Warning: Permanently added '10.128.0.179' (ED25519) to the list of known hosts. executing program [ 45.279643][ T3968] [ 45.280317][ T3968] ===================================================== [ 45.282218][ T3968] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 45.284226][ T3968] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 45.286060][ T3968] ----------------------------------------------------- [ 45.287975][ T3968] syz-executor149/3968 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 45.290165][ T3968] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 45.292625][ T3968] [ 45.292625][ T3968] and this task is already holding: [ 45.294517][ T3968] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 45.296929][ T3968] which would create a new lock dependency: [ 45.298495][ T3968] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 45.300480][ T3968] [ 45.300480][ T3968] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 45.302996][ T3968] (noop_qdisc.q.lock){+.-.}-{2:2} [ 45.303014][ T3968] [ 45.303014][ T3968] ... which became SOFTIRQ-irq-safe at: [ 45.306496][ T3968] lock_acquire+0x240/0x77c [ 45.307769][ T3968] _raw_spin_lock+0xb0/0x10c [ 45.309057][ T3968] net_tx_action+0x634/0x884 [ 45.310310][ T3968] __do_softirq+0x344/0xe20 [ 45.311570][ T3968] do_softirq+0x120/0x20c [ 45.312812][ T3968] __local_bh_enable_ip+0x2c0/0x4d0 [ 45.314277][ T3968] local_bh_enable+0x28/0x174 [ 45.315575][ T3968] dev_deactivate_many+0x580/0xbe4 [ 45.316982][ T3968] dev_deactivate+0x13c/0x1fc [ 45.318284][ T3968] linkwatch_do_dev+0x2a8/0x3c8 [ 45.319592][ T3968] __linkwatch_run_queue+0x424/0x730 [ 45.320935][ T3968] linkwatch_event+0x58/0x68 [ 45.322003][ T3968] process_one_work+0x790/0x11b8 [ 45.323400][ T3968] worker_thread+0x910/0x1034 [ 45.324727][ T3968] kthread+0x37c/0x45c [ 45.325881][ T3968] ret_from_fork+0x10/0x20 [ 45.327115][ T3968] [ 45.327115][ T3968] to a SOFTIRQ-irq-unsafe lock: [ 45.329067][ T3968] (fs_reclaim){+.+.}-{0:0} [ 45.329086][ T3968] [ 45.329086][ T3968] ... which became SOFTIRQ-irq-unsafe at: [ 45.332512][ T3968] ... [ 45.332518][ T3968] lock_acquire+0x240/0x77c [ 45.334498][ T3968] fs_reclaim_acquire+0xf0/0x1d0 [ 45.335896][ T3968] slab_pre_alloc_hook+0x38/0xe8 [ 45.337319][ T3968] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.338917][ T3968] init_rescuer+0xa4/0x264 [ 45.340160][ T3968] workqueue_init+0x2b4/0x640 [ 45.341463][ T3968] kernel_init_freeable+0x448/0x650 [ 45.342875][ T3968] kernel_init+0x24/0x294 [ 45.344058][ T3968] ret_from_fork+0x10/0x20 [ 45.345266][ T3968] [ 45.345266][ T3968] other info that might help us debug this: [ 45.345266][ T3968] [ 45.348053][ T3968] Possible interrupt unsafe locking scenario: [ 45.348053][ T3968] [ 45.350261][ T3968] CPU0 CPU1 [ 45.351702][ T3968] ---- ---- [ 45.353197][ T3968] lock(fs_reclaim); [ 45.354301][ T3968] local_irq_disable(); [ 45.356131][ T3968] lock(noop_qdisc.q.lock); [ 45.358010][ T3968] lock(fs_reclaim); [ 45.359846][ T3968] [ 45.360767][ T3968] lock(noop_qdisc.q.lock); [ 45.362066][ T3968] [ 45.362066][ T3968] *** DEADLOCK *** [ 45.362066][ T3968] [ 45.364312][ T3968] 2 locks held by syz-executor149/3968: [ 45.365806][ T3968] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 45.368427][ T3968] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 45.371084][ T3968] [ 45.371084][ T3968] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 45.373887][ T3968] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 45.375373][ T3968] HARDIRQ-ON-W at: [ 45.376459][ T3968] lock_acquire+0x240/0x77c [ 45.378161][ T3968] _raw_spin_lock+0xb0/0x10c [ 45.379905][ T3968] __dev_queue_xmit+0x8d0/0x2a6c [ 45.381656][ T3968] dev_queue_xmit+0x24/0x34 [ 45.383410][ T3968] tx+0x8c/0x130 [ 45.384829][ T3968] kthread+0x1ac/0x374 [ 45.386391][ T3968] kthread+0x37c/0x45c [ 45.387953][ T3968] ret_from_fork+0x10/0x20 [ 45.389579][ T3968] IN-SOFTIRQ-W at: [ 45.390689][ T3968] lock_acquire+0x240/0x77c [ 45.392332][ T3968] _raw_spin_lock+0xb0/0x10c [ 45.393993][ T3968] net_tx_action+0x634/0x884 [ 45.395715][ T3968] __do_softirq+0x344/0xe20 [ 45.397389][ T3968] do_softirq+0x120/0x20c [ 45.399024][ T3968] __local_bh_enable_ip+0x2c0/0x4d0 [ 45.400939][ T3968] local_bh_enable+0x28/0x174 [ 45.402700][ T3968] dev_deactivate_many+0x580/0xbe4 [ 45.404560][ T3968] dev_deactivate+0x13c/0x1fc [ 45.406268][ T3968] linkwatch_do_dev+0x2a8/0x3c8 [ 45.408031][ T3968] __linkwatch_run_queue+0x424/0x730 [ 45.409966][ T3968] linkwatch_event+0x58/0x68 [ 45.411633][ T3968] process_one_work+0x790/0x11b8 [ 45.413453][ T3968] worker_thread+0x910/0x1034 [ 45.415183][ T3968] kthread+0x37c/0x45c [ 45.416769][ T3968] ret_from_fork+0x10/0x20 [ 45.418421][ T3968] INITIAL USE at: [ 45.419480][ T3968] lock_acquire+0x240/0x77c [ 45.421116][ T3968] _raw_spin_lock+0xb0/0x10c [ 45.422762][ T3968] __dev_queue_xmit+0x8d0/0x2a6c [ 45.424594][ T3968] dev_queue_xmit+0x24/0x34 [ 45.426228][ T3968] tx+0x8c/0x130 [ 45.427588][ T3968] kthread+0x1ac/0x374 [ 45.429113][ T3968] kthread+0x37c/0x45c [ 45.430670][ T3968] ret_from_fork+0x10/0x20 [ 45.432336][ T3968] } [ 45.433005][ T3968] ... key at: [] noop_qdisc+0x108/0x320 [ 45.435110][ T3968] [ 45.435110][ T3968] the dependencies between the lock to be acquired [ 45.435118][ T3968] and SOFTIRQ-irq-unsafe lock: [ 45.438857][ T3968] -> (fs_reclaim){+.+.}-{0:0} { [ 45.440180][ T3968] HARDIRQ-ON-W at: [ 45.441222][ T3968] lock_acquire+0x240/0x77c [ 45.442887][ T3968] fs_reclaim_acquire+0xf0/0x1d0 [ 45.444726][ T3968] slab_pre_alloc_hook+0x38/0xe8 [ 45.446493][ T3968] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.448500][ T3968] init_rescuer+0xa4/0x264 [ 45.450155][ T3968] workqueue_init+0x2b4/0x640 [ 45.451876][ T3968] kernel_init_freeable+0x448/0x650 [ 45.453718][ T3968] kernel_init+0x24/0x294 [ 45.455339][ T3968] ret_from_fork+0x10/0x20 [ 45.456961][ T3968] SOFTIRQ-ON-W at: [ 45.458024][ T3968] lock_acquire+0x240/0x77c [ 45.459717][ T3968] fs_reclaim_acquire+0xf0/0x1d0 [ 45.461471][ T3968] slab_pre_alloc_hook+0x38/0xe8 [ 45.463259][ T3968] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.465270][ T3968] init_rescuer+0xa4/0x264 [ 45.466965][ T3968] workqueue_init+0x2b4/0x640 [ 45.468736][ T3968] kernel_init_freeable+0x448/0x650 [ 45.470622][ T3968] kernel_init+0x24/0x294 [ 45.472253][ T3968] ret_from_fork+0x10/0x20 [ 45.473910][ T3968] INITIAL USE at: [ 45.475021][ T3968] lock_acquire+0x240/0x77c [ 45.476699][ T3968] fs_reclaim_acquire+0xf0/0x1d0 [ 45.478471][ T3968] slab_pre_alloc_hook+0x38/0xe8 [ 45.480280][ T3968] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.482308][ T3968] init_rescuer+0xa4/0x264 [ 45.483949][ T3968] workqueue_init+0x2b4/0x640 [ 45.485679][ T3968] kernel_init_freeable+0x448/0x650 [ 45.487496][ T3968] kernel_init+0x24/0x294 [ 45.489139][ T3968] ret_from_fork+0x10/0x20 [ 45.490779][ T3968] } [ 45.491447][ T3968] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 45.493601][ T3968] ... acquired at: [ 45.494615][ T3968] fs_reclaim_acquire+0xf0/0x1d0 [ 45.496005][ T3968] slab_pre_alloc_hook+0x38/0xe8 [ 45.497441][ T3968] __kmalloc_node+0xbc/0x5b8 [ 45.498760][ T3968] kvmalloc_node+0x88/0x204 [ 45.500001][ T3968] get_dist_table+0x9c/0x2a4 [ 45.501309][ T3968] netem_change+0x7cc/0x1a90 [ 45.502639][ T3968] netem_init+0x54/0xb8 [ 45.503817][ T3968] qdisc_create+0x6fc/0xf44 [ 45.505091][ T3968] tc_modify_qdisc+0x8dc/0x1344 [ 45.506506][ T3968] rtnetlink_rcv_msg+0xa74/0xdac [ 45.507919][ T3968] netlink_rcv_skb+0x20c/0x3b8 [ 45.509288][ T3968] rtnetlink_rcv+0x28/0x38 [ 45.510532][ T3968] netlink_unicast+0x664/0x938 [ 45.511890][ T3968] netlink_sendmsg+0x844/0xb38 [ 45.513292][ T3968] ____sys_sendmsg+0x584/0x870 [ 45.514592][ T3968] ___sys_sendmsg+0x214/0x294 [ 45.515920][ T3968] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.517356][ T3968] invoke_syscall+0x98/0x2b8 [ 45.518636][ T3968] el0_svc_common+0x138/0x258 [ 45.519947][ T3968] do_el0_svc+0x58/0x14c [ 45.521127][ T3968] el0_svc+0x7c/0x1f0 [ 45.522225][ T3968] el0t_64_sync_handler+0x84/0xe4 [ 45.523629][ T3968] el0t_64_sync+0x1a0/0x1a4 [ 45.524904][ T3968] [ 45.525518][ T3968] [ 45.525518][ T3968] stack backtrace: [ 45.527092][ T3968] CPU: 0 PID: 3968 Comm: syz-executor149 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 45.529940][ T3968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 45.532687][ T3968] Call trace: [ 45.533585][ T3968] dump_backtrace+0x0/0x530 [ 45.534829][ T3968] show_stack+0x2c/0x3c [ 45.535972][ T3968] dump_stack_lvl+0x108/0x170 [ 45.537261][ T3968] dump_stack+0x1c/0x58 [ 45.538383][ T3968] __lock_acquire+0x62b4/0x7620 [ 45.539705][ T3968] lock_acquire+0x240/0x77c [ 45.540924][ T3968] fs_reclaim_acquire+0xf0/0x1d0 [ 45.542308][ T3968] slab_pre_alloc_hook+0x38/0xe8 [ 45.543648][ T3968] __kmalloc_node+0xbc/0x5b8 [ 45.544906][ T3968] kvmalloc_node+0x88/0x204 [ 45.546127][ T3968] get_dist_table+0x9c/0x2a4 [ 45.547398][ T3968] netem_change+0x7cc/0x1a90 [ 45.548659][ T3968] netem_init+0x54/0xb8 [ 45.549830][ T3968] qdisc_create+0x6fc/0xf44 [ 45.551033][ T3968] tc_modify_qdisc+0x8dc/0x1344 [ 45.552394][ T3968] rtnetlink_rcv_msg+0xa74/0xdac [ 45.553765][ T3968] netlink_rcv_skb+0x20c/0x3b8 [ 45.555050][ T3968] rtnetlink_rcv+0x28/0x38 [ 45.556275][ T3968] netlink_unicast+0x664/0x938 [ 45.557181][ T3968] netlink_sendmsg+0x844/0xb38 [ 45.558078][ T3968] ____sys_sendmsg+0x584/0x870 [ 45.558990][ T3968] ___sys_sendmsg+0x214/0x294 [ 45.559867][ T3968] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.560971][ T3968] invoke_syscall+0x98/0x2b8 [ 45.562283][ T3968] el0_svc_common+0x138/0x258 [ 45.563580][ T3968] do_el0_svc+0x58/0x14c [ 45.564755][ T3968] el0_svc+0x7c/0x1f0 [ 45.565843][ T3968] el0t_64_sync_handler+0x84/0xe4 [ 45.567252][ T3968] el0t_64_sync+0x1a0/0x1a4 [ 45.568575][ T3968] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 45.571055][ T3968] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3968, name: syz-executor149 [ 45.573447][ T3968] INFO: lockdep is turned off. [ 45.574667][ T3968] Preemption disabled at: [ 45.574678][ T3968] [] netem_change+0x22c/0x1a90 [ 45.577404][ T3968] CPU: 0 PID: 3968 Comm: syz-executor149 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 45.580022][ T3968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 45.582577][ T3968] Call trace: [ 45.583376][ T3968] dump_backtrace+0x0/0x530 [ 45.584469][ T3968] show_stack+0x2c/0x3c [ 45.585469][ T3968] dump_stack_lvl+0x108/0x170 [ 45.586677][ T3968] dump_stack+0x1c/0x58 [ 45.587779][ T3968] ___might_sleep+0x380/0x4dc [ 45.589048][ T3968] __might_sleep+0x98/0xf0 [ 45.590170][ T3968] slab_pre_alloc_hook+0x58/0xe8 [ 45.591533][ T3968] __kmalloc_node+0xbc/0x5b8 [ 45.592725][ T3968] kvmalloc_node+0x88/0x204 [ 45.593922][ T3968] get_dist_table+0x9c/0x2a4 [ 45.595160][ T3968] netem_change+0x7cc/0x1a90 [ 45.596334][ T3968] netem_init+0x54/0xb8 [ 45.597402][ T3968] qdisc_create+0x6fc/0xf44 [ 45.598590][ T3968] tc_modify_qdisc+0x8dc/0x1344 [ 45.599842][ T3968] rtnetlink_rcv_msg+0xa74/0xdac [ 45.601134][ T3968] netlink_rcv_skb+0x20c/0x3b8 [ 45.602464][ T3968] rtnetlink_rcv+0x28/0x38 [ 45.603647][ T3968] netlink_unicast+0x664/0x938 [ 45.604850][ T3968] netlink_sendmsg+0x844/0xb38 [ 45.606095][ T3968] ____sys_sendmsg+0x584/0x870 [ 45.607374][ T3968] ___sys_sendmsg+0x214/0x294 [ 45.608614][ T3968] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.609944][ T3968] invoke_syscall+0x98/0x2b8 [ 45.611185][ T3968] el0_svc_common+0x138/0x258 [ 45.612465][ T3968] do_el0_svc+0x58/0x14c [ 45.613613][ T3968] el0_svc+0x7c/0x1f0 [ 45.614637][ T3968] el0t_64_sync_handler+0x84/0xe4 [ 45.615963][ T3968] el0t_64_sync+0x1a0/0x1a4