Warning: Permanently added '10.128.1.134' (ED25519) to the list of known hosts. executing program [ 35.849113][ T4219] [ 35.849640][ T4219] ===================================================== [ 35.851064][ T4219] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.852610][ T4219] 6.1.45-syzkaller #0 Not tainted [ 35.853680][ T4219] ----------------------------------------------------- [ 35.855179][ T4219] syz-executor238/4219 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.857024][ T4219] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.859329][ T4219] [ 35.859329][ T4219] and this task is already holding: [ 35.860873][ T4219] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.862949][ T4219] which would create a new lock dependency: [ 35.864269][ T4219] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.865978][ T4219] [ 35.865978][ T4219] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.867985][ T4219] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.868002][ T4219] [ 35.868002][ T4219] ... which became SOFTIRQ-irq-safe at: [ 35.870784][ T4219] lock_acquire+0x26c/0x7cc [ 35.871826][ T4219] _raw_spin_lock+0x54/0x6c [ 35.872840][ T4219] net_tx_action+0x6ec/0x94c [ 35.873857][ T4219] __do_softirq+0x30c/0xea0 [ 35.874822][ T4219] ____do_softirq+0x14/0x20 [ 35.875819][ T4219] call_on_irq_stack+0x24/0x4c [ 35.876903][ T4219] do_softirq_own_stack+0x20/0x2c [ 35.878066][ T4219] do_softirq+0x120/0x20c [ 35.878981][ T4219] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.880191][ T4219] local_bh_enable+0x28/0x34 [ 35.881201][ T4219] dev_deactivate_many+0x3d4/0xa8c [ 35.882364][ T4219] dev_deactivate+0x13c/0x1fc [ 35.883432][ T4219] linkwatch_do_dev+0x29c/0x3a4 [ 35.884506][ T4219] __linkwatch_run_queue+0x3a0/0x700 [ 35.885693][ T4219] linkwatch_event+0x58/0x68 [ 35.886760][ T4219] process_one_work+0x7ac/0x1404 [ 35.887853][ T4219] worker_thread+0x8e4/0xfec [ 35.888790][ T4219] kthread+0x250/0x2d8 [ 35.889743][ T4219] ret_from_fork+0x10/0x20 [ 35.890740][ T4219] [ 35.890740][ T4219] to a SOFTIRQ-irq-unsafe lock: [ 35.892278][ T4219] (fs_reclaim){+.+.}-{0:0} [ 35.892296][ T4219] [ 35.892296][ T4219] ... which became SOFTIRQ-irq-unsafe at: [ 35.895030][ T4219] ... [ 35.895036][ T4219] lock_acquire+0x26c/0x7cc [ 35.896588][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.897692][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 35.898904][ T4219] kmalloc_node_trace+0x44/0x90 [ 35.899895][ T4219] init_rescuer+0xa4/0x264 [ 35.900822][ T4219] workqueue_init+0x298/0x5b4 [ 35.901829][ T4219] kernel_init_freeable+0x33c/0x528 [ 35.902967][ T4219] kernel_init+0x24/0x29c [ 35.903912][ T4219] ret_from_fork+0x10/0x20 [ 35.904881][ T4219] [ 35.904881][ T4219] other info that might help us debug this: [ 35.904881][ T4219] [ 35.907092][ T4219] Possible interrupt unsafe locking scenario: [ 35.907092][ T4219] [ 35.908953][ T4219] CPU0 CPU1 [ 35.910123][ T4219] ---- ---- [ 35.911280][ T4219] lock(fs_reclaim); [ 35.912144][ T4219] local_irq_disable(); [ 35.913565][ T4219] lock(noop_qdisc.q.lock); [ 35.915112][ T4219] lock(fs_reclaim); [ 35.916471][ T4219] [ 35.917255][ T4219] lock(noop_qdisc.q.lock); [ 35.918258][ T4219] [ 35.918258][ T4219] *** DEADLOCK *** [ 35.918258][ T4219] [ 35.920028][ T4219] 2 locks held by syz-executor238/4219: [ 35.921204][ T4219] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.923210][ T4219] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.925212][ T4219] [ 35.925212][ T4219] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.927394][ T4219] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.928490][ T4219] HARDIRQ-ON-W at: [ 35.929327][ T4219] lock_acquire+0x26c/0x7cc [ 35.930658][ T4219] _raw_spin_lock+0x54/0x6c [ 35.932033][ T4219] __dev_queue_xmit+0xb14/0x38d8 [ 35.933475][ T4219] tx+0x90/0x134 [ 35.934621][ T4219] kthread+0x1ac/0x374 [ 35.935890][ T4219] kthread+0x250/0x2d8 [ 35.937097][ T4219] ret_from_fork+0x10/0x20 [ 35.938406][ T4219] IN-SOFTIRQ-W at: [ 35.939319][ T4219] lock_acquire+0x26c/0x7cc [ 35.940629][ T4219] _raw_spin_lock+0x54/0x6c [ 35.942047][ T4219] net_tx_action+0x6ec/0x94c [ 35.943402][ T4219] __do_softirq+0x30c/0xea0 [ 35.944775][ T4219] ____do_softirq+0x14/0x20 [ 35.946125][ T4219] call_on_irq_stack+0x24/0x4c [ 35.947538][ T4219] do_softirq_own_stack+0x20/0x2c [ 35.948986][ T4219] do_softirq+0x120/0x20c [ 35.950229][ T4219] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.951699][ T4219] local_bh_enable+0x28/0x34 [ 35.953101][ T4219] dev_deactivate_many+0x3d4/0xa8c [ 35.954559][ T4219] dev_deactivate+0x13c/0x1fc [ 35.955928][ T4219] linkwatch_do_dev+0x29c/0x3a4 [ 35.957347][ T4219] __linkwatch_run_queue+0x3a0/0x700 [ 35.958870][ T4219] linkwatch_event+0x58/0x68 [ 35.960312][ T4219] process_one_work+0x7ac/0x1404 [ 35.961695][ T4219] worker_thread+0x8e4/0xfec [ 35.963166][ T4219] kthread+0x250/0x2d8 [ 35.964453][ T4219] ret_from_fork+0x10/0x20 [ 35.965769][ T4219] INITIAL USE at: [ 35.966644][ T4219] lock_acquire+0x26c/0x7cc [ 35.967987][ T4219] _raw_spin_lock+0x54/0x6c [ 35.969283][ T4219] __dev_queue_xmit+0xb14/0x38d8 [ 35.970715][ T4219] tx+0x90/0x134 [ 35.971903][ T4219] kthread+0x1ac/0x374 [ 35.973123][ T4219] kthread+0x250/0x2d8 [ 35.974324][ T4219] ret_from_fork+0x10/0x20 [ 35.975693][ T4219] } [ 35.976244][ T4219] ... key at: [] noop_qdisc+0x108/0x320 [ 35.977892][ T4219] [ 35.977892][ T4219] the dependencies between the lock to be acquired [ 35.977899][ T4219] and SOFTIRQ-irq-unsafe lock: [ 35.980860][ T4219] -> (fs_reclaim){+.+.}-{0:0} { [ 35.981934][ T4219] HARDIRQ-ON-W at: [ 35.982771][ T4219] lock_acquire+0x26c/0x7cc [ 35.984095][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.985602][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 35.987150][ T4219] kmalloc_node_trace+0x44/0x90 [ 35.988582][ T4219] init_rescuer+0xa4/0x264 [ 35.989961][ T4219] workqueue_init+0x298/0x5b4 [ 35.991255][ T4219] kernel_init_freeable+0x33c/0x528 [ 35.992706][ T4219] kernel_init+0x24/0x29c [ 35.993958][ T4219] ret_from_fork+0x10/0x20 [ 35.995227][ T4219] SOFTIRQ-ON-W at: [ 35.996047][ T4219] lock_acquire+0x26c/0x7cc [ 35.997360][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.998763][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 36.000289][ T4219] kmalloc_node_trace+0x44/0x90 [ 36.001685][ T4219] init_rescuer+0xa4/0x264 [ 36.003064][ T4219] workqueue_init+0x298/0x5b4 [ 36.004411][ T4219] kernel_init_freeable+0x33c/0x528 [ 36.005819][ T4219] kernel_init+0x24/0x29c [ 36.007124][ T4219] ret_from_fork+0x10/0x20 [ 36.008411][ T4219] INITIAL USE at: [ 36.009227][ T4219] lock_acquire+0x26c/0x7cc [ 36.010458][ T4219] fs_reclaim_acquire+0x90/0x12c [ 36.011850][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 36.013381][ T4219] kmalloc_node_trace+0x44/0x90 [ 36.014789][ T4219] init_rescuer+0xa4/0x264 [ 36.016127][ T4219] workqueue_init+0x298/0x5b4 [ 36.017390][ T4219] kernel_init_freeable+0x33c/0x528 [ 36.018841][ T4219] kernel_init+0x24/0x29c [ 36.020133][ T4219] ret_from_fork+0x10/0x20 [ 36.021421][ T4219] } [ 36.021926][ T4219] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 36.023602][ T4219] ... acquired at: [ 36.024417][ T4219] fs_reclaim_acquire+0x90/0x12c [ 36.025506][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 36.026665][ T4219] __kmalloc_node+0xcc/0x1d0 [ 36.027649][ T4219] kvmalloc_node+0x84/0x1e4 [ 36.028696][ T4219] get_dist_table+0xa0/0x354 [ 36.029701][ T4219] netem_change+0x754/0x1900 [ 36.030764][ T4219] netem_init+0x54/0xb8 [ 36.031665][ T4219] qdisc_create+0x70c/0xe64 [ 36.032719][ T4219] tc_modify_qdisc+0x9f0/0x1840 [ 36.033811][ T4219] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.034888][ T4219] netlink_rcv_skb+0x20c/0x3b8 [ 36.035974][ T4219] rtnetlink_rcv+0x28/0x38 [ 36.036913][ T4219] netlink_unicast+0x660/0x8d4 [ 36.037964][ T4219] netlink_sendmsg+0x834/0xb18 [ 36.039068][ T4219] ____sys_sendmsg+0x558/0x844 [ 36.040105][ T4219] __sys_sendmsg+0x26c/0x33c [ 36.041131][ T4219] __arm64_sys_sendmsg+0x80/0x94 [ 36.042204][ T4219] invoke_syscall+0x98/0x2c0 [ 36.043168][ T4219] el0_svc_common+0x138/0x258 [ 36.044191][ T4219] do_el0_svc+0x64/0x218 [ 36.045176][ T4219] el0_svc+0x58/0x168 [ 36.046107][ T4219] el0t_64_sync_handler+0x84/0xf0 [ 36.047246][ T4219] el0t_64_sync+0x18c/0x190 [ 36.048246][ T4219] [ 36.048710][ T4219] [ 36.048710][ T4219] stack backtrace: [ 36.050002][ T4219] CPU: 1 PID: 4219 Comm: syz-executor238 Not tainted 6.1.45-syzkaller #0 [ 36.051824][ T4219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.053902][ T4219] Call trace: [ 36.054619][ T4219] dump_backtrace+0x1c8/0x1f4 [ 36.055570][ T4219] show_stack+0x2c/0x3c [ 36.056407][ T4219] dump_stack_lvl+0x108/0x170 [ 36.057392][ T4219] dump_stack+0x1c/0x58 [ 36.058179][ T4219] __lock_acquire+0x6310/0x764c [ 36.059205][ T4219] lock_acquire+0x26c/0x7cc [ 36.060128][ T4219] fs_reclaim_acquire+0x90/0x12c [ 36.061215][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 36.062361][ T4219] __kmalloc_node+0xcc/0x1d0 [ 36.063384][ T4219] kvmalloc_node+0x84/0x1e4 [ 36.064370][ T4219] get_dist_table+0xa0/0x354 [ 36.065361][ T4219] netem_change+0x754/0x1900 [ 36.066380][ T4219] netem_init+0x54/0xb8 [ 36.067256][ T4219] qdisc_create+0x70c/0xe64 [ 36.068242][ T4219] tc_modify_qdisc+0x9f0/0x1840 [ 36.069270][ T4219] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.070270][ T4219] netlink_rcv_skb+0x20c/0x3b8 [ 36.071306][ T4219] rtnetlink_rcv+0x28/0x38 [ 36.072231][ T4219] netlink_unicast+0x660/0x8d4 [ 36.073208][ T4219] netlink_sendmsg+0x834/0xb18 [ 36.074263][ T4219] ____sys_sendmsg+0x558/0x844 [ 36.075261][ T4219] __sys_sendmsg+0x26c/0x33c [ 36.076287][ T4219] __arm64_sys_sendmsg+0x80/0x94 [ 36.077333][ T4219] invoke_syscall+0x98/0x2c0 [ 36.078314][ T4219] el0_svc_common+0x138/0x258 [ 36.079319][ T4219] do_el0_svc+0x64/0x218 [ 36.080259][ T4219] el0_svc+0x58/0x168 [ 36.081090][ T4219] el0t_64_sync_handler+0x84/0xf0 [ 36.082150][ T4219] el0t_64_sync+0x18c/0x190 [ 36.083252][ T4219] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 36.085231][ T4219] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4219, name: syz-executor238 [ 36.087164][ T4219] preempt_count: 201, expected: 0 [ 36.088186][ T4219] RCU nest depth: 0, expected: 0 [ 36.089249][ T4219] INFO: lockdep is turned off. [ 36.090230][ T4219] Preemption disabled at: [ 36.090238][ T4219] [] sch_tree_lock+0x120/0x1d4 [ 36.092527][ T4219] CPU: 1 PID: 4219 Comm: syz-executor238 Not tainted 6.1.45-syzkaller #0 [ 36.094262][ T4219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.096510][ T4219] Call trace: [ 36.097267][ T4219] dump_backtrace+0x1c8/0x1f4 [ 36.098142][ T4219] show_stack+0x2c/0x3c [ 36.098825][ T4219] dump_stack_lvl+0x108/0x170 [ 36.099598][ T4219] dump_stack+0x1c/0x58 [ 36.100287][ T4219] __might_resched+0x37c/0x4d8 [ 36.101084][ T4219] __might_sleep+0x90/0xe4 [ 36.101810][ T4219] __kmem_cache_alloc_node+0x74/0x388 [ 36.102695][ T4219] __kmalloc_node+0xcc/0x1d0 [ 36.103465][ T4219] kvmalloc_node+0x84/0x1e4 [ 36.104227][ T4219] get_dist_table+0xa0/0x354 [ 36.104998][ T4219] netem_change+0x754/0x1900 [ 36.106017][ T4219] netem_init+0x54/0xb8 [ 36.106925][ T4219] qdisc_create+0x70c/0xe64 [ 36.107927][ T4219] tc_modify_qdisc+0x9f0/0x1840 [ 36.109065][ T4219] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.110143][ T4219] netlink_rcv_skb+0x20c/0x3b8 [ 36.111144][ T4219] rtnetlink_rcv+0x28/0x38 [ 36.112097][ T4219] netlink_unicast+0x660/0x8d4 [ 36.113161][ T4219] netlink_sendmsg+0x834/0xb18 [ 36.114199][ T4219] ____sys_sendmsg+0x558/0x844 [ 36.115231][ T4219] __sys_sendmsg+0x26c/0x33c [ 36.116208][ T4219] __arm64_sys_sendmsg+0x80/0x94 [ 36.117222][ T4219] invoke_syscall+0x98/0x2c0 [ 36.118183][ T4219] el0_svc_common+0x138/0x258 [ 36.119244][ T4219] do_el0_svc+0x64/0x218 [ 36.120205][ T4219] el0_svc+0x58/0x168 [ 36.121001][ T4219] el0t_64_sync_handler+0x84/0xf0 [ 36.122160][ T4219] el0t_64_sync+0x18c/0x190