Warning: Permanently added '10.128.10.16' (ED25519) to the list of known hosts. executing program [ 41.932622][ T3962] [ 41.933234][ T3962] ===================================================== [ 41.935136][ T3962] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 41.937097][ T3962] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 41.938953][ T3962] ----------------------------------------------------- [ 41.940800][ T3962] syz-executor336/3962 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 41.942885][ T3962] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 41.945216][ T3962] [ 41.945216][ T3962] and this task is already holding: [ 41.947067][ T3962] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 41.949527][ T3962] which would create a new lock dependency: [ 41.951066][ T3962] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 41.953059][ T3962] [ 41.953059][ T3962] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 41.955600][ T3962] (noop_qdisc.q.lock){+.-.}-{2:2} [ 41.955618][ T3962] [ 41.955618][ T3962] ... which became SOFTIRQ-irq-safe at: [ 41.958983][ T3962] lock_acquire+0x240/0x77c [ 41.960170][ T3962] _raw_spin_lock+0xb0/0x10c [ 41.961400][ T3962] net_tx_action+0x634/0x884 [ 41.962610][ T3962] __do_softirq+0x344/0xe20 [ 41.963786][ T3962] run_ksoftirqd+0x68/0x258 [ 41.965044][ T3962] smpboot_thread_fn+0x4b0/0x920 [ 41.966330][ T3962] kthread+0x37c/0x45c [ 41.967455][ T3962] ret_from_fork+0x10/0x20 [ 41.968618][ T3962] [ 41.968618][ T3962] to a SOFTIRQ-irq-unsafe lock: [ 41.970419][ T3962] (fs_reclaim){+.+.}-{0:0} [ 41.970436][ T3962] [ 41.970436][ T3962] ... which became SOFTIRQ-irq-unsafe at: [ 41.973628][ T3962] ... [ 41.973634][ T3962] lock_acquire+0x240/0x77c [ 41.975521][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 41.976828][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 41.978157][ T3962] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 41.979722][ T3962] init_rescuer+0xa4/0x264 [ 41.980856][ T3962] workqueue_init+0x2b4/0x640 [ 41.982095][ T3962] kernel_init_freeable+0x448/0x650 [ 41.983449][ T3962] kernel_init+0x24/0x294 [ 41.984627][ T3962] ret_from_fork+0x10/0x20 [ 41.985800][ T3962] [ 41.985800][ T3962] other info that might help us debug this: [ 41.985800][ T3962] [ 41.988451][ T3962] Possible interrupt unsafe locking scenario: [ 41.988451][ T3962] [ 41.990717][ T3962] CPU0 CPU1 [ 41.992108][ T3962] ---- ---- [ 41.993516][ T3962] lock(fs_reclaim); [ 41.994547][ T3962] local_irq_disable(); [ 41.996363][ T3962] lock(noop_qdisc.q.lock); [ 41.998213][ T3962] lock(fs_reclaim); [ 41.999884][ T3962] [ 42.000814][ T3962] lock(noop_qdisc.q.lock); [ 42.002034][ T3962] [ 42.002034][ T3962] *** DEADLOCK *** [ 42.002034][ T3962] [ 42.004126][ T3962] 2 locks held by syz-executor336/3962: [ 42.005589][ T3962] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 42.008030][ T3962] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 42.010559][ T3962] [ 42.010559][ T3962] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 42.013278][ T3962] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 42.014737][ T3962] HARDIRQ-ON-W at: [ 42.015756][ T3962] lock_acquire+0x240/0x77c [ 42.017381][ T3962] _raw_spin_lock+0xb0/0x10c [ 42.019032][ T3962] __dev_queue_xmit+0x8d0/0x2a6c [ 42.020788][ T3962] dev_queue_xmit+0x24/0x34 [ 42.022442][ T3962] tx+0x8c/0x130 [ 42.023810][ T3962] kthread+0x1ac/0x374 [ 42.025257][ T3962] kthread+0x37c/0x45c [ 42.026740][ T3962] ret_from_fork+0x10/0x20 [ 42.028337][ T3962] IN-SOFTIRQ-W at: [ 42.029380][ T3962] lock_acquire+0x240/0x77c [ 42.030973][ T3962] _raw_spin_lock+0xb0/0x10c [ 42.032607][ T3962] net_tx_action+0x634/0x884 [ 42.034208][ T3962] __do_softirq+0x344/0xe20 [ 42.035819][ T3962] run_ksoftirqd+0x68/0x258 [ 42.037452][ T3962] smpboot_thread_fn+0x4b0/0x920 [ 42.039174][ T3962] kthread+0x37c/0x45c [ 42.040649][ T3962] ret_from_fork+0x10/0x20 [ 42.042300][ T3962] INITIAL USE at: [ 42.043341][ T3962] lock_acquire+0x240/0x77c [ 42.044913][ T3962] _raw_spin_lock+0xb0/0x10c [ 42.046510][ T3962] __dev_queue_xmit+0x8d0/0x2a6c [ 42.048203][ T3962] dev_queue_xmit+0x24/0x34 [ 42.049768][ T3962] tx+0x8c/0x130 [ 42.051076][ T3962] kthread+0x1ac/0x374 [ 42.052553][ T3962] kthread+0x37c/0x45c [ 42.054009][ T3962] ret_from_fork+0x10/0x20 [ 42.055567][ T3962] } [ 42.056187][ T3962] ... key at: [] noop_qdisc+0x108/0x320 [ 42.058216][ T3962] [ 42.058216][ T3962] the dependencies between the lock to be acquired [ 42.058223][ T3962] and SOFTIRQ-irq-unsafe lock: [ 42.061724][ T3962] -> (fs_reclaim){+.+.}-{0:0} { [ 42.062970][ T3962] HARDIRQ-ON-W at: [ 42.063982][ T3962] lock_acquire+0x240/0x77c [ 42.065591][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 42.067306][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 42.068976][ T3962] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 42.070933][ T3962] init_rescuer+0xa4/0x264 [ 42.072501][ T3962] workqueue_init+0x2b4/0x640 [ 42.074166][ T3962] kernel_init_freeable+0x448/0x650 [ 42.075966][ T3962] kernel_init+0x24/0x294 [ 42.077581][ T3962] ret_from_fork+0x10/0x20 [ 42.079229][ T3962] SOFTIRQ-ON-W at: [ 42.080280][ T3962] lock_acquire+0x240/0x77c [ 42.081885][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 42.083600][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 42.085385][ T3962] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 42.087048][ T3962] init_rescuer+0xa4/0x264 [ 42.088694][ T3962] workqueue_init+0x2b4/0x640 [ 42.090360][ T3962] kernel_init_freeable+0x448/0x650 [ 42.092116][ T3962] kernel_init+0x24/0x294 [ 42.093672][ T3962] ret_from_fork+0x10/0x20 [ 42.095285][ T3962] INITIAL USE at: [ 42.096280][ T3962] lock_acquire+0x240/0x77c [ 42.097900][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 42.099604][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 42.101335][ T3962] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 42.103403][ T3962] init_rescuer+0xa4/0x264 [ 42.104989][ T3962] workqueue_init+0x2b4/0x640 [ 42.106557][ T3962] kernel_init_freeable+0x448/0x650 [ 42.108387][ T3962] kernel_init+0x24/0x294 [ 42.109975][ T3962] ret_from_fork+0x10/0x20 [ 42.111604][ T3962] } [ 42.112287][ T3962] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 42.114463][ T3962] ... acquired at: [ 42.115512][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 42.116706][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 42.118030][ T3962] __kmalloc_node+0xbc/0x5b8 [ 42.119374][ T3962] kvmalloc_node+0x88/0x204 [ 42.120637][ T3962] get_dist_table+0x9c/0x2a4 [ 42.121910][ T3962] netem_change+0x7cc/0x1a90 [ 42.123178][ T3962] netem_init+0x54/0xb8 [ 42.124362][ T3962] qdisc_create+0x6fc/0xf44 [ 42.125543][ T3962] tc_modify_qdisc+0x8dc/0x1344 [ 42.126895][ T3962] rtnetlink_rcv_msg+0xa74/0xdac [ 42.128292][ T3962] netlink_rcv_skb+0x20c/0x3b8 [ 42.129598][ T3962] rtnetlink_rcv+0x28/0x38 [ 42.130839][ T3962] netlink_unicast+0x664/0x938 [ 42.132205][ T3962] netlink_sendmsg+0x844/0xb38 [ 42.133572][ T3962] ____sys_sendmsg+0x584/0x870 [ 42.134903][ T3962] ___sys_sendmsg+0x214/0x294 [ 42.136265][ T3962] __arm64_sys_sendmsg+0x1ac/0x25c [ 42.137671][ T3962] invoke_syscall+0x98/0x2b8 [ 42.138977][ T3962] el0_svc_common+0x138/0x258 [ 42.140295][ T3962] do_el0_svc+0x58/0x14c [ 42.141488][ T3962] el0_svc+0x7c/0x1f0 [ 42.142603][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 42.144056][ T3962] el0t_64_sync+0x1a0/0x1a4 [ 42.145334][ T3962] [ 42.145927][ T3962] [ 42.145927][ T3962] stack backtrace: [ 42.147290][ T3962] CPU: 1 PID: 3962 Comm: syz-executor336 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 42.150058][ T3962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 42.152750][ T3962] Call trace: [ 42.153605][ T3962] dump_backtrace+0x0/0x530 [ 42.154824][ T3962] show_stack+0x2c/0x3c [ 42.155924][ T3962] dump_stack_lvl+0x108/0x170 [ 42.157135][ T3962] dump_stack+0x1c/0x58 [ 42.158257][ T3962] __lock_acquire+0x62b4/0x7620 [ 42.159554][ T3962] lock_acquire+0x240/0x77c [ 42.160765][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 42.162107][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 42.163423][ T3962] __kmalloc_node+0xbc/0x5b8 [ 42.164657][ T3962] kvmalloc_node+0x88/0x204 [ 42.165859][ T3962] get_dist_table+0x9c/0x2a4 [ 42.167128][ T3962] netem_change+0x7cc/0x1a90 [ 42.168386][ T3962] netem_init+0x54/0xb8 [ 42.169480][ T3962] qdisc_create+0x6fc/0xf44 [ 42.170714][ T3962] tc_modify_qdisc+0x8dc/0x1344 [ 42.172021][ T3962] rtnetlink_rcv_msg+0xa74/0xdac [ 42.173379][ T3962] netlink_rcv_skb+0x20c/0x3b8 [ 42.174677][ T3962] rtnetlink_rcv+0x28/0x38 [ 42.175887][ T3962] netlink_unicast+0x664/0x938 [ 42.177183][ T3962] netlink_sendmsg+0x844/0xb38 [ 42.178465][ T3962] ____sys_sendmsg+0x584/0x870 [ 42.179742][ T3962] ___sys_sendmsg+0x214/0x294 [ 42.180982][ T3962] __arm64_sys_sendmsg+0x1ac/0x25c [ 42.182358][ T3962] invoke_syscall+0x98/0x2b8 [ 42.183572][ T3962] el0_svc_common+0x138/0x258 [ 42.184822][ T3962] do_el0_svc+0x58/0x14c [ 42.185958][ T3962] el0_svc+0x7c/0x1f0 [ 42.187006][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 42.188355][ T3962] el0t_64_sync+0x1a0/0x1a4 [ 42.189648][ T3962] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 42.192048][ T3962] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3962, name: syz-executor336 [ 42.194490][ T3962] INFO: lockdep is turned off. [ 42.195741][ T3962] Preemption disabled at: [ 42.195752][ T3962] [] netem_change+0x22c/0x1a90 [ 42.198446][ T3962] CPU: 1 PID: 3962 Comm: syz-executor336 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 42.201060][ T3962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 42.203577][ T3962] Call trace: [ 42.204420][ T3962] dump_backtrace+0x0/0x530 [ 42.205595][ T3962] show_stack+0x2c/0x3c [ 42.206694][ T3962] dump_stack_lvl+0x108/0x170 [ 42.207918][ T3962] dump_stack+0x1c/0x58 [ 42.209012][ T3962] ___might_sleep+0x380/0x4dc [ 42.210269][ T3962] __might_sleep+0x98/0xf0 [ 42.211425][ T3962] slab_pre_alloc_hook+0x58/0xe8 [ 42.212711][ T3962] __kmalloc_node+0xbc/0x5b8 [ 42.213893][ T3962] kvmalloc_node+0x88/0x204 [ 42.215111][ T3962] get_dist_table+0x9c/0x2a4 [ 42.216345][ T3962] netem_change+0x7cc/0x1a90 [ 42.217579][ T3962] netem_init+0x54/0xb8 [ 42.218676][ T3962] qdisc_create+0x6fc/0xf44 [ 42.219825][ T3962] tc_modify_qdisc+0x8dc/0x1344 [ 42.221106][ T3962] rtnetlink_rcv_msg+0xa74/0xdac [ 42.222452][ T3962] netlink_rcv_skb+0x20c/0x3b8 [ 42.223718][ T3962] rtnetlink_rcv+0x28/0x38 [ 42.224879][ T3962] netlink_unicast+0x664/0x938 [ 42.226129][ T3962] netlink_sendmsg+0x844/0xb38 [ 42.227462][ T3962] ____sys_sendmsg+0x584/0x870 [ 42.228748][ T3962] ___sys_sendmsg+0x214/0x294 [ 42.229975][ T3962] __arm64_sys_sendmsg+0x1ac/0x25c [ 42.231339][ T3962] invoke_syscall+0x98/0x2b8 [ 42.232566][ T3962] el0_svc_common+0x138/0x258 [ 42.233790][ T3962] do_el0_svc+0x58/0x14c [ 42.234895][ T3962] el0_svc+0x7c/0x1f0 [ 42.235930][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 42.237224][ T3962] el0t_64_sync+0x1a0/0x1a4