Warning: Permanently added '10.128.1.135' (ED25519) to the list of known hosts. executing program [ 35.296017][ T4219] [ 35.296764][ T4219] ===================================================== [ 35.298607][ T4219] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.300489][ T4219] 6.1.45-syzkaller #0 Not tainted [ 35.301788][ T4219] ----------------------------------------------------- [ 35.303577][ T4219] syz-executor886/4219 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.305699][ T4219] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.308162][ T4219] [ 35.308162][ T4219] and this task is already holding: [ 35.310133][ T4219] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.312544][ T4219] which would create a new lock dependency: [ 35.314055][ T4219] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.316127][ T4219] [ 35.316127][ T4219] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.318550][ T4219] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.318567][ T4219] [ 35.318567][ T4219] ... which became SOFTIRQ-irq-safe at: [ 35.321870][ T4219] lock_acquire+0x26c/0x7cc [ 35.323078][ T4219] _raw_spin_lock+0x54/0x6c [ 35.324325][ T4219] net_tx_action+0x6ec/0x94c [ 35.325570][ T4219] __do_softirq+0x30c/0xea0 [ 35.326736][ T4219] ____do_softirq+0x14/0x20 [ 35.327900][ T4219] call_on_irq_stack+0x24/0x4c [ 35.329217][ T4219] do_softirq_own_stack+0x20/0x2c [ 35.330512][ T4219] do_softirq+0x120/0x20c [ 35.331628][ T4219] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.332966][ T4219] local_bh_enable+0x28/0x34 [ 35.334187][ T4219] dev_deactivate_many+0x3d4/0xa8c [ 35.335563][ T4219] dev_deactivate+0x13c/0x1fc [ 35.336823][ T4219] linkwatch_do_dev+0x29c/0x3a4 [ 35.338069][ T4219] __linkwatch_run_queue+0x3a0/0x700 [ 35.339452][ T4219] linkwatch_event+0x58/0x68 [ 35.340693][ T4219] process_one_work+0x7ac/0x1404 [ 35.341981][ T4219] worker_thread+0x8e4/0xfec [ 35.343234][ T4219] kthread+0x250/0x2d8 [ 35.344316][ T4219] ret_from_fork+0x10/0x20 [ 35.345523][ T4219] [ 35.345523][ T4219] to a SOFTIRQ-irq-unsafe lock: [ 35.347378][ T4219] (fs_reclaim){+.+.}-{0:0} [ 35.347396][ T4219] [ 35.347396][ T4219] ... which became SOFTIRQ-irq-unsafe at: [ 35.350648][ T4219] ... [ 35.350653][ T4219] lock_acquire+0x26c/0x7cc [ 35.352523][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.353804][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 35.355249][ T4219] kmalloc_node_trace+0x44/0x90 [ 35.356557][ T4219] init_rescuer+0xa4/0x264 [ 35.357707][ T4219] workqueue_init+0x298/0x5b4 [ 35.358911][ T4219] kernel_init_freeable+0x33c/0x528 [ 35.360277][ T4219] kernel_init+0x24/0x29c [ 35.361407][ T4219] ret_from_fork+0x10/0x20 [ 35.362536][ T4219] [ 35.362536][ T4219] other info that might help us debug this: [ 35.362536][ T4219] [ 35.365223][ T4219] Possible interrupt unsafe locking scenario: [ 35.365223][ T4219] [ 35.367346][ T4219] CPU0 CPU1 [ 35.368711][ T4219] ---- ---- [ 35.370092][ T4219] lock(fs_reclaim); [ 35.371115][ T4219] local_irq_disable(); [ 35.372865][ T4219] lock(noop_qdisc.q.lock); [ 35.374719][ T4219] lock(fs_reclaim); [ 35.376466][ T4219] [ 35.377334][ T4219] lock(noop_qdisc.q.lock); [ 35.378552][ T4219] [ 35.378552][ T4219] *** DEADLOCK *** [ 35.378552][ T4219] [ 35.380740][ T4219] 2 locks held by syz-executor886/4219: [ 35.382205][ T4219] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.384677][ T4219] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.387279][ T4219] [ 35.387279][ T4219] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.389983][ T4219] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.391399][ T4219] HARDIRQ-ON-W at: [ 35.392463][ T4219] lock_acquire+0x26c/0x7cc [ 35.394044][ T4219] _raw_spin_lock+0x54/0x6c [ 35.395673][ T4219] __dev_queue_xmit+0xb14/0x38d8 [ 35.397376][ T4219] tx+0x90/0x134 [ 35.398667][ T4219] kthread+0x1ac/0x374 [ 35.400130][ T4219] kthread+0x250/0x2d8 [ 35.401683][ T4219] ret_from_fork+0x10/0x20 [ 35.403281][ T4219] IN-SOFTIRQ-W at: [ 35.404311][ T4219] lock_acquire+0x26c/0x7cc [ 35.405995][ T4219] _raw_spin_lock+0x54/0x6c [ 35.407690][ T4219] net_tx_action+0x6ec/0x94c [ 35.409299][ T4219] __do_softirq+0x30c/0xea0 [ 35.410882][ T4219] ____do_softirq+0x14/0x20 [ 35.412444][ T4219] call_on_irq_stack+0x24/0x4c [ 35.414096][ T4219] do_softirq_own_stack+0x20/0x2c [ 35.415823][ T4219] do_softirq+0x120/0x20c [ 35.417397][ T4219] __local_bh_enable_ip+0x2c0/0x4d0 [ 35.419246][ T4219] local_bh_enable+0x28/0x34 [ 35.420825][ T4219] dev_deactivate_many+0x3d4/0xa8c [ 35.422611][ T4219] dev_deactivate+0x13c/0x1fc [ 35.424301][ T4219] linkwatch_do_dev+0x29c/0x3a4 [ 35.425967][ T4219] __linkwatch_run_queue+0x3a0/0x700 [ 35.427725][ T4219] linkwatch_event+0x58/0x68 [ 35.429354][ T4219] process_one_work+0x7ac/0x1404 [ 35.431116][ T4219] worker_thread+0x8e4/0xfec [ 35.432765][ T4219] kthread+0x250/0x2d8 [ 35.434209][ T4219] ret_from_fork+0x10/0x20 [ 35.435835][ T4219] INITIAL USE at: [ 35.436831][ T4219] lock_acquire+0x26c/0x7cc [ 35.438384][ T4219] _raw_spin_lock+0x54/0x6c [ 35.439952][ T4219] __dev_queue_xmit+0xb14/0x38d8 [ 35.441598][ T4219] tx+0x90/0x134 [ 35.442959][ T4219] kthread+0x1ac/0x374 [ 35.444450][ T4219] kthread+0x250/0x2d8 [ 35.445883][ T4219] ret_from_fork+0x10/0x20 [ 35.447472][ T4219] } [ 35.448109][ T4219] ... key at: [] noop_qdisc+0x108/0x320 [ 35.450111][ T4219] [ 35.450111][ T4219] the dependencies between the lock to be acquired [ 35.450118][ T4219] and SOFTIRQ-irq-unsafe lock: [ 35.453514][ T4219] -> (fs_reclaim){+.+.}-{0:0} { [ 35.454807][ T4219] HARDIRQ-ON-W at: [ 35.455814][ T4219] lock_acquire+0x26c/0x7cc [ 35.457429][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.459122][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 35.460949][ T4219] kmalloc_node_trace+0x44/0x90 [ 35.462606][ T4219] init_rescuer+0xa4/0x264 [ 35.464211][ T4219] workqueue_init+0x298/0x5b4 [ 35.465865][ T4219] kernel_init_freeable+0x33c/0x528 [ 35.467561][ T4219] kernel_init+0x24/0x29c [ 35.469144][ T4219] ret_from_fork+0x10/0x20 [ 35.470775][ T4219] SOFTIRQ-ON-W at: [ 35.471801][ T4219] lock_acquire+0x26c/0x7cc [ 35.473457][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.475140][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 35.476984][ T4219] kmalloc_node_trace+0x44/0x90 [ 35.478635][ T4219] init_rescuer+0xa4/0x264 [ 35.480236][ T4219] workqueue_init+0x298/0x5b4 [ 35.481892][ T4219] kernel_init_freeable+0x33c/0x528 [ 35.483719][ T4219] kernel_init+0x24/0x29c [ 35.485270][ T4219] ret_from_fork+0x10/0x20 [ 35.486895][ T4219] INITIAL USE at: [ 35.487904][ T4219] lock_acquire+0x26c/0x7cc [ 35.489522][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.491278][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 35.493057][ T4219] kmalloc_node_trace+0x44/0x90 [ 35.494657][ T4219] init_rescuer+0xa4/0x264 [ 35.496246][ T4219] workqueue_init+0x298/0x5b4 [ 35.497905][ T4219] kernel_init_freeable+0x33c/0x528 [ 35.499669][ T4219] kernel_init+0x24/0x29c [ 35.501201][ T4219] ret_from_fork+0x10/0x20 [ 35.502757][ T4219] } [ 35.503407][ T4219] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 35.505476][ T4219] ... acquired at: [ 35.506435][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.507779][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 35.509296][ T4219] __kmalloc_node+0xcc/0x1d0 [ 35.510549][ T4219] kvmalloc_node+0x84/0x1e4 [ 35.511776][ T4219] get_dist_table+0xa0/0x354 [ 35.513009][ T4219] netem_change+0x754/0x1900 [ 35.514280][ T4219] netem_init+0x54/0xb8 [ 35.515420][ T4219] qdisc_create+0x70c/0xe64 [ 35.516632][ T4219] tc_modify_qdisc+0x9f0/0x1840 [ 35.517985][ T4219] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.519372][ T4219] netlink_rcv_skb+0x20c/0x3b8 [ 35.520631][ T4219] rtnetlink_rcv+0x28/0x38 [ 35.521841][ T4219] netlink_unicast+0x660/0x8d4 [ 35.523138][ T4219] netlink_sendmsg+0x834/0xb18 [ 35.524414][ T4219] ____sys_sendmsg+0x558/0x844 [ 35.525717][ T4219] __sys_sendmsg+0x26c/0x33c [ 35.526963][ T4219] __arm64_sys_sendmsg+0x80/0x94 [ 35.528319][ T4219] invoke_syscall+0x98/0x2c0 [ 35.529555][ T4219] el0_svc_common+0x138/0x258 [ 35.530831][ T4219] do_el0_svc+0x64/0x218 [ 35.531970][ T4219] el0_svc+0x58/0x168 [ 35.533062][ T4219] el0t_64_sync_handler+0x84/0xf0 [ 35.534479][ T4219] el0t_64_sync+0x18c/0x190 [ 35.535679][ T4219] [ 35.536271][ T4219] [ 35.536271][ T4219] stack backtrace: [ 35.537817][ T4219] CPU: 0 PID: 4219 Comm: syz-executor886 Not tainted 6.1.45-syzkaller #0 [ 35.540057][ T4219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.542641][ T4219] Call trace: [ 35.543465][ T4219] dump_backtrace+0x1c8/0x1f4 [ 35.544663][ T4219] show_stack+0x2c/0x3c [ 35.545768][ T4219] dump_stack_lvl+0x108/0x170 [ 35.546963][ T4219] dump_stack+0x1c/0x58 [ 35.548019][ T4219] __lock_acquire+0x6310/0x764c [ 35.549366][ T4219] lock_acquire+0x26c/0x7cc [ 35.550539][ T4219] fs_reclaim_acquire+0x90/0x12c [ 35.551793][ T4219] __kmem_cache_alloc_node+0x58/0x388 [ 35.553195][ T4219] __kmalloc_node+0xcc/0x1d0 [ 35.554386][ T4219] kvmalloc_node+0x84/0x1e4 [ 35.555570][ T4219] get_dist_table+0xa0/0x354 [ 35.556793][ T4219] netem_change+0x754/0x1900 [ 35.558010][ T4219] netem_init+0x54/0xb8 [ 35.559117][ T4219] qdisc_create+0x70c/0xe64 [ 35.560234][ T4219] tc_modify_qdisc+0x9f0/0x1840 [ 35.561526][ T4219] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.562868][ T4219] netlink_rcv_skb+0x20c/0x3b8 [ 35.564121][ T4219] rtnetlink_rcv+0x28/0x38 [ 35.565309][ T4219] netlink_unicast+0x660/0x8d4 [ 35.566522][ T4219] netlink_sendmsg+0x834/0xb18 [ 35.567768][ T4219] ____sys_sendmsg+0x558/0x844 [ 35.569042][ T4219] __sys_sendmsg+0x26c/0x33c [ 35.570281][ T4219] __arm64_sys_sendmsg+0x80/0x94 [ 35.571574][ T4219] invoke_syscall+0x98/0x2c0 [ 35.572823][ T4219] el0_svc_common+0x138/0x258 [ 35.574002][ T4219] do_el0_svc+0x64/0x218 [ 35.575135][ T4219] el0_svc+0x58/0x168 [ 35.576197][ T4219] el0t_64_sync_handler+0x84/0xf0 [ 35.577506][ T4219] el0t_64_sync+0x18c/0x190 [ 35.578773][ T4219] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.581213][ T4219] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4219, name: syz-executor886 [ 35.583555][ T4219] preempt_count: 201, expected: 0 [ 35.584766][ T4219] RCU nest depth: 0, expected: 0 [ 35.585956][ T4219] INFO: lockdep is turned off. [ 35.587087][ T4219] Preemption disabled at: [ 35.587095][ T4219] [] sch_tree_lock+0x120/0x1d4 [ 35.589712][ T4219] CPU: 0 PID: 4219 Comm: syz-executor886 Not tainted 6.1.45-syzkaller #0 [ 35.591749][ T4219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.594196][ T4219] Call trace: [ 35.595001][ T4219] dump_backtrace+0x1c8/0x1f4 [ 35.596187][ T4219] show_stack+0x2c/0x3c [ 35.597153][ T4219] dump_stack_lvl+0x108/0x170 [ 35.598319][ T4219] dump_stack+0x1c/0x58 [ 35.599277][ T4219] __might_resched+0x37c/0x4d8 [ 35.600506][ T4219] __might_sleep+0x90/0xe4 [ 35.601602][ T4219] __kmem_cache_alloc_node+0x74/0x388 [ 35.602893][ T4219] __kmalloc_node+0xcc/0x1d0 [ 35.604091][ T4219] kvmalloc_node+0x84/0x1e4 [ 35.605237][ T4219] get_dist_table+0xa0/0x354 [ 35.606368][ T4219] netem_change+0x754/0x1900 [ 35.607520][ T4219] netem_init+0x54/0xb8 [ 35.608551][ T4219] qdisc_create+0x70c/0xe64 [ 35.609793][ T4219] tc_modify_qdisc+0x9f0/0x1840 [ 35.610998][ T4219] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.612229][ T4219] netlink_rcv_skb+0x20c/0x3b8 [ 35.613421][ T4219] rtnetlink_rcv+0x28/0x38 [ 35.614544][ T4219] netlink_unicast+0x660/0x8d4 [ 35.615765][ T4219] netlink_sendmsg+0x834/0xb18 [ 35.616992][ T4219] ____sys_sendmsg+0x558/0x844 [ 35.618242][ T4219] __sys_sendmsg+0x26c/0x33c [ 35.619423][ T4219] __arm64_sys_sendmsg+0x80/0x94 [ 35.620669][ T4219] invoke_syscall+0x98/0x2c0 [ 35.621850][ T4219] el0_svc_common+0x138/0x258 [ 35.623108][ T4219] do_el0_svc+0x64/0x218 [ 35.624211][ T4219] el0_svc+0x58/0x168 [ 35.625179][ T4219] el0t_64_sync_handler+0x84/0xf0 [ 35.626412][ T4219] el0t_64_sync+0x18c/0x190