Warning: Permanently added '10.128.10.30' (ED25519) to the list of known hosts. executing program [ 35.890702][ T4218] [ 35.891451][ T4218] ===================================================== [ 35.893364][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.895358][ T4218] 6.1.45-syzkaller #0 Not tainted [ 35.896673][ T4218] ----------------------------------------------------- [ 35.898579][ T4218] syz-executor279/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.900703][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.903256][ T4218] [ 35.903256][ T4218] and this task is already holding: [ 35.905208][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.907633][ T4218] which would create a new lock dependency: [ 35.909194][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.911224][ T4218] [ 35.911224][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.913709][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.913726][ T4218] [ 35.913726][ T4218] ... which became SOFTIRQ-irq-safe at: [ 35.917036][ T4218] lock_acquire+0x26c/0x7cc [ 35.918211][ T4218] _raw_spin_lock+0x54/0x6c [ 35.919461][ T4218] net_tx_action+0x6ec/0x94c [ 35.920679][ T4218] __do_softirq+0x30c/0xea0 [ 35.921901][ T4218] ____do_softirq+0x14/0x20 [ 35.923124][ T4218] call_on_irq_stack+0x24/0x4c [ 35.924414][ T4218] do_softirq_own_stack+0x20/0x2c [ 35.925727][ T4218] do_softirq+0x120/0x20c [ 35.926867][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.928254][ T4218] local_bh_enable+0x28/0x34 [ 35.929502][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 35.930832][ T4218] dev_deactivate+0x13c/0x1fc [ 35.932064][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 35.933374][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 35.934794][ T4218] linkwatch_event+0x58/0x68 [ 35.936037][ T4218] process_one_work+0x7ac/0x1404 [ 35.937358][ T4218] worker_thread+0x8e4/0xfec [ 35.938615][ T4218] kthread+0x250/0x2d8 [ 35.939716][ T4218] ret_from_fork+0x10/0x20 [ 35.940920][ T4218] [ 35.940920][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 35.942777][ T4218] (fs_reclaim){+.+.}-{0:0} [ 35.942795][ T4218] [ 35.942795][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 35.946019][ T4218] ... [ 35.946025][ T4218] lock_acquire+0x26c/0x7cc [ 35.947967][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.949327][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.950725][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.952104][ T4218] init_rescuer+0xa4/0x264 [ 35.953331][ T4218] workqueue_init+0x298/0x5b4 [ 35.954681][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.956115][ T4218] kernel_init+0x24/0x29c [ 35.957299][ T4218] ret_from_fork+0x10/0x20 [ 35.958510][ T4218] [ 35.958510][ T4218] other info that might help us debug this: [ 35.958510][ T4218] [ 35.961245][ T4218] Possible interrupt unsafe locking scenario: [ 35.961245][ T4218] [ 35.963448][ T4218] CPU0 CPU1 [ 35.964858][ T4218] ---- ---- [ 35.966279][ T4218] lock(fs_reclaim); [ 35.967359][ T4218] local_irq_disable(); [ 35.969135][ T4218] lock(noop_qdisc.q.lock); [ 35.971018][ T4218] lock(fs_reclaim); [ 35.972756][ T4218] [ 35.973662][ T4218] lock(noop_qdisc.q.lock); [ 35.974942][ T4218] [ 35.974942][ T4218] *** DEADLOCK *** [ 35.974942][ T4218] [ 35.977109][ T4218] 2 locks held by syz-executor279/4218: [ 35.978648][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.981187][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.983832][ T4218] [ 35.983832][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.986684][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.988146][ T4218] HARDIRQ-ON-W at: [ 35.989181][ T4218] lock_acquire+0x26c/0x7cc [ 35.990872][ T4218] _raw_spin_lock+0x54/0x6c [ 35.992532][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 35.994291][ T4218] tx+0x90/0x134 [ 35.995677][ T4218] kthread+0x1ac/0x374 [ 35.997244][ T4218] kthread+0x250/0x2d8 [ 35.998703][ T4218] ret_from_fork+0x10/0x20 [ 36.000285][ T4218] IN-SOFTIRQ-W at: [ 36.001319][ T4218] lock_acquire+0x26c/0x7cc [ 36.002978][ T4218] _raw_spin_lock+0x54/0x6c [ 36.004672][ T4218] net_tx_action+0x6ec/0x94c [ 36.006338][ T4218] __do_softirq+0x30c/0xea0 [ 36.008011][ T4218] ____do_softirq+0x14/0x20 [ 36.009660][ T4218] call_on_irq_stack+0x24/0x4c [ 36.011387][ T4218] do_softirq_own_stack+0x20/0x2c [ 36.013204][ T4218] do_softirq+0x120/0x20c [ 36.014805][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 36.016645][ T4218] local_bh_enable+0x28/0x34 [ 36.018310][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 36.020142][ T4218] dev_deactivate+0x13c/0x1fc [ 36.021901][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 36.023727][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 36.025534][ T4218] linkwatch_event+0x58/0x68 [ 36.027236][ T4218] process_one_work+0x7ac/0x1404 [ 36.028973][ T4218] worker_thread+0x8e4/0xfec [ 36.030651][ T4218] kthread+0x250/0x2d8 [ 36.032218][ T4218] ret_from_fork+0x10/0x20 [ 36.033871][ T4218] INITIAL USE at: [ 36.034856][ T4218] lock_acquire+0x26c/0x7cc [ 36.036444][ T4218] _raw_spin_lock+0x54/0x6c [ 36.038050][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 36.039816][ T4218] tx+0x90/0x134 [ 36.041163][ T4218] kthread+0x1ac/0x374 [ 36.042649][ T4218] kthread+0x250/0x2d8 [ 36.044144][ T4218] ret_from_fork+0x10/0x20 [ 36.045685][ T4218] } [ 36.046339][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 36.048438][ T4218] [ 36.048438][ T4218] the dependencies between the lock to be acquired [ 36.048445][ T4218] and SOFTIRQ-irq-unsafe lock: [ 36.052048][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 36.053367][ T4218] HARDIRQ-ON-W at: [ 36.054384][ T4218] lock_acquire+0x26c/0x7cc [ 36.055986][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.057748][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.059636][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.061356][ T4218] init_rescuer+0xa4/0x264 [ 36.062915][ T4218] workqueue_init+0x298/0x5b4 [ 36.064592][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.066409][ T4218] kernel_init+0x24/0x29c [ 36.067995][ T4218] ret_from_fork+0x10/0x20 [ 36.069677][ T4218] SOFTIRQ-ON-W at: [ 36.070748][ T4218] lock_acquire+0x26c/0x7cc [ 36.072473][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.074233][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.076146][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.077830][ T4218] init_rescuer+0xa4/0x264 [ 36.079379][ T4218] workqueue_init+0x298/0x5b4 [ 36.081109][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.082954][ T4218] kernel_init+0x24/0x29c [ 36.084549][ T4218] ret_from_fork+0x10/0x20 [ 36.086163][ T4218] INITIAL USE at: [ 36.087233][ T4218] lock_acquire+0x26c/0x7cc [ 36.088810][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.090508][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.092342][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.094089][ T4218] init_rescuer+0xa4/0x264 [ 36.095759][ T4218] workqueue_init+0x298/0x5b4 [ 36.097491][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.099317][ T4218] kernel_init+0x24/0x29c [ 36.100863][ T4218] ret_from_fork+0x10/0x20 [ 36.102428][ T4218] } [ 36.103124][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 36.105252][ T4218] ... acquired at: [ 36.106260][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.107628][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.109118][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.110369][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.111639][ T4218] get_dist_table+0xa0/0x354 [ 36.112930][ T4218] netem_change+0x754/0x1900 [ 36.114210][ T4218] netem_init+0x54/0xb8 [ 36.115363][ T4218] qdisc_create+0x70c/0xe64 [ 36.116602][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.117942][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.119336][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.120656][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.121882][ T4218] netlink_unicast+0x660/0x8d4 [ 36.123212][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.124533][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.125908][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.127183][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.128551][ T4218] invoke_syscall+0x98/0x2c0 [ 36.129810][ T4218] el0_svc_common+0x138/0x258 [ 36.131094][ T4218] do_el0_svc+0x64/0x218 [ 36.132265][ T4218] el0_svc+0x58/0x168 [ 36.133367][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.134768][ T4218] el0t_64_sync+0x18c/0x190 [ 36.136081][ T4218] [ 36.136716][ T4218] [ 36.136716][ T4218] stack backtrace: [ 36.138293][ T4218] CPU: 0 PID: 4218 Comm: syz-executor279 Not tainted 6.1.45-syzkaller #0 [ 36.140529][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.143227][ T4218] Call trace: [ 36.144109][ T4218] dump_backtrace+0x1c8/0x1f4 [ 36.145343][ T4218] show_stack+0x2c/0x3c [ 36.146401][ T4218] dump_stack_lvl+0x108/0x170 [ 36.147642][ T4218] dump_stack+0x1c/0x58 [ 36.148750][ T4218] __lock_acquire+0x6310/0x764c [ 36.150056][ T4218] lock_acquire+0x26c/0x7cc [ 36.151281][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.152628][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.154041][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.155267][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.156435][ T4218] get_dist_table+0xa0/0x354 [ 36.157650][ T4218] netem_change+0x754/0x1900 [ 36.158904][ T4218] netem_init+0x54/0xb8 [ 36.160021][ T4218] qdisc_create+0x70c/0xe64 [ 36.161221][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.162470][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.163783][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.165086][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.166288][ T4218] netlink_unicast+0x660/0x8d4 [ 36.167559][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.168808][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.170086][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.171272][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.172558][ T4218] invoke_syscall+0x98/0x2c0 [ 36.173792][ T4218] el0_svc_common+0x138/0x258 [ 36.175059][ T4218] do_el0_svc+0x64/0x218 [ 36.176209][ T4218] el0_svc+0x58/0x168 [ 36.177330][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.178730][ T4218] el0t_64_sync+0x18c/0x190 [ 36.179950][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 36.182379][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor279 [ 36.184100][ T4218] preempt_count: 201, expected: 0 [ 36.184973][ T4218] RCU nest depth: 0, expected: 0 [ 36.185804][ T4218] INFO: lockdep is turned off. [ 36.186598][ T4218] Preemption disabled at: [ 36.186606][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 36.188408][ T4218] CPU: 0 PID: 4218 Comm: syz-executor279 Not tainted 6.1.45-syzkaller #0 [ 36.189834][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.191550][ T4218] Call trace: [ 36.192113][ T4218] dump_backtrace+0x1c8/0x1f4 [ 36.193120][ T4218] show_stack+0x2c/0x3c [ 36.194194][ T4218] dump_stack_lvl+0x108/0x170 [ 36.195388][ T4218] dump_stack+0x1c/0x58 [ 36.196429][ T4218] __might_resched+0x37c/0x4d8 [ 36.197677][ T4218] __might_sleep+0x90/0xe4 [ 36.198762][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 36.200189][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.201376][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.202584][ T4218] get_dist_table+0xa0/0x354 [ 36.203754][ T4218] netem_change+0x754/0x1900 [ 36.204973][ T4218] netem_init+0x54/0xb8 [ 36.206032][ T4218] qdisc_create+0x70c/0xe64 [ 36.207218][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.208525][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.209810][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.211056][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.212272][ T4218] netlink_unicast+0x660/0x8d4 [ 36.213535][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.214720][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.215956][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.217120][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.218353][ T4218] invoke_syscall+0x98/0x2c0 [ 36.219566][ T4218] el0_svc_common+0x138/0x258 [ 36.220746][ T4218] do_el0_svc+0x64/0x218 [ 36.221849][ T4218] el0_svc+0x58/0x168 [ 36.222924][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.224245][ T4218] el0t_64_sync+0x18c/0x190