Warning: Permanently added '10.128.1.9' (ED25519) to the list of known hosts. executing program [ 36.252822][ T4218] [ 36.253550][ T4218] ===================================================== [ 36.255397][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 36.257413][ T4218] 6.1.44-syzkaller #0 Not tainted [ 36.258804][ T4218] ----------------------------------------------------- [ 36.260640][ T4218] syz-executor337/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 36.262729][ T4218] ffff800015b3c2e0 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 36.265301][ T4218] [ 36.265301][ T4218] and this task is already holding: [ 36.267279][ T4218] ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.269790][ T4218] which would create a new lock dependency: [ 36.271371][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 36.273397][ T4218] [ 36.273397][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 36.275923][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 36.275941][ T4218] [ 36.275941][ T4218] ... which became SOFTIRQ-irq-safe at: [ 36.279405][ T4218] lock_acquire+0x26c/0x7cc [ 36.280614][ T4218] _raw_spin_lock+0x54/0x6c [ 36.281818][ T4218] net_tx_action+0x6ec/0x94c [ 36.283120][ T4218] __do_softirq+0x30c/0xea0 [ 36.284338][ T4218] ____do_softirq+0x14/0x20 [ 36.285591][ T4218] call_on_irq_stack+0x24/0x4c [ 36.286858][ T4218] do_softirq_own_stack+0x20/0x2c [ 36.288203][ T4218] do_softirq+0x120/0x20c [ 36.289418][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 36.290896][ T4218] local_bh_enable+0x28/0x34 [ 36.292105][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 36.293465][ T4218] dev_deactivate+0x13c/0x1fc [ 36.294764][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 36.296126][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 36.297635][ T4218] linkwatch_event+0x58/0x68 [ 36.298948][ T4218] process_one_work+0x7ac/0x1404 [ 36.300336][ T4218] worker_thread+0x8e4/0xfec [ 36.301586][ T4218] kthread+0x250/0x2d8 [ 36.302718][ T4218] ret_from_fork+0x10/0x20 [ 36.303956][ T4218] [ 36.303956][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 36.305799][ T4218] (fs_reclaim){+.+.}-{0:0} [ 36.305818][ T4218] [ 36.305818][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 36.309085][ T4218] ... [ 36.309091][ T4218] lock_acquire+0x26c/0x7cc [ 36.311108][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.312519][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.313953][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.315262][ T4218] init_rescuer+0xa4/0x264 [ 36.316482][ T4218] workqueue_init+0x298/0x5b4 [ 36.317758][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.319152][ T4218] kernel_init+0x24/0x29c [ 36.320343][ T4218] ret_from_fork+0x10/0x20 [ 36.321546][ T4218] [ 36.321546][ T4218] other info that might help us debug this: [ 36.321546][ T4218] [ 36.324225][ T4218] Possible interrupt unsafe locking scenario: [ 36.324225][ T4218] [ 36.326452][ T4218] CPU0 CPU1 [ 36.327880][ T4218] ---- ---- [ 36.329289][ T4218] lock(fs_reclaim); [ 36.330346][ T4218] local_irq_disable(); [ 36.332137][ T4218] lock(noop_qdisc.q.lock); [ 36.334017][ T4218] lock(fs_reclaim); [ 36.335802][ T4218] [ 36.336733][ T4218] lock(noop_qdisc.q.lock); [ 36.338050][ T4218] [ 36.338050][ T4218] *** DEADLOCK *** [ 36.338050][ T4218] [ 36.340264][ T4218] 2 locks held by syz-executor337/4218: [ 36.341748][ T4218] #0: ffff800017e6fcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 36.344265][ T4218] #1: ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.346791][ T4218] [ 36.346791][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 36.349544][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 36.351031][ T4218] HARDIRQ-ON-W at: [ 36.352129][ T4218] lock_acquire+0x26c/0x7cc [ 36.353757][ T4218] _raw_spin_lock+0x54/0x6c [ 36.355397][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 36.357138][ T4218] tx+0x90/0x134 [ 36.358499][ T4218] kthread+0x1ac/0x374 [ 36.360006][ T4218] kthread+0x250/0x2d8 [ 36.361527][ T4218] ret_from_fork+0x10/0x20 [ 36.363246][ T4218] IN-SOFTIRQ-W at: [ 36.364286][ T4218] lock_acquire+0x26c/0x7cc [ 36.365928][ T4218] _raw_spin_lock+0x54/0x6c [ 36.367621][ T4218] net_tx_action+0x6ec/0x94c [ 36.369286][ T4218] __do_softirq+0x30c/0xea0 [ 36.370971][ T4218] ____do_softirq+0x14/0x20 [ 36.372584][ T4218] call_on_irq_stack+0x24/0x4c [ 36.374358][ T4218] do_softirq_own_stack+0x20/0x2c [ 36.376208][ T4218] do_softirq+0x120/0x20c [ 36.377815][ T4218] __local_bh_enable_ip+0x2c0/0x4d0 [ 36.379668][ T4218] local_bh_enable+0x28/0x34 [ 36.381365][ T4218] dev_deactivate_many+0x3d4/0xa8c [ 36.383206][ T4218] dev_deactivate+0x13c/0x1fc [ 36.384877][ T4218] linkwatch_do_dev+0x29c/0x3a4 [ 36.386659][ T4218] __linkwatch_run_queue+0x3a0/0x700 [ 36.388490][ T4218] linkwatch_event+0x58/0x68 [ 36.390146][ T4218] process_one_work+0x7ac/0x1404 [ 36.391927][ T4218] worker_thread+0x8e4/0xfec [ 36.393599][ T4218] kthread+0x250/0x2d8 [ 36.395235][ T4218] ret_from_fork+0x10/0x20 [ 36.396910][ T4218] INITIAL USE at: [ 36.397973][ T4218] lock_acquire+0x26c/0x7cc [ 36.399620][ T4218] _raw_spin_lock+0x54/0x6c [ 36.401268][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 36.402978][ T4218] tx+0x90/0x134 [ 36.404344][ T4218] kthread+0x1ac/0x374 [ 36.405884][ T4218] kthread+0x250/0x2d8 [ 36.407462][ T4218] ret_from_fork+0x10/0x20 [ 36.409080][ T4218] } [ 36.409757][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 36.411661][ T4218] [ 36.411661][ T4218] the dependencies between the lock to be acquired [ 36.411668][ T4218] and SOFTIRQ-irq-unsafe lock: [ 36.414415][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 36.415371][ T4218] HARDIRQ-ON-W at: [ 36.416452][ T4218] lock_acquire+0x26c/0x7cc [ 36.418099][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.419873][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.421765][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.423508][ T4218] init_rescuer+0xa4/0x264 [ 36.425118][ T4218] workqueue_init+0x298/0x5b4 [ 36.426846][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.428741][ T4218] kernel_init+0x24/0x29c [ 36.430385][ T4218] ret_from_fork+0x10/0x20 [ 36.432065][ T4218] SOFTIRQ-ON-W at: [ 36.433173][ T4218] lock_acquire+0x26c/0x7cc [ 36.434910][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.436697][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.438587][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.440260][ T4218] init_rescuer+0xa4/0x264 [ 36.441867][ T4218] workqueue_init+0x298/0x5b4 [ 36.443563][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.445416][ T4218] kernel_init+0x24/0x29c [ 36.447069][ T4218] ret_from_fork+0x10/0x20 [ 36.448679][ T4218] INITIAL USE at: [ 36.449709][ T4218] lock_acquire+0x26c/0x7cc [ 36.451387][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.453125][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.455029][ T4218] kmalloc_node_trace+0x44/0x90 [ 36.456753][ T4218] init_rescuer+0xa4/0x264 [ 36.458358][ T4218] workqueue_init+0x298/0x5b4 [ 36.460010][ T4218] kernel_init_freeable+0x33c/0x528 [ 36.461824][ T4218] kernel_init+0x24/0x29c [ 36.463370][ T4218] ret_from_fork+0x10/0x20 [ 36.464995][ T4218] } [ 36.465662][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 36.467770][ T4218] ... acquired at: [ 36.468835][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.470192][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.471749][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.473015][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.474295][ T4218] get_dist_table+0xa0/0x354 [ 36.475598][ T4218] netem_change+0x7a4/0x1900 [ 36.476831][ T4218] netem_init+0x54/0xb8 [ 36.477980][ T4218] qdisc_create+0x70c/0xe64 [ 36.479272][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.480666][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.482044][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.483534][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.484817][ T4218] netlink_unicast+0x660/0x8d4 [ 36.486207][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.487518][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.488831][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.490056][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.491393][ T4218] invoke_syscall+0x98/0x2c0 [ 36.492655][ T4218] el0_svc_common+0x138/0x258 [ 36.493964][ T4218] do_el0_svc+0x64/0x218 [ 36.495207][ T4218] el0_svc+0x58/0x168 [ 36.496337][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.497754][ T4218] el0t_64_sync+0x18c/0x190 [ 36.499006][ T4218] [ 36.499619][ T4218] [ 36.499619][ T4218] stack backtrace: [ 36.501242][ T4218] CPU: 0 PID: 4218 Comm: syz-executor337 Not tainted 6.1.44-syzkaller #0 [ 36.503542][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.506257][ T4218] Call trace: [ 36.507119][ T4218] dump_backtrace+0x1c8/0x1f4 [ 36.508370][ T4218] show_stack+0x2c/0x3c [ 36.509443][ T4218] dump_stack_lvl+0x108/0x170 [ 36.510667][ T4218] dump_stack+0x1c/0x58 [ 36.511766][ T4218] __lock_acquire+0x6310/0x764c [ 36.513050][ T4218] lock_acquire+0x26c/0x7cc [ 36.514255][ T4218] fs_reclaim_acquire+0x90/0x12c [ 36.515580][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 36.517039][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.518299][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.519520][ T4218] get_dist_table+0xa0/0x354 [ 36.520739][ T4218] netem_change+0x7a4/0x1900 [ 36.521993][ T4218] netem_init+0x54/0xb8 [ 36.523103][ T4218] qdisc_create+0x70c/0xe64 [ 36.524313][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.525630][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.526950][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.528213][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.529387][ T4218] netlink_unicast+0x660/0x8d4 [ 36.530633][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.531864][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.533104][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.534344][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.535611][ T4218] invoke_syscall+0x98/0x2c0 [ 36.536832][ T4218] el0_svc_common+0x138/0x258 [ 36.538042][ T4218] do_el0_svc+0x64/0x218 [ 36.539216][ T4218] el0_svc+0x58/0x168 [ 36.540286][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.541648][ T4218] el0t_64_sync+0x18c/0x190 [ 36.542901][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 36.545325][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor337 [ 36.547775][ T4218] preempt_count: 201, expected: 0 [ 36.549063][ T4218] RCU nest depth: 0, expected: 0 [ 36.550411][ T4218] INFO: lockdep is turned off. [ 36.551603][ T4218] Preemption disabled at: [ 36.551612][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 36.554364][ T4218] CPU: 0 PID: 4218 Comm: syz-executor337 Not tainted 6.1.44-syzkaller #0 [ 36.556594][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.559163][ T4218] Call trace: [ 36.560052][ T4218] dump_backtrace+0x1c8/0x1f4 [ 36.561258][ T4218] show_stack+0x2c/0x3c [ 36.562331][ T4218] dump_stack_lvl+0x108/0x170 [ 36.563539][ T4218] dump_stack+0x1c/0x58 [ 36.564657][ T4218] __might_resched+0x37c/0x4d8 [ 36.565862][ T4218] __might_sleep+0x90/0xe4 [ 36.567057][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 36.568518][ T4218] __kmalloc_node+0xcc/0x1d0 [ 36.569703][ T4218] kvmalloc_node+0x84/0x1e4 [ 36.570889][ T4218] get_dist_table+0xa0/0x354 [ 36.572148][ T4218] netem_change+0x7a4/0x1900 [ 36.573375][ T4218] netem_init+0x54/0xb8 [ 36.574490][ T4218] qdisc_create+0x70c/0xe64 [ 36.575748][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 36.577047][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.578358][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 36.579633][ T4218] rtnetlink_rcv+0x28/0x38 [ 36.580811][ T4218] netlink_unicast+0x660/0x8d4 [ 36.582078][ T4218] netlink_sendmsg+0x834/0xb18 [ 36.583382][ T4218] ____sys_sendmsg+0x558/0x844 [ 36.584635][ T4218] __sys_sendmsg+0x26c/0x33c [ 36.585908][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 36.587256][ T4218] invoke_syscall+0x98/0x2c0 [ 36.588509][ T4218] el0_svc_common+0x138/0x258 [ 36.589713][ T4218] do_el0_svc+0x64/0x218 [ 36.590864][ T4218] el0_svc+0x58/0x168 [ 36.591966][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 36.593264][ T4218] el0t_64_sync+0x18c/0x190