Warning: Permanently added '10.128.0.52' (ED25519) to the list of known hosts. executing program [ 38.432135][ T4225] [ 38.432851][ T4225] ===================================================== [ 38.434673][ T4225] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 38.436633][ T4225] 6.1.45-syzkaller #0 Not tainted [ 38.437968][ T4225] ----------------------------------------------------- [ 38.439777][ T4225] syz-executor196/4225 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 38.441887][ T4225] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 38.444387][ T4225] [ 38.444387][ T4225] and this task is already holding: [ 38.446321][ T4225] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 38.448723][ T4225] which would create a new lock dependency: [ 38.450245][ T4225] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 38.452233][ T4225] [ 38.452233][ T4225] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 38.454590][ T4225] (noop_qdisc.q.lock){+.-.}-{2:2} [ 38.454607][ T4225] [ 38.454607][ T4225] ... which became SOFTIRQ-irq-safe at: [ 38.457882][ T4225] lock_acquire+0x26c/0x7cc [ 38.459038][ T4225] _raw_spin_lock+0x54/0x6c [ 38.460187][ T4225] net_tx_action+0x6ec/0x94c [ 38.461378][ T4225] __do_softirq+0x30c/0xea0 [ 38.462587][ T4225] ____do_softirq+0x14/0x20 [ 38.463800][ T4225] call_on_irq_stack+0x24/0x4c [ 38.465062][ T4225] do_softirq_own_stack+0x20/0x2c [ 38.466512][ T4225] do_softirq+0x120/0x20c [ 38.467709][ T4225] __local_bh_enable_ip+0x2c0/0x4d0 [ 38.469136][ T4225] local_bh_enable+0x28/0x34 [ 38.470419][ T4225] dev_deactivate_many+0x3d4/0xa8c [ 38.471812][ T4225] dev_deactivate+0x13c/0x1fc [ 38.473044][ T4225] linkwatch_do_dev+0x29c/0x3a4 [ 38.474343][ T4225] __linkwatch_run_queue+0x3a0/0x700 [ 38.475736][ T4225] linkwatch_event+0x58/0x68 [ 38.477013][ T4225] process_one_work+0x7ac/0x1404 [ 38.478321][ T4225] worker_thread+0x8e4/0xfec [ 38.479538][ T4225] kthread+0x250/0x2d8 [ 38.480661][ T4225] ret_from_fork+0x10/0x20 [ 38.481832][ T4225] [ 38.481832][ T4225] to a SOFTIRQ-irq-unsafe lock: [ 38.483648][ T4225] (fs_reclaim){+.+.}-{0:0} [ 38.483666][ T4225] [ 38.483666][ T4225] ... which became SOFTIRQ-irq-unsafe at: [ 38.486931][ T4225] ... [ 38.486937][ T4225] lock_acquire+0x26c/0x7cc [ 38.488841][ T4225] fs_reclaim_acquire+0x90/0x12c [ 38.490174][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 38.491639][ T4225] kmalloc_node_trace+0x44/0x90 [ 38.492948][ T4225] init_rescuer+0xa4/0x264 [ 38.494134][ T4225] workqueue_init+0x298/0x5b4 [ 38.495387][ T4225] kernel_init_freeable+0x33c/0x528 [ 38.496773][ T4225] kernel_init+0x24/0x29c [ 38.497946][ T4225] ret_from_fork+0x10/0x20 [ 38.499147][ T4225] [ 38.499147][ T4225] other info that might help us debug this: [ 38.499147][ T4225] [ 38.501967][ T4225] Possible interrupt unsafe locking scenario: [ 38.501967][ T4225] [ 38.504119][ T4225] CPU0 CPU1 [ 38.505541][ T4225] ---- ---- [ 38.506964][ T4225] lock(fs_reclaim); [ 38.508001][ T4225] local_irq_disable(); [ 38.509861][ T4225] lock(noop_qdisc.q.lock); [ 38.511740][ T4225] lock(fs_reclaim); [ 38.513445][ T4225] [ 38.514341][ T4225] lock(noop_qdisc.q.lock); [ 38.515634][ T4225] [ 38.515634][ T4225] *** DEADLOCK *** [ 38.515634][ T4225] [ 38.517811][ T4225] 2 locks held by syz-executor196/4225: [ 38.519262][ T4225] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 38.521751][ T4225] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 38.524275][ T4225] [ 38.524275][ T4225] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 38.527016][ T4225] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 38.528451][ T4225] HARDIRQ-ON-W at: [ 38.529517][ T4225] lock_acquire+0x26c/0x7cc [ 38.531161][ T4225] _raw_spin_lock+0x54/0x6c [ 38.532767][ T4225] __dev_queue_xmit+0xb14/0x38d8 [ 38.534490][ T4225] tx+0x90/0x134 [ 38.535853][ T4225] kthread+0x1ac/0x374 [ 38.537394][ T4225] kthread+0x250/0x2d8 [ 38.538927][ T4225] ret_from_fork+0x10/0x20 [ 38.540491][ T4225] IN-SOFTIRQ-W at: [ 38.541537][ T4225] lock_acquire+0x26c/0x7cc [ 38.543130][ T4225] _raw_spin_lock+0x54/0x6c [ 38.544736][ T4225] net_tx_action+0x6ec/0x94c [ 38.546429][ T4225] __do_softirq+0x30c/0xea0 [ 38.548027][ T4225] ____do_softirq+0x14/0x20 [ 38.549635][ T4225] call_on_irq_stack+0x24/0x4c [ 38.551241][ T4225] do_softirq_own_stack+0x20/0x2c [ 38.552974][ T4225] do_softirq+0x120/0x20c [ 38.554606][ T4225] __local_bh_enable_ip+0x2c0/0x4d0 [ 38.556361][ T4225] local_bh_enable+0x28/0x34 [ 38.557989][ T4225] dev_deactivate_many+0x3d4/0xa8c [ 38.559707][ T4225] dev_deactivate+0x13c/0x1fc [ 38.561293][ T4225] linkwatch_do_dev+0x29c/0x3a4 [ 38.563027][ T4225] __linkwatch_run_queue+0x3a0/0x700 [ 38.564876][ T4225] linkwatch_event+0x58/0x68 [ 38.566505][ T4225] process_one_work+0x7ac/0x1404 [ 38.568253][ T4225] worker_thread+0x8e4/0xfec [ 38.569942][ T4225] kthread+0x250/0x2d8 [ 38.571431][ T4225] ret_from_fork+0x10/0x20 [ 38.573026][ T4225] INITIAL USE at: [ 38.574094][ T4225] lock_acquire+0x26c/0x7cc [ 38.575671][ T4225] _raw_spin_lock+0x54/0x6c [ 38.577269][ T4225] __dev_queue_xmit+0xb14/0x38d8 [ 38.578973][ T4225] tx+0x90/0x134 [ 38.580328][ T4225] kthread+0x1ac/0x374 [ 38.581798][ T4225] kthread+0x250/0x2d8 [ 38.583231][ T4225] ret_from_fork+0x10/0x20 [ 38.584805][ T4225] } [ 38.585472][ T4225] ... key at: [] noop_qdisc+0x108/0x320 [ 38.587417][ T4225] [ 38.587417][ T4225] the dependencies between the lock to be acquired [ 38.587424][ T4225] and SOFTIRQ-irq-unsafe lock: [ 38.590957][ T4225] -> (fs_reclaim){+.+.}-{0:0} { [ 38.592240][ T4225] HARDIRQ-ON-W at: [ 38.593252][ T4225] lock_acquire+0x26c/0x7cc [ 38.594829][ T4225] fs_reclaim_acquire+0x90/0x12c [ 38.596583][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 38.598422][ T4225] kmalloc_node_trace+0x44/0x90 [ 38.600155][ T4225] init_rescuer+0xa4/0x264 [ 38.601705][ T4225] workqueue_init+0x298/0x5b4 [ 38.603329][ T4225] kernel_init_freeable+0x33c/0x528 [ 38.605107][ T4225] kernel_init+0x24/0x29c [ 38.606709][ T4225] ret_from_fork+0x10/0x20 [ 38.608322][ T4225] SOFTIRQ-ON-W at: [ 38.609370][ T4225] lock_acquire+0x26c/0x7cc [ 38.610964][ T4225] fs_reclaim_acquire+0x90/0x12c [ 38.612712][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 38.614527][ T4225] kmalloc_node_trace+0x44/0x90 [ 38.616245][ T4225] init_rescuer+0xa4/0x264 [ 38.617857][ T4225] workqueue_init+0x298/0x5b4 [ 38.619582][ T4225] kernel_init_freeable+0x33c/0x528 [ 38.621375][ T4225] kernel_init+0x24/0x29c [ 38.623014][ T4225] ret_from_fork+0x10/0x20 [ 38.624639][ T4225] INITIAL USE at: [ 38.625697][ T4225] lock_acquire+0x26c/0x7cc [ 38.627295][ T4225] fs_reclaim_acquire+0x90/0x12c [ 38.628977][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 38.630756][ T4225] kmalloc_node_trace+0x44/0x90 [ 38.632374][ T4225] init_rescuer+0xa4/0x264 [ 38.633943][ T4225] workqueue_init+0x298/0x5b4 [ 38.635579][ T4225] kernel_init_freeable+0x33c/0x528 [ 38.637319][ T4225] kernel_init+0x24/0x29c [ 38.638867][ T4225] ret_from_fork+0x10/0x20 [ 38.640426][ T4225] } [ 38.641089][ T4225] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 38.643197][ T4225] ... acquired at: [ 38.644181][ T4225] fs_reclaim_acquire+0x90/0x12c [ 38.645509][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 38.646965][ T4225] __kmalloc_node+0xcc/0x1d0 [ 38.648232][ T4225] kvmalloc_node+0x84/0x1e4 [ 38.649457][ T4225] get_dist_table+0xa0/0x354 [ 38.650738][ T4225] netem_change+0x754/0x1900 [ 38.652028][ T4225] netem_init+0x54/0xb8 [ 38.653162][ T4225] qdisc_create+0x70c/0xe64 [ 38.654380][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 38.655724][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.657084][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 38.658357][ T4225] rtnetlink_rcv+0x28/0x38 [ 38.659599][ T4225] netlink_unicast+0x660/0x8d4 [ 38.660938][ T4225] netlink_sendmsg+0x834/0xb18 [ 38.662269][ T4225] ____sys_sendmsg+0x558/0x844 [ 38.663593][ T4225] __sys_sendmsg+0x26c/0x33c [ 38.664865][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 38.666229][ T4225] invoke_syscall+0x98/0x2c0 [ 38.667481][ T4225] el0_svc_common+0x138/0x258 [ 38.668754][ T4225] do_el0_svc+0x64/0x218 [ 38.669925][ T4225] el0_svc+0x58/0x168 [ 38.670974][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 38.672303][ T4225] el0t_64_sync+0x18c/0x190 [ 38.673525][ T4225] [ 38.674139][ T4225] [ 38.674139][ T4225] stack backtrace: [ 38.675659][ T4225] CPU: 1 PID: 4225 Comm: syz-executor196 Not tainted 6.1.45-syzkaller #0 [ 38.677859][ T4225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 38.680424][ T4225] Call trace: [ 38.681273][ T4225] dump_backtrace+0x1c8/0x1f4 [ 38.682476][ T4225] show_stack+0x2c/0x3c [ 38.683591][ T4225] dump_stack_lvl+0x108/0x170 [ 38.684800][ T4225] dump_stack+0x1c/0x58 [ 38.685900][ T4225] __lock_acquire+0x6310/0x764c [ 38.687165][ T4225] lock_acquire+0x26c/0x7cc [ 38.688320][ T4225] fs_reclaim_acquire+0x90/0x12c [ 38.689606][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 38.691051][ T4225] __kmalloc_node+0xcc/0x1d0 [ 38.692226][ T4225] kvmalloc_node+0x84/0x1e4 [ 38.693412][ T4225] get_dist_table+0xa0/0x354 [ 38.694690][ T4225] netem_change+0x754/0x1900 [ 38.695883][ T4225] netem_init+0x54/0xb8 [ 38.696992][ T4225] qdisc_create+0x70c/0xe64 [ 38.698168][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 38.699487][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.700866][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 38.702111][ T4225] rtnetlink_rcv+0x28/0x38 [ 38.703275][ T4225] netlink_unicast+0x660/0x8d4 [ 38.704547][ T4225] netlink_sendmsg+0x834/0xb18 [ 38.705797][ T4225] ____sys_sendmsg+0x558/0x844 [ 38.707050][ T4225] __sys_sendmsg+0x26c/0x33c [ 38.708237][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 38.709508][ T4225] invoke_syscall+0x98/0x2c0 [ 38.710686][ T4225] el0_svc_common+0x138/0x258 [ 38.711891][ T4225] do_el0_svc+0x64/0x218 [ 38.712993][ T4225] el0_svc+0x58/0x168 [ 38.713994][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 38.715223][ T4225] el0t_64_sync+0x18c/0x190 [ 38.716456][ T4225] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 38.718833][ T4225] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4225, name: syz-executor196 [ 38.721405][ T4225] preempt_count: 201, expected: 0 [ 38.722693][ T4225] RCU nest depth: 0, expected: 0 [ 38.723985][ T4225] INFO: lockdep is turned off. [ 38.725186][ T4225] Preemption disabled at: [ 38.725195][ T4225] [] sch_tree_lock+0x120/0x1d4 [ 38.727902][ T4225] CPU: 1 PID: 4225 Comm: syz-executor196 Not tainted 6.1.45-syzkaller #0 [ 38.730066][ T4225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 38.732556][ T4225] Call trace: [ 38.733400][ T4225] dump_backtrace+0x1c8/0x1f4 [ 38.734667][ T4225] show_stack+0x2c/0x3c [ 38.735735][ T4225] dump_stack_lvl+0x108/0x170 [ 38.736937][ T4225] dump_stack+0x1c/0x58 [ 38.738062][ T4225] __might_resched+0x37c/0x4d8 [ 38.739297][ T4225] __might_sleep+0x90/0xe4 [ 38.740438][ T4225] __kmem_cache_alloc_node+0x74/0x388 [ 38.741872][ T4225] __kmalloc_node+0xcc/0x1d0 [ 38.743028][ T4225] kvmalloc_node+0x84/0x1e4 [ 38.744189][ T4225] get_dist_table+0xa0/0x354 [ 38.745383][ T4225] netem_change+0x754/0x1900 [ 38.746589][ T4225] netem_init+0x54/0xb8 [ 38.747723][ T4225] qdisc_create+0x70c/0xe64 [ 38.748894][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 38.750147][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.751385][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 38.752632][ T4225] rtnetlink_rcv+0x28/0x38 [ 38.753774][ T4225] netlink_unicast+0x660/0x8d4 [ 38.754971][ T4225] netlink_sendmsg+0x834/0xb18 [ 38.756193][ T4225] ____sys_sendmsg+0x558/0x844 [ 38.757407][ T4225] __sys_sendmsg+0x26c/0x33c [ 38.758644][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 38.759956][ T4225] invoke_syscall+0x98/0x2c0 [ 38.761146][ T4225] el0_svc_common+0x138/0x258 [ 38.762359][ T4225] do_el0_svc+0x64/0x218 [ 38.763467][ T4225] el0_svc+0x58/0x168 [ 38.764470][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 38.765787][ T4225] el0t_64_sync+0x18c/0x190