Warning: Permanently added '10.128.1.38' (ED25519) to the list of known hosts. executing program [ 35.774796][ T4226] [ 35.775350][ T4226] ===================================================== [ 35.776827][ T4226] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.778461][ T4226] 6.1.45-syzkaller #0 Not tainted [ 35.779577][ T4226] ----------------------------------------------------- [ 35.781165][ T4226] syz-executor222/4226 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.782912][ T4226] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.784946][ T4226] [ 35.784946][ T4226] and this task is already holding: [ 35.786507][ T4226] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.788457][ T4226] which would create a new lock dependency: [ 35.789693][ T4226] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.791272][ T4226] [ 35.791272][ T4226] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.793370][ T4226] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.793387][ T4226] [ 35.793387][ T4226] ... which became SOFTIRQ-irq-safe at: [ 35.796140][ T4226] lock_acquire+0x26c/0x7cc [ 35.797115][ T4226] _raw_spin_lock+0x54/0x6c [ 35.798061][ T4226] net_tx_action+0x6ec/0x94c [ 35.799088][ T4226] __do_softirq+0x30c/0xea0 [ 35.800034][ T4226] run_ksoftirqd+0x68/0x258 [ 35.800976][ T4226] smpboot_thread_fn+0x4b0/0x96c [ 35.802032][ T4226] kthread+0x250/0x2d8 [ 35.802847][ T4226] ret_from_fork+0x10/0x20 [ 35.803837][ T4226] [ 35.803837][ T4226] to a SOFTIRQ-irq-unsafe lock: [ 35.805250][ T4226] (fs_reclaim){+.+.}-{0:0} [ 35.805267][ T4226] [ 35.805267][ T4226] ... which became SOFTIRQ-irq-unsafe at: [ 35.808036][ T4226] ... [ 35.808041][ T4226] lock_acquire+0x26c/0x7cc [ 35.809546][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.810567][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.811704][ T4226] kmalloc_node_trace+0x44/0x90 [ 35.812784][ T4226] init_rescuer+0xa4/0x264 [ 35.813791][ T4226] workqueue_init+0x298/0x5b4 [ 35.814773][ T4226] kernel_init_freeable+0x33c/0x528 [ 35.815872][ T4226] kernel_init+0x24/0x29c [ 35.816802][ T4226] ret_from_fork+0x10/0x20 [ 35.817850][ T4226] [ 35.817850][ T4226] other info that might help us debug this: [ 35.817850][ T4226] [ 35.820188][ T4226] Possible interrupt unsafe locking scenario: [ 35.820188][ T4226] [ 35.821942][ T4226] CPU0 CPU1 [ 35.823070][ T4226] ---- ---- [ 35.824160][ T4226] lock(fs_reclaim); [ 35.825042][ T4226] local_irq_disable(); [ 35.826494][ T4226] lock(noop_qdisc.q.lock); [ 35.828053][ T4226] lock(fs_reclaim); [ 35.829422][ T4226] [ 35.830192][ T4226] lock(noop_qdisc.q.lock); [ 35.831215][ T4226] [ 35.831215][ T4226] *** DEADLOCK *** [ 35.831215][ T4226] [ 35.832913][ T4226] 2 locks held by syz-executor222/4226: [ 35.834004][ T4226] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.836063][ T4226] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.838173][ T4226] [ 35.838173][ T4226] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.840460][ T4226] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.841672][ T4226] HARDIRQ-ON-W at: [ 35.842515][ T4226] lock_acquire+0x26c/0x7cc [ 35.843850][ T4226] _raw_spin_lock+0x54/0x6c [ 35.845242][ T4226] __dev_queue_xmit+0xb14/0x38d8 [ 35.846617][ T4226] tx+0x90/0x134 [ 35.847717][ T4226] kthread+0x1ac/0x374 [ 35.848899][ T4226] kthread+0x250/0x2d8 [ 35.850180][ T4226] ret_from_fork+0x10/0x20 [ 35.851468][ T4226] IN-SOFTIRQ-W at: [ 35.852335][ T4226] lock_acquire+0x26c/0x7cc [ 35.853652][ T4226] _raw_spin_lock+0x54/0x6c [ 35.854901][ T4226] net_tx_action+0x6ec/0x94c [ 35.856294][ T4226] __do_softirq+0x30c/0xea0 [ 35.857654][ T4226] run_ksoftirqd+0x68/0x258 [ 35.858952][ T4226] smpboot_thread_fn+0x4b0/0x96c [ 35.860379][ T4226] kthread+0x250/0x2d8 [ 35.861649][ T4226] ret_from_fork+0x10/0x20 [ 35.863043][ T4226] INITIAL USE at: [ 35.863876][ T4226] lock_acquire+0x26c/0x7cc [ 35.865139][ T4226] _raw_spin_lock+0x54/0x6c [ 35.866511][ T4226] __dev_queue_xmit+0xb14/0x38d8 [ 35.867916][ T4226] tx+0x90/0x134 [ 35.868979][ T4226] kthread+0x1ac/0x374 [ 35.870142][ T4226] kthread+0x250/0x2d8 [ 35.871347][ T4226] ret_from_fork+0x10/0x20 [ 35.872558][ T4226] } [ 35.873066][ T4226] ... key at: [] noop_qdisc+0x108/0x320 [ 35.874731][ T4226] [ 35.874731][ T4226] the dependencies between the lock to be acquired [ 35.874737][ T4226] and SOFTIRQ-irq-unsafe lock: [ 35.877556][ T4226] -> (fs_reclaim){+.+.}-{0:0} { [ 35.878627][ T4226] HARDIRQ-ON-W at: [ 35.879507][ T4226] lock_acquire+0x26c/0x7cc [ 35.880731][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.882181][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.883663][ T4226] kmalloc_node_trace+0x44/0x90 [ 35.885123][ T4226] init_rescuer+0xa4/0x264 [ 35.886402][ T4226] workqueue_init+0x298/0x5b4 [ 35.887766][ T4226] kernel_init_freeable+0x33c/0x528 [ 35.889279][ T4226] kernel_init+0x24/0x29c [ 35.890547][ T4226] ret_from_fork+0x10/0x20 [ 35.891882][ T4226] SOFTIRQ-ON-W at: [ 35.892711][ T4226] lock_acquire+0x26c/0x7cc [ 35.893940][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.895431][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.897025][ T4226] kmalloc_node_trace+0x44/0x90 [ 35.898469][ T4226] init_rescuer+0xa4/0x264 [ 35.899731][ T4226] workqueue_init+0x298/0x5b4 [ 35.901153][ T4226] kernel_init_freeable+0x33c/0x528 [ 35.902677][ T4226] kernel_init+0x24/0x29c [ 35.904089][ T4226] ret_from_fork+0x10/0x20 [ 35.905332][ T4226] INITIAL USE at: [ 35.906147][ T4226] lock_acquire+0x26c/0x7cc [ 35.907390][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.908740][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.910322][ T4226] kmalloc_node_trace+0x44/0x90 [ 35.911683][ T4226] init_rescuer+0xa4/0x264 [ 35.912995][ T4226] workqueue_init+0x298/0x5b4 [ 35.914324][ T4226] kernel_init_freeable+0x33c/0x528 [ 35.915777][ T4226] kernel_init+0x24/0x29c [ 35.917074][ T4226] ret_from_fork+0x10/0x20 [ 35.918420][ T4226] } [ 35.918982][ T4226] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 35.920655][ T4226] ... acquired at: [ 35.921445][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.922573][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.923760][ T4226] __kmalloc_node+0xcc/0x1d0 [ 35.924884][ T4226] kvmalloc_node+0x84/0x1e4 [ 35.925883][ T4226] get_dist_table+0xa0/0x354 [ 35.926910][ T4226] netem_change+0x754/0x1900 [ 35.927956][ T4226] netem_init+0x54/0xb8 [ 35.928910][ T4226] qdisc_create+0x70c/0xe64 [ 35.929972][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 35.931070][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.932182][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 35.933337][ T4226] rtnetlink_rcv+0x28/0x38 [ 35.934314][ T4226] netlink_unicast+0x660/0x8d4 [ 35.935374][ T4226] netlink_sendmsg+0x834/0xb18 [ 35.936446][ T4226] ____sys_sendmsg+0x558/0x844 [ 35.937606][ T4226] __sys_sendmsg+0x26c/0x33c [ 35.938562][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 35.939668][ T4226] invoke_syscall+0x98/0x2c0 [ 35.940683][ T4226] el0_svc_common+0x138/0x258 [ 35.941771][ T4226] do_el0_svc+0x64/0x218 [ 35.942698][ T4226] el0_svc+0x58/0x168 [ 35.943568][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 35.944662][ T4226] el0t_64_sync+0x18c/0x190 [ 35.945601][ T4226] [ 35.946169][ T4226] [ 35.946169][ T4226] stack backtrace: [ 35.947415][ T4226] CPU: 1 PID: 4226 Comm: syz-executor222 Not tainted 6.1.45-syzkaller #0 [ 35.949335][ T4226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.951507][ T4226] Call trace: [ 35.952157][ T4226] dump_backtrace+0x1c8/0x1f4 [ 35.953181][ T4226] show_stack+0x2c/0x3c [ 35.954050][ T4226] dump_stack_lvl+0x108/0x170 [ 35.955020][ T4226] dump_stack+0x1c/0x58 [ 35.955963][ T4226] __lock_acquire+0x6310/0x764c [ 35.957023][ T4226] lock_acquire+0x26c/0x7cc [ 35.957993][ T4226] fs_reclaim_acquire+0x90/0x12c [ 35.959027][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 35.960068][ T4226] __kmalloc_node+0xcc/0x1d0 [ 35.961186][ T4226] kvmalloc_node+0x84/0x1e4 [ 35.962160][ T4226] get_dist_table+0xa0/0x354 [ 35.963051][ T4226] netem_change+0x754/0x1900 [ 35.964137][ T4226] netem_init+0x54/0xb8 [ 35.965023][ T4226] qdisc_create+0x70c/0xe64 [ 35.966062][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 35.967051][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.968181][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 35.969248][ T4226] rtnetlink_rcv+0x28/0x38 [ 35.970334][ T4226] netlink_unicast+0x660/0x8d4 [ 35.971398][ T4226] netlink_sendmsg+0x834/0xb18 [ 35.972446][ T4226] ____sys_sendmsg+0x558/0x844 [ 35.973474][ T4226] __sys_sendmsg+0x26c/0x33c [ 35.974566][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 35.975644][ T4226] invoke_syscall+0x98/0x2c0 [ 35.976725][ T4226] el0_svc_common+0x138/0x258 [ 35.977738][ T4226] do_el0_svc+0x64/0x218 [ 35.978679][ T4226] el0_svc+0x58/0x168 [ 35.979542][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 35.980553][ T4226] el0t_64_sync+0x18c/0x190 [ 35.981616][ T4226] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.983601][ T4226] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4226, name: syz-executor222 [ 35.985701][ T4226] preempt_count: 201, expected: 0 [ 35.986772][ T4226] RCU nest depth: 0, expected: 0 [ 35.987868][ T4226] INFO: lockdep is turned off. [ 35.988847][ T4226] Preemption disabled at: [ 35.988856][ T4226] [] sch_tree_lock+0x120/0x1d4 [ 35.991166][ T4226] CPU: 1 PID: 4226 Comm: syz-executor222 Not tainted 6.1.45-syzkaller #0 [ 35.992889][ T4226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.995090][ T4226] Call trace: [ 35.995813][ T4226] dump_backtrace+0x1c8/0x1f4 [ 35.996828][ T4226] show_stack+0x2c/0x3c [ 35.997777][ T4226] dump_stack_lvl+0x108/0x170 [ 35.998775][ T4226] dump_stack+0x1c/0x58 [ 35.999720][ T4226] __might_resched+0x37c/0x4d8 [ 36.000811][ T4226] __might_sleep+0x90/0xe4 [ 36.001904][ T4226] __kmem_cache_alloc_node+0x74/0x388 [ 36.003087][ T4226] __kmalloc_node+0xcc/0x1d0 [ 36.004062][ T4226] kvmalloc_node+0x84/0x1e4 [ 36.004972][ T4226] get_dist_table+0xa0/0x354 [ 36.005962][ T4226] netem_change+0x754/0x1900 [ 36.006967][ T4226] netem_init+0x54/0xb8 [ 36.007862][ T4226] qdisc_create+0x70c/0xe64 [ 36.008793][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 36.009861][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.010968][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 36.012014][ T4226] rtnetlink_rcv+0x28/0x38 [ 36.013002][ T4226] netlink_unicast+0x660/0x8d4 [ 36.014084][ T4226] netlink_sendmsg+0x834/0xb18 [ 36.015043][ T4226] ____sys_sendmsg+0x558/0x844 [ 36.016111][ T4226] __sys_sendmsg+0x26c/0x33c [ 36.017155][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 36.018259][ T4226] invoke_syscall+0x98/0x2c0 [ 36.019293][ T4226] el0_svc_common+0x138/0x258 [ 36.020278][ T4226] do_el0_svc+0x64/0x218 [ 36.021227][ T4226] el0_svc+0x58/0x168 [ 36.022137][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 36.023166][ T4226] el0t_64_sync+0x18c/0x190