Warning: Permanently added '10.128.1.136' (ED25519) to the list of known hosts. executing program [ 40.984311][ T4218] [ 40.984895][ T4218] ===================================================== [ 40.986368][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 40.987943][ T4218] 6.1.45-syzkaller #0 Not tainted [ 40.989056][ T4218] ----------------------------------------------------- [ 40.990543][ T4218] syz-executor123/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 40.992266][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 40.994420][ T4218] [ 40.994420][ T4218] and this task is already holding: [ 40.996045][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 40.998102][ T4218] which would create a new lock dependency: [ 40.999436][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 41.000943][ T4218] [ 41.000943][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 41.003026][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 41.003043][ T4218] [ 41.003043][ T4218] ... which became SOFTIRQ-irq-safe at: [ 41.005915][ T4218] lock_acquire+0x26c/0x7cc [ 41.006918][ T4218] _raw_spin_lock+0x54/0x6c [ 41.007887][ T4218] net_tx_action+0x6ec/0x94c [ 41.008927][ T4218] __do_softirq+0x30c/0xea0 [ 41.009991][ T4218] ____do_softirq+0x14/0x20 [ 41.011053][ T4218] call_on_irq_stack+0x24/0x4c [ 41.012174][ T4218] do_softirq_own_stack+0x20/0x2c [ 41.013307][ T4218] do_softirq+0x120/0x20c [ 41.014309][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 41.015458][ T4218] local_bh_enable+0x28/0x34 [ 41.016496][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 41.017672][ T4218] dev_deactivate+0x13c/0x1fc [ 41.018676][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 41.019733][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 41.020826][ T4218] linkwatch_event+0x58/0x68 [ 41.021870][ T4218] process_one_work+0x7ac/0x1404 [ 41.022931][ T4218] worker_thread+0x8e4/0xfec [ 41.023973][ T4218] kthread+0x250/0x2d8 [ 41.024902][ T4218] ret_from_fork+0x10/0x20 [ 41.025882][ T4218] [ 41.025882][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 41.027510][ T4218] (fs_reclaim){+.+.}-{0:0} [ 41.027527][ T4218] [ 41.027527][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 41.030191][ T4218] ... [ 41.030197][ T4218] lock_acquire+0x26c/0x7cc [ 41.031814][ T4218] fs_reclaim_acquire+0x90/0x12c [ 41.032878][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 41.034048][ T4218] kmalloc_node_trace+0x44/0x90 [ 41.035229][ T4218] init_rescuer+0xa4/0x264 [ 41.036378][ T4218] workqueue_init+0x298/0x5b4 [ 41.037443][ T4218] kernel_init_freeable+0x33c/0x528 [ 41.038563][ T4218] kernel_init+0x24/0x29c [ 41.039553][ T4218] ret_from_fork+0x10/0x20 [ 41.040573][ T4218] [ 41.040573][ T4218] other info that might help us debug this: [ 41.040573][ T4218] [ 41.042772][ T4218] Possible interrupt unsafe locking scenario: [ 41.042772][ T4218] [ 41.044601][ T4218] CPU0 CPU1 [ 41.045752][ T4218] ---- ---- [ 41.046952][ T4218] lock(fs_reclaim); [ 41.047792][ T4218] local_irq_disable(); [ 41.049347][ T4218] lock(noop_qdisc.q.lock); [ 41.050906][ T4218] lock(fs_reclaim); [ 41.052484][ T4218] [ 41.053303][ T4218] lock(noop_qdisc.q.lock); [ 41.054310][ T4218] [ 41.054310][ T4218] *** DEADLOCK *** [ 41.054310][ T4218] [ 41.056107][ T4218] 2 locks held by syz-executor123/4218: [ 41.057440][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 41.059559][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 41.061675][ T4218] [ 41.061675][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 41.064069][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 41.065232][ T4218] HARDIRQ-ON-W at: [ 41.066164][ T4218] lock_acquire+0x26c/0x7cc [ 41.067550][ T4218] _raw_spin_lock+0x54/0x6c [ 41.068949][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 41.070392][ T4218] tx+0x90/0x134 [ 41.071514][ T4218] kthread+0x1ac/0x374 [ 41.072726][ T4218] kthread+0x250/0x2d8 [ 41.074097][ T4218] ret_from_fork+0x10/0x20 [ 41.075461][ T4218] IN-SOFTIRQ-W at: [ 41.076359][ T4218] lock_acquire+0x26c/0x7cc [ 41.077638][ T4218] _raw_spin_lock+0x54/0x6c [ 41.079042][ T4218] net_tx_action+0x6ec/0x94c [ 41.080411][ T4218] __do_softirq+0x30c/0xea0 [ 41.081739][ T4218] ____do_softirq+0x14/0x20 [ 41.083073][ T4218] call_on_irq_stack+0x24/0x4c [ 41.084506][ T4218] do_softirq_own_stack+0x20/0x2c [ 41.086046][ T4218] do_softirq+0x120/0x20c [ 41.087313][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 41.088842][ T4218] local_bh_enable+0x28/0x34 [ 41.090284][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 41.091783][ T4218] dev_deactivate+0x13c/0x1fc [ 41.093130][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 41.094503][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 41.095985][ T4218] linkwatch_event+0x58/0x68 [ 41.097412][ T4218] process_one_work+0x7ac/0x1404 [ 41.098867][ T4218] worker_thread+0x8e4/0xfec [ 41.100189][ T4218] kthread+0x250/0x2d8 [ 41.101395][ T4218] ret_from_fork+0x10/0x20 [ 41.102731][ T4218] INITIAL USE at: [ 41.103592][ T4218] lock_acquire+0x26c/0x7cc [ 41.104949][ T4218] _raw_spin_lock+0x54/0x6c [ 41.106275][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 41.107716][ T4218] tx+0x90/0x134 [ 41.108852][ T4218] kthread+0x1ac/0x374 [ 41.110153][ T4218] kthread+0x250/0x2d8 [ 41.111462][ T4218] ret_from_fork+0x10/0x20 [ 41.112910][ T4218] } [ 41.113469][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 41.115083][ T4218] [ 41.115083][ T4218] the dependencies between the lock to be acquired [ 41.115090][ T4218] and SOFTIRQ-irq-unsafe lock: [ 41.118102][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 41.119181][ T4218] HARDIRQ-ON-W at: [ 41.120083][ T4218] lock_acquire+0x26c/0x7cc [ 41.121465][ T4218] fs_reclaim_acquire+0x90/0x12c [ 41.122977][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 41.124579][ T4218] kmalloc_node_trace+0x44/0x90 [ 41.126149][ T4218] init_rescuer+0xa4/0x264 [ 41.127525][ T4218] workqueue_init+0x298/0x5b4 [ 41.129040][ T4218] kernel_init_freeable+0x33c/0x528 [ 41.130514][ T4218] kernel_init+0x24/0x29c [ 41.131820][ T4218] ret_from_fork+0x10/0x20 [ 41.133140][ T4218] SOFTIRQ-ON-W at: [ 41.134010][ T4218] lock_acquire+0x26c/0x7cc [ 41.135376][ T4218] fs_reclaim_acquire+0x90/0x12c [ 41.136898][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 41.138391][ T4218] kmalloc_node_trace+0x44/0x90 [ 41.139903][ T4218] init_rescuer+0xa4/0x264 [ 41.141283][ T4218] workqueue_init+0x298/0x5b4 [ 41.142694][ T4218] kernel_init_freeable+0x33c/0x528 [ 41.144223][ T4218] kernel_init+0x24/0x29c [ 41.145567][ T4218] ret_from_fork+0x10/0x20 [ 41.146920][ T4218] INITIAL USE at: [ 41.147711][ T4218] lock_acquire+0x26c/0x7cc [ 41.149044][ T4218] fs_reclaim_acquire+0x90/0x12c [ 41.150587][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 41.151984][ T4218] kmalloc_node_trace+0x44/0x90 [ 41.153438][ T4218] init_rescuer+0xa4/0x264 [ 41.154783][ T4218] workqueue_init+0x298/0x5b4 [ 41.156136][ T4218] kernel_init_freeable+0x33c/0x528 [ 41.157651][ T4218] kernel_init+0x24/0x29c [ 41.158949][ T4218] ret_from_fork+0x10/0x20 [ 41.160235][ T4218] } [ 41.160736][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 41.162525][ T4218] ... acquired at: [ 41.163372][ T4218] fs_reclaim_acquire+0x90/0x12c [ 41.164508][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 41.165780][ T4218] __kmalloc_node+0xcc/0x1d0 [ 41.166890][ T4218] kvmalloc_node+0x84/0x1e4 [ 41.167934][ T4218] get_dist_table+0xa0/0x354 [ 41.169056][ T4218] netem_change+0x754/0x1900 [ 41.170087][ T4218] netem_init+0x54/0xb8 [ 41.171023][ T4218] qdisc_create+0x70c/0xe64 [ 41.172085][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 41.173130][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 41.174256][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 41.175286][ T4218] rtnetlink_rcv+0x28/0x38 [ 41.176296][ T4218] netlink_unicast+0x660/0x8d4 [ 41.177352][ T4218] netlink_sendmsg+0x834/0xb18 [ 41.178500][ T4218] ____sys_sendmsg+0x558/0x844 [ 41.179641][ T4218] __sys_sendmsg+0x26c/0x33c [ 41.180657][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 41.181893][ T4218] invoke_syscall+0x98/0x2c0 [ 41.182948][ T4218] el0_svc_common+0x138/0x258 [ 41.183986][ T4218] do_el0_svc+0x64/0x218 [ 41.185012][ T4218] el0_svc+0x58/0x168 [ 41.185936][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 41.187095][ T4218] el0t_64_sync+0x18c/0x190 [ 41.188147][ T4218] [ 41.188685][ T4218] [ 41.188685][ T4218] stack backtrace: [ 41.189958][ T4218] CPU: 0 PID: 4218 Comm: syz-executor123 Not tainted 6.1.45-syzkaller #0 [ 41.191793][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 41.193973][ T4218] Call trace: [ 41.194695][ T4218] dump_backtrace+0x1c8/0x1f4 [ 41.195749][ T4218] show_stack+0x2c/0x3c [ 41.196639][ T4218] dump_stack_lvl+0x108/0x170 [ 41.197732][ T4218] dump_stack+0x1c/0x58 [ 41.198700][ T4218] __lock_acquire+0x6310/0x764c [ 41.199689][ T4218] lock_acquire+0x26c/0x7cc [ 41.200669][ T4218] fs_reclaim_acquire+0x90/0x12c [ 41.201818][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 41.202985][ T4218] __kmalloc_node+0xcc/0x1d0 [ 41.203972][ T4218] kvmalloc_node+0x84/0x1e4 [ 41.204955][ T4218] get_dist_table+0xa0/0x354 [ 41.205966][ T4218] netem_change+0x754/0x1900 [ 41.206987][ T4218] netem_init+0x54/0xb8 [ 41.207932][ T4218] qdisc_create+0x70c/0xe64 [ 41.208903][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 41.209955][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 41.211093][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 41.212108][ T4218] rtnetlink_rcv+0x28/0x38 [ 41.213045][ T4218] netlink_unicast+0x660/0x8d4 [ 41.214145][ T4218] netlink_sendmsg+0x834/0xb18 [ 41.215267][ T4218] ____sys_sendmsg+0x558/0x844 [ 41.216384][ T4218] __sys_sendmsg+0x26c/0x33c [ 41.217454][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 41.218506][ T4218] invoke_syscall+0x98/0x2c0 [ 41.219524][ T4218] el0_svc_common+0x138/0x258 [ 41.220545][ T4218] do_el0_svc+0x64/0x218 [ 41.221515][ T4218] el0_svc+0x58/0x168 [ 41.222397][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 41.223487][ T4218] el0t_64_sync+0x18c/0x190 [ 41.224507][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 41.226544][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor123 [ 41.228488][ T4218] preempt_count: 201, expected: 0 [ 41.229488][ T4218] RCU nest depth: 0, expected: 0 [ 41.230480][ T4218] INFO: lockdep is turned off. [ 41.231439][ T4218] Preemption disabled at: [ 41.231448][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 41.233787][ T4218] CPU: 0 PID: 4218 Comm: syz-executor123 Not tainted 6.1.45-syzkaller #0 [ 41.235521][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 41.237598][ T4218] Call trace: [ 41.238273][ T4218] dump_backtrace+0x1c8/0x1f4 [ 41.239209][ T4218] show_stack+0x2c/0x3c [ 41.240221][ T4218] dump_stack_lvl+0x108/0x170 [ 41.241196][ T4218] dump_stack+0x1c/0x58 [ 41.242082][ T4218] __might_resched+0x37c/0x4d8 [ 41.243154][ T4218] __might_sleep+0x90/0xe4 [ 41.244090][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 41.245225][ T4218] __kmalloc_node+0xcc/0x1d0 [ 41.246273][ T4218] kvmalloc_node+0x84/0x1e4 [ 41.247298][ T4218] get_dist_table+0xa0/0x354 [ 41.248355][ T4218] netem_change+0x754/0x1900 [ 41.249339][ T4218] netem_init+0x54/0xb8 [ 41.250232][ T4218] qdisc_create+0x70c/0xe64 [ 41.251207][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 41.252211][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 41.253342][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 41.254421][ T4218] rtnetlink_rcv+0x28/0x38 [ 41.255341][ T4218] netlink_unicast+0x660/0x8d4 [ 41.256373][ T4218] netlink_sendmsg+0x834/0xb18 [ 41.257401][ T4218] ____sys_sendmsg+0x558/0x844 [ 41.258436][ T4218] __sys_sendmsg+0x26c/0x33c [ 41.259441][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 41.260532][ T4218] invoke_syscall+0x98/0x2c0 [ 41.261539][ T4218] el0_svc_common+0x138/0x258 [ 41.262486][ T4218] do_el0_svc+0x64/0x218 [ 41.263437][ T4218] el0_svc+0x58/0x168 [ 41.264383][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 41.265456][ T4218] el0t_64_sync+0x18c/0x190