Warning: Permanently added '10.128.0.142' (ED25519) to the list of known hosts. executing program [ 36.664988][ T3963] [ 36.665577][ T3963] ===================================================== [ 36.667031][ T3963] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 36.668589][ T3963] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 36.670033][ T3963] ----------------------------------------------------- [ 36.671506][ T3963] syz-executor113/3963 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 36.673284][ T3963] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 36.675364][ T3963] [ 36.675364][ T3963] and this task is already holding: [ 36.676877][ T3963] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 36.678936][ T3963] which would create a new lock dependency: [ 36.680300][ T3963] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 36.682043][ T3963] [ 36.682043][ T3963] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 36.684171][ T3963] (noop_qdisc.q.lock){+.-.}-{2:2} [ 36.684189][ T3963] [ 36.684189][ T3963] ... which became SOFTIRQ-irq-safe at: [ 36.686863][ T3963] lock_acquire+0x240/0x77c [ 36.687908][ T3963] _raw_spin_lock+0xb0/0x10c [ 36.688939][ T3963] net_tx_action+0x634/0x884 [ 36.689937][ T3963] __do_softirq+0x344/0xe20 [ 36.691059][ T3963] run_ksoftirqd+0x68/0x258 [ 36.692154][ T3963] smpboot_thread_fn+0x4b0/0x920 [ 36.693327][ T3963] kthread+0x37c/0x45c [ 36.694206][ T3963] ret_from_fork+0x10/0x20 [ 36.695161][ T3963] [ 36.695161][ T3963] to a SOFTIRQ-irq-unsafe lock: [ 36.696652][ T3963] (fs_reclaim){+.+.}-{0:0} [ 36.696669][ T3963] [ 36.696669][ T3963] ... which became SOFTIRQ-irq-unsafe at: [ 36.699352][ T3963] ... [ 36.699357][ T3963] lock_acquire+0x240/0x77c [ 36.700961][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 36.702078][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 36.703128][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 36.704402][ T3963] init_rescuer+0xa4/0x264 [ 36.705404][ T3963] workqueue_init+0x2b4/0x640 [ 36.706409][ T3963] kernel_init_freeable+0x448/0x650 [ 36.707522][ T3963] kernel_init+0x24/0x294 [ 36.708475][ T3963] ret_from_fork+0x10/0x20 [ 36.709392][ T3963] [ 36.709392][ T3963] other info that might help us debug this: [ 36.709392][ T3963] [ 36.711557][ T3963] Possible interrupt unsafe locking scenario: [ 36.711557][ T3963] [ 36.713262][ T3963] CPU0 CPU1 [ 36.714328][ T3963] ---- ---- [ 36.715450][ T3963] lock(fs_reclaim); [ 36.716285][ T3963] local_irq_disable(); [ 36.717656][ T3963] lock(noop_qdisc.q.lock); [ 36.719092][ T3963] lock(fs_reclaim); [ 36.720511][ T3963] [ 36.721215][ T3963] lock(noop_qdisc.q.lock); [ 36.722228][ T3963] [ 36.722228][ T3963] *** DEADLOCK *** [ 36.722228][ T3963] [ 36.723896][ T3963] 2 locks held by syz-executor113/3963: [ 36.725088][ T3963] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 36.727096][ T3963] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 36.729296][ T3963] [ 36.729296][ T3963] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 36.731584][ T3963] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 36.732745][ T3963] HARDIRQ-ON-W at: [ 36.733595][ T3963] lock_acquire+0x240/0x77c [ 36.734879][ T3963] _raw_spin_lock+0xb0/0x10c [ 36.736233][ T3963] __dev_queue_xmit+0x8d0/0x2a6c [ 36.737619][ T3963] dev_queue_xmit+0x24/0x34 [ 36.738950][ T3963] tx+0x8c/0x130 [ 36.740180][ T3963] kthread+0x1ac/0x374 [ 36.741378][ T3963] kthread+0x37c/0x45c [ 36.742680][ T3963] ret_from_fork+0x10/0x20 [ 36.743915][ T3963] IN-SOFTIRQ-W at: [ 36.744790][ T3963] lock_acquire+0x240/0x77c [ 36.746162][ T3963] _raw_spin_lock+0xb0/0x10c [ 36.747372][ T3963] net_tx_action+0x634/0x884 [ 36.748751][ T3963] __do_softirq+0x344/0xe20 [ 36.750072][ T3963] run_ksoftirqd+0x68/0x258 [ 36.751419][ T3963] smpboot_thread_fn+0x4b0/0x920 [ 36.752891][ T3963] kthread+0x37c/0x45c [ 36.754157][ T3963] ret_from_fork+0x10/0x20 [ 36.755438][ T3963] INITIAL USE at: [ 36.756254][ T3963] lock_acquire+0x240/0x77c [ 36.757579][ T3963] _raw_spin_lock+0xb0/0x10c [ 36.758869][ T3963] __dev_queue_xmit+0x8d0/0x2a6c [ 36.760262][ T3963] dev_queue_xmit+0x24/0x34 [ 36.761569][ T3963] tx+0x8c/0x130 [ 36.762742][ T3963] kthread+0x1ac/0x374 [ 36.763945][ T3963] kthread+0x37c/0x45c [ 36.765165][ T3963] ret_from_fork+0x10/0x20 [ 36.766405][ T3963] } [ 36.766956][ T3963] ... key at: [] noop_qdisc+0x108/0x320 [ 36.768607][ T3963] [ 36.768607][ T3963] the dependencies between the lock to be acquired [ 36.768615][ T3963] and SOFTIRQ-irq-unsafe lock: [ 36.771533][ T3963] -> (fs_reclaim){+.+.}-{0:0} { [ 36.772647][ T3963] HARDIRQ-ON-W at: [ 36.773519][ T3963] lock_acquire+0x240/0x77c [ 36.774917][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 36.776353][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 36.777803][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 36.779510][ T3963] init_rescuer+0xa4/0x264 [ 36.780850][ T3963] workqueue_init+0x2b4/0x640 [ 36.782139][ T3963] kernel_init_freeable+0x448/0x650 [ 36.783754][ T3963] kernel_init+0x24/0x294 [ 36.785075][ T3963] ret_from_fork+0x10/0x20 [ 36.786488][ T3963] SOFTIRQ-ON-W at: [ 36.787330][ T3963] lock_acquire+0x240/0x77c [ 36.788625][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 36.789988][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 36.791405][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 36.793073][ T3963] init_rescuer+0xa4/0x264 [ 36.794438][ T3963] workqueue_init+0x2b4/0x640 [ 36.795864][ T3963] kernel_init_freeable+0x448/0x650 [ 36.797401][ T3963] kernel_init+0x24/0x294 [ 36.798688][ T3963] ret_from_fork+0x10/0x20 [ 36.799955][ T3963] INITIAL USE at: [ 36.800861][ T3963] lock_acquire+0x240/0x77c [ 36.802180][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 36.803578][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 36.805035][ T3963] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 36.806737][ T3963] init_rescuer+0xa4/0x264 [ 36.808007][ T3963] workqueue_init+0x2b4/0x640 [ 36.809339][ T3963] kernel_init_freeable+0x448/0x650 [ 36.810768][ T3963] kernel_init+0x24/0x294 [ 36.812022][ T3963] ret_from_fork+0x10/0x20 [ 36.813404][ T3963] } [ 36.813883][ T3963] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 36.815561][ T3963] ... acquired at: [ 36.816314][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 36.817522][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 36.818665][ T3963] __kmalloc_node+0xbc/0x5b8 [ 36.819735][ T3963] kvmalloc_node+0x88/0x204 [ 36.820736][ T3963] get_dist_table+0x9c/0x2a4 [ 36.821770][ T3963] netem_change+0x7cc/0x1a90 [ 36.822763][ T3963] netem_init+0x54/0xb8 [ 36.823726][ T3963] qdisc_create+0x6fc/0xf44 [ 36.824707][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 36.825844][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 36.827011][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 36.828092][ T3963] rtnetlink_rcv+0x28/0x38 [ 36.829125][ T3963] netlink_unicast+0x664/0x938 [ 36.830197][ T3963] netlink_sendmsg+0x844/0xb38 [ 36.831231][ T3963] ____sys_sendmsg+0x584/0x870 [ 36.832272][ T3963] ___sys_sendmsg+0x214/0x294 [ 36.833395][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 36.834465][ T3963] invoke_syscall+0x98/0x2b8 [ 36.835545][ T3963] el0_svc_common+0x138/0x258 [ 36.836578][ T3963] do_el0_svc+0x58/0x14c [ 36.837597][ T3963] el0_svc+0x7c/0x1f0 [ 36.838524][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 36.839619][ T3963] el0t_64_sync+0x1a0/0x1a4 [ 36.840622][ T3963] [ 36.841145][ T3963] [ 36.841145][ T3963] stack backtrace: [ 36.842470][ T3963] CPU: 1 PID: 3963 Comm: syz-executor113 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 36.844643][ T3963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.846814][ T3963] Call trace: [ 36.847532][ T3963] dump_backtrace+0x0/0x530 [ 36.848501][ T3963] show_stack+0x2c/0x3c [ 36.849498][ T3963] dump_stack_lvl+0x108/0x170 [ 36.850547][ T3963] dump_stack+0x1c/0x58 [ 36.851505][ T3963] __lock_acquire+0x62b4/0x7620 [ 36.852582][ T3963] lock_acquire+0x240/0x77c [ 36.853561][ T3963] fs_reclaim_acquire+0xf0/0x1d0 [ 36.854592][ T3963] slab_pre_alloc_hook+0x38/0xe8 [ 36.855636][ T3963] __kmalloc_node+0xbc/0x5b8 [ 36.856694][ T3963] kvmalloc_node+0x88/0x204 [ 36.857642][ T3963] get_dist_table+0x9c/0x2a4 [ 36.858632][ T3963] netem_change+0x7cc/0x1a90 [ 36.859673][ T3963] netem_init+0x54/0xb8 [ 36.860565][ T3963] qdisc_create+0x6fc/0xf44 [ 36.861616][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 36.862725][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 36.863845][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 36.864891][ T3963] rtnetlink_rcv+0x28/0x38 [ 36.865824][ T3963] netlink_unicast+0x664/0x938 [ 36.866862][ T3963] netlink_sendmsg+0x844/0xb38 [ 36.867914][ T3963] ____sys_sendmsg+0x584/0x870 [ 36.868960][ T3963] ___sys_sendmsg+0x214/0x294 [ 36.869956][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 36.871045][ T3963] invoke_syscall+0x98/0x2b8 [ 36.872024][ T3963] el0_svc_common+0x138/0x258 [ 36.873072][ T3963] do_el0_svc+0x58/0x14c [ 36.874089][ T3963] el0_svc+0x7c/0x1f0 [ 36.874945][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 36.876044][ T3963] el0t_64_sync+0x1a0/0x1a4 [ 36.877142][ T3963] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 36.879261][ T3963] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3963, name: syz-executor113 [ 36.881217][ T3963] INFO: lockdep is turned off. [ 36.882288][ T3963] Preemption disabled at: [ 36.882299][ T3963] [] netem_change+0x22c/0x1a90 [ 36.884615][ T3963] CPU: 1 PID: 3963 Comm: syz-executor113 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 36.886771][ T3963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 36.888953][ T3963] Call trace: [ 36.889653][ T3963] dump_backtrace+0x0/0x530 [ 36.890669][ T3963] show_stack+0x2c/0x3c [ 36.891504][ T3963] dump_stack_lvl+0x108/0x170 [ 36.892552][ T3963] dump_stack+0x1c/0x58 [ 36.893414][ T3963] ___might_sleep+0x380/0x4dc [ 36.894454][ T3963] __might_sleep+0x98/0xf0 [ 36.895422][ T3963] slab_pre_alloc_hook+0x58/0xe8 [ 36.896499][ T3963] __kmalloc_node+0xbc/0x5b8 [ 36.897540][ T3963] kvmalloc_node+0x88/0x204 [ 36.898495][ T3963] get_dist_table+0x9c/0x2a4 [ 36.899465][ T3963] netem_change+0x7cc/0x1a90 [ 36.900500][ T3963] netem_init+0x54/0xb8 [ 36.901467][ T3963] qdisc_create+0x6fc/0xf44 [ 36.902469][ T3963] tc_modify_qdisc+0x8dc/0x1344 [ 36.903487][ T3963] rtnetlink_rcv_msg+0xa74/0xdac [ 36.904599][ T3963] netlink_rcv_skb+0x20c/0x3b8 [ 36.905616][ T3963] rtnetlink_rcv+0x28/0x38 [ 36.906572][ T3963] netlink_unicast+0x664/0x938 [ 36.907653][ T3963] netlink_sendmsg+0x844/0xb38 [ 36.908688][ T3963] ____sys_sendmsg+0x584/0x870 [ 36.909672][ T3963] ___sys_sendmsg+0x214/0x294 [ 36.910635][ T3963] __arm64_sys_sendmsg+0x1ac/0x25c [ 36.911699][ T3963] invoke_syscall+0x98/0x2b8 [ 36.912691][ T3963] el0_svc_common+0x138/0x258 [ 36.913698][ T3963] do_el0_svc+0x58/0x14c [ 36.914572][ T3963] el0_svc+0x7c/0x1f0 [ 36.915501][ T3963] el0t_64_sync_handler+0x84/0xe4 [ 36.916448][ T3963] el0t_64_sync+0x1a0/0x1a4