Warning: Permanently added '10.128.10.17' (ED25519) to the list of known hosts. executing program [ 36.555124][ T4226] [ 36.555797][ T4226] ===================================================== [ 36.557676][ T4226] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 36.559734][ T4226] 6.1.45-syzkaller #0 Not tainted [ 36.561085][ T4226] ----------------------------------------------------- [ 36.562934][ T4226] syz-executor716/4226 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 36.565119][ T4226] ffff800015b3c360 (fs_reclaim){+.+.}-{0:0}, at: __kmem_cache_alloc_node+0x58/0x388 [ 36.567725][ T4226] [ 36.567725][ T4226] and this task is already holding: [ 36.569718][ T4226] ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.572262][ T4226] which would create a new lock dependency: [ 36.573862][ T4226] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 36.575944][ T4226] [ 36.575944][ T4226] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 36.578486][ T4226] (noop_qdisc.q.lock){+.-.}-{2:2} [ 36.578504][ T4226] [ 36.578504][ T4226] ... which became SOFTIRQ-irq-safe at: [ 36.581942][ T4226] lock_acquire+0x26c/0x7cc [ 36.583220][ T4226] _raw_spin_lock+0x54/0x6c [ 36.584439][ T4226] net_tx_action+0x6ec/0x94c [ 36.585693][ T4226] __do_softirq+0x30c/0xea0 [ 36.586953][ T4226] run_ksoftirqd+0x68/0x258 [ 36.588217][ T4226] smpboot_thread_fn+0x4b0/0x96c [ 36.589580][ T4226] kthread+0x250/0x2d8 [ 36.590702][ T4226] ret_from_fork+0x10/0x20 [ 36.591888][ T4226] [ 36.591888][ T4226] to a SOFTIRQ-irq-unsafe lock: [ 36.593786][ T4226] (fs_reclaim){+.+.}-{0:0} [ 36.593803][ T4226] [ 36.593803][ T4226] ... which became SOFTIRQ-irq-unsafe at: [ 36.597206][ T4226] ... [ 36.597212][ T4226] lock_acquire+0x26c/0x7cc [ 36.599139][ T4226] fs_reclaim_acquire+0x90/0x12c [ 36.600512][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 36.601975][ T4226] kmalloc_node_trace+0x44/0x90 [ 36.603282][ T4226] init_rescuer+0xa4/0x264 [ 36.604483][ T4226] workqueue_init+0x298/0x5b4 [ 36.605791][ T4226] kernel_init_freeable+0x33c/0x528 [ 36.607193][ T4226] kernel_init+0x24/0x29c [ 36.608334][ T4226] ret_from_fork+0x10/0x20 [ 36.609515][ T4226] [ 36.609515][ T4226] other info that might help us debug this: [ 36.609515][ T4226] [ 36.612214][ T4226] Possible interrupt unsafe locking scenario: [ 36.612214][ T4226] [ 36.614481][ T4226] CPU0 CPU1 [ 36.615939][ T4226] ---- ---- [ 36.617385][ T4226] lock(fs_reclaim); [ 36.618439][ T4226] local_irq_disable(); [ 36.620434][ T4226] lock(noop_qdisc.q.lock); [ 36.622427][ T4226] lock(fs_reclaim); [ 36.624146][ T4226] [ 36.625093][ T4226] lock(noop_qdisc.q.lock); [ 36.626408][ T4226] [ 36.626408][ T4226] *** DEADLOCK *** [ 36.626408][ T4226] [ 36.628652][ T4226] 2 locks held by syz-executor716/4226: [ 36.630160][ T4226] #0: ffff800017e6fdc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e8/0xd94 [ 36.632719][ T4226] #1: ffff800017eb4848 (noop_qdisc.q.lock){+.-.}-{2:2}, at: sch_tree_lock+0x120/0x1d4 [ 36.635387][ T4226] [ 36.635387][ T4226] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 36.637881][ T4226] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 36.639405][ T4226] HARDIRQ-ON-W at: [ 36.640488][ T4226] lock_acquire+0x26c/0x7cc [ 36.642177][ T4226] _raw_spin_lock+0x54/0x6c [ 36.643821][ T4226] __dev_queue_xmit+0xb14/0x38d8 [ 36.645648][ T4226] tx+0x90/0x134 [ 36.647062][ T4226] kthread+0x1ac/0x374 [ 36.648670][ T4226] kthread+0x250/0x2d8 [ 36.650272][ T4226] ret_from_fork+0x10/0x20 [ 36.651923][ T4226] IN-SOFTIRQ-W at: [ 36.652994][ T4226] lock_acquire+0x26c/0x7cc [ 36.654668][ T4226] _raw_spin_lock+0x54/0x6c [ 36.656360][ T4226] net_tx_action+0x6ec/0x94c [ 36.658048][ T4226] __do_softirq+0x30c/0xea0 [ 36.659743][ T4226] run_ksoftirqd+0x68/0x258 [ 36.661437][ T4226] smpboot_thread_fn+0x4b0/0x96c [ 36.663245][ T4226] kthread+0x250/0x2d8 [ 36.664807][ T4226] ret_from_fork+0x10/0x20 [ 36.666473][ T4226] INITIAL USE at: [ 36.667522][ T4226] lock_acquire+0x26c/0x7cc [ 36.669165][ T4226] _raw_spin_lock+0x54/0x6c [ 36.670810][ T4226] __dev_queue_xmit+0xb14/0x38d8 [ 36.672572][ T4226] tx+0x90/0x134 [ 36.673985][ T4226] kthread+0x1ac/0x374 [ 36.675553][ T4226] kthread+0x250/0x2d8 [ 36.677114][ T4226] ret_from_fork+0x10/0x20 [ 36.678725][ T4226] } [ 36.679421][ T4226] ... key at: [] noop_qdisc+0x108/0x320 [ 36.681488][ T4226] [ 36.681488][ T4226] the dependencies between the lock to be acquired [ 36.681495][ T4226] and SOFTIRQ-irq-unsafe lock: [ 36.685041][ T4226] -> (fs_reclaim){+.+.}-{0:0} { [ 36.686341][ T4226] HARDIRQ-ON-W at: [ 36.687359][ T4226] lock_acquire+0x26c/0x7cc [ 36.688942][ T4226] fs_reclaim_acquire+0x90/0x12c [ 36.690647][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 36.692525][ T4226] kmalloc_node_trace+0x44/0x90 [ 36.694259][ T4226] init_rescuer+0xa4/0x264 [ 36.695836][ T4226] workqueue_init+0x298/0x5b4 [ 36.697482][ T4226] kernel_init_freeable+0x33c/0x528 [ 36.699262][ T4226] kernel_init+0x24/0x29c [ 36.700912][ T4226] ret_from_fork+0x10/0x20 [ 36.702591][ T4226] SOFTIRQ-ON-W at: [ 36.703704][ T4226] lock_acquire+0x26c/0x7cc [ 36.705383][ T4226] fs_reclaim_acquire+0x90/0x12c [ 36.707168][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 36.709053][ T4226] kmalloc_node_trace+0x44/0x90 [ 36.710804][ T4226] init_rescuer+0xa4/0x264 [ 36.712477][ T4226] workqueue_init+0x298/0x5b4 [ 36.714178][ T4226] kernel_init_freeable+0x33c/0x528 [ 36.716028][ T4226] kernel_init+0x24/0x29c [ 36.717674][ T4226] ret_from_fork+0x10/0x20 [ 36.719335][ T4226] INITIAL USE at: [ 36.720374][ T4226] lock_acquire+0x26c/0x7cc [ 36.722010][ T4226] fs_reclaim_acquire+0x90/0x12c [ 36.723799][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 36.725728][ T4226] kmalloc_node_trace+0x44/0x90 [ 36.727481][ T4226] init_rescuer+0xa4/0x264 [ 36.729108][ T4226] workqueue_init+0x298/0x5b4 [ 36.730784][ T4226] kernel_init_freeable+0x33c/0x528 [ 36.732606][ T4226] kernel_init+0x24/0x29c [ 36.734200][ T4226] ret_from_fork+0x10/0x20 [ 36.735850][ T4226] } [ 36.736548][ T4226] ... key at: [] __fs_reclaim_map+0x0/0xe0 [ 36.738835][ T4226] ... acquired at: [ 36.739846][ T4226] fs_reclaim_acquire+0x90/0x12c [ 36.741202][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 36.742678][ T4226] __kmalloc_node+0xcc/0x1d0 [ 36.743942][ T4226] kvmalloc_node+0x84/0x1e4 [ 36.745217][ T4226] get_dist_table+0xa0/0x354 [ 36.746497][ T4226] netem_change+0x754/0x1900 [ 36.747780][ T4226] netem_init+0x54/0xb8 [ 36.748934][ T4226] qdisc_create+0x70c/0xe64 [ 36.750186][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 36.751596][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.753007][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 36.754353][ T4226] rtnetlink_rcv+0x28/0x38 [ 36.755582][ T4226] netlink_unicast+0x660/0x8d4 [ 36.756929][ T4226] netlink_sendmsg+0x834/0xb18 [ 36.758209][ T4226] ____sys_sendmsg+0x558/0x844 [ 36.759532][ T4226] __sys_sendmsg+0x26c/0x33c [ 36.760730][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 36.762007][ T4226] invoke_syscall+0x98/0x2c0 [ 36.763276][ T4226] el0_svc_common+0x138/0x258 [ 36.764494][ T4226] do_el0_svc+0x64/0x218 [ 36.765621][ T4226] el0_svc+0x58/0x168 [ 36.766645][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 36.767996][ T4226] el0t_64_sync+0x18c/0x190 [ 36.769160][ T4226] [ 36.769727][ T4226] [ 36.769727][ T4226] stack backtrace: [ 36.771149][ T4226] CPU: 1 PID: 4226 Comm: syz-executor716 Not tainted 6.1.45-syzkaller #0 [ 36.773279][ T4226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.775751][ T4226] Call trace: [ 36.776559][ T4226] dump_backtrace+0x1c8/0x1f4 [ 36.777748][ T4226] show_stack+0x2c/0x3c [ 36.778821][ T4226] dump_stack_lvl+0x108/0x170 [ 36.779998][ T4226] dump_stack+0x1c/0x58 [ 36.781193][ T4226] __lock_acquire+0x6310/0x764c [ 36.782450][ T4226] lock_acquire+0x26c/0x7cc [ 36.783649][ T4226] fs_reclaim_acquire+0x90/0x12c [ 36.784978][ T4226] __kmem_cache_alloc_node+0x58/0x388 [ 36.786402][ T4226] __kmalloc_node+0xcc/0x1d0 [ 36.787629][ T4226] kvmalloc_node+0x84/0x1e4 [ 36.788818][ T4226] get_dist_table+0xa0/0x354 [ 36.790035][ T4226] netem_change+0x754/0x1900 [ 36.791262][ T4226] netem_init+0x54/0xb8 [ 36.792355][ T4226] qdisc_create+0x70c/0xe64 [ 36.793526][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 36.794851][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.796124][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 36.797445][ T4226] rtnetlink_rcv+0x28/0x38 [ 36.798608][ T4226] netlink_unicast+0x660/0x8d4 [ 36.799807][ T4226] netlink_sendmsg+0x834/0xb18 [ 36.801029][ T4226] ____sys_sendmsg+0x558/0x844 [ 36.802335][ T4226] __sys_sendmsg+0x26c/0x33c [ 36.803560][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 36.804899][ T4226] invoke_syscall+0x98/0x2c0 [ 36.806179][ T4226] el0_svc_common+0x138/0x258 [ 36.807484][ T4226] do_el0_svc+0x64/0x218 [ 36.808648][ T4226] el0_svc+0x58/0x168 [ 36.809695][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 36.811056][ T4226] el0t_64_sync+0x18c/0x190 [ 36.812296][ T4226] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 [ 36.814759][ T4226] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4226, name: syz-executor716 [ 36.817097][ T4226] preempt_count: 201, expected: 0 [ 36.818343][ T4226] RCU nest depth: 0, expected: 0 [ 36.819608][ T4226] INFO: lockdep is turned off. [ 36.820892][ T4226] Preemption disabled at: [ 36.820901][ T4226] [] sch_tree_lock+0x120/0x1d4 [ 36.823655][ T4226] CPU: 1 PID: 4226 Comm: syz-executor716 Not tainted 6.1.45-syzkaller #0 [ 36.825763][ T4226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.828280][ T4226] Call trace: [ 36.829151][ T4226] dump_backtrace+0x1c8/0x1f4 [ 36.830321][ T4226] show_stack+0x2c/0x3c [ 36.831434][ T4226] dump_stack_lvl+0x108/0x170 [ 36.832636][ T4226] dump_stack+0x1c/0x58 [ 36.833723][ T4226] __might_resched+0x37c/0x4d8 [ 36.834969][ T4226] __might_sleep+0x90/0xe4 [ 36.836165][ T4226] __kmem_cache_alloc_node+0x74/0x388 [ 36.837564][ T4226] __kmalloc_node+0xcc/0x1d0 [ 36.838726][ T4226] kvmalloc_node+0x84/0x1e4 [ 36.839897][ T4226] get_dist_table+0xa0/0x354 [ 36.841098][ T4226] netem_change+0x754/0x1900 [ 36.842298][ T4226] netem_init+0x54/0xb8 [ 36.843361][ T4226] qdisc_create+0x70c/0xe64 [ 36.844573][ T4226] tc_modify_qdisc+0x9f0/0x1840 [ 36.845890][ T4226] rtnetlink_rcv_msg+0x72c/0xd94 [ 36.847201][ T4226] netlink_rcv_skb+0x20c/0x3b8 [ 36.848446][ T4226] rtnetlink_rcv+0x28/0x38 [ 36.849607][ T4226] netlink_unicast+0x660/0x8d4 [ 36.850879][ T4226] netlink_sendmsg+0x834/0xb18 [ 36.852135][ T4226] ____sys_sendmsg+0x558/0x844 [ 36.853394][ T4226] __sys_sendmsg+0x26c/0x33c [ 36.854612][ T4226] __arm64_sys_sendmsg+0x80/0x94 [ 36.855875][ T4226] invoke_syscall+0x98/0x2c0 [ 36.857095][ T4226] el0_svc_common+0x138/0x258 [ 36.858293][ T4226] do_el0_svc+0x64/0x218 [ 36.859454][ T4226] el0_svc+0x58/0x168 [ 36.860511][ T4226] el0t_64_sync_handler+0x84/0xf0 [ 36.861801][ T4226] el0t_64_sync+0x18c/0x190