Warning: Permanently added '10.128.0.229' (ED25519) to the list of known hosts. executing program [ 43.479893][ T3963] [ 43.480494][ T3963] ===================================================== [ 43.482290][ T3963] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 43.484296][ T3963] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 43.486169][ T3963] ----------------------------------------------------- [ 43.488006][ T3963] syz-executor567/3963 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 43.490171][ T3963] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 43.492610][ T3963] [ 43.492610][ T3963] and this task is already holding: [ 43.494632][ T3963] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 43.497175][ T3963] which would create a new lock dependency: [ 43.498807][ T3963] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 43.500889][ T3963] [ 43.500889][ T3963] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 43.503440][ T3963] (noop_qdisc.q.lock){+.-.}-{2:2} [ 43.503458][ T3963] [ 43.503458][ T3963] ... which became SOFTIRQ-irq-safe at: [ 43.506924][ T3963] lock_acquire+0x240/0x77c [ 43.508125][ T3963] _raw_spin_lock+0xb0/0x10c [ 43.509363][ T3963] net_tx_action+0x634/0x884 [ 43.510632][ T3963] __do_softirq+0x344/0xe20 [ 43.511900][ T3963] run_ksoftirqd+0x68/0x258 [ 43.513144][ T3963] smpboot_thread_fn+0x4b0/0x920 [ 43.514540][ T3963] kthread+0x37c/0x45c [ 43.515669][ T3963] ret_from_fork+0x10/0x20 [ 43.516871][ T3963] [ 43.516871][ T3963] to a SOFTIRQ-irq-unsafe lock: [ 43.518817][ T3963] (fs_reclaim){+.+.}-{0:0} [ 43.518834][ T3963] [ 43.518834][ T3963] ... which became SOFTIRQ-irq-unsafe at: [ 43.522150][ T3963] ... [ 43.522156][ T3963] lock_acquire+0x240/0x77c [ 43.524061][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 43.525398][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 43.526774][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 43.528310][ T3963] init_rescuer+0xa4/0x264 [ 43.529490][ T3963] workqueue_init+0x2b4/0x640 [ 43.530822][ T3963] kernel_init_freeable+0x448/0x650 [ 43.532220][ T3963] kernel_init+0x24/0x294 [ 43.533428][ T3963] ret_from_fork+0x10/0x20 [ 43.534650][ T3963] [ 43.534650][ T3963] other info that might help us debug this: [ 43.534650][ T3963] [ 43.537327][ T3963] Possible interrupt unsafe locking scenario: [ 43.537327][ T3963] [ 43.539579][ T3963] CPU0 CPU1 [ 43.541033][ T3963] ---- ---- [ 43.542547][ T3963] lock(fs_reclaim); [ 43.543608][ T3963] local_irq_disable(); [ 43.545455][ T3963] lock(noop_qdisc.q.lock); [ 43.547277][ T3963] lock(fs_reclaim); [ 43.548989][ T3963] [ 43.549884][ T3963] lock(noop_qdisc.q.lock); [ 43.551129][ T3963] [ 43.551129][ T3963] *** DEADLOCK *** [ 43.551129][ T3963] [ 43.553240][ T3963] 2 locks held by syz-executor567/3963: [ 43.554749][ T3963] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 43.557305][ T3963] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 43.559959][ T3963] [ 43.559959][ T3963] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 43.562796][ T3963] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 43.564310][ T3963] HARDIRQ-ON-W at: [ 43.565391][ T3963] lock_acquire+0x240/0x77c [ 43.567056][ T3963] _raw_spin_lock+0xb0/0x10c [ 43.568733][ T3963] __dev_queue_xmit+0x8d0/0x2a6c [ 43.570540][ T3963] dev_queue_xmit+0x24/0x34 [ 43.572123][ T3963] tx+0x8c/0x130 [ 43.573485][ T3963] kthread+0x1ac/0x374 [ 43.574978][ T3963] kthread+0x37c/0x45c [ 43.576460][ T3963] ret_from_fork+0x10/0x20 [ 43.578041][ T3963] IN-SOFTIRQ-W at: [ 43.579074][ T3963] lock_acquire+0x240/0x77c [ 43.580742][ T3963] _raw_spin_lock+0xb0/0x10c [ 43.582340][ T3963] net_tx_action+0x634/0x884 [ 43.583919][ T3963] __do_softirq+0x344/0xe20 [ 43.585506][ T3963] run_ksoftirqd+0x68/0x258 [ 43.587109][ T3963] smpboot_thread_fn+0x4b0/0x920 [ 43.588937][ T3963] kthread+0x37c/0x45c [ 43.590462][ T3963] ret_from_fork+0x10/0x20 [ 43.592080][ T3963] INITIAL USE at: [ 43.593130][ T3963] lock_acquire+0x240/0x77c [ 43.594722][ T3963] _raw_spin_lock+0xb0/0x10c [ 43.596374][ T3963] __dev_queue_xmit+0x8d0/0x2a6c [ 43.598138][ T3963] dev_queue_xmit+0x24/0x34 [ 43.599801][ T3963] tx+0x8c/0x130 [ 43.601243][ T3963] kthread+0x1ac/0x374 [ 43.602778][ T3963] kthread+0x37c/0x45c [ 43.604291][ T3963] ret_from_fork+0x10/0x20 [ 43.605923][ T3963] } [ 43.606583][ T3963] ... key at: [] noop_qdisc+0x108/0x320 [ 43.608661][ T3963] [ 43.608661][ T3963] the dependencies between the lock to be acquired [ 43.608669][ T3963] and SOFTIRQ-irq-unsafe lock: [ 43.612324][ T3963] -> (fs_reclaim){+.+.}-{0:0} { [ 43.613681][ T3963] HARDIRQ-ON-W at: [ 43.614730][ T3963] lock_acquire+0x240/0x77c [ 43.616415][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 43.618193][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 43.619992][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 43.621965][ T3963] init_rescuer+0xa4/0x264 [ 43.623656][ T3963] workqueue_init+0x2b4/0x640 [ 43.625410][ T3963] kernel_init_freeable+0x448/0x650 [ 43.627248][ T3963] kernel_init+0x24/0x294 [ 43.628887][ T3963] ret_from_fork+0x10/0x20 [ 43.630549][ T3963] SOFTIRQ-ON-W at: [ 43.631678][ T3963] lock_acquire+0x240/0x77c [ 43.633329][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 43.635084][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 43.636926][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 43.638915][ T3963] init_rescuer+0xa4/0x264 [ 43.640465][ T3963] workqueue_init+0x2b4/0x640 [ 43.642149][ T3963] kernel_init_freeable+0x448/0x650 [ 43.643958][ T3963] kernel_init+0x24/0x294 [ 43.645610][ T3963] ret_from_fork+0x10/0x20 [ 43.647265][ T3963] INITIAL USE at: [ 43.648341][ T3963] lock_acquire+0x240/0x77c [ 43.650019][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 43.651772][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 43.653496][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 43.655483][ T3963] init_rescuer+0xa4/0x264 [ 43.657157][ T3963] workqueue_init+0x2b4/0x640 [ 43.658858][ T3963] kernel_init_freeable+0x448/0x650 [ 43.660708][ T3963] kernel_init+0x24/0x294 [ 43.662333][ T3963] ret_from_fork+0x10/0x20 [ 43.663954][ T3963] } [ 43.664638][ T3963] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 43.666848][ T3963] ... acquired at: [ 43.667845][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 43.669224][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 43.670630][ T3963] __kmalloc_node+0xbc/0x5b8 [ 43.671553][ T3963] kvmalloc_node+0x88/0x204 [ 43.672790][ T3963] get_dist_table+0x9c/0x2a4 [ 43.674039][ T3963] netem_change+0x7cc/0x1a90 [ 43.675329][ T3963] netem_init+0x54/0xb8 [ 43.676485][ T3963] qdisc_create+0x6fc/0xf44 [ 43.677789][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 43.679148][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 43.680561][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 43.681909][ T3963] rtnetlink_rcv+0x28/0x38 [ 43.683161][ T3963] netlink_unicast+0x664/0x938 [ 43.684473][ T3963] netlink_sendmsg+0x844/0xb38 [ 43.685752][ T3963] ____sys_sendmsg+0x584/0x870 [ 43.687079][ T3963] ___sys_sendmsg+0x214/0x294 [ 43.688324][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 43.689717][ T3963] invoke_syscall+0x98/0x2b8 [ 43.690985][ T3963] el0_svc_common+0x138/0x258 [ 43.692291][ T3963] do_el0_svc+0x58/0x14c [ 43.693487][ T3963] el0_svc+0x7c/0x1f0 [ 43.694605][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 43.696000][ T3963] el0t_64_sync+0x1a0/0x1a4 [ 43.697217][ T3963] [ 43.697808][ T3963] [ 43.697808][ T3963] stack backtrace: [ 43.699388][ T3963] CPU: 1 PID: 3963 Comm: syz-executor567 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 43.702182][ T3963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 43.704841][ T3963] Call trace: [ 43.705735][ T3963] dump_backtrace+0x0/0x530 [ 43.706956][ T3963] show_stack+0x2c/0x3c [ 43.708047][ T3963] dump_stack_lvl+0x108/0x170 [ 43.709330][ T3963] dump_stack+0x1c/0x58 [ 43.710441][ T3963] __lock_acquire+0x62b4/0x7620 [ 43.711744][ T3963] lock_acquire+0x240/0x77c [ 43.712960][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 43.714300][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 43.715595][ T3963] __kmalloc_node+0xbc/0x5b8 [ 43.716808][ T3963] kvmalloc_node+0x88/0x204 [ 43.718007][ T3963] get_dist_table+0x9c/0x2a4 [ 43.719216][ T3963] netem_change+0x7cc/0x1a90 [ 43.720478][ T3963] netem_init+0x54/0xb8 [ 43.721603][ T3963] qdisc_create+0x6fc/0xf44 [ 43.722760][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 43.724022][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 43.725334][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 43.726659][ T3963] rtnetlink_rcv+0x28/0x38 [ 43.727805][ T3963] netlink_unicast+0x664/0x938 [ 43.729073][ T3963] netlink_sendmsg+0x844/0xb38 [ 43.730325][ T3963] ____sys_sendmsg+0x584/0x870 [ 43.731601][ T3963] ___sys_sendmsg+0x214/0x294 [ 43.732856][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 43.734197][ T3963] invoke_syscall+0x98/0x2b8 [ 43.735355][ T3963] el0_svc_common+0x138/0x258 [ 43.736641][ T3963] do_el0_svc+0x58/0x14c [ 43.737729][ T3963] el0_svc+0x7c/0x1f0 [ 43.738735][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 43.739998][ T3963] el0t_64_sync+0x1a0/0x1a4 [ 43.741225][ T3963] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 43.743713][ T3963] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3963, name: syz-executor567 [ 43.746063][ T3963] INFO: lockdep is turned off. [ 43.747275][ T3963] Preemption disabled at: [ 43.747286][ T3963] [] netem_change+0x22c/0x1a90 [ 43.749951][ T3963] CPU: 1 PID: 3963 Comm: syz-executor567 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 43.752490][ T3963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 43.755132][ T3963] Call trace: [ 43.755926][ T3963] dump_backtrace+0x0/0x530 [ 43.757089][ T3963] show_stack+0x2c/0x3c [ 43.758153][ T3963] dump_stack_lvl+0x108/0x170 [ 43.759332][ T3963] dump_stack+0x1c/0x58 [ 43.760457][ T3963] ___might_sleep+0x380/0x4dc [ 43.761687][ T3963] __might_sleep+0x98/0xf0 [ 43.762826][ T3963] slab_pre_alloc_hook+0x58/0xe8 [ 43.764091][ T3963] __kmalloc_node+0xbc/0x5b8 [ 43.765253][ T3963] kvmalloc_node+0x88/0x204 [ 43.766420][ T3963] get_dist_table+0x9c/0x2a4 [ 43.767613][ T3963] netem_change+0x7cc/0x1a90 [ 43.768781][ T3963] netem_init+0x54/0xb8 [ 43.769846][ T3963] qdisc_create+0x6fc/0xf44 [ 43.771017][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 43.772259][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 43.773505][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 43.774707][ T3963] rtnetlink_rcv+0x28/0x38 [ 43.775858][ T3963] netlink_unicast+0x664/0x938 [ 43.777099][ T3963] netlink_sendmsg+0x844/0xb38 [ 43.778325][ T3963] ____sys_sendmsg+0x584/0x870 [ 43.779574][ T3963] ___sys_sendmsg+0x214/0x294 [ 43.780781][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 43.782123][ T3963] invoke_syscall+0x98/0x2b8 [ 43.783337][ T3963] el0_svc_common+0x138/0x258 [ 43.784562][ T3963] do_el0_svc+0x58/0x14c [ 43.785652][ T3963] el0_svc+0x7c/0x1f0 [ 43.786660][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 43.787958][ T3963] el0t_64_sync+0x1a0/0x1a4