Warning: Permanently added '10.128.1.46' (ED25519) to the list of known hosts. executing program [ 38.368863][ T3963] [ 38.369617][ T3963] ===================================================== [ 38.371548][ T3963] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 38.373541][ T3963] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 38.375403][ T3963] ----------------------------------------------------- [ 38.377269][ T3963] syz-executor144/3963 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 38.379408][ T3963] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 38.381831][ T3963] [ 38.381831][ T3963] and this task is already holding: [ 38.383773][ T3963] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 38.386212][ T3963] which would create a new lock dependency: [ 38.387789][ T3963] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 38.389830][ T3963] [ 38.389830][ T3963] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 38.392333][ T3963] (noop_qdisc.q.lock){+.-.}-{2:2} [ 38.392351][ T3963] [ 38.392351][ T3963] ... which became SOFTIRQ-irq-safe at: [ 38.395756][ T3963] lock_acquire+0x240/0x77c [ 38.396972][ T3963] _raw_spin_lock+0xb0/0x10c [ 38.398232][ T3963] net_tx_action+0x634/0x884 [ 38.399492][ T3963] __do_softirq+0x344/0xe20 [ 38.400729][ T3963] do_softirq+0x120/0x20c [ 38.401931][ T3963] __local_bh_enable_ip+0x2c0/0x4d0 [ 38.403358][ T3963] local_bh_enable+0x28/0x174 [ 38.404607][ T3963] dev_deactivate_many+0x580/0xbe4 [ 38.406030][ T3963] dev_deactivate+0x13c/0x1fc [ 38.407361][ T3963] linkwatch_do_dev+0x2a8/0x3c8 [ 38.408683][ T3963] __linkwatch_run_queue+0x424/0x730 [ 38.410099][ T3963] linkwatch_event+0x58/0x68 [ 38.411396][ T3963] process_one_work+0x790/0x11b8 [ 38.412758][ T3963] worker_thread+0x910/0x1034 [ 38.414020][ T3963] kthread+0x37c/0x45c [ 38.415186][ T3963] ret_from_fork+0x10/0x20 [ 38.416415][ T3963] [ 38.416415][ T3963] to a SOFTIRQ-irq-unsafe lock: [ 38.418313][ T3963] (fs_reclaim){+.+.}-{0:0} [ 38.418331][ T3963] [ 38.418331][ T3963] ... which became SOFTIRQ-irq-unsafe at: [ 38.421642][ T3963] ... [ 38.421648][ T3963] lock_acquire+0x240/0x77c [ 38.423547][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 38.424960][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 38.426361][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 38.427953][ T3963] init_rescuer+0xa4/0x264 [ 38.429164][ T3963] workqueue_init+0x2b4/0x640 [ 38.430463][ T3963] kernel_init_freeable+0x448/0x650 [ 38.431889][ T3963] kernel_init+0x24/0x294 [ 38.433106][ T3963] ret_from_fork+0x10/0x20 [ 38.434339][ T3963] [ 38.434339][ T3963] other info that might help us debug this: [ 38.434339][ T3963] [ 38.437079][ T3963] Possible interrupt unsafe locking scenario: [ 38.437079][ T3963] [ 38.439344][ T3963] CPU0 CPU1 [ 38.440816][ T3963] ---- ---- [ 38.442236][ T3963] lock(fs_reclaim); [ 38.443327][ T3963] local_irq_disable(); [ 38.445147][ T3963] lock(noop_qdisc.q.lock); [ 38.447067][ T3963] lock(fs_reclaim); [ 38.448798][ T3963] [ 38.449722][ T3963] lock(noop_qdisc.q.lock); [ 38.451012][ T3963] [ 38.451012][ T3963] *** DEADLOCK *** [ 38.451012][ T3963] [ 38.453209][ T3963] 2 locks held by syz-executor144/3963: [ 38.454671][ T3963] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 38.457219][ T3963] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 38.459943][ T3963] [ 38.459943][ T3963] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 38.462769][ T3963] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 38.464233][ T3963] HARDIRQ-ON-W at: [ 38.465334][ T3963] lock_acquire+0x240/0x77c [ 38.466926][ T3963] _raw_spin_lock+0xb0/0x10c [ 38.468609][ T3963] __dev_queue_xmit+0x8d0/0x2a6c [ 38.470432][ T3963] dev_queue_xmit+0x24/0x34 [ 38.472105][ T3963] tx+0x8c/0x130 [ 38.473550][ T3963] kthread+0x1ac/0x374 [ 38.475046][ T3963] kthread+0x37c/0x45c [ 38.476622][ T3963] ret_from_fork+0x10/0x20 [ 38.478273][ T3963] IN-SOFTIRQ-W at: [ 38.479327][ T3963] lock_acquire+0x240/0x77c [ 38.481007][ T3963] _raw_spin_lock+0xb0/0x10c [ 38.482721][ T3963] net_tx_action+0x634/0x884 [ 38.484382][ T3963] __do_softirq+0x344/0xe20 [ 38.486032][ T3963] do_softirq+0x120/0x20c [ 38.487618][ T3963] __local_bh_enable_ip+0x2c0/0x4d0 [ 38.489496][ T3963] local_bh_enable+0x28/0x174 [ 38.491205][ T3963] dev_deactivate_many+0x580/0xbe4 [ 38.493021][ T3963] dev_deactivate+0x13c/0x1fc [ 38.494739][ T3963] linkwatch_do_dev+0x2a8/0x3c8 [ 38.496492][ T3963] __linkwatch_run_queue+0x424/0x730 [ 38.498380][ T3963] linkwatch_event+0x58/0x68 [ 38.500058][ T3963] process_one_work+0x790/0x11b8 [ 38.501856][ T3963] worker_thread+0x910/0x1034 [ 38.503583][ T3963] kthread+0x37c/0x45c [ 38.505090][ T3963] ret_from_fork+0x10/0x20 [ 38.506713][ T3963] INITIAL USE at: [ 38.507763][ T3963] lock_acquire+0x240/0x77c [ 38.509391][ T3963] _raw_spin_lock+0xb0/0x10c [ 38.511032][ T3963] __dev_queue_xmit+0x8d0/0x2a6c [ 38.512797][ T3963] dev_queue_xmit+0x24/0x34 [ 38.514424][ T3963] tx+0x8c/0x130 [ 38.515820][ T3963] kthread+0x1ac/0x374 [ 38.517380][ T3963] kthread+0x37c/0x45c [ 38.518885][ T3963] ret_from_fork+0x10/0x20 [ 38.520492][ T3963] } [ 38.521131][ T3963] ... key at: [] noop_qdisc+0x108/0x320 [ 38.523223][ T3963] [ 38.523223][ T3963] the dependencies between the lock to be acquired [ 38.523230][ T3963] and SOFTIRQ-irq-unsafe lock: [ 38.526873][ T3963] -> (fs_reclaim){+.+.}-{0:0} { [ 38.528182][ T3963] HARDIRQ-ON-W at: [ 38.529268][ T3963] lock_acquire+0x240/0x77c [ 38.530961][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 38.532760][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 38.534580][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 38.536545][ T3963] init_rescuer+0xa4/0x264 [ 38.538211][ T3963] workqueue_init+0x2b4/0x640 [ 38.539995][ T3963] kernel_init_freeable+0x448/0x650 [ 38.541885][ T3963] kernel_init+0x24/0x294 [ 38.543559][ T3963] ret_from_fork+0x10/0x20 [ 38.545214][ T3963] SOFTIRQ-ON-W at: [ 38.546299][ T3963] lock_acquire+0x240/0x77c [ 38.547925][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 38.549720][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 38.551522][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 38.553541][ T3963] init_rescuer+0xa4/0x264 [ 38.555193][ T3963] workqueue_init+0x2b4/0x640 [ 38.556918][ T3963] kernel_init_freeable+0x448/0x650 [ 38.558783][ T3963] kernel_init+0x24/0x294 [ 38.560405][ T3963] ret_from_fork+0x10/0x20 [ 38.562076][ T3963] INITIAL USE at: [ 38.563161][ T3963] lock_acquire+0x240/0x77c [ 38.564822][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 38.566604][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 38.568399][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 38.570387][ T3963] init_rescuer+0xa4/0x264 [ 38.572031][ T3963] workqueue_init+0x2b4/0x640 [ 38.573727][ T3963] kernel_init_freeable+0x448/0x650 [ 38.575518][ T3963] kernel_init+0x24/0x294 [ 38.577102][ T3963] ret_from_fork+0x10/0x20 [ 38.578713][ T3963] } [ 38.579365][ T3963] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 38.581519][ T3963] ... acquired at: [ 38.582551][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 38.583938][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 38.585321][ T3963] __kmalloc_node+0xbc/0x5b8 [ 38.586591][ T3963] kvmalloc_node+0x88/0x204 [ 38.587865][ T3963] get_dist_table+0x9c/0x2a4 [ 38.589086][ T3963] netem_change+0x7cc/0x1a90 [ 38.590361][ T3963] netem_init+0x54/0xb8 [ 38.591507][ T3963] qdisc_create+0x6fc/0xf44 [ 38.592732][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 38.594060][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 38.595436][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 38.596751][ T3963] rtnetlink_rcv+0x28/0x38 [ 38.597984][ T3963] netlink_unicast+0x664/0x938 [ 38.599322][ T3963] netlink_sendmsg+0x844/0xb38 [ 38.600662][ T3963] ____sys_sendmsg+0x584/0x870 [ 38.602024][ T3963] ___sys_sendmsg+0x214/0x294 [ 38.603362][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 38.604806][ T3963] invoke_syscall+0x98/0x2b8 [ 38.606102][ T3963] el0_svc_common+0x138/0x258 [ 38.607411][ T3963] do_el0_svc+0x58/0x14c [ 38.608614][ T3963] el0_svc+0x7c/0x1f0 [ 38.609748][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 38.611153][ T3963] el0t_64_sync+0x1a0/0x1a4 [ 38.612421][ T3963] [ 38.613012][ T3963] [ 38.613012][ T3963] stack backtrace: [ 38.614572][ T3963] CPU: 0 PID: 3963 Comm: syz-executor144 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 38.617363][ T3963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 38.620080][ T3963] Call trace: [ 38.620948][ T3963] dump_backtrace+0x0/0x530 [ 38.622177][ T3963] show_stack+0x2c/0x3c [ 38.623321][ T3963] dump_stack_lvl+0x108/0x170 [ 38.624603][ T3963] dump_stack+0x1c/0x58 [ 38.625739][ T3963] __lock_acquire+0x62b4/0x7620 [ 38.627064][ T3963] lock_acquire+0x240/0x77c [ 38.628304][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 38.629630][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 38.630977][ T3963] __kmalloc_node+0xbc/0x5b8 [ 38.632223][ T3963] kvmalloc_node+0x88/0x204 [ 38.633450][ T3963] get_dist_table+0x9c/0x2a4 [ 38.634684][ T3963] netem_change+0x7cc/0x1a90 [ 38.635939][ T3963] netem_init+0x54/0xb8 [ 38.637044][ T3963] qdisc_create+0x6fc/0xf44 [ 38.638231][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 38.639554][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 38.640891][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 38.642130][ T3963] rtnetlink_rcv+0x28/0x38 [ 38.643318][ T3963] netlink_unicast+0x664/0x938 [ 38.644604][ T3963] netlink_sendmsg+0x844/0xb38 [ 38.645916][ T3963] ____sys_sendmsg+0x584/0x870 [ 38.647186][ T3963] ___sys_sendmsg+0x214/0x294 [ 38.648459][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 38.649836][ T3963] invoke_syscall+0x98/0x2b8 [ 38.651094][ T3963] el0_svc_common+0x138/0x258 [ 38.652347][ T3963] do_el0_svc+0x58/0x14c [ 38.653513][ T3963] el0_svc+0x7c/0x1f0 [ 38.654574][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 38.655902][ T3963] el0t_64_sync+0x1a0/0x1a4 [ 38.657192][ T3963] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 38.659635][ T3963] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3963, name: syz-executor144 [ 38.662001][ T3963] INFO: lockdep is turned off. [ 38.663265][ T3963] Preemption disabled at: [ 38.663276][ T3963] [] netem_change+0x22c/0x1a90 [ 38.665852][ T3963] CPU: 0 PID: 3963 Comm: syz-executor144 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 38.668460][ T3963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 38.671015][ T3963] Call trace: [ 38.671860][ T3963] dump_backtrace+0x0/0x530 [ 38.673035][ T3963] show_stack+0x2c/0x3c [ 38.674127][ T3963] dump_stack_lvl+0x108/0x170 [ 38.675345][ T3963] dump_stack+0x1c/0x58 [ 38.676441][ T3963] ___might_sleep+0x380/0x4dc [ 38.677691][ T3963] __might_sleep+0x98/0xf0 [ 38.678840][ T3963] slab_pre_alloc_hook+0x58/0xe8 [ 38.680138][ T3963] __kmalloc_node+0xbc/0x5b8 [ 38.681327][ T3963] kvmalloc_node+0x88/0x204 [ 38.682505][ T3963] get_dist_table+0x9c/0x2a4 [ 38.683681][ T3963] netem_change+0x7cc/0x1a90 [ 38.684865][ T3963] netem_init+0x54/0xb8 [ 38.685977][ T3963] qdisc_create+0x6fc/0xf44 [ 38.687168][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 38.688421][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 38.689670][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 38.690883][ T3963] rtnetlink_rcv+0x28/0x38 [ 38.691997][ T3963] netlink_unicast+0x664/0x938 [ 38.693238][ T3963] netlink_sendmsg+0x844/0xb38 [ 38.694464][ T3963] ____sys_sendmsg+0x584/0x870 [ 38.695721][ T3963] ___sys_sendmsg+0x214/0x294 [ 38.696944][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 38.698281][ T3963] invoke_syscall+0x98/0x2b8 [ 38.699518][ T3963] el0_svc_common+0x138/0x258 [ 38.700759][ T3963] do_el0_svc+0x58/0x14c [ 38.701848][ T3963] el0_svc+0x7c/0x1f0 [ 38.702857][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 38.704136][ T3963] el0t_64_sync+0x1a0/0x1a4