Warning: Permanently added '10.128.1.37' (ED25519) to the list of known hosts. executing program [ 35.451828][ T4226] [ 35.452512][ T4226] ===================================================== [ 35.454258][ T4226] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.456067][ T4226] 6.1.45-syzkaller #0 Not tainted [ 35.457318][ T4226] ----------------------------------------------------- [ 35.459048][ T4226] syz-executor125/4226 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.461070][ T4226] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.463464][ T4226] [ 35.463464][ T4226] and this task is already holding: [ 35.465312][ T4226] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.467635][ T4226] which would create a new lock dependency: [ 35.469058][ T4226] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.470972][ T4226] [ 35.470972][ T4226] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.473318][ T4226] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.473335][ T4226] [ 35.473335][ T4226] ... which became SOFTIRQ-irq-safe at: [ 35.476555][ T4226] lock_acquire+0x26c/0x7cc [ 35.477718][ T4226] _raw_spin_lock+0x54/0x6c [ 35.478911][ T4226] net_tx_action+0x6ec/0x94c [ 35.480047][ T4226] __do_softirq+0x30c/0xea0 [ 35.481182][ T4226] run_ksoftirqd+0x68/0x258 [ 35.482301][ T4226] smpboot_thread_fn+0x4b0/0x96c [ 35.483563][ T4226] kthread+0x250/0x2d8 [ 35.484586][ T4226] ret_from_fork+0x10/0x20 [ 35.485708][ T4226] [ 35.485708][ T4226] to a SOFTIRQ-irq-unsafe lock: [ 35.487506][ T4226] (fs_reclaim){+.+.}-{0:0} [ 35.487523][ T4226] [ 35.487523][ T4226] ... which became SOFTIRQ-irq-unsafe at: [ 35.490564][ T4226] ... [ 35.490570][ T4226] lock_acquire+0x26c/0x7cc [ 35.492325][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.493579][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.494930][ T4226] kmalloc_node_trace+0x44/0x90 [ 35.496135][ T4226] init_rescuer+0xa4/0x264 [ 35.497295][ T4226] workqueue_init+0x298/0x5b4 [ 35.498463][ T4226] kernel_init_freeable+0x33c/0x528 [ 35.499786][ T4226] kernel_init+0x24/0x29c [ 35.500842][ T4226] ret_from_fork+0x10/0x20 [ 35.501980][ T4226] [ 35.501980][ T4226] other info that might help us debug this: [ 35.501980][ T4226] [ 35.504535][ T4226] Possible interrupt unsafe locking scenario: [ 35.504535][ T4226] [ 35.506557][ T4226] CPU0 CPU1 [ 35.507885][ T4226] ---- ---- [ 35.509172][ T4226] lock(fs_reclaim); [ 35.510155][ T4226] local_irq_disable(); [ 35.511761][ T4226] lock(noop_qdisc.q.lock); [ 35.513523][ T4226] lock(fs_reclaim); [ 35.515172][ T4226] [ 35.516012][ T4226] lock(noop_qdisc.q.lock); [ 35.517203][ T4226] [ 35.517203][ T4226] *** DEADLOCK *** [ 35.517203][ T4226] [ 35.519211][ T4226] 2 locks held by syz-executor125/4226: [ 35.520569][ T4226] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.522958][ T4226] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.525342][ T4226] [ 35.525342][ T4226] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.528000][ T4226] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.529388][ T4226] HARDIRQ-ON-W at: [ 35.530370][ T4226] lock_acquire+0x26c/0x7cc [ 35.531881][ T4226] _raw_spin_lock+0x54/0x6c [ 35.533399][ T4226] __dev_queue_xmit+0xb14/0x38d8 [ 35.535051][ T4226] tx+0x90/0x134 [ 35.536331][ T4226] kthread+0x1ac/0x374 [ 35.537775][ T4226] kthread+0x250/0x2d8 [ 35.539189][ T4226] ret_from_fork+0x10/0x20 [ 35.540774][ T4226] IN-SOFTIRQ-W at: [ 35.541733][ T4226] lock_acquire+0x26c/0x7cc [ 35.543227][ T4226] _raw_spin_lock+0x54/0x6c [ 35.544762][ T4226] net_tx_action+0x6ec/0x94c [ 35.546356][ T4226] __do_softirq+0x30c/0xea0 [ 35.547931][ T4226] run_ksoftirqd+0x68/0x258 [ 35.549437][ T4226] smpboot_thread_fn+0x4b0/0x96c [ 35.551087][ T4226] kthread+0x250/0x2d8 [ 35.552498][ T4226] ret_from_fork+0x10/0x20 [ 35.554023][ T4226] INITIAL USE at: [ 35.554976][ T4226] lock_acquire+0x26c/0x7cc [ 35.556545][ T4226] _raw_spin_lock+0x54/0x6c [ 35.558084][ T4226] __dev_queue_xmit+0xb14/0x38d8 [ 35.559729][ T4226] tx+0x90/0x134 [ 35.561019][ T4226] kthread+0x1ac/0x374 [ 35.562419][ T4226] kthread+0x250/0x2d8 [ 35.563864][ T4226] ret_from_fork+0x10/0x20 [ 35.565389][ T4226] } [ 35.565997][ T4226] ... key at: [] noop_qdisc+0x108/0x320 [ 35.567952][ T4226] [ 35.567952][ T4226] the dependencies between the lock to be acquired [ 35.567959][ T4226] and SOFTIRQ-irq-unsafe lock: [ 35.571466][ T4226] -> (fs_reclaim){+.+.}-{0:0} { [ 35.572724][ T4226] HARDIRQ-ON-W at: [ 35.573693][ T4226] lock_acquire+0x26c/0x7cc [ 35.575250][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.576913][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.578675][ T4226] kmalloc_node_trace+0x44/0x90 [ 35.580305][ T4226] init_rescuer+0xa4/0x264 [ 35.581781][ T4226] workqueue_init+0x298/0x5b4 [ 35.583347][ T4226] kernel_init_freeable+0x33c/0x528 [ 35.585035][ T4226] kernel_init+0x24/0x29c [ 35.586495][ T4226] ret_from_fork+0x10/0x20 [ 35.588010][ T4226] SOFTIRQ-ON-W at: [ 35.588972][ T4226] lock_acquire+0x26c/0x7cc [ 35.590480][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.592137][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.593915][ T4226] kmalloc_node_trace+0x44/0x90 [ 35.595496][ T4226] init_rescuer+0xa4/0x264 [ 35.596956][ T4226] workqueue_init+0x298/0x5b4 [ 35.598544][ T4226] kernel_init_freeable+0x33c/0x528 [ 35.600291][ T4226] kernel_init+0x24/0x29c [ 35.601765][ T4226] ret_from_fork+0x10/0x20 [ 35.603260][ T4226] INITIAL USE at: [ 35.604217][ T4226] lock_acquire+0x26c/0x7cc [ 35.605716][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.607372][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.609113][ T4226] kmalloc_node_trace+0x44/0x90 [ 35.610729][ T4226] init_rescuer+0xa4/0x264 [ 35.612448][ T4226] workqueue_init+0x298/0x5b4 [ 35.614023][ T4226] kernel_init_freeable+0x33c/0x528 [ 35.615747][ T4226] kernel_init+0x24/0x29c [ 35.617233][ T4226] ret_from_fork+0x10/0x20 [ 35.618731][ T4226] } [ 35.619315][ T4226] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 35.621287][ T4226] ... acquired at: [ 35.622230][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.623502][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.624938][ T4226] __kmalloc_node+0xcc/0x1d0 [ 35.626140][ T4226] kvmalloc_node+0x84/0x1e4 [ 35.627312][ T4226] get_dist_table+0xa0/0x354 [ 35.628524][ T4226] netem_change+0x754/0x1900 [ 35.629712][ T4226] netem_init+0x54/0xb8 [ 35.630825][ T4226] qdisc_create+0x70c/0xe64 [ 35.632021][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 35.633287][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.634563][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 35.635800][ T4226] rtnetlink_rcv+0x28/0x38 [ 35.636940][ T4226] netlink_unicast+0x660/0x8d4 [ 35.638167][ T4226] netlink_sendmsg+0x834/0xb18 [ 35.639389][ T4226] ____sys_sendmsg+0x558/0x844 [ 35.640592][ T4226] __sys_sendmsg+0x26c/0x33c [ 35.641775][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 35.643020][ T4226] invoke_syscall+0x98/0x2c0 [ 35.644206][ T4226] el0_svc_common+0x138/0x258 [ 35.645422][ T4226] do_el0_svc+0x64/0x218 [ 35.646499][ T4226] el0_svc+0x58/0x168 [ 35.647479][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 35.648791][ T4226] el0t_64_sync+0x18c/0x190 [ 35.649958][ T4226] [ 35.650519][ T4226] [ 35.650519][ T4226] stack backtrace: [ 35.652003][ T4226] CPU: 1 PID: 4226 Comm: syz-executor125 Not tainted 6.1.45-syzkaller #0 [ 35.654135][ T4226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.656620][ T4226] Call trace: [ 35.657418][ T4226] dump_backtrace+0x1c8/0x1f4 [ 35.658637][ T4226] show_stack+0x2c/0x3c [ 35.659687][ T4226] dump_stack_lvl+0x108/0x170 [ 35.660846][ T4226] dump_stack+0x1c/0x58 [ 35.661885][ T4226] __lock_acquire+0x6310/0x764c [ 35.663104][ T4226] lock_acquire+0x26c/0x7cc [ 35.664248][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.665473][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.666829][ T4226] __kmalloc_node+0xcc/0x1d0 [ 35.667987][ T4226] kvmalloc_node+0x84/0x1e4 [ 35.669098][ T4226] get_dist_table+0xa0/0x354 [ 35.670258][ T4226] netem_change+0x754/0x1900 [ 35.671389][ T4226] netem_init+0x54/0xb8 [ 35.672442][ T4226] qdisc_create+0x70c/0xe64 [ 35.673546][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 35.674808][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.676031][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 35.677217][ T4226] rtnetlink_rcv+0x28/0x38 [ 35.678334][ T4226] netlink_unicast+0x660/0x8d4 [ 35.679531][ T4226] netlink_sendmsg+0x834/0xb18 [ 35.680716][ T4226] ____sys_sendmsg+0x558/0x844 [ 35.681912][ T4226] __sys_sendmsg+0x26c/0x33c [ 35.683047][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 35.684323][ T4226] invoke_syscall+0x98/0x2c0 [ 35.685463][ T4226] el0_svc_common+0x138/0x258 [ 35.686616][ T4226] do_el0_svc+0x64/0x218 [ 35.687722][ T4226] el0_svc+0x58/0x168 [ 35.688729][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 35.689986][ T4226] el0t_64_sync+0x18c/0x190 [ 35.691172][ T4226] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.693461][ T4226] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4226, name: syz-executor125 [ 35.695759][ T4226] preempt_count: 201, expected: 0 [ 35.697064][ T4226] RCU nest depth: 0, expected: 0 [ 35.698245][ T4226] INFO: lockdep is turned off. [ 35.699402][ T4226] Preemption disabled at: [ 35.699410][ T4226] [] sch_tree_lock+0x120/0x1d4 [ 35.702059][ T4226] CPU: 1 PID: 4226 Comm: syz-executor125 Not tainted 6.1.45-syzkaller #0 [ 35.704102][ T4226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.706525][ T4226] Call trace: [ 35.707313][ T4226] dump_backtrace+0x1c8/0x1f4 [ 35.708456][ T4226] show_stack+0x2c/0x3c [ 35.709471][ T4226] dump_stack_lvl+0x108/0x170 [ 35.710626][ T4226] dump_stack+0x1c/0x58 [ 35.711700][ T4226] __might_resched+0x37c/0x4d8 [ 35.712878][ T4226] __might_sleep+0x90/0xe4 [ 35.713970][ T4226] __kmem_cache_alloc_node+0x74/0x388 [ 35.715349][ T4226] __kmalloc_node+0xcc/0x1d0 [ 35.716489][ T4226] kvmalloc_node+0x84/0x1e4 [ 35.717602][ T4226] get_dist_table+0xa0/0x354 [ 35.718745][ T4226] netem_change+0x754/0x1900 [ 35.719867][ T4226] netem_init+0x54/0xb8 [ 35.720916][ T4226] qdisc_create+0x70c/0xe64 [ 35.722057][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 35.723285][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.724519][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 35.725704][ T4226] rtnetlink_rcv+0x28/0x38 [ 35.726796][ T4226] netlink_unicast+0x660/0x8d4 [ 35.727985][ T4226] netlink_sendmsg+0x834/0xb18 [ 35.729127][ T4226] ____sys_sendmsg+0x558/0x844 [ 35.730299][ T4226] __sys_sendmsg+0x26c/0x33c [ 35.731453][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 35.732732][ T4226] invoke_syscall+0x98/0x2c0 [ 35.733883][ T4226] el0_svc_common+0x138/0x258 [ 35.735075][ T4226] do_el0_svc+0x64/0x218 [ 35.736145][ T4226] el0_svc+0x58/0x168 [ 35.737121][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 35.738337][ T4226] el0t_64_sync+0x18c/0x190