Warning: Permanently added '10.128.1.149' (ED25519) to the list of known hosts. executing program [ 49.803286][ T3971] [ 49.803916][ T3971] ===================================================== [ 49.805433][ T3971] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 49.807077][ T3971] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 49.808587][ T3971] ----------------------------------------------------- [ 49.810090][ T3971] syz-executor150/3971 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 49.811846][ T3971] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 49.813905][ T3971] [ 49.813905][ T3971] and this task is already holding: [ 49.815574][ T3971] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 49.817552][ T3971] which would create a new lock dependency: [ 49.818873][ T3971] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 49.820487][ T3971] [ 49.820487][ T3971] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 49.822589][ T3971] (noop_qdisc.q.lock){+.-.}-{2:2} [ 49.822607][ T3971] [ 49.822607][ T3971] ... which became SOFTIRQ-irq-safe at: [ 49.825340][ T3971] lock_acquire+0x240/0x77c [ 49.826365][ T3971] _raw_spin_lock+0xb0/0x10c [ 49.827365][ T3971] net_tx_action+0x634/0x884 [ 49.828381][ T3971] __do_softirq+0x344/0xe20 [ 49.829377][ T3971] run_ksoftirqd+0x68/0x258 [ 49.830315][ T3971] smpboot_thread_fn+0x4b0/0x920 [ 49.831332][ T3971] kthread+0x37c/0x45c [ 49.832216][ T3971] ret_from_fork+0x10/0x20 [ 49.833171][ T3971] [ 49.833171][ T3971] to a SOFTIRQ-irq-unsafe lock: [ 49.834615][ T3971] (fs_reclaim){+.+.}-{0:0} [ 49.834633][ T3971] [ 49.834633][ T3971] ... which became SOFTIRQ-irq-unsafe at: [ 49.837251][ T3971] ... [ 49.837257][ T3971] lock_acquire+0x240/0x77c [ 49.838744][ T3971] fs_reclaim_acquire+0xf0/0x1d0 [ 49.839816][ T3971] slab_pre_alloc_hook+0x38/0xe8 [ 49.840850][ T3971] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 49.842098][ T3971] init_rescuer+0xa4/0x264 [ 49.843066][ T3971] workqueue_init+0x2b4/0x640 [ 49.844106][ T3971] kernel_init_freeable+0x448/0x650 [ 49.845292][ T3971] kernel_init+0x24/0x294 [ 49.846232][ T3971] ret_from_fork+0x10/0x20 [ 49.847157][ T3971] [ 49.847157][ T3971] other info that might help us debug this: [ 49.847157][ T3971] [ 49.849470][ T3971] Possible interrupt unsafe locking scenario: [ 49.849470][ T3971] [ 49.851220][ T3971] CPU0 CPU1 [ 49.852342][ T3971] ---- ---- [ 49.853486][ T3971] lock(fs_reclaim); [ 49.854396][ T3971] local_irq_disable(); [ 49.855807][ T3971] lock(noop_qdisc.q.lock); [ 49.857264][ T3971] lock(fs_reclaim); [ 49.858671][ T3971] [ 49.859400][ T3971] lock(noop_qdisc.q.lock); [ 49.860540][ T3971] [ 49.860540][ T3971] *** DEADLOCK *** [ 49.860540][ T3971] [ 49.862247][ T3971] 2 locks held by syz-executor150/3971: [ 49.863401][ T3971] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 49.865473][ T3971] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 49.867574][ T3971] [ 49.867574][ T3971] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 49.869834][ T3971] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 49.871048][ T3971] HARDIRQ-ON-W at: [ 49.871934][ T3971] lock_acquire+0x240/0x77c [ 49.873284][ T3971] _raw_spin_lock+0xb0/0x10c [ 49.874687][ T3971] __dev_queue_xmit+0x8d0/0x2a6c [ 49.876106][ T3971] dev_queue_xmit+0x24/0x34 [ 49.877440][ T3971] tx+0x8c/0x130 [ 49.878561][ T3971] kthread+0x1ac/0x374 [ 49.879829][ T3971] kthread+0x37c/0x45c [ 49.881049][ T3971] ret_from_fork+0x10/0x20 [ 49.882314][ T3971] IN-SOFTIRQ-W at: [ 49.883157][ T3971] lock_acquire+0x240/0x77c [ 49.884447][ T3971] _raw_spin_lock+0xb0/0x10c [ 49.885730][ T3971] net_tx_action+0x634/0x884 [ 49.887033][ T3971] __do_softirq+0x344/0xe20 [ 49.888407][ T3971] run_ksoftirqd+0x68/0x258 [ 49.889703][ T3971] smpboot_thread_fn+0x4b0/0x920 [ 49.891249][ T3971] kthread+0x37c/0x45c [ 49.892438][ T3971] ret_from_fork+0x10/0x20 [ 49.893753][ T3971] INITIAL USE at: [ 49.894606][ T3971] lock_acquire+0x240/0x77c [ 49.895908][ T3971] _raw_spin_lock+0xb0/0x10c [ 49.897250][ T3971] __dev_queue_xmit+0x8d0/0x2a6c [ 49.898676][ T3971] dev_queue_xmit+0x24/0x34 [ 49.900023][ T3971] tx+0x8c/0x130 [ 49.901038][ T3971] kthread+0x1ac/0x374 [ 49.902253][ T3971] kthread+0x37c/0x45c [ 49.903486][ T3971] ret_from_fork+0x10/0x20 [ 49.904765][ T3971] } [ 49.905271][ T3971] ... key at: [] noop_qdisc+0x108/0x320 [ 49.906921][ T3971] [ 49.906921][ T3971] the dependencies between the lock to be acquired [ 49.906928][ T3971] and SOFTIRQ-irq-unsafe lock: [ 49.909873][ T3971] -> (fs_reclaim){+.+.}-{0:0} { [ 49.910928][ T3971] HARDIRQ-ON-W at: [ 49.911764][ T3971] lock_acquire+0x240/0x77c [ 49.913158][ T3971] fs_reclaim_acquire+0xf0/0x1d0 [ 49.914571][ T3971] slab_pre_alloc_hook+0x38/0xe8 [ 49.916072][ T3971] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 49.917613][ T3971] init_rescuer+0xa4/0x264 [ 49.918880][ T3971] workqueue_init+0x2b4/0x640 [ 49.920291][ T3971] kernel_init_freeable+0x448/0x650 [ 49.921888][ T3971] kernel_init+0x24/0x294 [ 49.923128][ T3971] ret_from_fork+0x10/0x20 [ 49.924396][ T3971] SOFTIRQ-ON-W at: [ 49.925276][ T3971] lock_acquire+0x240/0x77c [ 49.926623][ T3971] fs_reclaim_acquire+0xf0/0x1d0 [ 49.928083][ T3971] slab_pre_alloc_hook+0x38/0xe8 [ 49.929442][ T3971] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 49.931044][ T3971] init_rescuer+0xa4/0x264 [ 49.932366][ T3971] workqueue_init+0x2b4/0x640 [ 49.933769][ T3971] kernel_init_freeable+0x448/0x650 [ 49.935228][ T3971] kernel_init+0x24/0x294 [ 49.936478][ T3971] ret_from_fork+0x10/0x20 [ 49.937796][ T3971] INITIAL USE at: [ 49.938600][ T3971] lock_acquire+0x240/0x77c [ 49.939883][ T3971] fs_reclaim_acquire+0xf0/0x1d0 [ 49.941332][ T3971] slab_pre_alloc_hook+0x38/0xe8 [ 49.942765][ T3971] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 49.944353][ T3971] init_rescuer+0xa4/0x264 [ 49.945627][ T3971] workqueue_init+0x2b4/0x640 [ 49.946932][ T3971] kernel_init_freeable+0x448/0x650 [ 49.948340][ T3971] kernel_init+0x24/0x294 [ 49.949650][ T3971] ret_from_fork+0x10/0x20 [ 49.950990][ T3971] } [ 49.951485][ T3971] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 49.953233][ T3971] ... acquired at: [ 49.954077][ T3971] fs_reclaim_acquire+0xf0/0x1d0 [ 49.955219][ T3971] slab_pre_alloc_hook+0x38/0xe8 [ 49.956275][ T3971] __kmalloc_node+0xbc/0x5b8 [ 49.957301][ T3971] kvmalloc_node+0x88/0x204 [ 49.958310][ T3971] get_dist_table+0x9c/0x2a4 [ 49.959326][ T3971] netem_change+0x7cc/0x1a90 [ 49.960310][ T3971] netem_init+0x54/0xb8 [ 49.961271][ T3971] qdisc_create+0x6fc/0xf44 [ 49.962252][ T3971] tc_modify_qdisc+0x8dc/0x1344 [ 49.963406][ T3971] rtnetlink_rcv_msg+0xa74/0xdac [ 49.964488][ T3971] netlink_rcv_skb+0x20c/0x3b8 [ 49.965523][ T3971] rtnetlink_rcv+0x28/0x38 [ 49.966532][ T3971] netlink_unicast+0x664/0x938 [ 49.967612][ T3971] netlink_sendmsg+0x844/0xb38 [ 49.968647][ T3971] ____sys_sendmsg+0x584/0x870 [ 49.969749][ T3971] ___sys_sendmsg+0x214/0x294 [ 49.970791][ T3971] __arm64_sys_sendmsg+0x1ac/0x25c [ 49.971925][ T3971] invoke_syscall+0x98/0x2b8 [ 49.972928][ T3971] el0_svc_common+0x138/0x258 [ 49.974020][ T3971] do_el0_svc+0x58/0x14c [ 49.974910][ T3971] el0_svc+0x7c/0x1f0 [ 49.975774][ T3971] el0t_64_sync_handler+0x84/0xe4 [ 49.976899][ T3971] el0t_64_sync+0x1a0/0x1a4 [ 49.977954][ T3971] [ 49.978456][ T3971] [ 49.978456][ T3971] stack backtrace: [ 49.979702][ T3971] CPU: 1 PID: 3971 Comm: syz-executor150 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 49.981989][ T3971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 49.984246][ T3971] Call trace: [ 49.984954][ T3971] dump_backtrace+0x0/0x530 [ 49.985926][ T3971] show_stack+0x2c/0x3c [ 49.986825][ T3971] dump_stack_lvl+0x108/0x170 [ 49.987835][ T3971] dump_stack+0x1c/0x58 [ 49.988761][ T3971] __lock_acquire+0x62b4/0x7620 [ 49.989822][ T3971] lock_acquire+0x240/0x77c [ 49.990817][ T3971] fs_reclaim_acquire+0xf0/0x1d0 [ 49.991942][ T3971] slab_pre_alloc_hook+0x38/0xe8 [ 49.992975][ T3971] __kmalloc_node+0xbc/0x5b8 [ 49.993942][ T3971] kvmalloc_node+0x88/0x204 [ 49.994914][ T3971] get_dist_table+0x9c/0x2a4 [ 49.995893][ T3971] netem_change+0x7cc/0x1a90 [ 49.996860][ T3971] netem_init+0x54/0xb8 [ 49.997754][ T3971] qdisc_create+0x6fc/0xf44 [ 49.998735][ T3971] tc_modify_qdisc+0x8dc/0x1344 [ 49.999785][ T3971] rtnetlink_rcv_msg+0xa74/0xdac [ 50.000786][ T3971] netlink_rcv_skb+0x20c/0x3b8 [ 50.001844][ T3971] rtnetlink_rcv+0x28/0x38 [ 50.002819][ T3971] netlink_unicast+0x664/0x938 [ 50.003830][ T3971] netlink_sendmsg+0x844/0xb38 [ 50.004916][ T3971] ____sys_sendmsg+0x584/0x870 [ 50.005889][ T3971] ___sys_sendmsg+0x214/0x294 [ 50.006932][ T3971] __arm64_sys_sendmsg+0x1ac/0x25c [ 50.007940][ T3971] invoke_syscall+0x98/0x2b8 [ 50.008932][ T3971] el0_svc_common+0x138/0x258 [ 50.009926][ T3971] do_el0_svc+0x58/0x14c [ 50.010869][ T3971] el0_svc+0x7c/0x1f0 [ 50.011781][ T3971] el0t_64_sync_handler+0x84/0xe4 [ 50.012813][ T3971] el0t_64_sync+0x1a0/0x1a4 [ 50.013850][ T3971] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 50.015879][ T3971] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3971, name: syz-executor150 [ 50.017873][ T3971] INFO: lockdep is turned off. [ 50.018962][ T3971] Preemption disabled at: [ 50.018972][ T3971] [] netem_change+0x22c/0x1a90 [ 50.021221][ T3971] CPU: 1 PID: 3971 Comm: syz-executor150 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 50.023482][ T3971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 50.025639][ T3971] Call trace: [ 50.026378][ T3971] dump_backtrace+0x0/0x530 [ 50.027416][ T3971] show_stack+0x2c/0x3c [ 50.028295][ T3971] dump_stack_lvl+0x108/0x170 [ 50.029323][ T3971] dump_stack+0x1c/0x58 [ 50.030225][ T3971] ___might_sleep+0x380/0x4dc [ 50.031293][ T3971] __might_sleep+0x98/0xf0 [ 50.032249][ T3971] slab_pre_alloc_hook+0x58/0xe8 [ 50.033291][ T3971] __kmalloc_node+0xbc/0x5b8 [ 50.034305][ T3971] kvmalloc_node+0x88/0x204 [ 50.035216][ T3971] get_dist_table+0x9c/0x2a4 [ 50.036243][ T3971] netem_change+0x7cc/0x1a90 [ 50.037232][ T3971] netem_init+0x54/0xb8 [ 50.038131][ T3971] qdisc_create+0x6fc/0xf44 [ 50.039123][ T3971] tc_modify_qdisc+0x8dc/0x1344 [ 50.040175][ T3971] rtnetlink_rcv_msg+0xa74/0xdac [ 50.041207][ T3971] netlink_rcv_skb+0x20c/0x3b8 [ 50.042202][ T3971] rtnetlink_rcv+0x28/0x38 [ 50.043201][ T3971] netlink_unicast+0x664/0x938 [ 50.044173][ T3971] netlink_sendmsg+0x844/0xb38 [ 50.045252][ T3971] ____sys_sendmsg+0x584/0x870 [ 50.046173][ T3971] ___sys_sendmsg+0x214/0x294 [ 50.047206][ T3971] __arm64_sys_sendmsg+0x1ac/0x25c [ 50.048329][ T3971] invoke_syscall+0x98/0x2b8 [ 50.049295][ T3971] el0_svc_common+0x138/0x258 [ 50.050256][ T3971] do_el0_svc+0x58/0x14c [ 50.051193][ T3971] el0_svc+0x7c/0x1f0 [ 50.052050][ T3971] el0t_64_sync_handler+0x84/0xe4 [ 50.053091][ T3971] el0t_64_sync+0x1a0/0x1a4