Warning: Permanently added '10.128.1.94' (ED25519) to the list of known hosts. executing program [ 36.685177][ T4218] [ 36.685877][ T4218] ===================================================== [ 36.687670][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 36.689640][ T4218] 6.1.45-syzkaller #0 Not tainted [ 36.690935][ T4218] ----------------------------------------------------- [ 36.692824][ T4218] syz-executor113/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 36.694916][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 36.697476][ T4218] [ 36.697476][ T4218] and this task is already holding: [ 36.699354][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.701800][ T4218] which would create a new lock dependency: [ 36.703379][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 36.705375][ T4218] [ 36.705375][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 36.707798][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 36.707815][ T4218] [ 36.707815][ T4218] ... which became SOFTIRQ-irq-safe at: [ 36.711086][ T4218] lock_acquire+0x26c/0x7cc [ 36.712278][ T4218] _raw_spin_lock+0x54/0x6c [ 36.713474][ T4218] net_tx_action+0x6ec/0x94c [ 36.714730][ T4218] __do_softirq+0x30c/0xea0 [ 36.715932][ T4218] ____do_softirq+0x14/0x20 [ 36.717100][ T4218] call_on_irq_stack+0x24/0x4c [ 36.718379][ T4218] do_softirq_own_stack+0x20/0x2c [ 36.719700][ T4218] do_softirq+0x120/0x20c [ 36.720873][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 36.722234][ T4218] local_bh_enable+0x28/0x34 [ 36.723455][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 36.724805][ T4218] dev_deactivate+0x13c/0x1fc [ 36.726051][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 36.727356][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 36.728754][ T4218] linkwatch_event+0x58/0x68 [ 36.729982][ T4218] process_one_work+0x7ac/0x1404 [ 36.731262][ T4218] worker_thread+0x8e4/0xfec [ 36.732511][ T4218] kthread+0x250/0x2d8 [ 36.733605][ T4218] ret_from_fork+0x10/0x20 [ 36.734804][ T4218] [ 36.734804][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 36.736678][ T4218] (fs_reclaim){+.+.}-{0:0} [ 36.736696][ T4218] [ 36.736696][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 36.740019][ T4218] ... [ 36.740024][ T4218] lock_acquire+0x26c/0x7cc [ 36.741904][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.743284][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.744736][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.746057][ T4218] init_rescuer+0xa4/0x264 [ 36.747247][ T4218] workqueue_init+0x298/0x5b4 [ 36.748475][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.749857][ T4218] kernel_init+0x24/0x29c [ 36.751033][ T4218] ret_from_fork+0x10/0x20 [ 36.752214][ T4218] [ 36.752214][ T4218] other info that might help us debug this: [ 36.752214][ T4218] [ 36.754882][ T4218] Possible interrupt unsafe locking scenario: [ 36.754882][ T4218] [ 36.757085][ T4218] CPU0 CPU1 [ 36.758471][ T4218] ---- ---- [ 36.759927][ T4218] lock(fs_reclaim); [ 36.760962][ T4218] local_irq_disable(); [ 36.762710][ T4218] lock(noop_qdisc.q.lock); [ 36.764536][ T4218] lock(fs_reclaim); [ 36.766263][ T4218] [ 36.767165][ T4218] lock(noop_qdisc.q.lock); [ 36.768414][ T4218] [ 36.768414][ T4218] *** DEADLOCK *** [ 36.768414][ T4218] [ 36.770538][ T4218] 2 locks held by syz-executor113/4218: [ 36.771941][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 36.774440][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.777017][ T4218] [ 36.777017][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 36.779734][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 36.781216][ T4218] HARDIRQ-ON-W at: [ 36.782287][ T4218] lock_acquire+0x26c/0x7cc [ 36.783858][ T4218] _raw_spin_lock+0x54/0x6c [ 36.785490][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 36.787230][ T4218] tx+0x90/0x134 [ 36.788633][ T4218] kthread+0x1ac/0x374 [ 36.790196][ T4218] kthread+0x250/0x2d8 [ 36.791724][ T4218] ret_from_fork+0x10/0x20 [ 36.793351][ T4218] IN-SOFTIRQ-W at: [ 36.794382][ T4218] lock_acquire+0x26c/0x7cc [ 36.796010][ T4218] _raw_spin_lock+0x54/0x6c [ 36.797676][ T4218] net_tx_action+0x6ec/0x94c [ 36.799374][ T4218] __do_softirq+0x30c/0xea0 [ 36.801109][ T4218] ____do_softirq+0x14/0x20 [ 36.802802][ T4218] call_on_irq_stack+0x24/0x4c [ 36.804580][ T4218] do_softirq_own_stack+0x20/0x2c [ 36.806405][ T4218] do_softirq+0x120/0x20c [ 36.808067][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 36.809951][ T4218] local_bh_enable+0x28/0x34 [ 36.811621][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 36.813424][ T4218] dev_deactivate+0x13c/0x1fc [ 36.815114][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 36.816870][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 36.818699][ T4218] linkwatch_event+0x58/0x68 [ 36.820364][ T4218] process_one_work+0x7ac/0x1404 [ 36.822122][ T4218] worker_thread+0x8e4/0xfec [ 36.823769][ T4218] kthread+0x250/0x2d8 [ 36.825329][ T4218] ret_from_fork+0x10/0x20 [ 36.826899][ T4218] INITIAL USE at: [ 36.827919][ T4218] lock_acquire+0x26c/0x7cc [ 36.829535][ T4218] _raw_spin_lock+0x54/0x6c [ 36.831176][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 36.832916][ T4218] tx+0x90/0x134 [ 36.834328][ T4218] kthread+0x1ac/0x374 [ 36.835817][ T4218] kthread+0x250/0x2d8 [ 36.837346][ T4218] ret_from_fork+0x10/0x20 [ 36.838962][ T4218] } [ 36.839602][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 36.841622][ T4218] [ 36.841622][ T4218] the dependencies between the lock to be acquired [ 36.841629][ T4218] and SOFTIRQ-irq-unsafe lock: [ 36.845157][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 36.846467][ T4218] HARDIRQ-ON-W at: [ 36.847506][ T4218] lock_acquire+0x26c/0x7cc [ 36.849154][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.850861][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.852706][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.854481][ T4218] init_rescuer+0xa4/0x264 [ 36.856095][ T4218] workqueue_init+0x298/0x5b4 [ 36.857768][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.859581][ T4218] kernel_init+0x24/0x29c [ 36.861161][ T4218] ret_from_fork+0x10/0x20 [ 36.862721][ T4218] SOFTIRQ-ON-W at: [ 36.863819][ T4218] lock_acquire+0x26c/0x7cc [ 36.865489][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.867234][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.869079][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.870830][ T4218] init_rescuer+0xa4/0x264 [ 36.872397][ T4218] workqueue_init+0x298/0x5b4 [ 36.874093][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.875922][ T4218] kernel_init+0x24/0x29c [ 36.877513][ T4218] ret_from_fork+0x10/0x20 [ 36.879046][ T4218] INITIAL USE at: [ 36.880079][ T4218] lock_acquire+0x26c/0x7cc [ 36.881699][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.883443][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.885273][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.886985][ T4218] init_rescuer+0xa4/0x264 [ 36.888616][ T4218] workqueue_init+0x298/0x5b4 [ 36.890297][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.892074][ T4218] kernel_init+0x24/0x29c [ 36.893610][ T4218] ret_from_fork+0x10/0x20 [ 36.895251][ T4218] } [ 36.895894][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 36.898018][ T4218] ... acquired at: [ 36.898989][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.900348][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.901830][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.903068][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.904277][ T4218] get_dist_table+0xa0/0x354 [ 36.905503][ T4218] netem_change+0x754/0x1900 [ 36.906790][ T4218] netem_init+0x54/0xb8 [ 36.907946][ T4218] qdisc_create+0x70c/0xe64 [ 36.909198][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.910517][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.911858][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.913176][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.914364][ T4218] netlink_unicast+0x660/0x8d4 [ 36.915671][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.916964][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.918261][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.919496][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.920877][ T4218] invoke_syscall+0x98/0x2c0 [ 36.922095][ T4218] el0_svc_common+0x138/0x258 [ 36.923402][ T4218] do_el0_svc+0x64/0x218 [ 36.924575][ T4218] el0_svc+0x58/0x168 [ 36.925680][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.927027][ T4218] el0t_64_sync+0x18c/0x190 [ 36.928348][ T4218] [ 36.928916][ T4218] [ 36.928916][ T4218] stack backtrace: [ 36.930470][ T4218] CPU: 0 PID: 4218 Comm: syz-executor113 Not tainted 6.1.45-syzkaller #0 [ 36.932730][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.935451][ T4218] Call trace: [ 36.936333][ T4218] dump_backtrace+0x1c8/0x1f4 [ 36.937579][ T4218] show_stack+0x2c/0x3c [ 36.938676][ T4218] dump_stack_lvl+0x108/0x170 [ 36.939897][ T4218] dump_stack+0x1c/0x58 [ 36.940966][ T4218] __lock_acquire+0x6310/0x764c [ 36.942264][ T4218] lock_acquire+0x26c/0x7cc [ 36.943463][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.944766][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.946173][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.947413][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.948624][ T4218] get_dist_table+0xa0/0x354 [ 36.949837][ T4218] netem_change+0x754/0x1900 [ 36.951053][ T4218] netem_init+0x54/0xb8 [ 36.952145][ T4218] qdisc_create+0x70c/0xe64 [ 36.953351][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.954632][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.955933][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.957308][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.958480][ T4218] netlink_unicast+0x660/0x8d4 [ 36.959742][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.961024][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.962285][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.963483][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.964810][ T4218] invoke_syscall+0x98/0x2c0 [ 36.965989][ T4218] el0_svc_common+0x138/0x258 [ 36.967229][ T4218] do_el0_svc+0x64/0x218 [ 36.968355][ T4218] el0_svc+0x58/0x168 [ 36.969395][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.970779][ T4218] el0t_64_sync+0x18c/0x190 [ 36.972055][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 36.974452][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor113 [ 36.976842][ T4218] preempt_count: 201, expected: 0 [ 36.978085][ T4218] RCU nest depth: 0, expected: 0 [ 36.979320][ T4218] INFO: lockdep is turned off. [ 36.980505][ T4218] Preemption disabled at: [ 36.980514][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 36.983217][ T4218] CPU: 0 PID: 4218 Comm: syz-executor113 Not tainted 6.1.45-syzkaller #0 [ 36.985314][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.987920][ T4218] Call trace: [ 36.988758][ T4218] dump_backtrace+0x1c8/0x1f4 [ 36.989939][ T4218] show_stack+0x2c/0x3c [ 36.991025][ T4218] dump_stack_lvl+0x108/0x170 [ 36.992254][ T4218] dump_stack+0x1c/0x58 [ 36.993358][ T4218] __might_resched+0x37c/0x4d8 [ 36.994561][ T4218] __might_sleep+0x90/0xe4 [ 36.995693][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 36.997086][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.998251][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.999403][ T4218] get_dist_table+0xa0/0x354 [ 37.000579][ T4218] netem_change+0x754/0x1900 [ 37.001772][ T4218] netem_init+0x54/0xb8 [ 37.002831][ T4218] qdisc_create+0x70c/0xe64 [ 37.004017][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 37.005274][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.006517][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 37.007702][ T4218] rtnetlink_rcv+0x28/0x38 [ 37.008871][ T4218] netlink_unicast+0x660/0x8d4 [ 37.010121][ T4218] netlink_sendmsg+0x834/0xb18 [ 37.011347][ T4218] ____sys_sendmsg+0x558/0x844 [ 37.012561][ T4218] __sys_sendmsg+0x26c/0x33c [ 37.013770][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 37.015025][ T4218] invoke_syscall+0x98/0x2c0 [ 37.016270][ T4218] el0_svc_common+0x138/0x258 [ 37.017524][ T4218] do_el0_svc+0x64/0x218 [ 37.018610][ T4218] el0_svc+0x58/0x168 [ 37.019630][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 37.020952][ T4218] el0t_64_sync+0x18c/0x190