Warning: Permanently added '10.128.1.90' (ED25519) to the list of known hosts. executing program [ 52.563649][ T3486] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 52.573283][ T3486] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3486, name: syz-executor214 [ 52.582783][ T3486] 2 locks held by syz-executor214/3486: [ 52.588316][ T3486] #0: ffffffff8d9e1148 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 [ 52.597762][ T3486] #1: ffff88801cb10908 (&sch->q.lock){+...}-{2:2}, at: netem_change+0x257/0x20c0 [ 52.607130][ T3486] Preemption disabled at: [ 52.607140][ T3486] [<0000000000000000>] 0x0 [ 52.615897][ T3486] CPU: 0 PID: 3486 Comm: syz-executor214 Not tainted 5.15.126-syzkaller #0 [ 52.624563][ T3486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 52.635128][ T3486] Call Trace: [ 52.638399][ T3486] [ 52.641319][ T3486] dump_stack_lvl+0x1e3/0x2cb [ 52.645994][ T3486] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 52.651620][ T3486] ? panic+0x84d/0x84d [ 52.655687][ T3486] ___might_sleep+0x547/0x6a0 [ 52.660359][ T3486] ? __might_sleep+0xc0/0xc0 [ 52.664975][ T3486] slab_pre_alloc_hook+0x44/0xc0 [ 52.669912][ T3486] __kmalloc_node+0x71/0x390 [ 52.674496][ T3486] ? kvmalloc_node+0x80/0x140 [ 52.679175][ T3486] ? __bpf_trace_softirq+0x10/0x10 [ 52.684285][ T3486] kvmalloc_node+0x80/0x140 [ 52.688787][ T3486] get_dist_table+0x83/0x2c0 [ 52.693371][ T3486] netem_change+0xa05/0x20c0 [ 52.697964][ T3486] ? netem_destroy+0xb0/0xb0 [ 52.702560][ T3486] ? debug_object_init+0x10/0x10 [ 52.707512][ T3486] ? memset+0x1f/0x40 [ 52.711491][ T3486] ? lockdep_init_map_type+0x9d/0x8d0 [ 52.716980][ T3486] ? memset+0x1f/0x40 [ 52.720974][ T3486] ? __hrtimer_init+0x181/0x260 [ 52.725843][ T3486] netem_init+0x58/0xb0 [ 52.729998][ T3486] ? qdisc_peek_dequeued+0x220/0x220 [ 52.735277][ T3486] qdisc_create+0x8ae/0x1390 [ 52.739882][ T3486] ? qdisc_notify+0x380/0x380 [ 52.744551][ T3486] ? apparmor_capable+0x12e/0x190 [ 52.749582][ T3486] tc_modify_qdisc+0xac5/0x1710 [ 52.754445][ T3486] ? rcu_lock_release+0x20/0x20 [ 52.759307][ T3486] ? rcu_lock_release+0x20/0x20 [ 52.764158][ T3486] rtnetlink_rcv_msg+0x993/0xee0 [ 52.769092][ T3486] ? reacquire_held_locks+0x660/0x660 [ 52.774461][ T3486] ? rtnetlink_bind+0x80/0x80 [ 52.779126][ T3486] ? is_bpf_text_address+0x24f/0x260 [ 52.784487][ T3486] ? stack_trace_save+0x1c0/0x1c0 [ 52.789501][ T3486] ? __kernel_text_address+0x94/0x100 [ 52.794861][ T3486] ? unwind_get_return_address+0x49/0x80 [ 52.800484][ T3486] ? arch_stack_walk+0xf3/0x140 [ 52.805417][ T3486] ? mark_lock+0x98/0x340 [ 52.809761][ T3486] ? mark_lock+0x98/0x340 [ 52.814079][ T3486] ? __lock_acquire+0x1295/0x1ff0 [ 52.819114][ T3486] netlink_rcv_skb+0x1cf/0x410 [ 52.823870][ T3486] ? rtnetlink_bind+0x80/0x80 [ 52.828536][ T3486] ? netlink_ack+0xb10/0xb10 [ 52.833224][ T3486] netlink_unicast+0x7b6/0x980 [ 52.837986][ T3486] ? netlink_detachskb+0x90/0x90 [ 52.842914][ T3486] ? 0xffffffff81000000 [ 52.847055][ T3486] ? __check_object_size+0x300/0x410 [ 52.852330][ T3486] ? bpf_lsm_netlink_send+0x5/0x10 [ 52.857457][ T3486] netlink_sendmsg+0xa30/0xd60 [ 52.862234][ T3486] ? netlink_getsockopt+0x5b0/0x5b0 [ 52.867424][ T3486] ? aa_sock_msg_perm+0x91/0x150 [ 52.872368][ T3486] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 52.877639][ T3486] ? security_socket_sendmsg+0x7d/0xa0 [ 52.883174][ T3486] ? netlink_getsockopt+0x5b0/0x5b0 [ 52.888392][ T3486] ____sys_sendmsg+0x59e/0x8f0 [ 52.893148][ T3486] ? iovec_from_user+0x300/0x390 [ 52.898077][ T3486] ? __sys_sendmsg_sock+0x30/0x30 [ 52.903109][ T3486] ___sys_sendmsg+0x252/0x2e0 [ 52.907793][ T3486] ? __sys_sendmsg+0x260/0x260 [ 52.912561][ T3486] ? __lock_acquire+0x1295/0x1ff0 [ 52.917605][ T3486] ? __context_tracking_enter+0x5f/0x90 [ 52.923140][ T3486] ? __context_tracking_exit+0x4c/0x80 [ 52.928589][ T3486] ? __fdget+0x158/0x220 [ 52.932822][ T3486] __se_sys_sendmsg+0x19a/0x260 [ 52.937676][ T3486] ? __x64_sys_sendmsg+0x80/0x80 [ 52.942633][ T3486] ? syscall_enter_from_user_mode+0x2e/0x230 [ 52.948607][ T3486] ? lockdep_hardirqs_on+0x94/0x130 [ 52.953792][ T3486] ? syscall_enter_from_user_mode+0x2e/0x230 [ 52.959762][ T3486] do_syscall_64+0x3d/0xb0 [ 52.964208][ T3486] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 52.970094][ T3486] RIP: 0033:0x7fb4240135a9 [ 52.974508][ T3486] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.994122][ T3486] RSP: 002b:00007fffe733a5d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.002545][ T3486] RAX: ffffffffffffffda RBX: 00007fffe733a7a8 RCX: 00007fb4240135a9 [ 53.010521][ T3486] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 53.018565][ T3486] RBP: 00007fb424086610 R08: 000000000000000a R09: 00007fffe733a7a8 [ 53.026527][ T3486] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 53.034489][ T3486] R13: 00007fffe733a798 R14: 0000000000000001 R15: 0000000000000001 [ 53.042558][ T3486] [ 53.045703][ T3486] [ 53.048031][ T3486] ============================================ [ 53.054178][ T3486] WARNING: possible recursive locking detected [ 53.060365][ T3486] 5.15.126-syzkaller #0 Tainted: G W [ 53.067109][ T3486] -------------------------------------------- [ 53.073243][ T3486] syz-executor214/3486 is trying to acquire lock: [ 53.079737][ T3486] ffff88801cb10908 (&sch->q.lock){+...}-{2:2}, at: get_dist_table+0x1fa/0x2c0 [ 53.088596][ T3486] [ 53.088596][ T3486] but task is already holding lock: [ 53.097015][ T3486] ffff88801cb10908 (&sch->q.lock){+...}-{2:2}, at: netem_change+0x257/0x20c0 [ 53.105896][ T3486] [ 53.105896][ T3486] other info that might help us debug this: [ 53.113937][ T3486] Possible unsafe locking scenario: [ 53.113937][ T3486] [ 53.121385][ T3486] CPU0 [ 53.124652][ T3486] ---- [ 53.127916][ T3486] lock(&sch->q.lock); [ 53.132055][ T3486] lock(&sch->q.lock); [ 53.136194][ T3486] [ 53.136194][ T3486] *** DEADLOCK *** [ 53.136194][ T3486] [ 53.144321][ T3486] May be due to missing lock nesting notation [ 53.144321][ T3486] [ 53.152717][ T3486] 2 locks held by syz-executor214/3486: [ 53.158265][ T3486] #0: ffffffff8d9e1148 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 [ 53.167730][ T3486] #1: ffff88801cb10908 (&sch->q.lock){+...}-{2:2}, at: netem_change+0x257/0x20c0 [ 53.177028][ T3486] [ 53.177028][ T3486] stack backtrace: [ 53.182897][ T3486] CPU: 0 PID: 3486 Comm: syz-executor214 Tainted: G W 5.15.126-syzkaller #0 [ 53.192857][ T3486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 53.202923][ T3486] Call Trace: [ 53.206194][ T3486] [ 53.209113][ T3486] dump_stack_lvl+0x1e3/0x2cb [ 53.213788][ T3486] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 53.219427][ T3486] ? panic+0x84d/0x84d [ 53.223507][ T3486] validate_chain+0x46cf/0x58b0 [ 53.228479][ T3486] ? do_raw_spin_unlock+0x137/0x8b0 [ 53.233891][ T3486] ? reacquire_held_locks+0x660/0x660 [ 53.245353][ T3486] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 53.251255][ T3486] ? _raw_spin_unlock+0x40/0x40 [ 53.256093][ T3486] ? stack_trace_save+0x113/0x1c0 [ 53.261106][ T3486] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 53.267249][ T3486] ? stack_trace_snprint+0xe0/0xe0 [ 53.272464][ T3486] ? stack_depot_save+0x3db/0x440 [ 53.277491][ T3486] ? ____kasan_kmalloc+0xd1/0xf0 [ 53.282420][ T3486] ? mark_lock+0x98/0x340 [ 53.286733][ T3486] ? qdisc_create+0x8ae/0x1390 [ 53.291483][ T3486] __lock_acquire+0x1295/0x1ff0 [ 53.296328][ T3486] lock_acquire+0x1db/0x4f0 [ 53.300820][ T3486] ? get_dist_table+0x1fa/0x2c0 [ 53.305663][ T3486] ? read_lock_is_recursive+0x10/0x10 [ 53.311029][ T3486] ? get_dist_table+0x1fa/0x2c0 [ 53.315866][ T3486] ? __bpf_trace_softirq+0x10/0x10 [ 53.320963][ T3486] ? __kmalloc_node+0x199/0x390 [ 53.325799][ T3486] ? kvmalloc_node+0x80/0x140 [ 53.330465][ T3486] ? __bpf_trace_softirq+0x10/0x10 [ 53.335564][ T3486] ? get_dist_table+0x1fa/0x2c0 [ 53.340491][ T3486] _raw_spin_lock_bh+0x31/0x40 [ 53.345240][ T3486] ? get_dist_table+0x1fa/0x2c0 [ 53.350075][ T3486] get_dist_table+0x1fa/0x2c0 [ 53.354748][ T3486] netem_change+0xa05/0x20c0 [ 53.359337][ T3486] ? netem_destroy+0xb0/0xb0 [ 53.363935][ T3486] ? debug_object_init+0x10/0x10 [ 53.368860][ T3486] ? memset+0x1f/0x40 [ 53.372827][ T3486] ? lockdep_init_map_type+0x9d/0x8d0 [ 53.378314][ T3486] ? memset+0x1f/0x40 [ 53.382285][ T3486] ? __hrtimer_init+0x181/0x260 [ 53.387162][ T3486] netem_init+0x58/0xb0 [ 53.391306][ T3486] ? qdisc_peek_dequeued+0x220/0x220 [ 53.396581][ T3486] qdisc_create+0x8ae/0x1390 [ 53.401179][ T3486] ? qdisc_notify+0x380/0x380 [ 53.405840][ T3486] ? apparmor_capable+0x12e/0x190 [ 53.410858][ T3486] tc_modify_qdisc+0xac5/0x1710 [ 53.415702][ T3486] ? rcu_lock_release+0x20/0x20 [ 53.420549][ T3486] ? rcu_lock_release+0x20/0x20 [ 53.425388][ T3486] rtnetlink_rcv_msg+0x993/0xee0 [ 53.430331][ T3486] ? reacquire_held_locks+0x660/0x660 [ 53.435692][ T3486] ? rtnetlink_bind+0x80/0x80 [ 53.440355][ T3486] ? is_bpf_text_address+0x24f/0x260 [ 53.445627][ T3486] ? stack_trace_save+0x1c0/0x1c0 [ 53.450645][ T3486] ? __kernel_text_address+0x94/0x100 [ 53.456093][ T3486] ? unwind_get_return_address+0x49/0x80 [ 53.461741][ T3486] ? arch_stack_walk+0xf3/0x140 [ 53.466594][ T3486] ? mark_lock+0x98/0x340 [ 53.470926][ T3486] ? mark_lock+0x98/0x340 [ 53.475245][ T3486] ? __lock_acquire+0x1295/0x1ff0 [ 53.480268][ T3486] netlink_rcv_skb+0x1cf/0x410 [ 53.485021][ T3486] ? rtnetlink_bind+0x80/0x80 [ 53.489684][ T3486] ? netlink_ack+0xb10/0xb10 [ 53.494280][ T3486] netlink_unicast+0x7b6/0x980 [ 53.499034][ T3486] ? netlink_detachskb+0x90/0x90 [ 53.503960][ T3486] ? 0xffffffff81000000 [ 53.508121][ T3486] ? __check_object_size+0x300/0x410 [ 53.513393][ T3486] ? bpf_lsm_netlink_send+0x5/0x10 [ 53.518492][ T3486] netlink_sendmsg+0xa30/0xd60 [ 53.523246][ T3486] ? netlink_getsockopt+0x5b0/0x5b0 [ 53.528436][ T3486] ? aa_sock_msg_perm+0x91/0x150 [ 53.533363][ T3486] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 53.538643][ T3486] ? security_socket_sendmsg+0x7d/0xa0 [ 53.544087][ T3486] ? netlink_getsockopt+0x5b0/0x5b0 [ 53.549274][ T3486] ____sys_sendmsg+0x59e/0x8f0 [ 53.554025][ T3486] ? iovec_from_user+0x300/0x390 [ 53.559068][ T3486] ? __sys_sendmsg_sock+0x30/0x30 [ 53.564086][ T3486] ___sys_sendmsg+0x252/0x2e0 [ 53.568759][ T3486] ? __sys_sendmsg+0x260/0x260 [ 53.573509][ T3486] ? __lock_acquire+0x1295/0x1ff0 [ 53.578526][ T3486] ? __context_tracking_enter+0x5f/0x90 [ 53.584074][ T3486] ? __context_tracking_exit+0x4c/0x80 [ 53.589517][ T3486] ? __fdget+0x158/0x220 [ 53.593744][ T3486] __se_sys_sendmsg+0x19a/0x260 [ 53.598583][ T3486] ? __x64_sys_sendmsg+0x80/0x80 [ 53.603540][ T3486] ? syscall_enter_from_user_mode+0x2e/0x230 [ 53.609506][ T3486] ? lockdep_hardirqs_on+0x94/0x130 [ 53.614691][ T3486] ? syscall_enter_from_user_mode+0x2e/0x230 [ 53.620656][ T3486] do_syscall_64+0x3d/0xb0 [ 53.625060][ T3486] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.630942][ T3486] RIP: 0033:0x7fb4240135a9 [ 53.635362][ T3486] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 53.654970][ T3486] RSP: 002b:00007fffe733a5d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.663371][ T3486] RAX: ffffffffffffffda RBX: 00007fffe733a7a8 RCX: 00007fb4240135a9 [ 53.671329][ T3486] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 53.679286][ T3486] RBP: 00007fb424086610 R08: 000000000000000a R09: 00007fffe733a7a8 [ 53.687246][ T3486] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 53.695205][ T3486] R13: 00007fffe733a798 R14: 0000000000000001 R15: 0000000000000001 [ 53.703170][ T3486]