Warning: Permanently added '10.128.0.35' (ED25519) to the list of known hosts. executing program [ 35.458120][ T4218] [ 35.458766][ T4218] ===================================================== [ 35.460657][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.462678][ T4218] 6.1.45-syzkaller #0 Not tainted [ 35.464053][ T4218] ----------------------------------------------------- [ 35.465842][ T4218] syz-executor377/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.468032][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.470642][ T4218] [ 35.470642][ T4218] and this task is already holding: [ 35.472602][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.475095][ T4218] which would create a new lock dependency: [ 35.476702][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.478717][ T4218] [ 35.478717][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.481223][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.481240][ T4218] [ 35.481240][ T4218] ... which became SOFTIRQ-irq-safe at: [ 35.484628][ T4218] lock_acquire+0x26c/0x7cc [ 35.485860][ T4218] _raw_spin_lock+0x54/0x6c [ 35.487074][ T4218] net_tx_action+0x6ec/0x94c [ 35.488334][ T4218] __do_softirq+0x30c/0xea0 [ 35.489607][ T4218] ____do_softirq+0x14/0x20 [ 35.490837][ T4218] call_on_irq_stack+0x24/0x4c [ 35.492146][ T4218] do_softirq_own_stack+0x20/0x2c [ 35.493575][ T4218] do_softirq+0x120/0x20c [ 35.494757][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.496176][ T4218] local_bh_enable+0x28/0x34 [ 35.497417][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 35.498830][ T4218] dev_deactivate+0x13c/0x1fc [ 35.500120][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 35.501493][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 35.502914][ T4218] linkwatch_event+0x58/0x68 [ 35.504165][ T4218] process_one_work+0x7ac/0x1404 [ 35.505505][ T4218] worker_thread+0x8e4/0xfec [ 35.506731][ T4218] kthread+0x250/0x2d8 [ 35.507850][ T4218] ret_from_fork+0x10/0x20 [ 35.509049][ T4218] [ 35.509049][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 35.510905][ T4218] (fs_reclaim){+.+.}-{0:0} [ 35.510922][ T4218] [ 35.510922][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 35.514236][ T4218] ... [ 35.514242][ T4218] lock_acquire+0x26c/0x7cc [ 35.516173][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.517537][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.518969][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.520283][ T4218] init_rescuer+0xa4/0x264 [ 35.521491][ T4218] workqueue_init+0x298/0x5b4 [ 35.522769][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.524233][ T4218] kernel_init+0x24/0x29c [ 35.525451][ T4218] ret_from_fork+0x10/0x20 [ 35.526687][ T4218] [ 35.526687][ T4218] other info that might help us debug this: [ 35.526687][ T4218] [ 35.529463][ T4218] Possible interrupt unsafe locking scenario: [ 35.529463][ T4218] [ 35.531669][ T4218] CPU0 CPU1 [ 35.533093][ T4218] ---- ---- [ 35.534518][ T4218] lock(fs_reclaim); [ 35.535585][ T4218] local_irq_disable(); [ 35.537407][ T4218] lock(noop_qdisc.q.lock); [ 35.539343][ T4218] lock(fs_reclaim); [ 35.541088][ T4218] [ 35.541989][ T4218] lock(noop_qdisc.q.lock); [ 35.543259][ T4218] [ 35.543259][ T4218] *** DEADLOCK *** [ 35.543259][ T4218] [ 35.545449][ T4218] 2 locks held by syz-executor377/4218: [ 35.546911][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.549371][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.552018][ T4218] [ 35.552018][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.554829][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.556334][ T4218] HARDIRQ-ON-W at: [ 35.557413][ T4218] lock_acquire+0x26c/0x7cc [ 35.559065][ T4218] _raw_spin_lock+0x54/0x6c [ 35.560742][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 35.562479][ T4218] tx+0x90/0x134 [ 35.563899][ T4218] kthread+0x1ac/0x374 [ 35.565413][ T4218] kthread+0x250/0x2d8 [ 35.566943][ T4218] ret_from_fork+0x10/0x20 [ 35.568564][ T4218] IN-SOFTIRQ-W at: [ 35.569630][ T4218] lock_acquire+0x26c/0x7cc [ 35.571264][ T4218] _raw_spin_lock+0x54/0x6c [ 35.572922][ T4218] net_tx_action+0x6ec/0x94c [ 35.574605][ T4218] __do_softirq+0x30c/0xea0 [ 35.576259][ T4218] ____do_softirq+0x14/0x20 [ 35.577911][ T4218] call_on_irq_stack+0x24/0x4c [ 35.579650][ T4218] do_softirq_own_stack+0x20/0x2c [ 35.581498][ T4218] do_softirq+0x120/0x20c [ 35.583062][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.584868][ T4218] local_bh_enable+0x28/0x34 [ 35.586573][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 35.588417][ T4218] dev_deactivate+0x13c/0x1fc [ 35.590119][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 35.591892][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 35.593815][ T4218] linkwatch_event+0x58/0x68 [ 35.595481][ T4218] process_one_work+0x7ac/0x1404 [ 35.597233][ T4218] worker_thread+0x8e4/0xfec [ 35.598905][ T4218] kthread+0x250/0x2d8 [ 35.600459][ T4218] ret_from_fork+0x10/0x20 [ 35.602099][ T4218] INITIAL USE at: [ 35.603132][ T4218] lock_acquire+0x26c/0x7cc [ 35.604754][ T4218] _raw_spin_lock+0x54/0x6c [ 35.606333][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 35.608067][ T4218] tx+0x90/0x134 [ 35.609418][ T4218] kthread+0x1ac/0x374 [ 35.610923][ T4218] kthread+0x250/0x2d8 [ 35.612439][ T4218] ret_from_fork+0x10/0x20 [ 35.614034][ T4218] } [ 35.614722][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 35.616753][ T4218] [ 35.616753][ T4218] the dependencies between the lock to be acquired [ 35.616760][ T4218] and SOFTIRQ-irq-unsafe lock: [ 35.620360][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 35.621674][ T4218] HARDIRQ-ON-W at: [ 35.622752][ T4218] lock_acquire+0x26c/0x7cc [ 35.624453][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.626248][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.628113][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.629825][ T4218] init_rescuer+0xa4/0x264 [ 35.631441][ T4218] workqueue_init+0x298/0x5b4 [ 35.633093][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.634879][ T4218] kernel_init+0x24/0x29c [ 35.636500][ T4218] ret_from_fork+0x10/0x20 [ 35.638126][ T4218] SOFTIRQ-ON-W at: [ 35.639166][ T4218] lock_acquire+0x26c/0x7cc [ 35.640815][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.642581][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.644493][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.646227][ T4218] init_rescuer+0xa4/0x264 [ 35.647865][ T4218] workqueue_init+0x298/0x5b4 [ 35.649578][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.651458][ T4218] kernel_init+0x24/0x29c [ 35.653056][ T4218] ret_from_fork+0x10/0x20 [ 35.654672][ T4218] INITIAL USE at: [ 35.655749][ T4218] lock_acquire+0x26c/0x7cc [ 35.657332][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.659102][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.660951][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.662731][ T4218] init_rescuer+0xa4/0x264 [ 35.664302][ T4218] workqueue_init+0x298/0x5b4 [ 35.665925][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.667729][ T4218] kernel_init+0x24/0x29c [ 35.669300][ T4218] ret_from_fork+0x10/0x20 [ 35.670922][ T4218] } [ 35.671572][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 35.673723][ T4218] ... acquired at: [ 35.674704][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.676020][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.677483][ T4218] __kmalloc_node+0xcc/0x1d0 [ 35.678812][ T4218] kvmalloc_node+0x84/0x1e4 [ 35.680094][ T4218] get_dist_table+0xa0/0x354 [ 35.681367][ T4218] netem_change+0x754/0x1900 [ 35.682647][ T4218] netem_init+0x54/0xb8 [ 35.683788][ T4218] qdisc_create+0x70c/0xe64 [ 35.685016][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 35.686329][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.687717][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 35.689084][ T4218] rtnetlink_rcv+0x28/0x38 [ 35.690309][ T4218] netlink_unicast+0x660/0x8d4 [ 35.691605][ T4218] netlink_sendmsg+0x834/0xb18 [ 35.692903][ T4218] ____sys_sendmsg+0x558/0x844 [ 35.694230][ T4218] __sys_sendmsg+0x26c/0x33c [ 35.695533][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 35.696909][ T4218] invoke_syscall+0x98/0x2c0 [ 35.698174][ T4218] el0_svc_common+0x138/0x258 [ 35.699447][ T4218] do_el0_svc+0x64/0x218 [ 35.700633][ T4218] el0_svc+0x58/0x168 [ 35.701701][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 35.703095][ T4218] el0t_64_sync+0x18c/0x190 [ 35.704368][ T4218] [ 35.704970][ T4218] [ 35.704970][ T4218] stack backtrace: [ 35.706516][ T4218] CPU: 0 PID: 4218 Comm: syz-executor377 Not tainted 6.1.45-syzkaller #0 [ 35.708739][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.711371][ T4218] Call trace: [ 35.712220][ T4218] dump_backtrace+0x1c8/0x1f4 [ 35.713462][ T4218] show_stack+0x2c/0x3c [ 35.714593][ T4218] dump_stack_lvl+0x108/0x170 [ 35.715900][ T4218] dump_stack+0x1c/0x58 [ 35.717005][ T4218] __lock_acquire+0x6310/0x764c [ 35.718263][ T4218] lock_acquire+0x26c/0x7cc [ 35.719447][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.720774][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.722220][ T4218] __kmalloc_node+0xcc/0x1d0 [ 35.723407][ T4218] kvmalloc_node+0x84/0x1e4 [ 35.724615][ T4218] get_dist_table+0xa0/0x354 [ 35.725852][ T4218] netem_change+0x754/0x1900 [ 35.727082][ T4218] netem_init+0x54/0xb8 [ 35.728200][ T4218] qdisc_create+0x70c/0xe64 [ 35.729404][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 35.730648][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.731998][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 35.733271][ T4218] rtnetlink_rcv+0x28/0x38 [ 35.734482][ T4218] netlink_unicast+0x660/0x8d4 [ 35.735818][ T4218] netlink_sendmsg+0x834/0xb18 [ 35.737131][ T4218] ____sys_sendmsg+0x558/0x844 [ 35.738411][ T4218] __sys_sendmsg+0x26c/0x33c [ 35.739650][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 35.740940][ T4218] invoke_syscall+0x98/0x2c0 [ 35.742126][ T4218] el0_svc_common+0x138/0x258 [ 35.743372][ T4218] do_el0_svc+0x64/0x218 [ 35.744504][ T4218] el0_svc+0x58/0x168 [ 35.745552][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 35.746875][ T4218] el0t_64_sync+0x18c/0x190 [ 35.748133][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.750516][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor377 [ 35.752871][ T4218] preempt_count: 201, expected: 0 [ 35.754149][ T4218] RCU nest depth: 0, expected: 0 [ 35.755406][ T4218] INFO: lockdep is turned off. [ 35.756581][ T4218] Preemption disabled at: [ 35.756590][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 35.759375][ T4218] CPU: 0 PID: 4218 Comm: syz-executor377 Not tainted 6.1.45-syzkaller #0 [ 35.761483][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.764019][ T4218] Call trace: [ 35.764849][ T4218] dump_backtrace+0x1c8/0x1f4 [ 35.766031][ T4218] show_stack+0x2c/0x3c [ 35.767144][ T4218] dump_stack_lvl+0x108/0x170 [ 35.768391][ T4218] dump_stack+0x1c/0x58 [ 35.769451][ T4218] __might_resched+0x37c/0x4d8 [ 35.770701][ T4218] __might_sleep+0x90/0xe4 [ 35.771867][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 35.773253][ T4218] __kmalloc_node+0xcc/0x1d0 [ 35.774406][ T4218] kvmalloc_node+0x84/0x1e4 [ 35.775577][ T4218] get_dist_table+0xa0/0x354 [ 35.776773][ T4218] netem_change+0x754/0x1900 [ 35.777974][ T4218] netem_init+0x54/0xb8 [ 35.779038][ T4218] qdisc_create+0x70c/0xe64 [ 35.780188][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 35.781453][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.782717][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 35.783927][ T4218] rtnetlink_rcv+0x28/0x38 [ 35.785110][ T4218] netlink_unicast+0x660/0x8d4 [ 35.786314][ T4218] netlink_sendmsg+0x834/0xb18 [ 35.787557][ T4218] ____sys_sendmsg+0x558/0x844 [ 35.788745][ T4218] __sys_sendmsg+0x26c/0x33c [ 35.789893][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 35.791175][ T4218] invoke_syscall+0x98/0x2c0 [ 35.792390][ T4218] el0_svc_common+0x138/0x258 [ 35.793600][ T4218] do_el0_svc+0x64/0x218 [ 35.794683][ T4218] el0_svc+0x58/0x168 [ 35.795677][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 35.796981][ T4218] el0t_64_sync+0x18c/0x190