Warning: Permanently added '10.128.0.242' (ED25519) to the list of known hosts. executing program [ 33.569884][ T4218] [ 33.570586][ T4218] ===================================================== [ 33.572429][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 33.574301][ T4218] 6.1.45-syzkaller #0 Not tainted [ 33.575537][ T4218] ----------------------------------------------------- [ 33.577342][ T4218] syz-executor405/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 33.579464][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 33.582056][ T4218] [ 33.582056][ T4218] and this task is already holding: [ 33.584069][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 33.586615][ T4218] which would create a new lock dependency: [ 33.588167][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 33.590247][ T4218] [ 33.590247][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 33.592804][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 33.592822][ T4218] [ 33.592822][ T4218] ... which became SOFTIRQ-irq-safe at: [ 33.596161][ T4218] lock_acquire+0x26c/0x7cc [ 33.597425][ T4218] _raw_spin_lock+0x54/0x6c [ 33.598628][ T4218] net_tx_action+0x6ec/0x94c [ 33.599873][ T4218] __do_softirq+0x30c/0xea0 [ 33.601112][ T4218] run_ksoftirqd+0x68/0x258 [ 33.602369][ T4218] smpboot_thread_fn+0x4b0/0x96c [ 33.603660][ T4218] kthread+0x250/0x2d8 [ 33.604770][ T4218] ret_from_fork+0x10/0x20 [ 33.605943][ T4218] [ 33.605943][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 33.607762][ T4218] (fs_reclaim){+.+.}-{0:0} [ 33.607781][ T4218] [ 33.607781][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 33.611001][ T4218] ... [ 33.611007][ T4218] lock_acquire+0x26c/0x7cc [ 33.612962][ T4218] fs_reclaim_acquire+0x90/0x12c [ 33.614363][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 33.615858][ T4218] kmalloc_node_trace+0x44/0x90 [ 33.617147][ T4218] init_rescuer+0xa4/0x264 [ 33.618337][ T4218] workqueue_init+0x298/0x5b4 [ 33.619602][ T4218] kernel_init_freeable+0x33c/0x528 [ 33.621072][ T4218] kernel_init+0x24/0x29c [ 33.622202][ T4218] ret_from_fork+0x10/0x20 [ 33.623408][ T4218] [ 33.623408][ T4218] other info that might help us debug this: [ 33.623408][ T4218] [ 33.626148][ T4218] Possible interrupt unsafe locking scenario: [ 33.626148][ T4218] [ 33.628345][ T4218] CPU0 CPU1 [ 33.629777][ T4218] ---- ---- [ 33.631223][ T4218] lock(fs_reclaim); [ 33.632387][ T4218] local_irq_disable(); [ 33.634151][ T4218] lock(noop_qdisc.q.lock); [ 33.636045][ T4218] lock(fs_reclaim); [ 33.637800][ T4218] [ 33.638681][ T4218] lock(noop_qdisc.q.lock); [ 33.639997][ T4218] [ 33.639997][ T4218] *** DEADLOCK *** [ 33.639997][ T4218] [ 33.642140][ T4218] 2 locks held by syz-executor405/4218: [ 33.643555][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 33.646043][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 33.648625][ T4218] [ 33.648625][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 33.651382][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 33.652874][ T4218] HARDIRQ-ON-W at: [ 33.653946][ T4218] lock_acquire+0x26c/0x7cc [ 33.655583][ T4218] _raw_spin_lock+0x54/0x6c [ 33.657215][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 33.659018][ T4218] tx+0x90/0x134 [ 33.660430][ T4218] kthread+0x1ac/0x374 [ 33.661991][ T4218] kthread+0x250/0x2d8 [ 33.663489][ T4218] ret_from_fork+0x10/0x20 [ 33.665117][ T4218] IN-SOFTIRQ-W at: [ 33.666190][ T4218] lock_acquire+0x26c/0x7cc [ 33.667893][ T4218] _raw_spin_lock+0x54/0x6c [ 33.669548][ T4218] net_tx_action+0x6ec/0x94c [ 33.671205][ T4218] __do_softirq+0x30c/0xea0 [ 33.672871][ T4218] run_ksoftirqd+0x68/0x258 [ 33.674566][ T4218] smpboot_thread_fn+0x4b0/0x96c [ 33.676331][ T4218] kthread+0x250/0x2d8 [ 33.677884][ T4218] ret_from_fork+0x10/0x20 [ 33.679516][ T4218] INITIAL USE at: [ 33.680555][ T4218] lock_acquire+0x26c/0x7cc [ 33.682128][ T4218] _raw_spin_lock+0x54/0x6c [ 33.683758][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 33.685507][ T4218] tx+0x90/0x134 [ 33.686894][ T4218] kthread+0x1ac/0x374 [ 33.688329][ T4218] kthread+0x250/0x2d8 [ 33.689890][ T4218] ret_from_fork+0x10/0x20 [ 33.691456][ T4218] } [ 33.692099][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 33.694153][ T4218] [ 33.694153][ T4218] the dependencies between the lock to be acquired [ 33.694159][ T4218] and SOFTIRQ-irq-unsafe lock: [ 33.697701][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 33.698978][ T4218] HARDIRQ-ON-W at: [ 33.700026][ T4218] lock_acquire+0x26c/0x7cc [ 33.701630][ T4218] fs_reclaim_acquire+0x90/0x12c [ 33.703405][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 33.705223][ T4218] kmalloc_node_trace+0x44/0x90 [ 33.706933][ T4218] init_rescuer+0xa4/0x264 [ 33.708473][ T4218] workqueue_init+0x298/0x5b4 [ 33.710142][ T4218] kernel_init_freeable+0x33c/0x528 [ 33.711993][ T4218] kernel_init+0x24/0x29c [ 33.713554][ T4218] ret_from_fork+0x10/0x20 [ 33.715196][ T4218] SOFTIRQ-ON-W at: [ 33.716245][ T4218] lock_acquire+0x26c/0x7cc [ 33.717881][ T4218] fs_reclaim_acquire+0x90/0x12c [ 33.719698][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 33.721552][ T4218] kmalloc_node_trace+0x44/0x90 [ 33.723270][ T4218] init_rescuer+0xa4/0x264 [ 33.724885][ T4218] workqueue_init+0x298/0x5b4 [ 33.726667][ T4218] kernel_init_freeable+0x33c/0x528 [ 33.728520][ T4218] kernel_init+0x24/0x29c [ 33.730106][ T4218] ret_from_fork+0x10/0x20 [ 33.731675][ T4218] INITIAL USE at: [ 33.732706][ T4218] lock_acquire+0x26c/0x7cc [ 33.734298][ T4218] fs_reclaim_acquire+0x90/0x12c [ 33.736020][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 33.737918][ T4218] kmalloc_node_trace+0x44/0x90 [ 33.739637][ T4218] init_rescuer+0xa4/0x264 [ 33.741194][ T4218] workqueue_init+0x298/0x5b4 [ 33.742854][ T4218] kernel_init_freeable+0x33c/0x528 [ 33.744624][ T4218] kernel_init+0x24/0x29c [ 33.746233][ T4218] ret_from_fork+0x10/0x20 [ 33.747787][ T4218] } [ 33.748431][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 33.750562][ T4218] ... acquired at: [ 33.751560][ T4218] fs_reclaim_acquire+0x90/0x12c [ 33.752943][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 33.754425][ T4218] __kmalloc_node+0xcc/0x1d0 [ 33.755601][ T4218] kvmalloc_node+0x84/0x1e4 [ 33.756821][ T4218] get_dist_table+0xa0/0x354 [ 33.758059][ T4218] netem_change+0x754/0x1900 [ 33.759312][ T4218] netem_init+0x54/0xb8 [ 33.760439][ T4218] qdisc_create+0x70c/0xe64 [ 33.761662][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 33.762978][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 33.764323][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 33.765601][ T4218] rtnetlink_rcv+0x28/0x38 [ 33.766825][ T4218] netlink_unicast+0x660/0x8d4 [ 33.768158][ T4218] netlink_sendmsg+0x834/0xb18 [ 33.769467][ T4218] ____sys_sendmsg+0x558/0x844 [ 33.770828][ T4218] __sys_sendmsg+0x26c/0x33c [ 33.772043][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 33.773359][ T4218] invoke_syscall+0x98/0x2c0 [ 33.774617][ T4218] el0_svc_common+0x138/0x258 [ 33.775857][ T4218] do_el0_svc+0x64/0x218 [ 33.777005][ T4218] el0_svc+0x58/0x168 [ 33.778107][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 33.779474][ T4218] el0t_64_sync+0x18c/0x190 [ 33.780722][ T4218] [ 33.781321][ T4218] [ 33.781321][ T4218] stack backtrace: [ 33.782824][ T4218] CPU: 1 PID: 4218 Comm: syz-executor405 Not tainted 6.1.45-syzkaller #0 [ 33.785015][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 33.787776][ T4218] Call trace: [ 33.788628][ T4218] dump_backtrace+0x1c8/0x1f4 [ 33.789839][ T4218] show_stack+0x2c/0x3c [ 33.790909][ T4218] dump_stack_lvl+0x108/0x170 [ 33.792075][ T4218] dump_stack+0x1c/0x58 [ 33.793148][ T4218] __lock_acquire+0x6310/0x764c [ 33.794439][ T4218] lock_acquire+0x26c/0x7cc [ 33.795553][ T4218] fs_reclaim_acquire+0x90/0x12c [ 33.796852][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 33.798216][ T4218] __kmalloc_node+0xcc/0x1d0 [ 33.799400][ T4218] kvmalloc_node+0x84/0x1e4 [ 33.800520][ T4218] get_dist_table+0xa0/0x354 [ 33.801639][ T4218] netem_change+0x754/0x1900 [ 33.802791][ T4218] netem_init+0x54/0xb8 [ 33.803842][ T4218] qdisc_create+0x70c/0xe64 [ 33.804966][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 33.806193][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 33.807402][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 33.808617][ T4218] rtnetlink_rcv+0x28/0x38 [ 33.809790][ T4218] netlink_unicast+0x660/0x8d4 [ 33.810977][ T4218] netlink_sendmsg+0x834/0xb18 [ 33.812155][ T4218] ____sys_sendmsg+0x558/0x844 [ 33.813311][ T4218] __sys_sendmsg+0x26c/0x33c [ 33.814425][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 33.815662][ T4218] invoke_syscall+0x98/0x2c0 [ 33.816840][ T4218] el0_svc_common+0x138/0x258 [ 33.818016][ T4218] do_el0_svc+0x64/0x218 [ 33.819077][ T4218] el0_svc+0x58/0x168 [ 33.820066][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 33.821339][ T4218] el0t_64_sync+0x18c/0x190 [ 33.822503][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 33.824837][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor405 [ 33.827195][ T4218] preempt_count: 201, expected: 0 [ 33.828439][ T4218] RCU nest depth: 0, expected: 0 [ 33.829753][ T4218] INFO: lockdep is turned off. [ 33.830934][ T4218] Preemption disabled at: [ 33.830943][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 33.833510][ T4218] CPU: 1 PID: 4218 Comm: syz-executor405 Not tainted 6.1.45-syzkaller #0 [ 33.835593][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 33.838073][ T4218] Call trace: [ 33.838906][ T4218] dump_backtrace+0x1c8/0x1f4 [ 33.840061][ T4218] show_stack+0x2c/0x3c [ 33.841115][ T4218] dump_stack_lvl+0x108/0x170 [ 33.842326][ T4218] dump_stack+0x1c/0x58 [ 33.843388][ T4218] __might_resched+0x37c/0x4d8 [ 33.844594][ T4218] __might_sleep+0x90/0xe4 [ 33.845723][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 33.847046][ T4218] __kmalloc_node+0xcc/0x1d0 [ 33.848181][ T4218] kvmalloc_node+0x84/0x1e4 [ 33.849366][ T4218] get_dist_table+0xa0/0x354 [ 33.850496][ T4218] netem_change+0x754/0x1900 [ 33.851651][ T4218] netem_init+0x54/0xb8 [ 33.852688][ T4218] qdisc_create+0x70c/0xe64 [ 33.853797][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 33.855051][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 33.856285][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 33.857467][ T4218] rtnetlink_rcv+0x28/0x38 [ 33.858627][ T4218] netlink_unicast+0x660/0x8d4 [ 33.859835][ T4218] netlink_sendmsg+0x834/0xb18 [ 33.861013][ T4218] ____sys_sendmsg+0x558/0x844 [ 33.862227][ T4218] __sys_sendmsg+0x26c/0x33c [ 33.863376][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 33.864643][ T4218] invoke_syscall+0x98/0x2c0 [ 33.865796][ T4218] el0_svc_common+0x138/0x258 [ 33.866976][ T4218] do_el0_svc+0x64/0x218 [ 33.868067][ T4218] el0_svc+0x58/0x168 [ 33.869076][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 33.870313][ T4218] el0t_64_sync+0x18c/0x190