Warning: Permanently added '10.128.0.51' (ED25519) to the list of known hosts. executing program [ 37.275656][ T4218] [ 37.276345][ T4218] ===================================================== [ 37.278188][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 37.280201][ T4218] 6.1.44-syzkaller #0 Not tainted [ 37.281565][ T4218] ----------------------------------------------------- [ 37.283439][ T4218] syz-executor272/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 37.285652][ T4218] ffff800015b3c2e0 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 37.288225][ T4218] [ 37.288225][ T4218] and this task is already holding: [ 37.290236][ T4218] ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 37.292767][ T4218] which would create a new lock dependency: [ 37.294390][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 37.296483][ T4218] [ 37.296483][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 37.299057][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 37.299075][ T4218] [ 37.299075][ T4218] ... which became SOFTIRQ-irq-safe at: [ 37.302578][ T4218] lock_acquire+0x26c/0x7cc [ 37.303827][ T4218] _raw_spin_lock+0x54/0x6c [ 37.305085][ T4218] net_tx_action+0x6ec/0x94c [ 37.306354][ T4218] __do_softirq+0x30c/0xea0 [ 37.307629][ T4218] ____do_softirq+0x14/0x20 [ 37.308858][ T4218] call_on_irq_stack+0x24/0x4c [ 37.310153][ T4218] do_softirq_own_stack+0x20/0x2c [ 37.311540][ T4218] do_softirq+0x120/0x20c [ 37.312748][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 37.314173][ T4218] local_bh_enable+0x28/0x34 [ 37.315468][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 37.316897][ T4218] dev_deactivate+0x13c/0x1fc [ 37.318191][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 37.319521][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 37.320989][ T4218] linkwatch_event+0x58/0x68 [ 37.322253][ T4218] process_one_work+0x7ac/0x1404 [ 37.323634][ T4218] worker_thread+0x8e4/0xfec [ 37.324906][ T4218] kthread+0x250/0x2d8 [ 37.326073][ T4218] ret_from_fork+0x10/0x20 [ 37.327256][ T4218] [ 37.327256][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 37.329161][ T4218] (fs_reclaim){+.+.}-{0:0} [ 37.329180][ T4218] [ 37.329180][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 37.332507][ T4218] ... [ 37.332513][ T4218] lock_acquire+0x26c/0x7cc [ 37.334425][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.335840][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.337311][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.338642][ T4218] init_rescuer+0xa4/0x264 [ 37.339896][ T4218] workqueue_init+0x298/0x5b4 [ 37.341243][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.342671][ T4218] kernel_init+0x24/0x29c [ 37.343908][ T4218] ret_from_fork+0x10/0x20 [ 37.345157][ T4218] [ 37.345157][ T4218] other info that might help us debug this: [ 37.345157][ T4218] [ 37.347910][ T4218] Possible interrupt unsafe locking scenario: [ 37.347910][ T4218] [ 37.350195][ T4218] CPU0 CPU1 [ 37.351598][ T4218] ---- ---- [ 37.353060][ T4218] lock(fs_reclaim); [ 37.354141][ T4218] local_irq_disable(); [ 37.355937][ T4218] lock(noop_qdisc.q.lock); [ 37.357837][ T4218] lock(fs_reclaim); [ 37.359620][ T4218] [ 37.360569][ T4218] lock(noop_qdisc.q.lock); [ 37.361829][ T4218] [ 37.361829][ T4218] *** DEADLOCK *** [ 37.361829][ T4218] [ 37.364018][ T4218] 2 locks held by syz-executor272/4218: [ 37.365521][ T4218] #0: ffff800017e6fcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 37.368121][ T4218] #1: ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 37.370796][ T4218] [ 37.370796][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 37.373660][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 37.375116][ T4218] HARDIRQ-ON-W at: [ 37.376216][ T4218] lock_acquire+0x26c/0x7cc [ 37.377891][ T4218] _raw_spin_lock+0x54/0x6c [ 37.379601][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 37.381396][ T4218] tx+0x90/0x134 [ 37.382822][ T4218] kthread+0x1ac/0x374 [ 37.384341][ T4218] kthread+0x250/0x2d8 [ 37.385930][ T4218] ret_from_fork+0x10/0x20 [ 37.387536][ T4218] IN-SOFTIRQ-W at: [ 37.388613][ T4218] lock_acquire+0x26c/0x7cc [ 37.390278][ T4218] _raw_spin_lock+0x54/0x6c [ 37.391968][ T4218] net_tx_action+0x6ec/0x94c [ 37.393644][ T4218] __do_softirq+0x30c/0xea0 [ 37.395297][ T4218] ____do_softirq+0x14/0x20 [ 37.396892][ T4218] call_on_irq_stack+0x24/0x4c [ 37.398611][ T4218] do_softirq_own_stack+0x20/0x2c [ 37.400412][ T4218] do_softirq+0x120/0x20c [ 37.402056][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 37.403860][ T4218] local_bh_enable+0x28/0x34 [ 37.405565][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 37.407420][ T4218] dev_deactivate+0x13c/0x1fc [ 37.409147][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 37.410882][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 37.412718][ T4218] linkwatch_event+0x58/0x68 [ 37.414447][ T4218] process_one_work+0x7ac/0x1404 [ 37.416256][ T4218] worker_thread+0x8e4/0xfec [ 37.417976][ T4218] kthread+0x250/0x2d8 [ 37.419501][ T4218] ret_from_fork+0x10/0x20 [ 37.421117][ T4218] INITIAL USE at: [ 37.422180][ T4218] lock_acquire+0x26c/0x7cc [ 37.423815][ T4218] _raw_spin_lock+0x54/0x6c [ 37.425444][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 37.427201][ T4218] tx+0x90/0x134 [ 37.428570][ T4218] kthread+0x1ac/0x374 [ 37.430096][ T4218] kthread+0x250/0x2d8 [ 37.431600][ T4218] ret_from_fork+0x10/0x20 [ 37.433189][ T4218] } [ 37.433847][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 37.435940][ T4218] [ 37.435940][ T4218] the dependencies between the lock to be acquired [ 37.435948][ T4218] and SOFTIRQ-irq-unsafe lock: [ 37.439526][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 37.440853][ T4218] HARDIRQ-ON-W at: [ 37.441917][ T4218] lock_acquire+0x26c/0x7cc [ 37.443539][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.445316][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.447216][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.448922][ T4218] init_rescuer+0xa4/0x264 [ 37.450581][ T4218] workqueue_init+0x298/0x5b4 [ 37.452222][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.454109][ T4218] kernel_init+0x24/0x29c [ 37.455733][ T4218] ret_from_fork+0x10/0x20 [ 37.457357][ T4218] SOFTIRQ-ON-W at: [ 37.458418][ T4218] lock_acquire+0x26c/0x7cc [ 37.460093][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.461904][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.463878][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.465669][ T4218] init_rescuer+0xa4/0x264 [ 37.467338][ T4218] workqueue_init+0x298/0x5b4 [ 37.469093][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.470965][ T4218] kernel_init+0x24/0x29c [ 37.472618][ T4218] ret_from_fork+0x10/0x20 [ 37.474247][ T4218] INITIAL USE at: [ 37.475273][ T4218] lock_acquire+0x26c/0x7cc [ 37.476883][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.478593][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.480391][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.482051][ T4218] init_rescuer+0xa4/0x264 [ 37.483626][ T4218] workqueue_init+0x298/0x5b4 [ 37.485292][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.487069][ T4218] kernel_init+0x24/0x29c [ 37.488600][ T4218] ret_from_fork+0x10/0x20 [ 37.490167][ T4218] } [ 37.490814][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 37.492911][ T4218] ... acquired at: [ 37.493881][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.495241][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.496697][ T4218] __kmalloc_node+0xcc/0x1d0 [ 37.497930][ T4218] kvmalloc_node+0x84/0x1e4 [ 37.499175][ T4218] get_dist_table+0xa0/0x354 [ 37.500436][ T4218] netem_change+0x754/0x1900 [ 37.501665][ T4218] netem_init+0x54/0xb8 [ 37.502817][ T4218] qdisc_create+0x70c/0xe64 [ 37.504065][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 37.505393][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.506721][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 37.508067][ T4218] rtnetlink_rcv+0x28/0x38 [ 37.509279][ T4218] netlink_unicast+0x660/0x8d4 [ 37.510580][ T4218] netlink_sendmsg+0x834/0xb18 [ 37.511901][ T4218] ____sys_sendmsg+0x558/0x844 [ 37.513218][ T4218] __sys_sendmsg+0x26c/0x33c [ 37.514502][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 37.515874][ T4218] invoke_syscall+0x98/0x2c0 [ 37.517108][ T4218] el0_svc_common+0x138/0x258 [ 37.518354][ T4218] do_el0_svc+0x64/0x218 [ 37.519507][ T4218] el0_svc+0x58/0x168 [ 37.520598][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 37.521986][ T4218] el0t_64_sync+0x18c/0x190 [ 37.523211][ T4218] [ 37.523821][ T4218] [ 37.523821][ T4218] stack backtrace: [ 37.525342][ T4218] CPU: 0 PID: 4218 Comm: syz-executor272 Not tainted 6.1.44-syzkaller #0 [ 37.527527][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 37.530089][ T4218] Call trace: [ 37.530951][ T4218] dump_backtrace+0x1c8/0x1f4 [ 37.532161][ T4218] show_stack+0x2c/0x3c [ 37.533252][ T4218] dump_stack_lvl+0x108/0x170 [ 37.534490][ T4218] dump_stack+0x1c/0x58 [ 37.535593][ T4218] __lock_acquire+0x6310/0x764c [ 37.536894][ T4218] lock_acquire+0x26c/0x7cc [ 37.538064][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.539348][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.540751][ T4218] __kmalloc_node+0xcc/0x1d0 [ 37.541965][ T4218] kvmalloc_node+0x84/0x1e4 [ 37.543152][ T4218] get_dist_table+0xa0/0x354 [ 37.544344][ T4218] netem_change+0x754/0x1900 [ 37.545520][ T4218] netem_init+0x54/0xb8 [ 37.546615][ T4218] qdisc_create+0x70c/0xe64 [ 37.547798][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 37.549062][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.550385][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 37.551647][ T4218] rtnetlink_rcv+0x28/0x38 [ 37.552847][ T4218] netlink_unicast+0x660/0x8d4 [ 37.554098][ T4218] netlink_sendmsg+0x834/0xb18 [ 37.555325][ T4218] ____sys_sendmsg+0x558/0x844 [ 37.556568][ T4218] __sys_sendmsg+0x26c/0x33c [ 37.557787][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 37.559067][ T4218] invoke_syscall+0x98/0x2c0 [ 37.560264][ T4218] el0_svc_common+0x138/0x258 [ 37.561510][ T4218] do_el0_svc+0x64/0x218 [ 37.562644][ T4218] el0_svc+0x58/0x168 [ 37.563723][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 37.565034][ T4218] el0t_64_sync+0x18c/0x190 [ 37.566313][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 37.568580][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor272 [ 37.570935][ T4218] preempt_count: 201, expected: 0 [ 37.572068][ T4218] RCU nest depth: 0, expected: 0 [ 37.573289][ T4218] INFO: lockdep is turned off. [ 37.574498][ T4218] Preemption disabled at: [ 37.574508][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 37.577195][ T4218] CPU: 0 PID: 4218 Comm: syz-executor272 Not tainted 6.1.44-syzkaller #0 [ 37.579214][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 37.581691][ T4218] Call trace: [ 37.582516][ T4218] dump_backtrace+0x1c8/0x1f4 [ 37.583740][ T4218] show_stack+0x2c/0x3c [ 37.584760][ T4218] dump_stack_lvl+0x108/0x170 [ 37.585974][ T4218] dump_stack+0x1c/0x58 [ 37.587006][ T4218] __might_resched+0x37c/0x4d8 [ 37.588222][ T4218] __might_sleep+0x90/0xe4 [ 37.589358][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 37.590740][ T4218] __kmalloc_node+0xcc/0x1d0 [ 37.591936][ T4218] kvmalloc_node+0x84/0x1e4 [ 37.593106][ T4218] get_dist_table+0xa0/0x354 [ 37.594322][ T4218] netem_change+0x754/0x1900 [ 37.595464][ T4218] netem_init+0x54/0xb8 [ 37.596566][ T4218] qdisc_create+0x70c/0xe64 [ 37.597702][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 37.598992][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.600288][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 37.601502][ T4218] rtnetlink_rcv+0x28/0x38 [ 37.602602][ T4218] netlink_unicast+0x660/0x8d4 [ 37.603814][ T4218] netlink_sendmsg+0x834/0xb18 [ 37.605034][ T4218] ____sys_sendmsg+0x558/0x844 [ 37.606257][ T4218] __sys_sendmsg+0x26c/0x33c [ 37.607437][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 37.608694][ T4218] invoke_syscall+0x98/0x2c0 [ 37.609823][ T4218] el0_svc_common+0x138/0x258 [ 37.610993][ T4218] do_el0_svc+0x64/0x218 [ 37.612104][ T4218] el0_svc+0x58/0x168 [ 37.613075][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 37.614329][ T4218] el0t_64_sync+0x18c/0x190