Warning: Permanently added '10.128.0.16' (ED25519) to the list of known hosts. executing program [ 36.175752][ T4218] [ 36.176390][ T4218] ===================================================== [ 36.177904][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 36.179585][ T4218] 6.1.44-syzkaller #0 Not tainted [ 36.180703][ T4218] ----------------------------------------------------- [ 36.182202][ T4218] syz-executor328/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 36.184074][ T4218] ffff800015b3c2e0 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 36.186430][ T4218] [ 36.186430][ T4218] and this task is already holding: [ 36.188062][ T4218] ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.190024][ T4218] which would create a new lock dependency: [ 36.191269][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 36.192951][ T4218] [ 36.192951][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 36.195043][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 36.195061][ T4218] [ 36.195061][ T4218] ... which became SOFTIRQ-irq-safe at: [ 36.197832][ T4218] lock_acquire+0x26c/0x7cc [ 36.198778][ T4218] _raw_spin_lock+0x54/0x6c [ 36.199799][ T4218] net_tx_action+0x6ec/0x94c [ 36.200923][ T4218] __do_softirq+0x30c/0xea0 [ 36.201917][ T4218] ____do_softirq+0x14/0x20 [ 36.202970][ T4218] call_on_irq_stack+0x24/0x4c [ 36.204082][ T4218] do_softirq_own_stack+0x20/0x2c [ 36.205232][ T4218] do_softirq+0x120/0x20c [ 36.206206][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 36.207323][ T4218] local_bh_enable+0x28/0x34 [ 36.208328][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 36.209413][ T4218] dev_deactivate+0x13c/0x1fc [ 36.210512][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 36.211586][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 36.212770][ T4218] linkwatch_event+0x58/0x68 [ 36.213855][ T4218] process_one_work+0x7ac/0x1404 [ 36.214954][ T4218] worker_thread+0x8e4/0xfec [ 36.216027][ T4218] kthread+0x250/0x2d8 [ 36.216968][ T4218] ret_from_fork+0x10/0x20 [ 36.218079][ T4218] [ 36.218079][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 36.219669][ T4218] (fs_reclaim){+.+.}-{0:0} [ 36.219687][ T4218] [ 36.219687][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 36.222603][ T4218] ... [ 36.222609][ T4218] lock_acquire+0x26c/0x7cc [ 36.224138][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.225357][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.226581][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.227674][ T4218] init_rescuer+0xa4/0x264 [ 36.228660][ T4218] workqueue_init+0x298/0x5b4 [ 36.229686][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.230876][ T4218] kernel_init+0x24/0x29c [ 36.231901][ T4218] ret_from_fork+0x10/0x20 [ 36.232920][ T4218] [ 36.232920][ T4218] other info that might help us debug this: [ 36.232920][ T4218] [ 36.235268][ T4218] Possible interrupt unsafe locking scenario: [ 36.235268][ T4218] [ 36.237007][ T4218] CPU0 CPU1 [ 36.238274][ T4218] ---- ---- [ 36.239538][ T4218] lock(fs_reclaim); [ 36.240393][ T4218] local_irq_disable(); [ 36.241924][ T4218] lock(noop_qdisc.q.lock); [ 36.243576][ T4218] lock(fs_reclaim); [ 36.245002][ T4218] [ 36.245778][ T4218] lock(noop_qdisc.q.lock); [ 36.246769][ T4218] [ 36.246769][ T4218] *** DEADLOCK *** [ 36.246769][ T4218] [ 36.248532][ T4218] 2 locks held by syz-executor328/4218: [ 36.249695][ T4218] #0: ffff800017e6fcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 36.251715][ T4218] #1: ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.253865][ T4218] [ 36.253865][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 36.256245][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 36.257464][ T4218] HARDIRQ-ON-W at: [ 36.258428][ T4218] lock_acquire+0x26c/0x7cc [ 36.259825][ T4218] _raw_spin_lock+0x54/0x6c [ 36.261298][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 36.262731][ T4218] tx+0x90/0x134 [ 36.263854][ T4218] kthread+0x1ac/0x374 [ 36.265156][ T4218] kthread+0x250/0x2d8 [ 36.266372][ T4218] ret_from_fork+0x10/0x20 [ 36.267715][ T4218] IN-SOFTIRQ-W at: [ 36.268575][ T4218] lock_acquire+0x26c/0x7cc [ 36.269858][ T4218] _raw_spin_lock+0x54/0x6c [ 36.271251][ T4218] net_tx_action+0x6ec/0x94c [ 36.272706][ T4218] __do_softirq+0x30c/0xea0 [ 36.274076][ T4218] ____do_softirq+0x14/0x20 [ 36.275398][ T4218] call_on_irq_stack+0x24/0x4c [ 36.276833][ T4218] do_softirq_own_stack+0x20/0x2c [ 36.278425][ T4218] do_softirq+0x120/0x20c [ 36.279672][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 36.281089][ T4218] local_bh_enable+0x28/0x34 [ 36.282468][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 36.283938][ T4218] dev_deactivate+0x13c/0x1fc [ 36.285412][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 36.286825][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 36.288278][ T4218] linkwatch_event+0x58/0x68 [ 36.289630][ T4218] process_one_work+0x7ac/0x1404 [ 36.291142][ T4218] worker_thread+0x8e4/0xfec [ 36.292434][ T4218] kthread+0x250/0x2d8 [ 36.293627][ T4218] ret_from_fork+0x10/0x20 [ 36.294954][ T4218] INITIAL USE at: [ 36.295794][ T4218] lock_acquire+0x26c/0x7cc [ 36.297188][ T4218] _raw_spin_lock+0x54/0x6c [ 36.298662][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 36.300150][ T4218] tx+0x90/0x134 [ 36.301295][ T4218] kthread+0x1ac/0x374 [ 36.302545][ T4218] kthread+0x250/0x2d8 [ 36.303804][ T4218] ret_from_fork+0x10/0x20 [ 36.305084][ T4218] } [ 36.305638][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 36.307347][ T4218] [ 36.307347][ T4218] the dependencies between the lock to be acquired [ 36.307354][ T4218] and SOFTIRQ-irq-unsafe lock: [ 36.310234][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 36.311293][ T4218] HARDIRQ-ON-W at: [ 36.312267][ T4218] lock_acquire+0x26c/0x7cc [ 36.313662][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.315193][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.316834][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.318194][ T4218] init_rescuer+0xa4/0x264 [ 36.319585][ T4218] workqueue_init+0x298/0x5b4 [ 36.320987][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.322385][ T4218] kernel_init+0x24/0x29c [ 36.323678][ T4218] ret_from_fork+0x10/0x20 [ 36.324970][ T4218] SOFTIRQ-ON-W at: [ 36.325863][ T4218] lock_acquire+0x26c/0x7cc [ 36.327171][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.328639][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.330171][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.331645][ T4218] init_rescuer+0xa4/0x264 [ 36.332976][ T4218] workqueue_init+0x298/0x5b4 [ 36.334472][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.336116][ T4218] kernel_init+0x24/0x29c [ 36.337383][ T4218] ret_from_fork+0x10/0x20 [ 36.338747][ T4218] INITIAL USE at: [ 36.339589][ T4218] lock_acquire+0x26c/0x7cc [ 36.340893][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.342331][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.343895][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.345388][ T4218] init_rescuer+0xa4/0x264 [ 36.346777][ T4218] workqueue_init+0x298/0x5b4 [ 36.348124][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.349626][ T4218] kernel_init+0x24/0x29c [ 36.350901][ T4218] ret_from_fork+0x10/0x20 [ 36.352191][ T4218] } [ 36.352721][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 36.354433][ T4218] ... acquired at: [ 36.355309][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.356355][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.357556][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.358506][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.359573][ T4218] get_dist_table+0xa0/0x354 [ 36.360586][ T4218] netem_change+0x7a4/0x1900 [ 36.361642][ T4218] netem_init+0x54/0xb8 [ 36.362638][ T4218] qdisc_create+0x70c/0xe64 [ 36.363578][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.364687][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.365829][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.366945][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.367960][ T4218] netlink_unicast+0x660/0x8d4 [ 36.369020][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.370104][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.371184][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.372266][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.373380][ T4218] invoke_syscall+0x98/0x2c0 [ 36.374408][ T4218] el0_svc_common+0x138/0x258 [ 36.375476][ T4218] do_el0_svc+0x64/0x218 [ 36.376429][ T4218] el0_svc+0x58/0x168 [ 36.377324][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.378404][ T4218] el0t_64_sync+0x18c/0x190 [ 36.379504][ T4218] [ 36.379984][ T4218] [ 36.379984][ T4218] stack backtrace: [ 36.381306][ T4218] CPU: 1 PID: 4218 Comm: syz-executor328 Not tainted 6.1.44-syzkaller #0 [ 36.383119][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.385247][ T4218] Call trace: [ 36.385929][ T4218] dump_backtrace+0x1c8/0x1f4 [ 36.386938][ T4218] show_stack+0x2c/0x3c [ 36.387868][ T4218] dump_stack_lvl+0x108/0x170 [ 36.388866][ T4218] dump_stack+0x1c/0x58 [ 36.389750][ T4218] __lock_acquire+0x6310/0x764c [ 36.390823][ T4218] lock_acquire+0x26c/0x7cc [ 36.391831][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.392943][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.394106][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.395160][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.396099][ T4218] get_dist_table+0xa0/0x354 [ 36.397052][ T4218] netem_change+0x7a4/0x1900 [ 36.398065][ T4218] netem_init+0x54/0xb8 [ 36.398920][ T4218] qdisc_create+0x70c/0xe64 [ 36.399851][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.400912][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.401998][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.403052][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.404008][ T4218] netlink_unicast+0x660/0x8d4 [ 36.405079][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.406112][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.407221][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.408286][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.409342][ T4218] invoke_syscall+0x98/0x2c0 [ 36.410348][ T4218] el0_svc_common+0x138/0x258 [ 36.411400][ T4218] do_el0_svc+0x64/0x218 [ 36.412327][ T4218] el0_svc+0x58/0x168 [ 36.413248][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.414348][ T4218] el0t_64_sync+0x18c/0x190 [ 36.415395][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 36.417429][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor328 [ 36.419518][ T4218] preempt_count: 201, expected: 0 [ 36.420725][ T4218] RCU nest depth: 0, expected: 0 [ 36.421832][ T4218] INFO: lockdep is turned off. [ 36.422869][ T4218] Preemption disabled at: [ 36.422878][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 36.425347][ T4218] CPU: 1 PID: 4218 Comm: syz-executor328 Not tainted 6.1.44-syzkaller #0 [ 36.427184][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.429386][ T4218] Call trace: [ 36.430053][ T4218] dump_backtrace+0x1c8/0x1f4 [ 36.430994][ T4218] show_stack+0x2c/0x3c [ 36.431852][ T4218] dump_stack_lvl+0x108/0x170 [ 36.432847][ T4218] dump_stack+0x1c/0x58 [ 36.433712][ T4218] __might_resched+0x37c/0x4d8 [ 36.434744][ T4218] __might_sleep+0x90/0xe4 [ 36.435700][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 36.436889][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.437913][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.438889][ T4218] get_dist_table+0xa0/0x354 [ 36.439924][ T4218] netem_change+0x7a4/0x1900 [ 36.440934][ T4218] netem_init+0x54/0xb8 [ 36.441868][ T4218] qdisc_create+0x70c/0xe64 [ 36.442898][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.443920][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.445050][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.446202][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.447161][ T4218] netlink_unicast+0x660/0x8d4 [ 36.448224][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.449338][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.450324][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.451372][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.452513][ T4218] invoke_syscall+0x98/0x2c0 [ 36.453589][ T4218] el0_svc_common+0x138/0x258 [ 36.454628][ T4218] do_el0_svc+0x64/0x218 [ 36.455576][ T4218] el0_svc+0x58/0x168 [ 36.456405][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.457548][ T4218] el0t_64_sync+0x18c/0x190