Warning: Permanently added '10.128.1.186' (ED25519) to the list of known hosts. executing program [ 36.812191][ T4225] [ 36.812856][ T4225] ===================================================== [ 36.814653][ T4225] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 36.816569][ T4225] 6.1.45-syzkaller #0 Not tainted [ 36.817894][ T4225] ----------------------------------------------------- [ 36.819671][ T4225] syz-executor245/4225 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 36.821731][ T4225] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 36.824222][ T4225] [ 36.824222][ T4225] and this task is already holding: [ 36.826130][ T4225] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.828489][ T4225] which would create a new lock dependency: [ 36.830044][ T4225] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 36.832044][ T4225] [ 36.832044][ T4225] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 36.834514][ T4225] (noop_qdisc.q.lock){+.-.}-{2:2} [ 36.834531][ T4225] [ 36.834531][ T4225] ... which became SOFTIRQ-irq-safe at: [ 36.837885][ T4225] lock_acquire+0x26c/0x7cc [ 36.839078][ T4225] _raw_spin_lock+0x54/0x6c [ 36.840253][ T4225] net_tx_action+0x6ec/0x94c [ 36.841478][ T4225] __do_softirq+0x30c/0xea0 [ 36.842701][ T4225] run_ksoftirqd+0x68/0x258 [ 36.843919][ T4225] smpboot_thread_fn+0x4b0/0x96c [ 36.845221][ T4225] kthread+0x250/0x2d8 [ 36.846317][ T4225] ret_from_fork+0x10/0x20 [ 36.847521][ T4225] [ 36.847521][ T4225] to a SOFTIRQ-irq-unsafe lock: [ 36.849413][ T4225] (fs_reclaim){+.+.}-{0:0} [ 36.849430][ T4225] [ 36.849430][ T4225] ... which became SOFTIRQ-irq-unsafe at: [ 36.852584][ T4225] ... [ 36.852590][ T4225] lock_acquire+0x26c/0x7cc [ 36.854405][ T4225] fs_reclaim_acquire+0x90/0x12c [ 36.855659][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 36.857064][ T4225] kmalloc_node_trace+0x44/0x90 [ 36.858351][ T4225] init_rescuer+0xa4/0x264 [ 36.859518][ T4225] workqueue_init+0x298/0x5b4 [ 36.860781][ T4225] kernel_init_freeable+0x33c/0x528 [ 36.862132][ T4225] kernel_init+0x24/0x29c [ 36.863297][ T4225] ret_from_fork+0x10/0x20 [ 36.864480][ T4225] [ 36.864480][ T4225] other info that might help us debug this: [ 36.864480][ T4225] [ 36.867093][ T4225] Possible interrupt unsafe locking scenario: [ 36.867093][ T4225] [ 36.869227][ T4225] CPU0 CPU1 [ 36.870675][ T4225] ---- ---- [ 36.872069][ T4225] lock(fs_reclaim); [ 36.873122][ T4225] local_irq_disable(); [ 36.874843][ T4225] lock(noop_qdisc.q.lock); [ 36.876777][ T4225] lock(fs_reclaim); [ 36.878456][ T4225] [ 36.879299][ T4225] lock(noop_qdisc.q.lock); [ 36.880562][ T4225] [ 36.880562][ T4225] *** DEADLOCK *** [ 36.880562][ T4225] [ 36.882699][ T4225] 2 locks held by syz-executor245/4225: [ 36.884122][ T4225] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 36.886649][ T4225] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.889250][ T4225] [ 36.889250][ T4225] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 36.891967][ T4225] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 36.893411][ T4225] HARDIRQ-ON-W at: [ 36.894490][ T4225] lock_acquire+0x26c/0x7cc [ 36.896123][ T4225] _raw_spin_lock+0x54/0x6c [ 36.897741][ T4225] __dev_queue_xmit+0xb14/0x38d8 [ 36.899488][ T4225] tx+0x90/0x134 [ 36.900849][ T4225] kthread+0x1ac/0x374 [ 36.902355][ T4225] kthread+0x250/0x2d8 [ 36.903865][ T4225] ret_from_fork+0x10/0x20 [ 36.905498][ T4225] IN-SOFTIRQ-W at: [ 36.906512][ T4225] lock_acquire+0x26c/0x7cc [ 36.908069][ T4225] _raw_spin_lock+0x54/0x6c [ 36.909708][ T4225] net_tx_action+0x6ec/0x94c [ 36.911303][ T4225] __do_softirq+0x30c/0xea0 [ 36.912853][ T4225] run_ksoftirqd+0x68/0x258 [ 36.914424][ T4225] smpboot_thread_fn+0x4b0/0x96c [ 36.916163][ T4225] kthread+0x250/0x2d8 [ 36.917680][ T4225] ret_from_fork+0x10/0x20 [ 36.919229][ T4225] INITIAL USE at: [ 36.920225][ T4225] lock_acquire+0x26c/0x7cc [ 36.921829][ T4225] _raw_spin_lock+0x54/0x6c [ 36.923387][ T4225] __dev_queue_xmit+0xb14/0x38d8 [ 36.925068][ T4225] tx+0x90/0x134 [ 36.926444][ T4225] kthread+0x1ac/0x374 [ 36.927947][ T4225] kthread+0x250/0x2d8 [ 36.929475][ T4225] ret_from_fork+0x10/0x20 [ 36.930953][ T4225] } [ 36.931617][ T4225] ... key at: [] noop_qdisc+0x108/0x320 [ 36.933612][ T4225] [ 36.933612][ T4225] the dependencies between the lock to be acquired [ 36.933619][ T4225] and SOFTIRQ-irq-unsafe lock: [ 36.937078][ T4225] -> (fs_reclaim){+.+.}-{0:0} { [ 36.938367][ T4225] HARDIRQ-ON-W at: [ 36.939429][ T4225] lock_acquire+0x26c/0x7cc [ 36.941091][ T4225] fs_reclaim_acquire+0x90/0x12c [ 36.942793][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 36.944665][ T4225] kmalloc_node_trace+0x44/0x90 [ 36.946397][ T4225] init_rescuer+0xa4/0x264 [ 36.947998][ T4225] workqueue_init+0x298/0x5b4 [ 36.949665][ T4225] kernel_init_freeable+0x33c/0x528 [ 36.951428][ T4225] kernel_init+0x24/0x29c [ 36.952948][ T4225] ret_from_fork+0x10/0x20 [ 36.954492][ T4225] SOFTIRQ-ON-W at: [ 36.955523][ T4225] lock_acquire+0x26c/0x7cc [ 36.957138][ T4225] fs_reclaim_acquire+0x90/0x12c [ 36.958868][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 36.960776][ T4225] kmalloc_node_trace+0x44/0x90 [ 36.962530][ T4225] init_rescuer+0xa4/0x264 [ 36.964147][ T4225] workqueue_init+0x298/0x5b4 [ 36.965774][ T4225] kernel_init_freeable+0x33c/0x528 [ 36.967549][ T4225] kernel_init+0x24/0x29c [ 36.969090][ T4225] ret_from_fork+0x10/0x20 [ 36.970654][ T4225] INITIAL USE at: [ 36.971712][ T4225] lock_acquire+0x26c/0x7cc [ 36.973293][ T4225] fs_reclaim_acquire+0x90/0x12c [ 36.975039][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 36.976894][ T4225] kmalloc_node_trace+0x44/0x90 [ 36.978563][ T4225] init_rescuer+0xa4/0x264 [ 36.980161][ T4225] workqueue_init+0x298/0x5b4 [ 36.981793][ T4225] kernel_init_freeable+0x33c/0x528 [ 36.983589][ T4225] kernel_init+0x24/0x29c [ 36.985154][ T4225] ret_from_fork+0x10/0x20 [ 36.986704][ T4225] } [ 36.987363][ T4225] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 36.989428][ T4225] ... acquired at: [ 36.990417][ T4225] fs_reclaim_acquire+0x90/0x12c [ 36.991727][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 36.993157][ T4225] __kmalloc_node+0xcc/0x1d0 [ 36.994432][ T4225] kvmalloc_node+0x84/0x1e4 [ 36.995697][ T4225] get_dist_table+0xa0/0x354 [ 36.996967][ T4225] netem_change+0x754/0x1900 [ 36.998227][ T4225] netem_init+0x54/0xb8 [ 36.999415][ T4225] qdisc_create+0x70c/0xe64 [ 37.000600][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 37.001875][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.003224][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 37.004460][ T4225] rtnetlink_rcv+0x28/0x38 [ 37.005636][ T4225] netlink_unicast+0x660/0x8d4 [ 37.006886][ T4225] netlink_sendmsg+0x834/0xb18 [ 37.008204][ T4225] ____sys_sendmsg+0x558/0x844 [ 37.009553][ T4225] __sys_sendmsg+0x26c/0x33c [ 37.010779][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 37.012144][ T4225] invoke_syscall+0x98/0x2c0 [ 37.013409][ T4225] el0_svc_common+0x138/0x258 [ 37.014636][ T4225] do_el0_svc+0x64/0x218 [ 37.015761][ T4225] el0_svc+0x58/0x168 [ 37.016821][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 37.018163][ T4225] el0t_64_sync+0x18c/0x190 [ 37.019436][ T4225] [ 37.020044][ T4225] [ 37.020044][ T4225] stack backtrace: [ 37.021617][ T4225] CPU: 1 PID: 4225 Comm: syz-executor245 Not tainted 6.1.45-syzkaller #0 [ 37.023837][ T4225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 37.026439][ T4225] Call trace: [ 37.027284][ T4225] dump_backtrace+0x1c8/0x1f4 [ 37.028512][ T4225] show_stack+0x2c/0x3c [ 37.029652][ T4225] dump_stack_lvl+0x108/0x170 [ 37.030869][ T4225] dump_stack+0x1c/0x58 [ 37.031950][ T4225] __lock_acquire+0x6310/0x764c [ 37.033191][ T4225] lock_acquire+0x26c/0x7cc [ 37.034391][ T4225] fs_reclaim_acquire+0x90/0x12c [ 37.035726][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 37.037172][ T4225] __kmalloc_node+0xcc/0x1d0 [ 37.038327][ T4225] kvmalloc_node+0x84/0x1e4 [ 37.039432][ T4225] get_dist_table+0xa0/0x354 [ 37.040588][ T4225] netem_change+0x754/0x1900 [ 37.041744][ T4225] netem_init+0x54/0xb8 [ 37.042827][ T4225] qdisc_create+0x70c/0xe64 [ 37.044008][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 37.045264][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.046558][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 37.047727][ T4225] rtnetlink_rcv+0x28/0x38 [ 37.048922][ T4225] netlink_unicast+0x660/0x8d4 [ 37.050153][ T4225] netlink_sendmsg+0x834/0xb18 [ 37.051373][ T4225] ____sys_sendmsg+0x558/0x844 [ 37.052582][ T4225] __sys_sendmsg+0x26c/0x33c [ 37.053735][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 37.055032][ T4225] invoke_syscall+0x98/0x2c0 [ 37.056238][ T4225] el0_svc_common+0x138/0x258 [ 37.057431][ T4225] do_el0_svc+0x64/0x218 [ 37.058534][ T4225] el0_svc+0x58/0x168 [ 37.059664][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 37.060947][ T4225] el0t_64_sync+0x18c/0x190 [ 37.062174][ T4225] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 37.064623][ T4225] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4225, name: syz-executor245 [ 37.066977][ T4225] preempt_count: 201, expected: 0 [ 37.068226][ T4225] RCU nest depth: 0, expected: 0 [ 37.069440][ T4225] INFO: lockdep is turned off. [ 37.070688][ T4225] Preemption disabled at: [ 37.070696][ T4225] [] sch_tree_lock+0x120/0x1d4 [ 37.073519][ T4225] CPU: 1 PID: 4225 Comm: syz-executor245 Not tainted 6.1.45-syzkaller #0 [ 37.075667][ T4225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 37.078237][ T4225] Call trace: [ 37.079080][ T4225] dump_backtrace+0x1c8/0x1f4 [ 37.080253][ T4225] show_stack+0x2c/0x3c [ 37.081340][ T4225] dump_stack_lvl+0x108/0x170 [ 37.082583][ T4225] dump_stack+0x1c/0x58 [ 37.083640][ T4225] __might_resched+0x37c/0x4d8 [ 37.084871][ T4225] __might_sleep+0x90/0xe4 [ 37.085963][ T4225] __kmem_cache_alloc_node+0x74/0x388 [ 37.087265][ T4225] __kmalloc_node+0xcc/0x1d0 [ 37.088436][ T4225] kvmalloc_node+0x84/0x1e4 [ 37.089625][ T4225] get_dist_table+0xa0/0x354 [ 37.090802][ T4225] netem_change+0x754/0x1900 [ 37.091966][ T4225] netem_init+0x54/0xb8 [ 37.093030][ T4225] qdisc_create+0x70c/0xe64 [ 37.094209][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 37.095435][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 37.096753][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 37.097964][ T4225] rtnetlink_rcv+0x28/0x38 [ 37.099072][ T4225] netlink_unicast+0x660/0x8d4 [ 37.100339][ T4225] netlink_sendmsg+0x834/0xb18 [ 37.101554][ T4225] ____sys_sendmsg+0x558/0x844 [ 37.102771][ T4225] __sys_sendmsg+0x26c/0x33c [ 37.103960][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 37.105234][ T4225] invoke_syscall+0x98/0x2c0 [ 37.106427][ T4225] el0_svc_common+0x138/0x258 [ 37.107613][ T4225] do_el0_svc+0x64/0x218 [ 37.108715][ T4225] el0_svc+0x58/0x168 [ 37.109764][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 37.111048][ T4225] el0t_64_sync+0x18c/0x190