Warning: Permanently added '10.128.1.115' (ED25519) to the list of known hosts. executing program [ 37.886306][ T4218] [ 37.886926][ T4218] ===================================================== [ 37.888688][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 37.890674][ T4218] 6.1.45-syzkaller #0 Not tainted [ 37.891943][ T4218] ----------------------------------------------------- [ 37.893672][ T4218] syz-executor187/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 37.895697][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 37.898122][ T4218] [ 37.898122][ T4218] and this task is already holding: [ 37.899924][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 37.902331][ T4218] which would create a new lock dependency: [ 37.903780][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 37.905748][ T4218] [ 37.905748][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 37.908099][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 37.908117][ T4218] [ 37.908117][ T4218] ... which became SOFTIRQ-irq-safe at: [ 37.911323][ T4218] lock_acquire+0x26c/0x7cc [ 37.912453][ T4218] _raw_spin_lock+0x54/0x6c [ 37.913573][ T4218] net_tx_action+0x6ec/0x94c [ 37.914769][ T4218] __do_softirq+0x30c/0xea0 [ 37.915886][ T4218] ____do_softirq+0x14/0x20 [ 37.917061][ T4218] call_on_irq_stack+0x24/0x4c [ 37.918351][ T4218] do_softirq_own_stack+0x20/0x2c [ 37.919642][ T4218] do_softirq+0x120/0x20c [ 37.920821][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 37.922196][ T4218] local_bh_enable+0x28/0x34 [ 37.923441][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 37.924731][ T4218] dev_deactivate+0x13c/0x1fc [ 37.925927][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 37.927214][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 37.928561][ T4218] linkwatch_event+0x58/0x68 [ 37.929737][ T4218] process_one_work+0x7ac/0x1404 [ 37.931008][ T4218] worker_thread+0x8e4/0xfec [ 37.932175][ T4218] kthread+0x250/0x2d8 [ 37.933237][ T4218] ret_from_fork+0x10/0x20 [ 37.934404][ T4218] [ 37.934404][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 37.936152][ T4218] (fs_reclaim){+.+.}-{0:0} [ 37.936182][ T4218] [ 37.936182][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 37.939325][ T4218] ... [ 37.939330][ T4218] lock_acquire+0x26c/0x7cc [ 37.941189][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.942541][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.943924][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.945194][ T4218] init_rescuer+0xa4/0x264 [ 37.946349][ T4218] workqueue_init+0x298/0x5b4 [ 37.947582][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.948980][ T4218] kernel_init+0x24/0x29c [ 37.950123][ T4218] ret_from_fork+0x10/0x20 [ 37.951284][ T4218] [ 37.951284][ T4218] other info that might help us debug this: [ 37.951284][ T4218] [ 37.953939][ T4218] Possible interrupt unsafe locking scenario: [ 37.953939][ T4218] [ 37.956110][ T4218] CPU0 CPU1 [ 37.957513][ T4218] ---- ---- [ 37.958905][ T4218] lock(fs_reclaim); [ 37.959911][ T4218] local_irq_disable(); [ 37.961635][ T4218] lock(noop_qdisc.q.lock); [ 37.963482][ T4218] lock(fs_reclaim); [ 37.965111][ T4218] [ 37.965968][ T4218] lock(noop_qdisc.q.lock); [ 37.967228][ T4218] [ 37.967228][ T4218] *** DEADLOCK *** [ 37.967228][ T4218] [ 37.969329][ T4218] 2 locks held by syz-executor187/4218: [ 37.970713][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 37.973138][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 37.975737][ T4218] [ 37.975737][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 37.978357][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 37.979842][ T4218] HARDIRQ-ON-W at: [ 37.980970][ T4218] lock_acquire+0x26c/0x7cc [ 37.982606][ T4218] _raw_spin_lock+0x54/0x6c [ 37.984213][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 37.985852][ T4218] tx+0x90/0x134 [ 37.987191][ T4218] kthread+0x1ac/0x374 [ 37.988711][ T4218] kthread+0x250/0x2d8 [ 37.990180][ T4218] ret_from_fork+0x10/0x20 [ 37.991773][ T4218] IN-SOFTIRQ-W at: [ 37.992794][ T4218] lock_acquire+0x26c/0x7cc [ 37.994430][ T4218] _raw_spin_lock+0x54/0x6c [ 37.996035][ T4218] net_tx_action+0x6ec/0x94c [ 37.997725][ T4218] __do_softirq+0x30c/0xea0 [ 37.999313][ T4218] ____do_softirq+0x14/0x20 [ 38.000909][ T4218] call_on_irq_stack+0x24/0x4c [ 38.002556][ T4218] do_softirq_own_stack+0x20/0x2c [ 38.004358][ T4218] do_softirq+0x120/0x20c [ 38.005927][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 38.007738][ T4218] local_bh_enable+0x28/0x34 [ 38.009368][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 38.011117][ T4218] dev_deactivate+0x13c/0x1fc [ 38.012769][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 38.014443][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 38.016270][ T4218] linkwatch_event+0x58/0x68 [ 38.017938][ T4218] process_one_work+0x7ac/0x1404 [ 38.019583][ T4218] worker_thread+0x8e4/0xfec [ 38.021135][ T4218] kthread+0x250/0x2d8 [ 38.022622][ T4218] ret_from_fork+0x10/0x20 [ 38.024207][ T4218] INITIAL USE at: [ 38.025226][ T4218] lock_acquire+0x26c/0x7cc [ 38.026799][ T4218] _raw_spin_lock+0x54/0x6c [ 38.028450][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 38.030085][ T4218] tx+0x90/0x134 [ 38.031416][ T4218] kthread+0x1ac/0x374 [ 38.032855][ T4218] kthread+0x250/0x2d8 [ 38.034320][ T4218] ret_from_fork+0x10/0x20 [ 38.035845][ T4218] } [ 38.036508][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 38.038453][ T4218] [ 38.038453][ T4218] the dependencies between the lock to be acquired [ 38.038460][ T4218] and SOFTIRQ-irq-unsafe lock: [ 38.041838][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 38.043112][ T4218] HARDIRQ-ON-W at: [ 38.044145][ T4218] lock_acquire+0x26c/0x7cc [ 38.045777][ T4218] fs_reclaim_acquire+0x90/0x12c [ 38.047512][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 38.049323][ T4218] kmalloc_node_trace+0x44/0x90 [ 38.050966][ T4218] init_rescuer+0xa4/0x264 [ 38.052587][ T4218] workqueue_init+0x298/0x5b4 [ 38.054222][ T4218] kernel_init_freeable+0x33c/0x528 [ 38.056041][ T4218] kernel_init+0x24/0x29c [ 38.057595][ T4218] ret_from_fork+0x10/0x20 [ 38.059193][ T4218] SOFTIRQ-ON-W at: [ 38.060226][ T4218] lock_acquire+0x26c/0x7cc [ 38.061825][ T4218] fs_reclaim_acquire+0x90/0x12c [ 38.063564][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 38.065439][ T4218] kmalloc_node_trace+0x44/0x90 [ 38.067117][ T4218] init_rescuer+0xa4/0x264 [ 38.068725][ T4218] workqueue_init+0x298/0x5b4 [ 38.070361][ T4218] kernel_init_freeable+0x33c/0x528 [ 38.072138][ T4218] kernel_init+0x24/0x29c [ 38.073673][ T4218] ret_from_fork+0x10/0x20 [ 38.075195][ T4218] INITIAL USE at: [ 38.076200][ T4218] lock_acquire+0x26c/0x7cc [ 38.077868][ T4218] fs_reclaim_acquire+0x90/0x12c [ 38.079569][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 38.081427][ T4218] kmalloc_node_trace+0x44/0x90 [ 38.083129][ T4218] init_rescuer+0xa4/0x264 [ 38.084710][ T4218] workqueue_init+0x298/0x5b4 [ 38.086314][ T4218] kernel_init_freeable+0x33c/0x528 [ 38.088087][ T4218] kernel_init+0x24/0x29c [ 38.089673][ T4218] ret_from_fork+0x10/0x20 [ 38.091223][ T4218] } [ 38.091833][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 38.093875][ T4218] ... acquired at: [ 38.094837][ T4218] fs_reclaim_acquire+0x90/0x12c [ 38.096149][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 38.097595][ T4218] __kmalloc_node+0xcc/0x1d0 [ 38.098800][ T4218] kvmalloc_node+0x84/0x1e4 [ 38.099995][ T4218] get_dist_table+0xa0/0x354 [ 38.101271][ T4218] netem_change+0x754/0x1900 [ 38.102531][ T4218] netem_init+0x54/0xb8 [ 38.103650][ T4218] qdisc_create+0x70c/0xe64 [ 38.104864][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 38.106178][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.107522][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 38.108831][ T4218] rtnetlink_rcv+0x28/0x38 [ 38.110012][ T4218] netlink_unicast+0x660/0x8d4 [ 38.111328][ T4218] netlink_sendmsg+0x834/0xb18 [ 38.112639][ T4218] ____sys_sendmsg+0x558/0x844 [ 38.113994][ T4218] __sys_sendmsg+0x26c/0x33c [ 38.115246][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 38.116586][ T4218] invoke_syscall+0x98/0x2c0 [ 38.117811][ T4218] el0_svc_common+0x138/0x258 [ 38.119109][ T4218] do_el0_svc+0x64/0x218 [ 38.120293][ T4218] el0_svc+0x58/0x168 [ 38.121452][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 38.122800][ T4218] el0t_64_sync+0x18c/0x190 [ 38.124022][ T4218] [ 38.124643][ T4218] [ 38.124643][ T4218] stack backtrace: [ 38.126189][ T4218] CPU: 0 PID: 4218 Comm: syz-executor187 Not tainted 6.1.45-syzkaller #0 [ 38.128394][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 38.130979][ T4218] Call trace: [ 38.131818][ T4218] dump_backtrace+0x1c8/0x1f4 [ 38.133023][ T4218] show_stack+0x2c/0x3c [ 38.134108][ T4218] dump_stack_lvl+0x108/0x170 [ 38.135283][ T4218] dump_stack+0x1c/0x58 [ 38.136377][ T4218] __lock_acquire+0x6310/0x764c [ 38.137694][ T4218] lock_acquire+0x26c/0x7cc [ 38.138917][ T4218] fs_reclaim_acquire+0x90/0x12c [ 38.140295][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 38.141713][ T4218] __kmalloc_node+0xcc/0x1d0 [ 38.142984][ T4218] kvmalloc_node+0x84/0x1e4 [ 38.144134][ T4218] get_dist_table+0xa0/0x354 [ 38.145379][ T4218] netem_change+0x754/0x1900 [ 38.146606][ T4218] netem_init+0x54/0xb8 [ 38.147744][ T4218] qdisc_create+0x70c/0xe64 [ 38.148982][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 38.150260][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.151573][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 38.152891][ T4218] rtnetlink_rcv+0x28/0x38 [ 38.154030][ T4218] netlink_unicast+0x660/0x8d4 [ 38.155326][ T4218] netlink_sendmsg+0x834/0xb18 [ 38.156602][ T4218] ____sys_sendmsg+0x558/0x844 [ 38.157872][ T4218] __sys_sendmsg+0x26c/0x33c [ 38.159050][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 38.160380][ T4218] invoke_syscall+0x98/0x2c0 [ 38.161592][ T4218] el0_svc_common+0x138/0x258 [ 38.162831][ T4218] do_el0_svc+0x64/0x218 [ 38.163947][ T4218] el0_svc+0x58/0x168 [ 38.165096][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 38.166425][ T4218] el0t_64_sync+0x18c/0x190 [ 38.167743][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 38.170076][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor187 [ 38.172496][ T4218] preempt_count: 201, expected: 0 [ 38.173837][ T4218] RCU nest depth: 0, expected: 0 [ 38.175064][ T4218] INFO: lockdep is turned off. [ 38.176288][ T4218] Preemption disabled at: [ 38.176297][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 38.178891][ T4218] CPU: 0 PID: 4218 Comm: syz-executor187 Not tainted 6.1.45-syzkaller #0 [ 38.180981][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 38.183557][ T4218] Call trace: [ 38.184395][ T4218] dump_backtrace+0x1c8/0x1f4 [ 38.185705][ T4218] show_stack+0x2c/0x3c [ 38.186707][ T4218] dump_stack_lvl+0x108/0x170 [ 38.187901][ T4218] dump_stack+0x1c/0x58 [ 38.189003][ T4218] __might_resched+0x37c/0x4d8 [ 38.190190][ T4218] __might_sleep+0x90/0xe4 [ 38.191370][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 38.192728][ T4218] __kmalloc_node+0xcc/0x1d0 [ 38.193869][ T4218] kvmalloc_node+0x84/0x1e4 [ 38.195076][ T4218] get_dist_table+0xa0/0x354 [ 38.196237][ T4218] netem_change+0x754/0x1900 [ 38.197394][ T4218] netem_init+0x54/0xb8 [ 38.198431][ T4218] qdisc_create+0x70c/0xe64 [ 38.199599][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 38.200833][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 38.202071][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 38.203301][ T4218] rtnetlink_rcv+0x28/0x38 [ 38.204408][ T4218] netlink_unicast+0x660/0x8d4 [ 38.205654][ T4218] netlink_sendmsg+0x834/0xb18 [ 38.206835][ T4218] ____sys_sendmsg+0x558/0x844 [ 38.208036][ T4218] __sys_sendmsg+0x26c/0x33c [ 38.209233][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 38.210425][ T4218] invoke_syscall+0x98/0x2c0 [ 38.211590][ T4218] el0_svc_common+0x138/0x258 [ 38.212819][ T4218] do_el0_svc+0x64/0x218 [ 38.213896][ T4218] el0_svc+0x58/0x168 [ 38.214978][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 38.216230][ T4218] el0t_64_sync+0x18c/0x190