Warning: Permanently added '10.128.0.71' (ED25519) to the list of known hosts. executing program [ 35.549931][ T4218] [ 35.550542][ T4218] ===================================================== [ 35.552370][ T4218] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.554223][ T4218] 6.1.45-syzkaller #0 Not tainted [ 35.555467][ T4218] ----------------------------------------------------- [ 35.557170][ T4218] syz-executor371/4218 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.559190][ T4218] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.561610][ T4218] [ 35.561610][ T4218] and this task is already holding: [ 35.563457][ T4218] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.565821][ T4218] which would create a new lock dependency: [ 35.567364][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.569298][ T4218] [ 35.569298][ T4218] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.571695][ T4218] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.571713][ T4218] [ 35.571713][ T4218] ... which became SOFTIRQ-irq-safe at: [ 35.574982][ T4218] lock_acquire+0x26c/0x7cc [ 35.576168][ T4218] _raw_spin_lock+0x54/0x6c [ 35.577352][ T4218] net_tx_action+0x6ec/0x94c [ 35.578580][ T4218] __do_softirq+0x30c/0xea0 [ 35.579748][ T4218] run_ksoftirqd+0x68/0x258 [ 35.580946][ T4218] smpboot_thread_fn+0x4b0/0x96c [ 35.582211][ T4218] kthread+0x250/0x2d8 [ 35.583285][ T4218] ret_from_fork+0x10/0x20 [ 35.584424][ T4218] [ 35.584424][ T4218] to a SOFTIRQ-irq-unsafe lock: [ 35.586232][ T4218] (fs_reclaim){+.+.}-{0:0} [ 35.586249][ T4218] [ 35.586249][ T4218] ... which became SOFTIRQ-irq-unsafe at: [ 35.589419][ T4218] ... [ 35.589425][ T4218] lock_acquire+0x26c/0x7cc [ 35.591294][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.592588][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.593988][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.595296][ T4218] init_rescuer+0xa4/0x264 [ 35.596446][ T4218] workqueue_init+0x298/0x5b4 [ 35.597671][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.599029][ T4218] kernel_init+0x24/0x29c [ 35.600147][ T4218] ret_from_fork+0x10/0x20 [ 35.601293][ T4218] [ 35.601293][ T4218] other info that might help us debug this: [ 35.601293][ T4218] [ 35.603966][ T4218] Possible interrupt unsafe locking scenario: [ 35.603966][ T4218] [ 35.606132][ T4218] CPU0 CPU1 [ 35.607514][ T4218] ---- ---- [ 35.608857][ T4218] lock(fs_reclaim); [ 35.609860][ T4218] local_irq_disable(); [ 35.611600][ T4218] lock(noop_qdisc.q.lock); [ 35.613458][ T4218] lock(fs_reclaim); [ 35.615095][ T4218] [ 35.615978][ T4218] lock(noop_qdisc.q.lock); [ 35.617198][ T4218] [ 35.617198][ T4218] *** DEADLOCK *** [ 35.617198][ T4218] [ 35.619260][ T4218] 2 locks held by syz-executor371/4218: [ 35.620625][ T4218] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.622999][ T4218] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.625385][ T4218] [ 35.625385][ T4218] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.627992][ T4218] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.629409][ T4218] HARDIRQ-ON-W at: [ 35.630432][ T4218] lock_acquire+0x26c/0x7cc [ 35.631966][ T4218] _raw_spin_lock+0x54/0x6c [ 35.633552][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 35.635275][ T4218] tx+0x90/0x134 [ 35.636618][ T4218] kthread+0x1ac/0x374 [ 35.638066][ T4218] kthread+0x250/0x2d8 [ 35.639559][ T4218] ret_from_fork+0x10/0x20 [ 35.641117][ T4218] IN-SOFTIRQ-W at: [ 35.642157][ T4218] lock_acquire+0x26c/0x7cc [ 35.643739][ T4218] _raw_spin_lock+0x54/0x6c [ 35.645301][ T4218] net_tx_action+0x6ec/0x94c [ 35.646904][ T4218] __do_softirq+0x30c/0xea0 [ 35.648501][ T4218] run_ksoftirqd+0x68/0x258 [ 35.650072][ T4218] smpboot_thread_fn+0x4b0/0x96c [ 35.651800][ T4218] kthread+0x250/0x2d8 [ 35.653263][ T4218] ret_from_fork+0x10/0x20 [ 35.654858][ T4218] INITIAL USE at: [ 35.655862][ T4218] lock_acquire+0x26c/0x7cc [ 35.657414][ T4218] _raw_spin_lock+0x54/0x6c [ 35.658981][ T4218] __dev_queue_xmit+0xb14/0x38d8 [ 35.660719][ T4218] tx+0x90/0x134 [ 35.662043][ T4218] kthread+0x1ac/0x374 [ 35.663512][ T4218] kthread+0x250/0x2d8 [ 35.664997][ T4218] ret_from_fork+0x10/0x20 [ 35.666540][ T4218] } [ 35.667214][ T4218] ... key at: [] noop_qdisc+0x108/0x320 [ 35.669210][ T4218] [ 35.669210][ T4218] the dependencies between the lock to be acquired [ 35.669217][ T4218] and SOFTIRQ-irq-unsafe lock: [ 35.672702][ T4218] -> (fs_reclaim){+.+.}-{0:0} { [ 35.673954][ T4218] HARDIRQ-ON-W at: [ 35.674967][ T4218] lock_acquire+0x26c/0x7cc [ 35.676538][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.678264][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.680113][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.681774][ T4218] init_rescuer+0xa4/0x264 [ 35.683322][ T4218] workqueue_init+0x298/0x5b4 [ 35.684949][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.686740][ T4218] kernel_init+0x24/0x29c [ 35.688297][ T4218] ret_from_fork+0x10/0x20 [ 35.689854][ T4218] SOFTIRQ-ON-W at: [ 35.690854][ T4218] lock_acquire+0x26c/0x7cc [ 35.692429][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.694179][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.695974][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.697667][ T4218] init_rescuer+0xa4/0x264 [ 35.699280][ T4218] workqueue_init+0x298/0x5b4 [ 35.700917][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.702704][ T4218] kernel_init+0x24/0x29c [ 35.704227][ T4218] ret_from_fork+0x10/0x20 [ 35.705790][ T4218] INITIAL USE at: [ 35.706778][ T4218] lock_acquire+0x26c/0x7cc [ 35.708351][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.710018][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.711808][ T4218] kmalloc_node_trace+0x44/0x90 [ 35.713476][ T4218] init_rescuer+0xa4/0x264 [ 35.715058][ T4218] workqueue_init+0x298/0x5b4 [ 35.716733][ T4218] kernel_init_freeable+0x33c/0x528 [ 35.718476][ T4218] kernel_init+0x24/0x29c [ 35.720035][ T4218] ret_from_fork+0x10/0x20 [ 35.721600][ T4218] } [ 35.722240][ T4218] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 35.724305][ T4218] ... acquired at: [ 35.725281][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.726606][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.728049][ T4218] __kmalloc_node+0xcc/0x1d0 [ 35.729247][ T4218] kvmalloc_node+0x84/0x1e4 [ 35.730481][ T4218] get_dist_table+0xa0/0x354 [ 35.731720][ T4218] netem_change+0x754/0x1900 [ 35.732931][ T4218] netem_init+0x54/0xb8 [ 35.734038][ T4218] qdisc_create+0x70c/0xe64 [ 35.735279][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 35.736574][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.737874][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 35.739142][ T4218] rtnetlink_rcv+0x28/0x38 [ 35.740348][ T4218] netlink_unicast+0x660/0x8d4 [ 35.741611][ T4218] netlink_sendmsg+0x834/0xb18 [ 35.742853][ T4218] ____sys_sendmsg+0x558/0x844 [ 35.744124][ T4218] __sys_sendmsg+0x26c/0x33c [ 35.745339][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 35.746642][ T4218] invoke_syscall+0x98/0x2c0 [ 35.747901][ T4218] el0_svc_common+0x138/0x258 [ 35.749128][ T4218] do_el0_svc+0x64/0x218 [ 35.750234][ T4218] el0_svc+0x58/0x168 [ 35.751338][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 35.752662][ T4218] el0t_64_sync+0x18c/0x190 [ 35.753837][ T4218] [ 35.754501][ T4218] [ 35.754501][ T4218] stack backtrace: [ 35.755999][ T4218] CPU: 1 PID: 4218 Comm: syz-executor371 Not tainted 6.1.45-syzkaller #0 [ 35.758224][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.760907][ T4218] Call trace: [ 35.761750][ T4218] dump_backtrace+0x1c8/0x1f4 [ 35.762974][ T4218] show_stack+0x2c/0x3c [ 35.764055][ T4218] dump_stack_lvl+0x108/0x170 [ 35.765271][ T4218] dump_stack+0x1c/0x58 [ 35.766354][ T4218] __lock_acquire+0x6310/0x764c [ 35.767639][ T4218] lock_acquire+0x26c/0x7cc [ 35.768791][ T4218] fs_reclaim_acquire+0x90/0x12c [ 35.770120][ T4218] __kmem_cache_alloc_node+0x58/0x388 [ 35.771543][ T4218] __kmalloc_node+0xcc/0x1d0 [ 35.772733][ T4218] kvmalloc_node+0x84/0x1e4 [ 35.773925][ T4218] get_dist_table+0xa0/0x354 [ 35.775145][ T4218] netem_change+0x754/0x1900 [ 35.776365][ T4218] netem_init+0x54/0xb8 [ 35.777457][ T4218] qdisc_create+0x70c/0xe64 [ 35.778656][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 35.779916][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.781222][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 35.782528][ T4218] rtnetlink_rcv+0x28/0x38 [ 35.783660][ T4218] netlink_unicast+0x660/0x8d4 [ 35.784869][ T4218] netlink_sendmsg+0x834/0xb18 [ 35.786119][ T4218] ____sys_sendmsg+0x558/0x844 [ 35.787353][ T4218] __sys_sendmsg+0x26c/0x33c [ 35.788545][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 35.789845][ T4218] invoke_syscall+0x98/0x2c0 [ 35.791021][ T4218] el0_svc_common+0x138/0x258 [ 35.792245][ T4218] do_el0_svc+0x64/0x218 [ 35.793397][ T4218] el0_svc+0x58/0x168 [ 35.794435][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 35.795778][ T4218] el0t_64_sync+0x18c/0x190 [ 35.796964][ T4218] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.799373][ T4218] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4218, name: syz-executor371 [ 35.801864][ T4218] preempt_count: 201, expected: 0 [ 35.803176][ T4218] RCU nest depth: 0, expected: 0 [ 35.804455][ T4218] INFO: lockdep is turned off. [ 35.805670][ T4218] Preemption disabled at: [ 35.805680][ T4218] [] sch_tree_lock+0x120/0x1d4 [ 35.808351][ T4218] CPU: 1 PID: 4218 Comm: syz-executor371 Not tainted 6.1.45-syzkaller #0 [ 35.810484][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.813091][ T4218] Call trace: [ 35.813966][ T4218] dump_backtrace+0x1c8/0x1f4 [ 35.815206][ T4218] show_stack+0x2c/0x3c [ 35.816304][ T4218] dump_stack_lvl+0x108/0x170 [ 35.817509][ T4218] dump_stack+0x1c/0x58 [ 35.818625][ T4218] __might_resched+0x37c/0x4d8 [ 35.819874][ T4218] __might_sleep+0x90/0xe4 [ 35.821034][ T4218] __kmem_cache_alloc_node+0x74/0x388 [ 35.822429][ T4218] __kmalloc_node+0xcc/0x1d0 [ 35.823657][ T4218] kvmalloc_node+0x84/0x1e4 [ 35.824840][ T4218] get_dist_table+0xa0/0x354 [ 35.826064][ T4218] netem_change+0x754/0x1900 [ 35.827304][ T4218] netem_init+0x54/0xb8 [ 35.828411][ T4218] qdisc_create+0x70c/0xe64 [ 35.829607][ T4218] tc_modify_qdisc+0x9f0/0x1840 [ 35.830881][ T4218] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.832192][ T4218] netlink_rcv_skb+0x20c/0x3b8 [ 35.833415][ T4218] rtnetlink_rcv+0x28/0x38 [ 35.834570][ T4218] netlink_unicast+0x660/0x8d4 [ 35.835822][ T4218] netlink_sendmsg+0x834/0xb18 [ 35.837151][ T4218] ____sys_sendmsg+0x558/0x844 [ 35.838385][ T4218] __sys_sendmsg+0x26c/0x33c [ 35.839559][ T4218] __arm64_sys_sendmsg+0x80/0x94 [ 35.840897][ T4218] invoke_syscall+0x98/0x2c0 [ 35.842109][ T4218] el0_svc_common+0x138/0x258 [ 35.843301][ T4218] do_el0_svc+0x64/0x218 [ 35.844424][ T4218] el0_svc+0x58/0x168 [ 35.845470][ T4218] el0t_64_sync_handler+0x84/0xf0 [ 35.846795][ T4218] el0t_64_sync+0x18c/0x190