Warning: Permanently added '10.128.1.44' (ED25519) to the list of known hosts. executing program [ 45.682773][ T3964] [ 45.683533][ T3964] ===================================================== [ 45.685466][ T3964] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 45.687491][ T3964] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 45.689379][ T3964] ----------------------------------------------------- [ 45.691280][ T3964] syz-executor375/3964 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 45.693501][ T3964] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 45.695988][ T3964] [ 45.695988][ T3964] and this task is already holding: [ 45.697993][ T3964] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 45.700535][ T3964] which would create a new lock dependency: [ 45.702117][ T3964] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 45.704134][ T3964] [ 45.704134][ T3964] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 45.706687][ T3964] (noop_qdisc.q.lock){+.-.}-{2:2} [ 45.706705][ T3964] [ 45.706705][ T3964] ... which became SOFTIRQ-irq-safe at: [ 45.710122][ T3964] lock_acquire+0x240/0x77c [ 45.711355][ T3964] _raw_spin_lock+0xb0/0x10c [ 45.712621][ T3964] net_tx_action+0x634/0x884 [ 45.713927][ T3964] __do_softirq+0x344/0xe20 [ 45.715164][ T3964] run_ksoftirqd+0x68/0x258 [ 45.716427][ T3964] smpboot_thread_fn+0x4b0/0x920 [ 45.717782][ T3964] kthread+0x37c/0x45c [ 45.718891][ T3964] ret_from_fork+0x10/0x20 [ 45.720122][ T3964] [ 45.720122][ T3964] to a SOFTIRQ-irq-unsafe lock: [ 45.722028][ T3964] (fs_reclaim){+.+.}-{0:0} [ 45.722046][ T3964] [ 45.722046][ T3964] ... which became SOFTIRQ-irq-unsafe at: [ 45.725368][ T3964] ... [ 45.725375][ T3964] lock_acquire+0x240/0x77c [ 45.727331][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.728699][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.730067][ T3964] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.731578][ T3964] init_rescuer+0xa4/0x264 [ 45.732817][ T3964] workqueue_init+0x2b4/0x640 [ 45.734103][ T3964] kernel_init_freeable+0x448/0x650 [ 45.735537][ T3964] kernel_init+0x24/0x294 [ 45.736752][ T3964] ret_from_fork+0x10/0x20 [ 45.737955][ T3964] [ 45.737955][ T3964] other info that might help us debug this: [ 45.737955][ T3964] [ 45.740729][ T3964] Possible interrupt unsafe locking scenario: [ 45.740729][ T3964] [ 45.742990][ T3964] CPU0 CPU1 [ 45.744418][ T3964] ---- ---- [ 45.745863][ T3964] lock(fs_reclaim); [ 45.746938][ T3964] local_irq_disable(); [ 45.748806][ T3964] lock(noop_qdisc.q.lock); [ 45.750799][ T3964] lock(fs_reclaim); [ 45.752508][ T3964] [ 45.753417][ T3964] lock(noop_qdisc.q.lock); [ 45.754702][ T3964] [ 45.754702][ T3964] *** DEADLOCK *** [ 45.754702][ T3964] [ 45.756918][ T3964] 2 locks held by syz-executor375/3964: [ 45.758412][ T3964] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 45.760986][ T3964] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 45.763667][ T3964] [ 45.763667][ T3964] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 45.766462][ T3964] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 45.767993][ T3964] HARDIRQ-ON-W at: [ 45.769067][ T3964] lock_acquire+0x240/0x77c [ 45.770768][ T3964] _raw_spin_lock+0xb0/0x10c [ 45.772460][ T3964] __dev_queue_xmit+0x8d0/0x2a6c [ 45.774238][ T3964] dev_queue_xmit+0x24/0x34 [ 45.775884][ T3964] tx+0x8c/0x130 [ 45.777286][ T3964] kthread+0x1ac/0x374 [ 45.778906][ T3964] kthread+0x37c/0x45c [ 45.780499][ T3964] ret_from_fork+0x10/0x20 [ 45.782142][ T3964] IN-SOFTIRQ-W at: [ 45.783194][ T3964] lock_acquire+0x240/0x77c [ 45.784860][ T3964] _raw_spin_lock+0xb0/0x10c [ 45.786531][ T3964] net_tx_action+0x634/0x884 [ 45.788218][ T3964] __do_softirq+0x344/0xe20 [ 45.789927][ T3964] run_ksoftirqd+0x68/0x258 [ 45.791598][ T3964] smpboot_thread_fn+0x4b0/0x920 [ 45.793404][ T3964] kthread+0x37c/0x45c [ 45.794968][ T3964] ret_from_fork+0x10/0x20 [ 45.796599][ T3964] INITIAL USE at: [ 45.797624][ T3964] lock_acquire+0x240/0x77c [ 45.799267][ T3964] _raw_spin_lock+0xb0/0x10c [ 45.800960][ T3964] __dev_queue_xmit+0x8d0/0x2a6c [ 45.802760][ T3964] dev_queue_xmit+0x24/0x34 [ 45.804406][ T3964] tx+0x8c/0x130 [ 45.805841][ T3964] kthread+0x1ac/0x374 [ 45.807383][ T3964] kthread+0x37c/0x45c [ 45.808897][ T3964] ret_from_fork+0x10/0x20 [ 45.810488][ T3964] } [ 45.811151][ T3964] ... key at: [] noop_qdisc+0x108/0x320 [ 45.813222][ T3964] [ 45.813222][ T3964] the dependencies between the lock to be acquired [ 45.813229][ T3964] and SOFTIRQ-irq-unsafe lock: [ 45.816792][ T3964] -> (fs_reclaim){+.+.}-{0:0} { [ 45.818125][ T3964] HARDIRQ-ON-W at: [ 45.819197][ T3964] lock_acquire+0x240/0x77c [ 45.820835][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.822558][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.824370][ T3964] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.826369][ T3964] init_rescuer+0xa4/0x264 [ 45.828019][ T3964] workqueue_init+0x2b4/0x640 [ 45.829736][ T3964] kernel_init_freeable+0x448/0x650 [ 45.831591][ T3964] kernel_init+0x24/0x294 [ 45.833188][ T3964] ret_from_fork+0x10/0x20 [ 45.834811][ T3964] SOFTIRQ-ON-W at: [ 45.835900][ T3964] lock_acquire+0x240/0x77c [ 45.837581][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.839444][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.841240][ T3964] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.843248][ T3964] init_rescuer+0xa4/0x264 [ 45.844907][ T3964] workqueue_init+0x2b4/0x640 [ 45.846673][ T3964] kernel_init_freeable+0x448/0x650 [ 45.848582][ T3964] kernel_init+0x24/0x294 [ 45.850202][ T3964] ret_from_fork+0x10/0x20 [ 45.851848][ T3964] INITIAL USE at: [ 45.852910][ T3964] lock_acquire+0x240/0x77c [ 45.854549][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.856321][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.858053][ T3964] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.860031][ T3964] init_rescuer+0xa4/0x264 [ 45.861682][ T3964] workqueue_init+0x2b4/0x640 [ 45.863429][ T3964] kernel_init_freeable+0x448/0x650 [ 45.865239][ T3964] kernel_init+0x24/0x294 [ 45.866839][ T3964] ret_from_fork+0x10/0x20 [ 45.868489][ T3964] } [ 45.869157][ T3964] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 45.871340][ T3964] ... acquired at: [ 45.872359][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.873763][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.875138][ T3964] __kmalloc_node+0xbc/0x5b8 [ 45.876490][ T3964] kvmalloc_node+0x88/0x204 [ 45.877778][ T3964] get_dist_table+0x9c/0x2a4 [ 45.879042][ T3964] netem_change+0x7cc/0x1a90 [ 45.880324][ T3964] netem_init+0x54/0xb8 [ 45.881463][ T3964] qdisc_create+0x6fc/0xf44 [ 45.882731][ T3964] tc_modify_qdisc+0x8dc/0x1344 [ 45.884072][ T3964] rtnetlink_rcv_msg+0xa74/0xdac [ 45.885437][ T3964] netlink_rcv_skb+0x20c/0x3b8 [ 45.886735][ T3964] rtnetlink_rcv+0x28/0x38 [ 45.887936][ T3964] netlink_unicast+0x664/0x938 [ 45.889237][ T3964] netlink_sendmsg+0x844/0xb38 [ 45.890620][ T3964] ____sys_sendmsg+0x584/0x870 [ 45.891965][ T3964] ___sys_sendmsg+0x214/0x294 [ 45.893284][ T3964] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.894722][ T3964] invoke_syscall+0x98/0x2b8 [ 45.896002][ T3964] el0_svc_common+0x138/0x258 [ 45.897310][ T3964] do_el0_svc+0x58/0x14c [ 45.898529][ T3964] el0_svc+0x7c/0x1f0 [ 45.899671][ T3964] el0t_64_sync_handler+0x84/0xe4 [ 45.901039][ T3964] el0t_64_sync+0x1a0/0x1a4 [ 45.902314][ T3964] [ 45.902952][ T3964] [ 45.902952][ T3964] stack backtrace: [ 45.904573][ T3964] CPU: 0 PID: 3964 Comm: syz-executor375 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 45.907409][ T3964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 45.910122][ T3964] Call trace: [ 45.911004][ T3964] dump_backtrace+0x0/0x530 [ 45.912202][ T3964] show_stack+0x2c/0x3c [ 45.913310][ T3964] dump_stack_lvl+0x108/0x170 [ 45.914613][ T3964] dump_stack+0x1c/0x58 [ 45.915722][ T3964] __lock_acquire+0x62b4/0x7620 [ 45.917025][ T3964] lock_acquire+0x240/0x77c [ 45.918224][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.919546][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.920936][ T3964] __kmalloc_node+0xbc/0x5b8 [ 45.922190][ T3964] kvmalloc_node+0x88/0x204 [ 45.923403][ T3964] get_dist_table+0x9c/0x2a4 [ 45.924661][ T3964] netem_change+0x7cc/0x1a90 [ 45.925895][ T3964] netem_init+0x54/0xb8 [ 45.927031][ T3964] qdisc_create+0x6fc/0xf44 [ 45.928240][ T3964] tc_modify_qdisc+0x8dc/0x1344 [ 45.929547][ T3964] rtnetlink_rcv_msg+0xa74/0xdac [ 45.930884][ T3964] netlink_rcv_skb+0x20c/0x3b8 [ 45.932188][ T3964] rtnetlink_rcv+0x28/0x38 [ 45.933390][ T3964] netlink_unicast+0x664/0x938 [ 45.934713][ T3964] netlink_sendmsg+0x844/0xb38 [ 45.936011][ T3964] ____sys_sendmsg+0x584/0x870 [ 45.937310][ T3964] ___sys_sendmsg+0x214/0x294 [ 45.938566][ T3964] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.939926][ T3964] invoke_syscall+0x98/0x2b8 [ 45.941151][ T3964] el0_svc_common+0x138/0x258 [ 45.942422][ T3964] do_el0_svc+0x58/0x14c [ 45.943568][ T3964] el0_svc+0x7c/0x1f0 [ 45.944628][ T3964] el0t_64_sync_handler+0x84/0xe4 [ 45.946003][ T3964] el0t_64_sync+0x1a0/0x1a4 [ 45.947306][ T3964] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 45.949726][ T3964] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3964, name: syz-executor375 [ 45.952130][ T3964] INFO: lockdep is turned off. [ 45.953349][ T3964] Preemption disabled at: [ 45.953360][ T3964] [] netem_change+0x22c/0x1a90 [ 45.956027][ T3964] CPU: 0 PID: 3964 Comm: syz-executor375 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 45.958662][ T3964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 45.961174][ T3964] Call trace: [ 45.961997][ T3964] dump_backtrace+0x0/0x530 [ 45.963160][ T3964] show_stack+0x2c/0x3c [ 45.964250][ T3964] dump_stack_lvl+0x108/0x170 [ 45.965526][ T3964] dump_stack+0x1c/0x58 [ 45.966610][ T3964] ___might_sleep+0x380/0x4dc [ 45.967875][ T3964] __might_sleep+0x98/0xf0 [ 45.969046][ T3964] slab_pre_alloc_hook+0x58/0xe8 [ 45.970400][ T3964] __kmalloc_node+0xbc/0x5b8 [ 45.971566][ T3964] kvmalloc_node+0x88/0x204 [ 45.972758][ T3964] get_dist_table+0x9c/0x2a4 [ 45.973940][ T3964] netem_change+0x7cc/0x1a90 [ 45.975122][ T3964] netem_init+0x54/0xb8 [ 45.976199][ T3964] qdisc_create+0x6fc/0xf44 [ 45.977345][ T3964] tc_modify_qdisc+0x8dc/0x1344 [ 45.978584][ T3964] rtnetlink_rcv_msg+0xa74/0xdac [ 45.979884][ T3964] netlink_rcv_skb+0x20c/0x3b8 [ 45.981183][ T3964] rtnetlink_rcv+0x28/0x38 [ 45.982315][ T3964] netlink_unicast+0x664/0x938 [ 45.983536][ T3964] netlink_sendmsg+0x844/0xb38 [ 45.984782][ T3964] ____sys_sendmsg+0x584/0x870 [ 45.986007][ T3964] ___sys_sendmsg+0x214/0x294 [ 45.987200][ T3964] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.988551][ T3964] invoke_syscall+0x98/0x2b8 [ 45.989752][ T3964] el0_svc_common+0x138/0x258 [ 45.990988][ T3964] do_el0_svc+0x58/0x14c [ 45.992108][ T3964] el0_svc+0x7c/0x1f0 [ 45.993127][ T3964] el0t_64_sync_handler+0x84/0xe4 [ 45.994403][ T3964] el0t_64_sync+0x1a0/0x1a4