Warning: Permanently added '10.128.1.142' (ED25519) to the list of known hosts. executing program [ 35.584454][ T4225] [ 35.585247][ T4225] ===================================================== [ 35.587185][ T4225] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.589225][ T4225] 6.1.44-syzkaller #0 Not tainted [ 35.590659][ T4225] ----------------------------------------------------- [ 35.592574][ T4225] syz-executor262/4225 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.594871][ T4225] ffff800015b3c2e0 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.597511][ T4225] [ 35.597511][ T4225] and this task is already holding: [ 35.599531][ T4225] ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.602104][ T4225] which would create a new lock dependency: [ 35.603732][ T4225] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.605851][ T4225] [ 35.605851][ T4225] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.608504][ T4225] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.608522][ T4225] [ 35.608522][ T4225] ... which became SOFTIRQ-irq-safe at: [ 35.612116][ T4225] lock_acquire+0x26c/0x7cc [ 35.613382][ T4225] _raw_spin_lock+0x54/0x6c [ 35.614649][ T4225] net_tx_action+0x6ec/0x94c [ 35.615934][ T4225] __do_softirq+0x30c/0xea0 [ 35.617186][ T4225] run_ksoftirqd+0x68/0x258 [ 35.618459][ T4225] smpboot_thread_fn+0x4b0/0x96c [ 35.619912][ T4225] kthread+0x250/0x2d8 [ 35.621102][ T4225] ret_from_fork+0x10/0x20 [ 35.622390][ T4225] [ 35.622390][ T4225] to a SOFTIRQ-irq-unsafe lock: [ 35.624299][ T4225] (fs_reclaim){+.+.}-{0:0} [ 35.624317][ T4225] [ 35.624317][ T4225] ... which became SOFTIRQ-irq-unsafe at: [ 35.627653][ T4225] ... [ 35.627658][ T4225] lock_acquire+0x26c/0x7cc [ 35.629596][ T4225] fs_reclaim_acquire+0x90/0x12c [ 35.631007][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 35.632534][ T4225] kmalloc_node_trace+0x44/0x90 [ 35.633895][ T4225] init_rescuer+0xa4/0x264 [ 35.635139][ T4225] workqueue_init+0x298/0x5b4 [ 35.636401][ T4225] kernel_init_freeable+0x33c/0x528 [ 35.637885][ T4225] kernel_init+0x24/0x29c [ 35.639113][ T4225] ret_from_fork+0x10/0x20 [ 35.640373][ T4225] [ 35.640373][ T4225] other info that might help us debug this: [ 35.640373][ T4225] [ 35.643250][ T4225] Possible interrupt unsafe locking scenario: [ 35.643250][ T4225] [ 35.645638][ T4225] CPU0 CPU1 [ 35.647131][ T4225] ---- ---- [ 35.648768][ T4225] lock(fs_reclaim); [ 35.649864][ T4225] local_irq_disable(); [ 35.651657][ T4225] lock(noop_qdisc.q.lock); [ 35.653621][ T4225] lock(fs_reclaim); [ 35.655418][ T4225] [ 35.656370][ T4225] lock(noop_qdisc.q.lock); [ 35.657765][ T4225] [ 35.657765][ T4225] *** DEADLOCK *** [ 35.657765][ T4225] [ 35.659929][ T4225] 2 locks held by syz-executor262/4225: [ 35.661443][ T4225] #0: ffff800017e6fcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.664096][ T4225] #1: ffff800017eb4748 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.666778][ T4225] [ 35.666778][ T4225] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.669708][ T4225] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.671277][ T4225] HARDIRQ-ON-W at: [ 35.672375][ T4225] lock_acquire+0x26c/0x7cc [ 35.674165][ T4225] _raw_spin_lock+0x54/0x6c [ 35.675934][ T4225] __dev_queue_xmit+0xb14/0x38d8 [ 35.677787][ T4225] tx+0x90/0x134 [ 35.679228][ T4225] kthread+0x1ac/0x374 [ 35.680834][ T4225] kthread+0x250/0x2d8 [ 35.682423][ T4225] ret_from_fork+0x10/0x20 [ 35.684144][ T4225] IN-SOFTIRQ-W at: [ 35.685251][ T4225] lock_acquire+0x26c/0x7cc [ 35.686961][ T4225] _raw_spin_lock+0x54/0x6c [ 35.688712][ T4225] net_tx_action+0x6ec/0x94c [ 35.690452][ T4225] __do_softirq+0x30c/0xea0 [ 35.692242][ T4225] run_ksoftirqd+0x68/0x258 [ 35.694031][ T4225] smpboot_thread_fn+0x4b0/0x96c [ 35.695854][ T4225] kthread+0x250/0x2d8 [ 35.697404][ T4225] ret_from_fork+0x10/0x20 [ 35.699074][ T4225] INITIAL USE at: [ 35.700166][ T4225] lock_acquire+0x26c/0x7cc [ 35.701878][ T4225] _raw_spin_lock+0x54/0x6c [ 35.703604][ T4225] __dev_queue_xmit+0xb14/0x38d8 [ 35.705455][ T4225] tx+0x90/0x134 [ 35.706881][ T4225] kthread+0x1ac/0x374 [ 35.708415][ T4225] kthread+0x250/0x2d8 [ 35.710005][ T4225] ret_from_fork+0x10/0x20 [ 35.711700][ T4225] } [ 35.712372][ T4225] ... key at: [] noop_qdisc+0x108/0x320 [ 35.714515][ T4225] [ 35.714515][ T4225] the dependencies between the lock to be acquired [ 35.714523][ T4225] and SOFTIRQ-irq-unsafe lock: [ 35.718278][ T4225] -> (fs_reclaim){+.+.}-{0:0} { [ 35.719644][ T4225] HARDIRQ-ON-W at: [ 35.720732][ T4225] lock_acquire+0x26c/0x7cc [ 35.722459][ T4225] fs_reclaim_acquire+0x90/0x12c [ 35.724332][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 35.726271][ T4225] kmalloc_node_trace+0x44/0x90 [ 35.728025][ T4225] init_rescuer+0xa4/0x264 [ 35.729755][ T4225] workqueue_init+0x298/0x5b4 [ 35.731540][ T4225] kernel_init_freeable+0x33c/0x528 [ 35.733424][ T4225] kernel_init+0x24/0x29c [ 35.735081][ T4225] ret_from_fork+0x10/0x20 [ 35.736753][ T4225] SOFTIRQ-ON-W at: [ 35.737830][ T4225] lock_acquire+0x26c/0x7cc [ 35.739535][ T4225] fs_reclaim_acquire+0x90/0x12c [ 35.741347][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 35.743290][ T4225] kmalloc_node_trace+0x44/0x90 [ 35.745081][ T4225] init_rescuer+0xa4/0x264 [ 35.746746][ T4225] workqueue_init+0x298/0x5b4 [ 35.748492][ T4225] kernel_init_freeable+0x33c/0x528 [ 35.750360][ T4225] kernel_init+0x24/0x29c [ 35.752011][ T4225] ret_from_fork+0x10/0x20 [ 35.753722][ T4225] INITIAL USE at: [ 35.754832][ T4225] lock_acquire+0x26c/0x7cc [ 35.756587][ T4225] fs_reclaim_acquire+0x90/0x12c [ 35.758394][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 35.760312][ T4225] kmalloc_node_trace+0x44/0x90 [ 35.762146][ T4225] init_rescuer+0xa4/0x264 [ 35.763823][ T4225] workqueue_init+0x298/0x5b4 [ 35.765586][ T4225] kernel_init_freeable+0x33c/0x528 [ 35.767477][ T4225] kernel_init+0x24/0x29c [ 35.769099][ T4225] ret_from_fork+0x10/0x20 [ 35.770767][ T4225] } [ 35.771429][ T4225] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 35.773612][ T4225] ... acquired at: [ 35.774645][ T4225] fs_reclaim_acquire+0x90/0x12c [ 35.776091][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 35.777688][ T4225] __kmalloc_node+0xcc/0x1d0 [ 35.779036][ T4225] kvmalloc_node+0x84/0x1e4 [ 35.780372][ T4225] get_dist_table+0xa0/0x354 [ 35.781695][ T4225] netem_change+0x754/0x1900 [ 35.783035][ T4225] netem_init+0x54/0xb8 [ 35.784220][ T4225] qdisc_create+0x70c/0xe64 [ 35.785455][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 35.786845][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.788233][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 35.789662][ T4225] rtnetlink_rcv+0x28/0x38 [ 35.790991][ T4225] netlink_unicast+0x660/0x8d4 [ 35.792429][ T4225] netlink_sendmsg+0x834/0xb18 [ 35.793839][ T4225] ____sys_sendmsg+0x558/0x844 [ 35.795192][ T4225] __sys_sendmsg+0x26c/0x33c [ 35.796523][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 35.797941][ T4225] invoke_syscall+0x98/0x2c0 [ 35.799250][ T4225] el0_svc_common+0x138/0x258 [ 35.800588][ T4225] do_el0_svc+0x64/0x218 [ 35.801800][ T4225] el0_svc+0x58/0x168 [ 35.802946][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 35.804360][ T4225] el0t_64_sync+0x18c/0x190 [ 35.805666][ T4225] [ 35.806294][ T4225] [ 35.806294][ T4225] stack backtrace: [ 35.807929][ T4225] CPU: 0 PID: 4225 Comm: syz-executor262 Not tainted 6.1.44-syzkaller #0 [ 35.810200][ T4225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.812925][ T4225] Call trace: [ 35.813836][ T4225] dump_backtrace+0x1c8/0x1f4 [ 35.815100][ T4225] show_stack+0x2c/0x3c [ 35.816284][ T4225] dump_stack_lvl+0x108/0x170 [ 35.817606][ T4225] dump_stack+0x1c/0x58 [ 35.818795][ T4225] __lock_acquire+0x6310/0x764c [ 35.820148][ T4225] lock_acquire+0x26c/0x7cc [ 35.821386][ T4225] fs_reclaim_acquire+0x90/0x12c [ 35.822740][ T4225] __kmem_cache_alloc_node+0x58/0x388 [ 35.824241][ T4225] __kmalloc_node+0xcc/0x1d0 [ 35.825507][ T4225] kvmalloc_node+0x84/0x1e4 [ 35.826758][ T4225] get_dist_table+0xa0/0x354 [ 35.828047][ T4225] netem_change+0x754/0x1900 [ 35.829365][ T4225] netem_init+0x54/0xb8 [ 35.830540][ T4225] qdisc_create+0x70c/0xe64 [ 35.831778][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 35.833098][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.834442][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 35.835778][ T4225] rtnetlink_rcv+0x28/0x38 [ 35.837002][ T4225] netlink_unicast+0x660/0x8d4 [ 35.838338][ T4225] netlink_sendmsg+0x834/0xb18 [ 35.839717][ T4225] ____sys_sendmsg+0x558/0x844 [ 35.841072][ T4225] __sys_sendmsg+0x26c/0x33c [ 35.842389][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 35.843793][ T4225] invoke_syscall+0x98/0x2c0 [ 35.845053][ T4225] el0_svc_common+0x138/0x258 [ 35.846337][ T4225] do_el0_svc+0x64/0x218 [ 35.847517][ T4225] el0_svc+0x58/0x168 [ 35.848634][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 35.850045][ T4225] el0t_64_sync+0x18c/0x190 [ 35.851389][ T4225] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.853831][ T4225] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4225, name: syz-executor262 [ 35.856184][ T4225] preempt_count: 201, expected: 0 [ 35.857408][ T4225] RCU nest depth: 0, expected: 0 [ 35.858678][ T4225] INFO: lockdep is turned off. [ 35.859974][ T4225] Preemption disabled at: [ 35.859983][ T4225] [] sch_tree_lock+0x120/0x1d4 [ 35.862862][ T4225] CPU: 0 PID: 4225 Comm: syz-executor262 Not tainted 6.1.44-syzkaller #0 [ 35.865044][ T4225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.867608][ T4225] Call trace: [ 35.868448][ T4225] dump_backtrace+0x1c8/0x1f4 [ 35.869697][ T4225] show_stack+0x2c/0x3c [ 35.870849][ T4225] dump_stack_lvl+0x108/0x170 [ 35.872085][ T4225] dump_stack+0x1c/0x58 [ 35.873235][ T4225] __might_resched+0x37c/0x4d8 [ 35.874526][ T4225] __might_sleep+0x90/0xe4 [ 35.875778][ T4225] __kmem_cache_alloc_node+0x74/0x388 [ 35.877306][ T4225] __kmalloc_node+0xcc/0x1d0 [ 35.878593][ T4225] kvmalloc_node+0x84/0x1e4 [ 35.879825][ T4225] get_dist_table+0xa0/0x354 [ 35.881056][ T4225] netem_change+0x754/0x1900 [ 35.882326][ T4225] netem_init+0x54/0xb8 [ 35.883415][ T4225] qdisc_create+0x70c/0xe64 [ 35.884631][ T4225] tc_modify_qdisc+0x9f0/0x1840 [ 35.885904][ T4225] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.887202][ T4225] netlink_rcv_skb+0x20c/0x3b8 [ 35.888441][ T4225] rtnetlink_rcv+0x28/0x38 [ 35.889607][ T4225] netlink_unicast+0x660/0x8d4 [ 35.890869][ T4225] netlink_sendmsg+0x834/0xb18 [ 35.892134][ T4225] ____sys_sendmsg+0x558/0x844 [ 35.893401][ T4225] __sys_sendmsg+0x26c/0x33c [ 35.894600][ T4225] __arm64_sys_sendmsg+0x80/0x94 [ 35.895938][ T4225] invoke_syscall+0x98/0x2c0 [ 35.897187][ T4225] el0_svc_common+0x138/0x258 [ 35.898393][ T4225] do_el0_svc+0x64/0x218 [ 35.899532][ T4225] el0_svc+0x58/0x168 [ 35.900613][ T4225] el0t_64_sync_handler+0x84/0xf0 [ 35.901955][ T4225] el0t_64_sync+0x18c/0x190