Warning: Permanently added '10.128.0.21' (ED25519) to the list of known hosts. executing program [ 38.909564][ T4223] [ 38.910253][ T4223] ===================================================== [ 38.912002][ T4223] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 38.913795][ T4223] 6.1.45-syzkaller #0 Not tainted [ 38.915007][ T4223] ----------------------------------------------------- [ 38.916686][ T4223] syz-executor442/4223 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 38.918679][ T4223] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 38.921137][ T4223] [ 38.921137][ T4223] and this task is already holding: [ 38.922999][ T4223] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 38.925329][ T4223] which would create a new lock dependency: [ 38.926815][ T4223] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 38.928791][ T4223] [ 38.928791][ T4223] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 38.931159][ T4223] (noop_qdisc.q.lock){+.-.}-{2:2} [ 38.931176][ T4223] [ 38.931176][ T4223] ... which became SOFTIRQ-irq-safe at: [ 38.934356][ T4223] lock_acquire+0x26c/0x7cc [ 38.935493][ T4223] _raw_spin_lock+0x54/0x6c [ 38.936602][ T4223] net_tx_action+0x6ec/0x94c [ 38.937770][ T4223] __do_softirq+0x30c/0xea0 [ 38.938968][ T4223] ____do_softirq+0x14/0x20 [ 38.940155][ T4223] call_on_irq_stack+0x24/0x4c [ 38.941456][ T4223] do_softirq_own_stack+0x20/0x2c [ 38.942719][ T4223] do_softirq+0x120/0x20c [ 38.943826][ T4223] __local_bh_enable_ip+0x2c0/0x4d0 [ 38.945134][ T4223] local_bh_enable+0x28/0x34 [ 38.946323][ T4223] dev_deactivate_many+0x3d4/0xa8c [ 38.947622][ T4223] dev_deactivate+0x13c/0x1fc [ 38.948789][ T4223] linkwatch_do_dev+0x29c/0x3a4 [ 38.950082][ T4223] __linkwatch_run_queue+0x3a0/0x700 [ 38.951445][ T4223] linkwatch_event+0x58/0x68 [ 38.952617][ T4223] process_one_work+0x7ac/0x1404 [ 38.953911][ T4223] worker_thread+0x8e4/0xfec [ 38.955028][ T4223] kthread+0x250/0x2d8 [ 38.956084][ T4223] ret_from_fork+0x10/0x20 [ 38.957235][ T4223] [ 38.957235][ T4223] to a SOFTIRQ-irq-unsafe lock: [ 38.959006][ T4223] (fs_reclaim){+.+.}-{0:0} [ 38.959024][ T4223] [ 38.959024][ T4223] ... which became SOFTIRQ-irq-unsafe at: [ 38.962172][ T4223] ... [ 38.962178][ T4223] lock_acquire+0x26c/0x7cc [ 38.963960][ T4223] fs_reclaim_acquire+0x90/0x12c [ 38.965182][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 38.966585][ T4223] kmalloc_node_trace+0x44/0x90 [ 38.967826][ T4223] init_rescuer+0xa4/0x264 [ 38.968941][ T4223] workqueue_init+0x298/0x5b4 [ 38.970136][ T4223] kernel_init_freeable+0x33c/0x528 [ 38.971464][ T4223] kernel_init+0x24/0x29c [ 38.972598][ T4223] ret_from_fork+0x10/0x20 [ 38.973765][ T4223] [ 38.973765][ T4223] other info that might help us debug this: [ 38.973765][ T4223] [ 38.976407][ T4223] Possible interrupt unsafe locking scenario: [ 38.976407][ T4223] [ 38.978424][ T4223] CPU0 CPU1 [ 38.979751][ T4223] ---- ---- [ 38.981127][ T4223] lock(fs_reclaim); [ 38.982167][ T4223] local_irq_disable(); [ 38.983872][ T4223] lock(noop_qdisc.q.lock); [ 38.985627][ T4223] lock(fs_reclaim); [ 38.987319][ T4223] [ 38.988153][ T4223] lock(noop_qdisc.q.lock); [ 38.989274][ T4223] [ 38.989274][ T4223] *** DEADLOCK *** [ 38.989274][ T4223] [ 38.991312][ T4223] 2 locks held by syz-executor442/4223: [ 38.992754][ T4223] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 38.995153][ T4223] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 38.997651][ T4223] [ 38.997651][ T4223] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 39.000241][ T4223] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 39.001625][ T4223] HARDIRQ-ON-W at: [ 39.002644][ T4223] lock_acquire+0x26c/0x7cc [ 39.004241][ T4223] _raw_spin_lock+0x54/0x6c [ 39.005881][ T4223] __dev_queue_xmit+0xb14/0x38d8 [ 39.007581][ T4223] tx+0x90/0x134 [ 39.008927][ T4223] kthread+0x1ac/0x374 [ 39.010370][ T4223] kthread+0x250/0x2d8 [ 39.011797][ T4223] ret_from_fork+0x10/0x20 [ 39.013383][ T4223] IN-SOFTIRQ-W at: [ 39.014415][ T4223] lock_acquire+0x26c/0x7cc [ 39.015982][ T4223] _raw_spin_lock+0x54/0x6c [ 39.017585][ T4223] net_tx_action+0x6ec/0x94c [ 39.019168][ T4223] __do_softirq+0x30c/0xea0 [ 39.020748][ T4223] ____do_softirq+0x14/0x20 [ 39.022304][ T4223] call_on_irq_stack+0x24/0x4c [ 39.024038][ T4223] do_softirq_own_stack+0x20/0x2c [ 39.025735][ T4223] do_softirq+0x120/0x20c [ 39.027289][ T4223] __local_bh_enable_ip+0x2c0/0x4d0 [ 39.029015][ T4223] local_bh_enable+0x28/0x34 [ 39.030588][ T4223] dev_deactivate_many+0x3d4/0xa8c [ 39.032298][ T4223] dev_deactivate+0x13c/0x1fc [ 39.033856][ T4223] linkwatch_do_dev+0x29c/0x3a4 [ 39.035552][ T4223] __linkwatch_run_queue+0x3a0/0x700 [ 39.037365][ T4223] linkwatch_event+0x58/0x68 [ 39.038926][ T4223] process_one_work+0x7ac/0x1404 [ 39.040569][ T4223] worker_thread+0x8e4/0xfec [ 39.042097][ T4223] kthread+0x250/0x2d8 [ 39.043578][ T4223] ret_from_fork+0x10/0x20 [ 39.045136][ T4223] INITIAL USE at: [ 39.046149][ T4223] lock_acquire+0x26c/0x7cc [ 39.047649][ T4223] _raw_spin_lock+0x54/0x6c [ 39.049158][ T4223] __dev_queue_xmit+0xb14/0x38d8 [ 39.050829][ T4223] tx+0x90/0x134 [ 39.052147][ T4223] kthread+0x1ac/0x374 [ 39.053590][ T4223] kthread+0x250/0x2d8 [ 39.055058][ T4223] ret_from_fork+0x10/0x20 [ 39.056598][ T4223] } [ 39.057162][ T4223] ... key at: [] noop_qdisc+0x108/0x320 [ 39.059143][ T4223] [ 39.059143][ T4223] the dependencies between the lock to be acquired [ 39.059150][ T4223] and SOFTIRQ-irq-unsafe lock: [ 39.062503][ T4223] -> (fs_reclaim){+.+.}-{0:0} { [ 39.063759][ T4223] HARDIRQ-ON-W at: [ 39.064760][ T4223] lock_acquire+0x26c/0x7cc [ 39.066318][ T4223] fs_reclaim_acquire+0x90/0x12c [ 39.067964][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 39.069802][ T4223] kmalloc_node_trace+0x44/0x90 [ 39.071528][ T4223] init_rescuer+0xa4/0x264 [ 39.073085][ T4223] workqueue_init+0x298/0x5b4 [ 39.074694][ T4223] kernel_init_freeable+0x33c/0x528 [ 39.076492][ T4223] kernel_init+0x24/0x29c [ 39.078100][ T4223] ret_from_fork+0x10/0x20 [ 39.079683][ T4223] SOFTIRQ-ON-W at: [ 39.080665][ T4223] lock_acquire+0x26c/0x7cc [ 39.082226][ T4223] fs_reclaim_acquire+0x90/0x12c [ 39.083844][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 39.085666][ T4223] kmalloc_node_trace+0x44/0x90 [ 39.087319][ T4223] init_rescuer+0xa4/0x264 [ 39.088840][ T4223] workqueue_init+0x298/0x5b4 [ 39.090401][ T4223] kernel_init_freeable+0x33c/0x528 [ 39.092137][ T4223] kernel_init+0x24/0x29c [ 39.093661][ T4223] ret_from_fork+0x10/0x20 [ 39.095228][ T4223] INITIAL USE at: [ 39.096197][ T4223] lock_acquire+0x26c/0x7cc [ 39.097719][ T4223] fs_reclaim_acquire+0x90/0x12c [ 39.099351][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 39.101093][ T4223] kmalloc_node_trace+0x44/0x90 [ 39.102728][ T4223] init_rescuer+0xa4/0x264 [ 39.104300][ T4223] workqueue_init+0x298/0x5b4 [ 39.105843][ T4223] kernel_init_freeable+0x33c/0x528 [ 39.107597][ T4223] kernel_init+0x24/0x29c [ 39.109094][ T4223] ret_from_fork+0x10/0x20 [ 39.110609][ T4223] } [ 39.111246][ T4223] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 39.113309][ T4223] ... acquired at: [ 39.114338][ T4223] fs_reclaim_acquire+0x90/0x12c [ 39.115633][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 39.117034][ T4223] __kmalloc_node+0xcc/0x1d0 [ 39.118252][ T4223] kvmalloc_node+0x84/0x1e4 [ 39.119441][ T4223] get_dist_table+0xa0/0x354 [ 39.120729][ T4223] netem_change+0x754/0x1900 [ 39.121949][ T4223] netem_init+0x54/0xb8 [ 39.123040][ T4223] qdisc_create+0x70c/0xe64 [ 39.124257][ T4223] tc_modify_qdisc+0x9f0/0x1840 [ 39.125526][ T4223] rtnetlink_rcv_msg+0x72c/0xd94 [ 39.126831][ T4223] netlink_rcv_skb+0x20c/0x3b8 [ 39.128089][ T4223] rtnetlink_rcv+0x28/0x38 [ 39.129224][ T4223] netlink_unicast+0x660/0x8d4 [ 39.130428][ T4223] netlink_sendmsg+0x834/0xb18 [ 39.131683][ T4223] ____sys_sendmsg+0x558/0x844 [ 39.132904][ T4223] __sys_sendmsg+0x26c/0x33c [ 39.134065][ T4223] __arm64_sys_sendmsg+0x80/0x94 [ 39.135341][ T4223] invoke_syscall+0x98/0x2c0 [ 39.136557][ T4223] el0_svc_common+0x138/0x258 [ 39.137760][ T4223] do_el0_svc+0x64/0x218 [ 39.138827][ T4223] el0_svc+0x58/0x168 [ 39.139867][ T4223] el0t_64_sync_handler+0x84/0xf0 [ 39.141186][ T4223] el0t_64_sync+0x18c/0x190 [ 39.142406][ T4223] [ 39.142956][ T4223] [ 39.142956][ T4223] stack backtrace: [ 39.144435][ T4223] CPU: 1 PID: 4223 Comm: syz-executor442 Not tainted 6.1.45-syzkaller #0 [ 39.146588][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 39.149199][ T4223] Call trace: [ 39.150047][ T4223] dump_backtrace+0x1c8/0x1f4 [ 39.151288][ T4223] show_stack+0x2c/0x3c [ 39.152347][ T4223] dump_stack_lvl+0x108/0x170 [ 39.153602][ T4223] dump_stack+0x1c/0x58 [ 39.154612][ T4223] __lock_acquire+0x6310/0x764c [ 39.155890][ T4223] lock_acquire+0x26c/0x7cc [ 39.157034][ T4223] fs_reclaim_acquire+0x90/0x12c [ 39.158299][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 39.159681][ T4223] __kmalloc_node+0xcc/0x1d0 [ 39.160853][ T4223] kvmalloc_node+0x84/0x1e4 [ 39.161999][ T4223] get_dist_table+0xa0/0x354 [ 39.163190][ T4223] netem_change+0x754/0x1900 [ 39.164368][ T4223] netem_init+0x54/0xb8 [ 39.165463][ T4223] qdisc_create+0x70c/0xe64 [ 39.166638][ T4223] tc_modify_qdisc+0x9f0/0x1840 [ 39.167913][ T4223] rtnetlink_rcv_msg+0x72c/0xd94 [ 39.169176][ T4223] netlink_rcv_skb+0x20c/0x3b8 [ 39.170413][ T4223] rtnetlink_rcv+0x28/0x38 [ 39.171582][ T4223] netlink_unicast+0x660/0x8d4 [ 39.172786][ T4223] netlink_sendmsg+0x834/0xb18 [ 39.173958][ T4223] ____sys_sendmsg+0x558/0x844 [ 39.175215][ T4223] __sys_sendmsg+0x26c/0x33c [ 39.176408][ T4223] __arm64_sys_sendmsg+0x80/0x94 [ 39.177669][ T4223] invoke_syscall+0x98/0x2c0 [ 39.178826][ T4223] el0_svc_common+0x138/0x258 [ 39.180067][ T4223] do_el0_svc+0x64/0x218 [ 39.181146][ T4223] el0_svc+0x58/0x168 [ 39.182174][ T4223] el0t_64_sync_handler+0x84/0xf0 [ 39.183424][ T4223] el0t_64_sync+0x18c/0x190 [ 39.184669][ T4223] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 39.187020][ T4223] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4223, name: syz-executor442 [ 39.189425][ T4223] preempt_count: 201, expected: 0 [ 39.190694][ T4223] RCU nest depth: 0, expected: 0 [ 39.191938][ T4223] INFO: lockdep is turned off. [ 39.193137][ T4223] Preemption disabled at: [ 39.193145][ T4223] [] sch_tree_lock+0x120/0x1d4 [ 39.195807][ T4223] CPU: 1 PID: 4223 Comm: syz-executor442 Not tainted 6.1.45-syzkaller #0 [ 39.197888][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 39.200425][ T4223] Call trace: [ 39.201251][ T4223] dump_backtrace+0x1c8/0x1f4 [ 39.202477][ T4223] show_stack+0x2c/0x3c [ 39.203493][ T4223] dump_stack_lvl+0x108/0x170 [ 39.204650][ T4223] dump_stack+0x1c/0x58 [ 39.205649][ T4223] __might_resched+0x37c/0x4d8 [ 39.206874][ T4223] __might_sleep+0x90/0xe4 [ 39.207982][ T4223] __kmem_cache_alloc_node+0x74/0x388 [ 39.209384][ T4223] __kmalloc_node+0xcc/0x1d0 [ 39.210559][ T4223] kvmalloc_node+0x84/0x1e4 [ 39.211727][ T4223] get_dist_table+0xa0/0x354 [ 39.212914][ T4223] netem_change+0x754/0x1900 [ 39.214072][ T4223] netem_init+0x54/0xb8 [ 39.215117][ T4223] qdisc_create+0x70c/0xe64 [ 39.216270][ T4223] tc_modify_qdisc+0x9f0/0x1840 [ 39.217501][ T4223] rtnetlink_rcv_msg+0x72c/0xd94 [ 39.218750][ T4223] netlink_rcv_skb+0x20c/0x3b8 [ 39.219993][ T4223] rtnetlink_rcv+0x28/0x38 [ 39.221101][ T4223] netlink_unicast+0x660/0x8d4 [ 39.222348][ T4223] netlink_sendmsg+0x834/0xb18 [ 39.223570][ T4223] ____sys_sendmsg+0x558/0x844 [ 39.224781][ T4223] __sys_sendmsg+0x26c/0x33c [ 39.225954][ T4223] __arm64_sys_sendmsg+0x80/0x94 [ 39.227239][ T4223] invoke_syscall+0x98/0x2c0 [ 39.228422][ T4223] el0_svc_common+0x138/0x258 [ 39.229667][ T4223] do_el0_svc+0x64/0x218 [ 39.230747][ T4223] el0_svc+0x58/0x168 [ 39.231713][ T4223] el0t_64_sync_handler+0x84/0xf0 [ 39.233018][ T4223] el0t_64_sync+0x18c/0x190