Warning: Permanently added '10.128.0.92' (ED25519) to the list of known hosts. executing program [ 37.104244][ T4218] [ 37.104951][ T4218] ===================================================== [ 37.106938][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 37.108839][ T4218] 6.1.45-syzkaller #0 Not tainted [ 37.110147][ T4218] ----------------------------------------------------- [ 37.111944][ T4218] syz-executor381/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 37.114116][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 37.116522][ T4218] [ 37.116522][ T4218] and this task is already holding: [ 37.118345][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 37.120662][ T4218] which would create a new lock dependency: [ 37.122116][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 37.124022][ T4218] [ 37.124022][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 37.126561][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 37.126578][ T4218] [ 37.126578][ T4218] ... which became SOFTIRQ-irq-safe at: [ 37.129931][ T4218] lock_acquire+0x26c/0x7cc [ 37.131171][ T4218] _raw_spin_lock+0x54/0x6c [ 37.132402][ T4218] net_tx_action+0x6ec/0x94c [ 37.133659][ T4218] __do_softirq+0x30c/0xea0 [ 37.134876][ T4218] ____do_softirq+0x14/0x20 [ 37.136084][ T4218] call_on_irq_stack+0x24/0x4c [ 37.137349][ T4218] do_softirq_own_stack+0x20/0x2c [ 37.138659][ T4218] do_softirq+0x120/0x20c [ 37.139796][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 37.141124][ T4218] local_bh_enable+0x28/0x34 [ 37.142309][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 37.143675][ T4218] dev_deactivate+0x13c/0x1fc [ 37.144888][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 37.146212][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 37.147597][ T4218] linkwatch_event+0x58/0x68 [ 37.148833][ T4218] process_one_work+0x7ac/0x1404 [ 37.150148][ T4218] worker_thread+0x8e4/0xfec [ 37.151389][ T4218] kthread+0x250/0x2d8 [ 37.152521][ T4218] ret_from_fork+0x10/0x20 [ 37.153694][ T4218] [ 37.153694][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 37.155550][ T4218] (fs_reclaim){+.+.}-{0:0} [ 37.155568][ T4218] [ 37.155568][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 37.158780][ T4218] ... [ 37.158786][ T4218] lock_acquire+0x26c/0x7cc [ 37.160642][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.161970][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.163548][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.164832][ T4218] init_rescuer+0xa4/0x264 [ 37.166019][ T4218] workqueue_init+0x298/0x5b4 [ 37.167295][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.168715][ T4218] kernel_init+0x24/0x29c [ 37.170062][ T4218] ret_from_fork+0x10/0x20 [ 37.171287][ T4218] [ 37.171287][ T4218] other info that might help us debug this: [ 37.171287][ T4218] [ 37.173973][ T4218] Possible interrupt unsafe locking scenario: [ 37.173973][ T4218] [ 37.176298][ T4218] CPU0 CPU1 [ 37.177825][ T4218] ---- ---- [ 37.179375][ T4218] lock(fs_reclaim); [ 37.180415][ T4218] local_irq_disable(); [ 37.182156][ T4218] lock(noop_qdisc.q.lock); [ 37.183988][ T4218] lock(fs_reclaim); [ 37.186079][ T4218] [ 37.187144][ T4218] lock(noop_qdisc.q.lock); [ 37.188395][ T4218] [ 37.188395][ T4218] *** DEADLOCK *** [ 37.188395][ T4218] [ 37.190502][ T4218] 2 locks held by syz-executor381/4218: [ 37.191925][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 37.194893][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 37.197429][ T4218] [ 37.197429][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 37.200200][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 37.201801][ T4218] HARDIRQ-ON-W at: [ 37.202847][ T4218] lock_acquire+0x26c/0x7cc [ 37.204407][ T4218] _raw_spin_lock+0x54/0x6c [ 37.206032][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 37.207877][ T4218] tx+0x90/0x134 [ 37.209289][ T4218] kthread+0x1ac/0x374 [ 37.210778][ T4218] kthread+0x250/0x2d8 [ 37.212255][ T4218] ret_from_fork+0x10/0x20 [ 37.213849][ T4218] IN-SOFTIRQ-W at: [ 37.215031][ T4218] lock_acquire+0x26c/0x7cc [ 37.216639][ T4218] _raw_spin_lock+0x54/0x6c [ 37.218256][ T4218] net_tx_action+0x6ec/0x94c [ 37.219930][ T4218] __do_softirq+0x30c/0xea0 [ 37.221704][ T4218] ____do_softirq+0x14/0x20 [ 37.223473][ T4218] call_on_irq_stack+0x24/0x4c [ 37.225189][ T4218] do_softirq_own_stack+0x20/0x2c [ 37.227013][ T4218] do_softirq+0x120/0x20c [ 37.228606][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 37.230471][ T4218] local_bh_enable+0x28/0x34 [ 37.232117][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 37.233879][ T4218] dev_deactivate+0x13c/0x1fc [ 37.235521][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 37.237212][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 37.238992][ T4218] linkwatch_event+0x58/0x68 [ 37.240638][ T4218] process_one_work+0x7ac/0x1404 [ 37.242351][ T4218] worker_thread+0x8e4/0xfec [ 37.244062][ T4218] kthread+0x250/0x2d8 [ 37.245595][ T4218] ret_from_fork+0x10/0x20 [ 37.247216][ T4218] INITIAL USE at: [ 37.248175][ T4218] lock_acquire+0x26c/0x7cc [ 37.249766][ T4218] _raw_spin_lock+0x54/0x6c [ 37.251401][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 37.253101][ T4218] tx+0x90/0x134 [ 37.254411][ T4218] kthread+0x1ac/0x374 [ 37.255839][ T4218] kthread+0x250/0x2d8 [ 37.257297][ T4218] ret_from_fork+0x10/0x20 [ 37.258793][ T4218] } [ 37.259453][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 37.261380][ T4218] [ 37.261380][ T4218] the dependencies between the lock to be acquired [ 37.261387][ T4218] and SOFTIRQ-irq-unsafe lock: [ 37.264901][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 37.266191][ T4218] HARDIRQ-ON-W at: [ 37.267210][ T4218] lock_acquire+0x26c/0x7cc [ 37.268795][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.270490][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.272290][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.273900][ T4218] init_rescuer+0xa4/0x264 [ 37.275496][ T4218] workqueue_init+0x298/0x5b4 [ 37.277167][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.278966][ T4218] kernel_init+0x24/0x29c [ 37.280499][ T4218] ret_from_fork+0x10/0x20 [ 37.282055][ T4218] SOFTIRQ-ON-W at: [ 37.283075][ T4218] lock_acquire+0x26c/0x7cc [ 37.284637][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.286338][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.288164][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.289812][ T4218] init_rescuer+0xa4/0x264 [ 37.291374][ T4218] workqueue_init+0x298/0x5b4 [ 37.293029][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.294793][ T4218] kernel_init+0x24/0x29c [ 37.296378][ T4218] ret_from_fork+0x10/0x20 [ 37.297962][ T4218] INITIAL USE at: [ 37.299022][ T4218] lock_acquire+0x26c/0x7cc [ 37.300641][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.302427][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.304204][ T4218] kmalloc_node_trace+0x44/0x90 [ 37.305885][ T4218] init_rescuer+0xa4/0x264 [ 37.307464][ T4218] workqueue_init+0x298/0x5b4 [ 37.309074][ T4218] kernel_init_freeable+0x33c/0x528 [ 37.310810][ T4218] kernel_init+0x24/0x29c [ 37.312331][ T4218] ret_from_fork+0x10/0x20 [ 37.313905][ T4218] } [ 37.314585][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 37.316719][ T4218] ... acquired at: [ 37.317686][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.318999][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.320390][ T4218] __kmalloc_node+0xcc/0x1d0 [ 37.321610][ T4218] kvmalloc_node+0x84/0x1e4 [ 37.322843][ T4218] get_dist_table+0xa0/0x354 [ 37.324089][ T4218] netem_change+0x754/0x1900 [ 37.325266][ T4218] netem_init+0x54/0xb8 [ 37.326447][ T4218] qdisc_create+0x70c/0xe64 [ 37.327652][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 37.328952][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.330295][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 37.331547][ T4218] rtnetlink_rcv+0x28/0x38 [ 37.332716][ T4218] netlink_unicast+0x660/0x8d4 [ 37.334006][ T4218] netlink_sendmsg+0x834/0xb18 [ 37.335231][ T4218] ____sys_sendmsg+0x558/0x844 [ 37.336524][ T4218] __sys_sendmsg+0x26c/0x33c [ 37.337722][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 37.339010][ T4218] invoke_syscall+0x98/0x2c0 [ 37.340263][ T4218] el0_svc_common+0x138/0x258 [ 37.341503][ T4218] do_el0_svc+0x64/0x218 [ 37.342684][ T4218] el0_svc+0x58/0x168 [ 37.343816][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 37.345137][ T4218] el0t_64_sync+0x18c/0x190 [ 37.346330][ T4218] [ 37.346913][ T4218] [ 37.346913][ T4218] stack backtrace: [ 37.348400][ T4218] CPU: 0 PID: 4218 Comm: syz-executor381 Not tainted 6.1.45-syzkaller #0 [ 37.350621][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 37.353176][ T4218] Call trace: [ 37.354025][ T4218] dump_backtrace+0x1c8/0x1f4 [ 37.355223][ T4218] show_stack+0x2c/0x3c [ 37.356324][ T4218] dump_stack_lvl+0x108/0x170 [ 37.357490][ T4218] dump_stack+0x1c/0x58 [ 37.358551][ T4218] __lock_acquire+0x6310/0x764c [ 37.359812][ T4218] lock_acquire+0x26c/0x7cc [ 37.361026][ T4218] fs_reclaim_acquire+0x90/0x12c [ 37.362336][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 37.363776][ T4218] __kmalloc_node+0xcc/0x1d0 [ 37.364936][ T4218] kvmalloc_node+0x84/0x1e4 [ 37.366116][ T4218] get_dist_table+0xa0/0x354 [ 37.367199][ T4218] netem_change+0x754/0x1900 [ 37.368443][ T4218] netem_init+0x54/0xb8 [ 37.369522][ T4218] qdisc_create+0x70c/0xe64 [ 37.370740][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 37.371925][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.373234][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 37.374469][ T4218] rtnetlink_rcv+0x28/0x38 [ 37.375620][ T4218] netlink_unicast+0x660/0x8d4 [ 37.376848][ T4218] netlink_sendmsg+0x834/0xb18 [ 37.378077][ T4218] ____sys_sendmsg+0x558/0x844 [ 37.379310][ T4218] __sys_sendmsg+0x26c/0x33c [ 37.380508][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 37.381769][ T4218] invoke_syscall+0x98/0x2c0 [ 37.382937][ T4218] el0_svc_common+0x138/0x258 [ 37.384163][ T4218] do_el0_svc+0x64/0x218 [ 37.385282][ T4218] el0_svc+0x58/0x168 [ 37.386342][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 37.387699][ T4218] el0t_64_sync+0x18c/0x190 [ 37.388930][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 37.391297][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor381 [ 37.393608][ T4218] preempt_count: 201, expected: 0 [ 37.394806][ T4218] RCU nest depth: 0, expected: 0 [ 37.396060][ T4218] INFO: lockdep is turned off. [ 37.397248][ T4218] Preemption disabled at: [ 37.397257][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 37.399971][ T4218] CPU: 0 PID: 4218 Comm: syz-executor381 Not tainted 6.1.45-syzkaller #0 [ 37.401954][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 37.404476][ T4218] Call trace: [ 37.405337][ T4218] dump_backtrace+0x1c8/0x1f4 [ 37.406556][ T4218] show_stack+0x2c/0x3c [ 37.407665][ T4218] dump_stack_lvl+0x108/0x170 [ 37.408782][ T4218] dump_stack+0x1c/0x58 [ 37.409863][ T4218] __might_resched+0x37c/0x4d8 [ 37.411018][ T4218] __might_sleep+0x90/0xe4 [ 37.412139][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 37.413564][ T4218] __kmalloc_node+0xcc/0x1d0 [ 37.414715][ T4218] kvmalloc_node+0x84/0x1e4 [ 37.415867][ T4218] get_dist_table+0xa0/0x354 [ 37.417017][ T4218] netem_change+0x754/0x1900 [ 37.418243][ T4218] netem_init+0x54/0xb8 [ 37.419373][ T4218] qdisc_create+0x70c/0xe64 [ 37.420503][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 37.421751][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.423022][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 37.424202][ T4218] rtnetlink_rcv+0x28/0x38 [ 37.425319][ T4218] netlink_unicast+0x660/0x8d4 [ 37.426606][ T4218] netlink_sendmsg+0x834/0xb18 [ 37.427830][ T4218] ____sys_sendmsg+0x558/0x844 [ 37.428955][ T4218] __sys_sendmsg+0x26c/0x33c [ 37.430096][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 37.431381][ T4218] invoke_syscall+0x98/0x2c0 [ 37.432473][ T4218] el0_svc_common+0x138/0x258 [ 37.433628][ T4218] do_el0_svc+0x64/0x218 [ 37.434661][ T4218] el0_svc+0x58/0x168 [ 37.435655][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 37.436970][ T4218] el0t_64_sync+0x18c/0x190