Warning: Permanently added '10.128.10.17' (ED25519) to the list of known hosts. executing program [ 43.436352][ T3962] [ 43.436946][ T3962] ===================================================== [ 43.438771][ T3962] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 43.440847][ T3962] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 43.442682][ T3962] ----------------------------------------------------- [ 43.444549][ T3962] syz-executor168/3962 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 43.446690][ T3962] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 43.449187][ T3962] [ 43.449187][ T3962] and this task is already holding: [ 43.451125][ T3962] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 43.453669][ T3962] which would create a new lock dependency: [ 43.455227][ T3962] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 43.457306][ T3962] [ 43.457306][ T3962] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 43.459998][ T3962] (noop_qdisc.q.lock){+.-.}-{2:2} [ 43.460016][ T3962] [ 43.460016][ T3962] ... which became SOFTIRQ-irq-safe at: [ 43.463322][ T3962] lock_acquire+0x240/0x77c [ 43.464560][ T3962] _raw_spin_lock+0xb0/0x10c [ 43.465792][ T3962] net_tx_action+0x634/0x884 [ 43.467016][ T3962] __do_softirq+0x344/0xe20 [ 43.468276][ T3962] run_ksoftirqd+0x68/0x258 [ 43.469524][ T3962] smpboot_thread_fn+0x4b0/0x920 [ 43.470916][ T3962] kthread+0x37c/0x45c [ 43.471955][ T3962] ret_from_fork+0x10/0x20 [ 43.473187][ T3962] [ 43.473187][ T3962] to a SOFTIRQ-irq-unsafe lock: [ 43.475086][ T3962] (fs_reclaim){+.+.}-{0:0} [ 43.475104][ T3962] [ 43.475104][ T3962] ... which became SOFTIRQ-irq-unsafe at: [ 43.478414][ T3962] ... [ 43.478420][ T3962] lock_acquire+0x240/0x77c [ 43.480358][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 43.481660][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 43.482991][ T3962] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 43.484493][ T3962] init_rescuer+0xa4/0x264 [ 43.485778][ T3962] workqueue_init+0x2b4/0x640 [ 43.487066][ T3962] kernel_init_freeable+0x448/0x650 [ 43.488517][ T3962] kernel_init+0x24/0x294 [ 43.489674][ T3962] ret_from_fork+0x10/0x20 [ 43.490815][ T3962] [ 43.490815][ T3962] other info that might help us debug this: [ 43.490815][ T3962] [ 43.493517][ T3962] Possible interrupt unsafe locking scenario: [ 43.493517][ T3962] [ 43.495775][ T3962] CPU0 CPU1 [ 43.497124][ T3962] ---- ---- [ 43.498512][ T3962] lock(fs_reclaim); [ 43.499569][ T3962] local_irq_disable(); [ 43.501327][ T3962] lock(noop_qdisc.q.lock); [ 43.503174][ T3962] lock(fs_reclaim); [ 43.504873][ T3962] [ 43.505806][ T3962] lock(noop_qdisc.q.lock); [ 43.507058][ T3962] [ 43.507058][ T3962] *** DEADLOCK *** [ 43.507058][ T3962] [ 43.509130][ T3962] 2 locks held by syz-executor168/3962: [ 43.510572][ T3962] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 43.513097][ T3962] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 43.515695][ T3962] [ 43.515695][ T3962] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 43.518409][ T3962] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 43.519829][ T3962] HARDIRQ-ON-W at: [ 43.520863][ T3962] lock_acquire+0x240/0x77c [ 43.522422][ T3962] _raw_spin_lock+0xb0/0x10c [ 43.524081][ T3962] __dev_queue_xmit+0x8d0/0x2a6c [ 43.525894][ T3962] dev_queue_xmit+0x24/0x34 [ 43.527611][ T3962] tx+0x8c/0x130 [ 43.528968][ T3962] kthread+0x1ac/0x374 [ 43.530464][ T3962] kthread+0x37c/0x45c [ 43.531944][ T3962] ret_from_fork+0x10/0x20 [ 43.533548][ T3962] IN-SOFTIRQ-W at: [ 43.534585][ T3962] lock_acquire+0x240/0x77c [ 43.536231][ T3962] _raw_spin_lock+0xb0/0x10c [ 43.537920][ T3962] net_tx_action+0x634/0x884 [ 43.539566][ T3962] __do_softirq+0x344/0xe20 [ 43.541216][ T3962] run_ksoftirqd+0x68/0x258 [ 43.542842][ T3962] smpboot_thread_fn+0x4b0/0x920 [ 43.544584][ T3962] kthread+0x37c/0x45c [ 43.546073][ T3962] ret_from_fork+0x10/0x20 [ 43.547723][ T3962] INITIAL USE at: [ 43.548802][ T3962] lock_acquire+0x240/0x77c [ 43.550443][ T3962] _raw_spin_lock+0xb0/0x10c [ 43.552064][ T3962] __dev_queue_xmit+0x8d0/0x2a6c [ 43.553760][ T3962] dev_queue_xmit+0x24/0x34 [ 43.555459][ T3962] tx+0x8c/0x130 [ 43.556793][ T3962] kthread+0x1ac/0x374 [ 43.558205][ T3962] kthread+0x37c/0x45c [ 43.559712][ T3962] ret_from_fork+0x10/0x20 [ 43.561288][ T3962] } [ 43.562011][ T3962] ... key at: [] noop_qdisc+0x108/0x320 [ 43.564104][ T3962] [ 43.564104][ T3962] the dependencies between the lock to be acquired [ 43.564112][ T3962] and SOFTIRQ-irq-unsafe lock: [ 43.567642][ T3962] -> (fs_reclaim){+.+.}-{0:0} { [ 43.568919][ T3962] HARDIRQ-ON-W at: [ 43.570009][ T3962] lock_acquire+0x240/0x77c [ 43.571674][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 43.573399][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 43.575129][ T3962] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 43.577078][ T3962] init_rescuer+0xa4/0x264 [ 43.578727][ T3962] workqueue_init+0x2b4/0x640 [ 43.580541][ T3962] kernel_init_freeable+0x448/0x650 [ 43.582417][ T3962] kernel_init+0x24/0x294 [ 43.584078][ T3962] ret_from_fork+0x10/0x20 [ 43.585641][ T3962] SOFTIRQ-ON-W at: [ 43.586686][ T3962] lock_acquire+0x240/0x77c [ 43.588358][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 43.590081][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 43.591815][ T3962] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 43.593773][ T3962] init_rescuer+0xa4/0x264 [ 43.595385][ T3962] workqueue_init+0x2b4/0x640 [ 43.597055][ T3962] kernel_init_freeable+0x448/0x650 [ 43.598865][ T3962] kernel_init+0x24/0x294 [ 43.600456][ T3962] ret_from_fork+0x10/0x20 [ 43.602027][ T3962] INITIAL USE at: [ 43.603030][ T3962] lock_acquire+0x240/0x77c [ 43.604630][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 43.606320][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 43.608055][ T3962] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 43.610085][ T3962] init_rescuer+0xa4/0x264 [ 43.611594][ T3962] workqueue_init+0x2b4/0x640 [ 43.613272][ T3962] kernel_init_freeable+0x448/0x650 [ 43.615105][ T3962] kernel_init+0x24/0x294 [ 43.616624][ T3962] ret_from_fork+0x10/0x20 [ 43.618345][ T3962] } [ 43.618996][ T3962] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 43.621105][ T3962] ... acquired at: [ 43.622134][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 43.623453][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 43.624854][ T3962] __kmalloc_node+0xbc/0x5b8 [ 43.626097][ T3962] kvmalloc_node+0x88/0x204 [ 43.627396][ T3962] get_dist_table+0x9c/0x2a4 [ 43.628638][ T3962] netem_change+0x7cc/0x1a90 [ 43.629840][ T3962] netem_init+0x54/0xb8 [ 43.630994][ T3962] qdisc_create+0x6fc/0xf44 [ 43.632315][ T3962] tc_modify_qdisc+0x8dc/0x1344 [ 43.633631][ T3962] rtnetlink_rcv_msg+0xa74/0xdac [ 43.634988][ T3962] netlink_rcv_skb+0x20c/0x3b8 [ 43.636284][ T3962] rtnetlink_rcv+0x28/0x38 [ 43.637520][ T3962] netlink_unicast+0x664/0x938 [ 43.638829][ T3962] netlink_sendmsg+0x844/0xb38 [ 43.640106][ T3962] ____sys_sendmsg+0x584/0x870 [ 43.641411][ T3962] ___sys_sendmsg+0x214/0x294 [ 43.642697][ T3962] __arm64_sys_sendmsg+0x1ac/0x25c [ 43.644094][ T3962] invoke_syscall+0x98/0x2b8 [ 43.645348][ T3962] el0_svc_common+0x138/0x258 [ 43.646617][ T3962] do_el0_svc+0x58/0x14c [ 43.647790][ T3962] el0_svc+0x7c/0x1f0 [ 43.648894][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 43.650237][ T3962] el0t_64_sync+0x1a0/0x1a4 [ 43.651482][ T3962] [ 43.652107][ T3962] [ 43.652107][ T3962] stack backtrace: [ 43.653700][ T3962] CPU: 0 PID: 3962 Comm: syz-executor168 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 43.656443][ T3962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 43.659092][ T3962] Call trace: [ 43.660004][ T3962] dump_backtrace+0x0/0x530 [ 43.661191][ T3962] show_stack+0x2c/0x3c [ 43.662312][ T3962] dump_stack_lvl+0x108/0x170 [ 43.663553][ T3962] dump_stack+0x1c/0x58 [ 43.664654][ T3962] __lock_acquire+0x62b4/0x7620 [ 43.665906][ T3962] lock_acquire+0x240/0x77c [ 43.667080][ T3962] fs_reclaim_acquire+0xf0/0x1d0 [ 43.668439][ T3962] slab_pre_alloc_hook+0x38/0xe8 [ 43.669754][ T3962] __kmalloc_node+0xbc/0x5b8 [ 43.671004][ T3962] kvmalloc_node+0x88/0x204 [ 43.672184][ T3962] get_dist_table+0x9c/0x2a4 [ 43.673391][ T3962] netem_change+0x7cc/0x1a90 [ 43.674667][ T3962] netem_init+0x54/0xb8 [ 43.675846][ T3962] qdisc_create+0x6fc/0xf44 [ 43.677086][ T3962] tc_modify_qdisc+0x8dc/0x1344 [ 43.678400][ T3962] rtnetlink_rcv_msg+0xa74/0xdac [ 43.679682][ T3962] netlink_rcv_skb+0x20c/0x3b8 [ 43.681017][ T3962] rtnetlink_rcv+0x28/0x38 [ 43.682142][ T3962] netlink_unicast+0x664/0x938 [ 43.683477][ T3962] netlink_sendmsg+0x844/0xb38 [ 43.684735][ T3962] ____sys_sendmsg+0x584/0x870 [ 43.686029][ T3962] ___sys_sendmsg+0x214/0x294 [ 43.687224][ T3962] __arm64_sys_sendmsg+0x1ac/0x25c [ 43.688582][ T3962] invoke_syscall+0x98/0x2b8 [ 43.689817][ T3962] el0_svc_common+0x138/0x258 [ 43.691102][ T3962] do_el0_svc+0x58/0x14c [ 43.692243][ T3962] el0_svc+0x7c/0x1f0 [ 43.693412][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 43.694748][ T3962] el0t_64_sync+0x1a0/0x1a4 [ 43.696018][ T3962] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 43.698288][ T3962] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3962, name: syz-executor168 [ 43.700633][ T3962] INFO: lockdep is turned off. [ 43.701826][ T3962] Preemption disabled at: [ 43.701837][ T3962] [] netem_change+0x22c/0x1a90 [ 43.704419][ T3962] CPU: 0 PID: 3962 Comm: syz-executor168 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 43.706787][ T3962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 43.709230][ T3962] Call trace: [ 43.710124][ T3962] dump_backtrace+0x0/0x530 [ 43.711277][ T3962] show_stack+0x2c/0x3c [ 43.712342][ T3962] dump_stack_lvl+0x108/0x170 [ 43.713471][ T3962] dump_stack+0x1c/0x58 [ 43.714521][ T3962] ___might_sleep+0x380/0x4dc [ 43.715671][ T3962] __might_sleep+0x98/0xf0 [ 43.716811][ T3962] slab_pre_alloc_hook+0x58/0xe8 [ 43.718123][ T3962] __kmalloc_node+0xbc/0x5b8 [ 43.719291][ T3962] kvmalloc_node+0x88/0x204 [ 43.720480][ T3962] get_dist_table+0x9c/0x2a4 [ 43.721643][ T3962] netem_change+0x7cc/0x1a90 [ 43.722817][ T3962] netem_init+0x54/0xb8 [ 43.723851][ T3962] qdisc_create+0x6fc/0xf44 [ 43.725003][ T3962] tc_modify_qdisc+0x8dc/0x1344 [ 43.726305][ T3962] rtnetlink_rcv_msg+0xa74/0xdac [ 43.727537][ T3962] netlink_rcv_skb+0x20c/0x3b8 [ 43.728722][ T3962] rtnetlink_rcv+0x28/0x38 [ 43.729845][ T3962] netlink_unicast+0x664/0x938 [ 43.731000][ T3962] netlink_sendmsg+0x844/0xb38 [ 43.732189][ T3962] ____sys_sendmsg+0x584/0x870 [ 43.733398][ T3962] ___sys_sendmsg+0x214/0x294 [ 43.734582][ T3962] __arm64_sys_sendmsg+0x1ac/0x25c [ 43.735891][ T3962] invoke_syscall+0x98/0x2b8 [ 43.737063][ T3962] el0_svc_common+0x138/0x258 [ 43.738199][ T3962] do_el0_svc+0x58/0x14c [ 43.739236][ T3962] el0_svc+0x7c/0x1f0 [ 43.740248][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 43.741562][ T3962] el0t_64_sync+0x1a0/0x1a4