ 34.079660][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 34.081491][ T4217] kmalloc_node_trace+0x44/0x90 [ 34.083176][ T4217] init_rescuer+0xa4/0x264 [ 34.084727][ T4217] workqueue_init+0x298/0x5b4 [ 34.086471][ T4217] kernel_init_freeable+0x33c/0x528 [ 34.088294][ T4217] kernel_init+0x24/0x29c [ 34.089902][ T4217] ret_from_fork+0x10/0x20 [ 34.091528][ T4217] INITIAL USE at: [ 34.092599][ T4217] lock_acquire+0x26c/0x7cc [ 34.094269][ T4217] fs_reclaim_acquire+0x90/0x12c [ 34.096015][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 34.097843][ T4217] kmalloc_node_trace+0x44/0x90 [ 34.099525][ T4217] init_rescuer+0xa4/0x264 [ 34.101149][ T4217] workqueue_init+0x298/0x5b4 [ 34.102842][ T4217] kernel_init_freeable+0x33c/0x528 [ 34.104678][ T4217] kernel_init+0x24/0x29c [ 34.106292][ T4217] ret_from_fork+0x10/0x20 [ 34.107917][ T4217] } [ 34.108585][ T4217] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 34.110706][ T4217] ... acquired at: [ 34.111719][ T4217] fs_reclaim_acquire+0x90/0x12c [ 34.113042][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 34.114539][ T4217] __kmalloc_node+0xcc/0x1d0 [ 34.115826][ T4217] kvmalloc_node+0x84/0x1e4 [ 34.117139][ T4217] get_dist_table+0xa0/0x354 [ 34.118434][ T4217] netem_change+0x754/0x1900 [ 34.119703][ T4217] netem_init+0x54/0xb8 [ 34.120855][ T4217] qdisc_create+0x70c/0xe64 [ 34.122132][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 34.123451][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 34.124798][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 34.126123][ T4217] rtnetlink_rcv+0x28/0x38 [ 34.127373][ T4217] netlink_unicast+0x660/0x8d4 [ 34.128681][ T4217] netlink_sendmsg+0x834/0xb18 [ 34.129969][ T4217] ____sys_sendmsg+0x558/0x844 [ 34.131284][ T4217] __sys_sendmsg+0x26c/0x33c [ 34.132559][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 34.133874][ T4217] invoke_syscall+0x98/0x2c0 [ 34.135164][ T4217] el0_svc_common+0x138/0x258 [ 34.136443][ T4217] do_el0_svc+0x64/0x218 [ 34.137617][ T4217] el0_svc+0x58/0x168 [ 34.138726][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 34.140108][ T4217] el0t_64_sync+0x18c/0x190 [ 34.141375][ T4217] [ 34.141976][ T4217] [ 34.141976][ T4217] stack backtrace: [ 34.143557][ T4217] CPU: 1 PID: 4217 Comm: syz-executor398 Not tainted 6.1.45-syzkaller #0 [ 34.145753][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 34.148433][ T4217] Call trace: [ 34.149296][ T4217] dump_backtrace+0x1c8/0x1f4 [ 34.150597][ T4217] show_stack+0x2c/0x3c [ 34.151692][ T4217] dump_stack_lvl+0x108/0x170 [ 34.152907][ T4217] dump_stack+0x1c/0x58 [ 34.154009][ T4217] __lock_acquire+0x6310/0x764c [ 34.155278][ T4217] lock_acquire+0x26c/0x7cc [ 34.156451][ T4217] fs_reclaim_acquire+0x90/0x12c [ 34.157785][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 34.159245][ T4217] __kmalloc_node+0xcc/0x1d0 [ 34.160522][ T4217] kvmalloc_node+0x84/0x1e4 [ 34.161776][ T4217] get_dist_table+0xa0/0x354 [ 34.163064][ T4217] netem_change+0x754/0x1900 [ 34.164288][ T4217] netem_init+0x54/0xb8 [ 34.165482][ T4217] qdisc_create+0x70c/0xe64 [ 34.166681][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 34.167997][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 34.169358][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 34.170624][ T4217] rtnetlink_rcv+0x28/0x38 [ 34.171793][ T4217] netlink_unicast+0x660/0x8d4 [ 34.173075][ T4217] netlink_sendmsg+0x834/0xb18 [ 34.174379][ T4217] ____sys_sendmsg+0x558/0x844 [ 34.175640][ T4217] __sys_sendmsg+0x26c/0x33c [ 34.176916][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 34.178286][ T4217] invoke_syscall+0x98/0x2c0 [ 34.179529][ T4217] el0_svc_common+0x138/0x258 [ 34.180752][ T4217] do_el0_svc+0x64/0x218 [ 34.181907][ T4217] el0_svc+0x58/0x168 [ 34.183037][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 34.184452][ T4217] el0t_64_sync+0x18c/0x190 [ 34.185781][ T4217] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 34.188300][ T4217] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4217, name: syz-executor398 [ 34.190724][ T4217] preempt_count: 201, expected: 0 [ 34.192021][ T4217] RCU nest depth: 0, expected: 0 [ 34.193361][ T4217] INFO: lockdep is turned off. [ 34.194633][ T4217] Preemption disabled at: [ 34.194642][ T4217] [] sch_tree_lock+0x120/0x1d4 [ 34.197453][ T4217] CPU: 1 PID: 4217 Comm: syz-executor398 Not tainted 6.1.45-syzkaller #0 [ 34.199598][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 34.202273][ T4217] Call trace: [ 34.203080][ T4217] dump_backtrace+0x1c8/0x1f4 [ 34.204321][ T4217] show_stack+0x2c/0x3c [ 34.205458][ T4217] dump_stack_lvl+0x108/0x170 [ 34.206655][ T4217] dump_stack+0x1c/0x58 [ 34.207742][ T4217] __might_resched+0x37c/0x4d8 [ 34.208951][ T4217] __might_sleep+0x90/0xe4 [ 34.210157][ T4217] __kmem_cache_alloc_node+0x74/0x388 [ 34.211534][ T4217] __kmalloc_node+0xcc/0x1d0 [ 34.212727][ T4217] kvmalloc_node+0x84/0x1e4 [ 34.213914][ T4217] get_dist_table+0xa0/0x354 [ 34.215126][ T4217] netem_change+0x754/0x1900 [ 34.216422][ T4217] netem_init+0x54/0xb8 [ 34.217535][ T4217] qdisc_create+0x70c/0xe64 [ 34.218733][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 34.219964][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 34.221221][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 34.222488][ T4217] rtnetlink_rcv+0x28/0x38 [ 34.223626][ T4217] netlink_unicast+0x660/0x8d4 [ 34.224864][ T4217] netlink_sendmsg+0x834/0xb18 [ 34.226085][ T4217] ____sys_sendmsg+0x558/0x844 [ 34.227334][ T4217] __sys_sendmsg+0x26c/0x33c [ 34.228561][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 34.229912][ T4217] invoke_syscall+0x98/0x2c0 [ 34.231178][ T4217] el0_svc_common+0x138/0x258 [ 34.232521][ T4217] do_el0_svc+0x64/0x218 [ 34.233689][ T4217] el0_svc+0x58/0x168 [ 34.234728][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 34.236109][ T4217] el0t_64_sync+0x18c/0x190