Warning: Permanently added '10.128.1.129' (ED25519) to the list of known hosts. executing program [ 40.717110][ T4223] [ 40.717814][ T4223] ===================================================== [ 40.719663][ T4223] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 40.721589][ T4223] 6.1.45-syzkaller #0 Not tainted [ 40.722868][ T4223] ----------------------------------------------------- [ 40.724690][ T4223] syz-executor193/4223 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 40.726770][ T4223] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 40.729263][ T4223] [ 40.729263][ T4223] and this task is already holding: [ 40.731151][ T4223] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 40.733649][ T4223] which would create a new lock dependency: [ 40.735128][ T4223] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 40.737151][ T4223] [ 40.737151][ T4223] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 40.739623][ T4223] (noop_qdisc.q.lock){+.-.}-{2:2} [ 40.739641][ T4223] [ 40.739641][ T4223] ... which became SOFTIRQ-irq-safe at: [ 40.742989][ T4223] lock_acquire+0x26c/0x7cc [ 40.744192][ T4223] _raw_spin_lock+0x54/0x6c [ 40.745413][ T4223] net_tx_action+0x6ec/0x94c [ 40.746618][ T4223] __do_softirq+0x30c/0xea0 [ 40.747816][ T4223] ____do_softirq+0x14/0x20 [ 40.748952][ T4223] call_on_irq_stack+0x24/0x4c [ 40.750162][ T4223] do_softirq_own_stack+0x20/0x2c [ 40.751485][ T4223] do_softirq+0x120/0x20c [ 40.752645][ T4223] __local_bh_enable_ip+0x2c0/0x4d0 [ 40.754013][ T4223] local_bh_enable+0x28/0x34 [ 40.755250][ T4223] dev_deactivate_many+0x3d4/0xa8c [ 40.756573][ T4223] dev_deactivate+0x13c/0x1fc [ 40.757822][ T4223] linkwatch_do_dev+0x29c/0x3a4 [ 40.759050][ T4223] __linkwatch_run_queue+0x3a0/0x700 [ 40.760395][ T4223] linkwatch_event+0x58/0x68 [ 40.761625][ T4223] process_one_work+0x7ac/0x1404 [ 40.762974][ T4223] worker_thread+0x8e4/0xfec [ 40.764259][ T4223] kthread+0x250/0x2d8 [ 40.765356][ T4223] ret_from_fork+0x10/0x20 [ 40.766561][ T4223] [ 40.766561][ T4223] to a SOFTIRQ-irq-unsafe lock: [ 40.768389][ T4223] (fs_reclaim){+.+.}-{0:0} [ 40.768407][ T4223] [ 40.768407][ T4223] ... which became SOFTIRQ-irq-unsafe at: [ 40.771659][ T4223] ... [ 40.771665][ T4223] lock_acquire+0x26c/0x7cc [ 40.773554][ T4223] fs_reclaim_acquire+0x90/0x12c [ 40.774877][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 40.776295][ T4223] kmalloc_node_trace+0x44/0x90 [ 40.777591][ T4223] init_rescuer+0xa4/0x264 [ 40.778769][ T4223] workqueue_init+0x298/0x5b4 [ 40.780021][ T4223] kernel_init_freeable+0x33c/0x528 [ 40.781417][ T4223] kernel_init+0x24/0x29c [ 40.782622][ T4223] ret_from_fork+0x10/0x20 [ 40.783838][ T4223] [ 40.783838][ T4223] other info that might help us debug this: [ 40.783838][ T4223] [ 40.786616][ T4223] Possible interrupt unsafe locking scenario: [ 40.786616][ T4223] [ 40.788767][ T4223] CPU0 CPU1 [ 40.790158][ T4223] ---- ---- [ 40.791551][ T4223] lock(fs_reclaim); [ 40.792576][ T4223] local_irq_disable(); [ 40.794376][ T4223] lock(noop_qdisc.q.lock); [ 40.796230][ T4223] lock(fs_reclaim); [ 40.797963][ T4223] [ 40.798915][ T4223] lock(noop_qdisc.q.lock); [ 40.800184][ T4223] [ 40.800184][ T4223] *** DEADLOCK *** [ 40.800184][ T4223] [ 40.802349][ T4223] 2 locks held by syz-executor193/4223: [ 40.803766][ T4223] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 40.806235][ T4223] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 40.808798][ T4223] [ 40.808798][ T4223] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 40.811502][ T4223] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 40.813002][ T4223] HARDIRQ-ON-W at: [ 40.814018][ T4223] lock_acquire+0x26c/0x7cc [ 40.815629][ T4223] _raw_spin_lock+0x54/0x6c [ 40.817248][ T4223] __dev_queue_xmit+0xb14/0x38d8 [ 40.819010][ T4223] tx+0x90/0x134 [ 40.820418][ T4223] kthread+0x1ac/0x374 [ 40.821934][ T4223] kthread+0x250/0x2d8 [ 40.823488][ T4223] ret_from_fork+0x10/0x20 [ 40.825086][ T4223] IN-SOFTIRQ-W at: [ 40.826109][ T4223] lock_acquire+0x26c/0x7cc [ 40.827736][ T4223] _raw_spin_lock+0x54/0x6c [ 40.829378][ T4223] net_tx_action+0x6ec/0x94c [ 40.831008][ T4223] __do_softirq+0x30c/0xea0 [ 40.832626][ T4223] ____do_softirq+0x14/0x20 [ 40.834262][ T4223] call_on_irq_stack+0x24/0x4c [ 40.835962][ T4223] do_softirq_own_stack+0x20/0x2c [ 40.837692][ T4223] do_softirq+0x120/0x20c [ 40.839276][ T4223] __local_bh_enable_ip+0x2c0/0x4d0 [ 40.841117][ T4223] local_bh_enable+0x28/0x34 [ 40.842786][ T4223] dev_deactivate_many+0x3d4/0xa8c [ 40.844604][ T4223] dev_deactivate+0x13c/0x1fc [ 40.846292][ T4223] linkwatch_do_dev+0x29c/0x3a4 [ 40.848039][ T4223] __linkwatch_run_queue+0x3a0/0x700 [ 40.849836][ T4223] linkwatch_event+0x58/0x68 [ 40.851466][ T4223] process_one_work+0x7ac/0x1404 [ 40.853244][ T4223] worker_thread+0x8e4/0xfec [ 40.854884][ T4223] kthread+0x250/0x2d8 [ 40.856384][ T4223] ret_from_fork+0x10/0x20 [ 40.857933][ T4223] INITIAL USE at: [ 40.858960][ T4223] lock_acquire+0x26c/0x7cc [ 40.860564][ T4223] _raw_spin_lock+0x54/0x6c [ 40.862151][ T4223] __dev_queue_xmit+0xb14/0x38d8 [ 40.863921][ T4223] tx+0x90/0x134 [ 40.865272][ T4223] kthread+0x1ac/0x374 [ 40.866776][ T4223] kthread+0x250/0x2d8 [ 40.868242][ T4223] ret_from_fork+0x10/0x20 [ 40.869807][ T4223] } [ 40.870454][ T4223] ... key at: [] noop_qdisc+0x108/0x320 [ 40.872466][ T4223] [ 40.872466][ T4223] the dependencies between the lock to be acquired [ 40.872473][ T4223] and SOFTIRQ-irq-unsafe lock: [ 40.876045][ T4223] -> (fs_reclaim){+.+.}-{0:0} { [ 40.877345][ T4223] HARDIRQ-ON-W at: [ 40.878364][ T4223] lock_acquire+0x26c/0x7cc [ 40.879962][ T4223] fs_reclaim_acquire+0x90/0x12c [ 40.881673][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 40.883587][ T4223] kmalloc_node_trace+0x44/0x90 [ 40.885301][ T4223] init_rescuer+0xa4/0x264 [ 40.886883][ T4223] workqueue_init+0x298/0x5b4 [ 40.888607][ T4223] kernel_init_freeable+0x33c/0x528 [ 40.890429][ T4223] kernel_init+0x24/0x29c [ 40.892018][ T4223] ret_from_fork+0x10/0x20 [ 40.893659][ T4223] SOFTIRQ-ON-W at: [ 40.894727][ T4223] lock_acquire+0x26c/0x7cc [ 40.896369][ T4223] fs_reclaim_acquire+0x90/0x12c [ 40.898169][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 40.900058][ T4223] kmalloc_node_trace+0x44/0x90 [ 40.901767][ T4223] init_rescuer+0xa4/0x264 [ 40.903399][ T4223] workqueue_init+0x298/0x5b4 [ 40.905074][ T4223] kernel_init_freeable+0x33c/0x528 [ 40.906945][ T4223] kernel_init+0x24/0x29c [ 40.908603][ T4223] ret_from_fork+0x10/0x20 [ 40.910176][ T4223] INITIAL USE at: [ 40.911243][ T4223] lock_acquire+0x26c/0x7cc [ 40.912841][ T4223] fs_reclaim_acquire+0x90/0x12c [ 40.914563][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 40.916404][ T4223] kmalloc_node_trace+0x44/0x90 [ 40.918065][ T4223] init_rescuer+0xa4/0x264 [ 40.919705][ T4223] workqueue_init+0x298/0x5b4 [ 40.921393][ T4223] kernel_init_freeable+0x33c/0x528 [ 40.923127][ T4223] kernel_init+0x24/0x29c [ 40.924712][ T4223] ret_from_fork+0x10/0x20 [ 40.926306][ T4223] } [ 40.926984][ T4223] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 40.929069][ T4223] ... acquired at: [ 40.930050][ T4223] fs_reclaim_acquire+0x90/0x12c [ 40.931422][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 40.932858][ T4223] __kmalloc_node+0xcc/0x1d0 [ 40.934108][ T4223] kvmalloc_node+0x84/0x1e4 [ 40.935350][ T4223] get_dist_table+0xa0/0x354 [ 40.936651][ T4223] netem_change+0x754/0x1900 [ 40.937939][ T4223] netem_init+0x54/0xb8 [ 40.939101][ T4223] qdisc_create+0x70c/0xe64 [ 40.940346][ T4223] tc_modify_qdisc+0x9f0/0x1840 [ 40.941716][ T4223] rtnetlink_rcv_msg+0x72c/0xd94 [ 40.943091][ T4223] netlink_rcv_skb+0x20c/0x3b8 [ 40.944442][ T4223] rtnetlink_rcv+0x28/0x38 [ 40.945659][ T4223] netlink_unicast+0x660/0x8d4 [ 40.946941][ T4223] netlink_sendmsg+0x834/0xb18 [ 40.948302][ T4223] ____sys_sendmsg+0x558/0x844 [ 40.949628][ T4223] __sys_sendmsg+0x26c/0x33c [ 40.950929][ T4223] __arm64_sys_sendmsg+0x80/0x94 [ 40.952330][ T4223] invoke_syscall+0x98/0x2c0 [ 40.953634][ T4223] el0_svc_common+0x138/0x258 [ 40.954943][ T4223] do_el0_svc+0x64/0x218 [ 40.956102][ T4223] el0_svc+0x58/0x168 [ 40.957171][ T4223] el0t_64_sync_handler+0x84/0xf0 [ 40.958576][ T4223] el0t_64_sync+0x18c/0x190 [ 40.959814][ T4223] [ 40.960422][ T4223] [ 40.960422][ T4223] stack backtrace: [ 40.961976][ T4223] CPU: 0 PID: 4223 Comm: syz-executor193 Not tainted 6.1.45-syzkaller #0 [ 40.964254][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 40.966927][ T4223] Call trace: [ 40.967798][ T4223] dump_backtrace+0x1c8/0x1f4 [ 40.969067][ T4223] show_stack+0x2c/0x3c [ 40.970176][ T4223] dump_stack_lvl+0x108/0x170 [ 40.971477][ T4223] dump_stack+0x1c/0x58 [ 40.972580][ T4223] __lock_acquire+0x6310/0x764c [ 40.973872][ T4223] lock_acquire+0x26c/0x7cc [ 40.975064][ T4223] fs_reclaim_acquire+0x90/0x12c [ 40.976427][ T4223] __kmem_cache_alloc_node+0x58/0x388 [ 40.977860][ T4223] __kmalloc_node+0xcc/0x1d0 [ 40.979060][ T4223] kvmalloc_node+0x84/0x1e4 [ 40.980257][ T4223] get_dist_table+0xa0/0x354 [ 40.981467][ T4223] netem_change+0x754/0x1900 [ 40.982707][ T4223] netem_init+0x54/0xb8 [ 40.983860][ T4223] qdisc_create+0x70c/0xe64 [ 40.985046][ T4223] tc_modify_qdisc+0x9f0/0x1840 [ 40.986364][ T4223] rtnetlink_rcv_msg+0x72c/0xd94 [ 40.987723][ T4223] netlink_rcv_skb+0x20c/0x3b8 [ 40.988967][ T4223] rtnetlink_rcv+0x28/0x38 [ 40.990149][ T4223] netlink_unicast+0x660/0x8d4 [ 40.991470][ T4223] netlink_sendmsg+0x834/0xb18 [ 40.992729][ T4223] ____sys_sendmsg+0x558/0x844 [ 40.993980][ T4223] __sys_sendmsg+0x26c/0x33c [ 40.995184][ T4223] __arm64_sys_sendmsg+0x80/0x94 [ 40.996524][ T4223] invoke_syscall+0x98/0x2c0 [ 40.997764][ T4223] el0_svc_common+0x138/0x258 [ 40.999048][ T4223] do_el0_svc+0x64/0x218 [ 41.000163][ T4223] el0_svc+0x58/0x168 [ 41.001185][ T4223] el0t_64_sync_handler+0x84/0xf0 [ 41.002537][ T4223] el0t_64_sync+0x18c/0x190 [ 41.003803][ T4223] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 41.006188][ T4223] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4223, name: syz-executor193 [ 41.008588][ T4223] preempt_count: 201, expected: 0 [ 41.009859][ T4223] RCU nest depth: 0, expected: 0 [ 41.011151][ T4223] INFO: lockdep is turned off. [ 41.012435][ T4223] Preemption disabled at: [ 41.012444][ T4223] [] sch_tree_lock+0x120/0x1d4 [ 41.015141][ T4223] CPU: 0 PID: 4223 Comm: syz-executor193 Not tainted 6.1.45-syzkaller #0 [ 41.017285][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 41.019856][ T4223] Call trace: [ 41.020749][ T4223] dump_backtrace+0x1c8/0x1f4 [ 41.021939][ T4223] show_stack+0x2c/0x3c [ 41.022990][ T4223] dump_stack_lvl+0x108/0x170 [ 41.024244][ T4223] dump_stack+0x1c/0x58 [ 41.024946][ T4223] __might_resched+0x37c/0x4d8 [ 41.025799][ T4223] __might_sleep+0x90/0xe4 [ 41.026576][ T4223] __kmem_cache_alloc_node+0x74/0x388 [ 41.027535][ T4223] __kmalloc_node+0xcc/0x1d0 [ 41.028330][ T4223] kvmalloc_node+0x84/0x1e4 [ 41.029157][ T4223] get_dist_table+0xa0/0x354 [ 41.030360][ T4223] netem_change+0x754/0x1900 [ 41.031564][ T4223] netem_init+0x54/0xb8 [ 41.032616][ T4223] qdisc_create+0x70c/0xe64 [ 41.033772][ T4223] tc_modify_qdisc+0x9f0/0x1840 [ 41.035052][ T4223] rtnetlink_rcv_msg+0x72c/0xd94 [ 41.036356][ T4223] netlink_rcv_skb+0x20c/0x3b8 [ 41.037571][ T4223] rtnetlink_rcv+0x28/0x38 [ 41.038786][ T4223] netlink_unicast+0x660/0x8d4 [ 41.040065][ T4223] netlink_sendmsg+0x834/0xb18 [ 41.041368][ T4223] ____sys_sendmsg+0x558/0x844 [ 41.042648][ T4223] __sys_sendmsg+0x26c/0x33c [ 41.043848][ T4223] __arm64_sys_sendmsg+0x80/0x94 [ 41.045117][ T4223] invoke_syscall+0x98/0x2c0 [ 41.046310][ T4223] el0_svc_common+0x138/0x258 [ 41.047527][ T4223] do_el0_svc+0x64/0x218 [ 41.048640][ T4223] el0_svc+0x58/0x168 [ 41.049667][ T4223] el0t_64_sync_handler+0x84/0xf0 [ 41.050986][ T4223] el0t_64_sync+0x18c/0x190