Warning: Permanently added '10.128.0.55' (ED25519) to the list of known hosts. executing program [ 35.534375][ T4217] [ 35.535028][ T4217] ===================================================== [ 35.536796][ T4217] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 35.538766][ T4217] 6.1.45-syzkaller #0 Not tainted [ 35.540078][ T4217] ----------------------------------------------------- [ 35.541920][ T4217] syz-executor364/4217 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 35.544059][ T4217] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 35.546645][ T4217] [ 35.546645][ T4217] and this task is already holding: [ 35.548486][ T4217] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.550980][ T4217] which would create a new lock dependency: [ 35.552553][ T4217] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 35.554595][ T4217] [ 35.554595][ T4217] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 35.557116][ T4217] (noop_qdisc.q.lock){+.-.}-{2:2} [ 35.557133][ T4217] [ 35.557133][ T4217] ... which became SOFTIRQ-irq-safe at: [ 35.560634][ T4217] lock_acquire+0x26c/0x7cc [ 35.561853][ T4217] _raw_spin_lock+0x54/0x6c [ 35.563083][ T4217] net_tx_action+0x6ec/0x94c [ 35.564350][ T4217] __do_softirq+0x30c/0xea0 [ 35.565557][ T4217] run_ksoftirqd+0x68/0x258 [ 35.566800][ T4217] smpboot_thread_fn+0x4b0/0x96c [ 35.568160][ T4217] kthread+0x250/0x2d8 [ 35.569302][ T4217] ret_from_fork+0x10/0x20 [ 35.570473][ T4217] [ 35.570473][ T4217] to a SOFTIRQ-irq-unsafe lock: [ 35.572361][ T4217] (fs_reclaim){+.+.}-{0:0} [ 35.572378][ T4217] [ 35.572378][ T4217] ... which became SOFTIRQ-irq-unsafe at: [ 35.575613][ T4217] ... [ 35.575619][ T4217] lock_acquire+0x26c/0x7cc [ 35.577514][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.578837][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.580293][ T4217] kmalloc_node_trace+0x44/0x90 [ 35.581602][ T4217] init_rescuer+0xa4/0x264 [ 35.582832][ T4217] workqueue_init+0x298/0x5b4 [ 35.584097][ T4217] kernel_init_freeable+0x33c/0x528 [ 35.585478][ T4217] kernel_init+0x24/0x29c [ 35.586659][ T4217] ret_from_fork+0x10/0x20 [ 35.587829][ T4217] [ 35.587829][ T4217] other info that might help us debug this: [ 35.587829][ T4217] [ 35.590566][ T4217] Possible interrupt unsafe locking scenario: [ 35.590566][ T4217] [ 35.592761][ T4217] CPU0 CPU1 [ 35.594188][ T4217] ---- ---- [ 35.595598][ T4217] lock(fs_reclaim); [ 35.596656][ T4217] local_irq_disable(); [ 35.598452][ T4217] lock(noop_qdisc.q.lock); [ 35.600313][ T4217] lock(fs_reclaim); [ 35.602021][ T4217] [ 35.602918][ T4217] lock(noop_qdisc.q.lock); [ 35.604166][ T4217] [ 35.604166][ T4217] *** DEADLOCK *** [ 35.604166][ T4217] [ 35.606301][ T4217] 2 locks held by syz-executor364/4217: [ 35.607779][ T4217] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 35.610343][ T4217] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 35.612960][ T4217] [ 35.612960][ T4217] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 35.615700][ T4217] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 35.617148][ T4217] HARDIRQ-ON-W at: [ 35.618200][ T4217] lock_acquire+0x26c/0x7cc [ 35.619805][ T4217] _raw_spin_lock+0x54/0x6c [ 35.621471][ T4217] __dev_queue_xmit+0xb14/0x38d8 [ 35.623214][ T4217] tx+0x90/0x134 [ 35.624622][ T4217] kthread+0x1ac/0x374 [ 35.626107][ T4217] kthread+0x250/0x2d8 [ 35.627598][ T4217] ret_from_fork+0x10/0x20 [ 35.629214][ T4217] IN-SOFTIRQ-W at: [ 35.630216][ T4217] lock_acquire+0x26c/0x7cc [ 35.631884][ T4217] _raw_spin_lock+0x54/0x6c [ 35.633508][ T4217] net_tx_action+0x6ec/0x94c [ 35.635089][ T4217] __do_softirq+0x30c/0xea0 [ 35.636699][ T4217] run_ksoftirqd+0x68/0x258 [ 35.638358][ T4217] smpboot_thread_fn+0x4b0/0x96c [ 35.640128][ T4217] kthread+0x250/0x2d8 [ 35.641631][ T4217] ret_from_fork+0x10/0x20 [ 35.643242][ T4217] INITIAL USE at: [ 35.644271][ T4217] lock_acquire+0x26c/0x7cc [ 35.645904][ T4217] _raw_spin_lock+0x54/0x6c [ 35.647519][ T4217] __dev_queue_xmit+0xb14/0x38d8 [ 35.649250][ T4217] tx+0x90/0x134 [ 35.650577][ T4217] kthread+0x1ac/0x374 [ 35.652068][ T4217] kthread+0x250/0x2d8 [ 35.653532][ T4217] ret_from_fork+0x10/0x20 [ 35.655097][ T4217] } [ 35.655799][ T4217] ... key at: [] noop_qdisc+0x108/0x320 [ 35.657892][ T4217] [ 35.657892][ T4217] the dependencies between the lock to be acquired [ 35.657899][ T4217] and SOFTIRQ-irq-unsafe lock: [ 35.661461][ T4217] -> (fs_reclaim){+.+.}-{0:0} { [ 35.662775][ T4217] HARDIRQ-ON-W at: [ 35.663801][ T4217] lock_acquire+0x26c/0x7cc [ 35.665417][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.667159][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.669005][ T4217] kmalloc_node_trace+0x44/0x90 [ 35.670780][ T4217] init_rescuer+0xa4/0x264 [ 35.672433][ T4217] workqueue_init+0x298/0x5b4 [ 35.674078][ T4217] kernel_init_freeable+0x33c/0x528 [ 35.675926][ T4217] kernel_init+0x24/0x29c [ 35.677492][ T4217] ret_from_fork+0x10/0x20 [ 35.679089][ T4217] SOFTIRQ-ON-W at: [ 35.680175][ T4217] lock_acquire+0x26c/0x7cc [ 35.681833][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.683620][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.685518][ T4217] kmalloc_node_trace+0x44/0x90 [ 35.687257][ T4217] init_rescuer+0xa4/0x264 [ 35.688859][ T4217] workqueue_init+0x298/0x5b4 [ 35.690533][ T4217] kernel_init_freeable+0x33c/0x528 [ 35.692338][ T4217] kernel_init+0x24/0x29c [ 35.693955][ T4217] ret_from_fork+0x10/0x20 [ 35.695580][ T4217] INITIAL USE at: [ 35.696585][ T4217] lock_acquire+0x26c/0x7cc [ 35.698206][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.699905][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.701694][ T4217] kmalloc_node_trace+0x44/0x90 [ 35.703402][ T4217] init_rescuer+0xa4/0x264 [ 35.704981][ T4217] workqueue_init+0x298/0x5b4 [ 35.706671][ T4217] kernel_init_freeable+0x33c/0x528 [ 35.708462][ T4217] kernel_init+0x24/0x29c [ 35.710033][ T4217] ret_from_fork+0x10/0x20 [ 35.711644][ T4217] } [ 35.712259][ T4217] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 35.714386][ T4217] ... acquired at: [ 35.715374][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.716749][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.718215][ T4217] __kmalloc_node+0xcc/0x1d0 [ 35.719471][ T4217] kvmalloc_node+0x84/0x1e4 [ 35.720762][ T4217] get_dist_table+0xa0/0x354 [ 35.722033][ T4217] netem_change+0x7a4/0x1900 [ 35.723285][ T4217] netem_init+0x54/0xb8 [ 35.724389][ T4217] qdisc_create+0x70c/0xe64 [ 35.725633][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 35.726944][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.728324][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 35.729653][ T4217] rtnetlink_rcv+0x28/0x38 [ 35.730805][ T4217] netlink_unicast+0x660/0x8d4 [ 35.732124][ T4217] netlink_sendmsg+0x834/0xb18 [ 35.733413][ T4217] ____sys_sendmsg+0x558/0x844 [ 35.734735][ T4217] __sys_sendmsg+0x26c/0x33c [ 35.736020][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 35.737410][ T4217] invoke_syscall+0x98/0x2c0 [ 35.738716][ T4217] el0_svc_common+0x138/0x258 [ 35.740027][ T4217] do_el0_svc+0x64/0x218 [ 35.741199][ T4217] el0_svc+0x58/0x168 [ 35.742321][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 35.743674][ T4217] el0t_64_sync+0x18c/0x190 [ 35.744886][ T4217] [ 35.745467][ T4217] [ 35.745467][ T4217] stack backtrace: [ 35.747049][ T4217] CPU: 1 PID: 4217 Comm: syz-executor364 Not tainted 6.1.45-syzkaller #0 [ 35.749270][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.751943][ T4217] Call trace: [ 35.752777][ T4217] dump_backtrace+0x1c8/0x1f4 [ 35.754007][ T4217] show_stack+0x2c/0x3c [ 35.755131][ T4217] dump_stack_lvl+0x108/0x170 [ 35.756330][ T4217] dump_stack+0x1c/0x58 [ 35.757445][ T4217] __lock_acquire+0x6310/0x764c [ 35.758741][ T4217] lock_acquire+0x26c/0x7cc [ 35.759979][ T4217] fs_reclaim_acquire+0x90/0x12c [ 35.761300][ T4217] __kmem_cache_alloc_node+0x58/0x388 [ 35.762782][ T4217] __kmalloc_node+0xcc/0x1d0 [ 35.763995][ T4217] kvmalloc_node+0x84/0x1e4 [ 35.765225][ T4217] get_dist_table+0xa0/0x354 [ 35.766460][ T4217] netem_change+0x7a4/0x1900 [ 35.767689][ T4217] netem_init+0x54/0xb8 [ 35.768771][ T4217] qdisc_create+0x70c/0xe64 [ 35.769943][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 35.771258][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.772609][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 35.773896][ T4217] rtnetlink_rcv+0x28/0x38 [ 35.775134][ T4217] netlink_unicast+0x660/0x8d4 [ 35.776386][ T4217] netlink_sendmsg+0x834/0xb18 [ 35.777673][ T4217] ____sys_sendmsg+0x558/0x844 [ 35.778923][ T4217] __sys_sendmsg+0x26c/0x33c [ 35.780089][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 35.781376][ T4217] invoke_syscall+0x98/0x2c0 [ 35.782590][ T4217] el0_svc_common+0x138/0x258 [ 35.783888][ T4217] do_el0_svc+0x64/0x218 [ 35.785048][ T4217] el0_svc+0x58/0x168 [ 35.786152][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 35.787541][ T4217] el0t_64_sync+0x18c/0x190 [ 35.788772][ T4217] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 35.791250][ T4217] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4217, name: syz-executor364 [ 35.793725][ T4217] preempt_count: 201, expected: 0 [ 35.795056][ T4217] RCU nest depth: 0, expected: 0 [ 35.796327][ T4217] INFO: lockdep is turned off. [ 35.797520][ T4217] Preemption disabled at: [ 35.797529][ T4217] [] sch_tree_lock+0x120/0x1d4 [ 35.800361][ T4217] CPU: 1 PID: 4217 Comm: syz-executor364 Not tainted 6.1.45-syzkaller #0 [ 35.802513][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 35.805145][ T4217] Call trace: [ 35.805995][ T4217] dump_backtrace+0x1c8/0x1f4 [ 35.807182][ T4217] show_stack+0x2c/0x3c [ 35.808277][ T4217] dump_stack_lvl+0x108/0x170 [ 35.809509][ T4217] dump_stack+0x1c/0x58 [ 35.810618][ T4217] __might_resched+0x37c/0x4d8 [ 35.811859][ T4217] __might_sleep+0x90/0xe4 [ 35.813009][ T4217] __kmem_cache_alloc_node+0x74/0x388 [ 35.814417][ T4217] __kmalloc_node+0xcc/0x1d0 [ 35.815644][ T4217] kvmalloc_node+0x84/0x1e4 [ 35.816832][ T4217] get_dist_table+0xa0/0x354 [ 35.818039][ T4217] netem_change+0x7a4/0x1900 [ 35.819242][ T4217] netem_init+0x54/0xb8 [ 35.820363][ T4217] qdisc_create+0x70c/0xe64 [ 35.821566][ T4217] tc_modify_qdisc+0x9f0/0x1840 [ 35.822844][ T4217] rtnetlink_rcv_msg+0x72c/0xd94 [ 35.824095][ T4217] netlink_rcv_skb+0x20c/0x3b8 [ 35.825311][ T4217] rtnetlink_rcv+0x28/0x38 [ 35.826507][ T4217] netlink_unicast+0x660/0x8d4 [ 35.827754][ T4217] netlink_sendmsg+0x834/0xb18 [ 35.829017][ T4217] ____sys_sendmsg+0x558/0x844 [ 35.830305][ T4217] __sys_sendmsg+0x26c/0x33c [ 35.831516][ T4217] __arm64_sys_sendmsg+0x80/0x94 [ 35.832831][ T4217] invoke_syscall+0x98/0x2c0 [ 35.834060][ T4217] el0_svc_common+0x138/0x258 [ 35.835308][ T4217] do_el0_svc+0x64/0x218 [ 35.836455][ T4217] el0_svc+0x58/0x168 [ 35.837522][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 35.838849][ T4217] el0t_64_sync+0x18c/0x190