Warning: Permanently added '10.128.0.88' (ED25519) to the list of known hosts. executing program [ 44.899467][ T3964] [ 44.900137][ T3964] ===================================================== [ 44.902104][ T3964] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 44.904156][ T3964] 5.15.126-syzkaller-00092-g24c4de4069cb #0 Not tainted [ 44.906019][ T3964] ----------------------------------------------------- [ 44.907897][ T3964] syz-executor411/3964 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: [ 44.910085][ T3964] ffff800014b85980 (fs_reclaim){+.+.}-{0:0}, at: slab_pre_alloc_hook+0x38/0xe8 [ 44.912500][ T3964] [ 44.912500][ T3964] and this task is already holding: [ 44.914472][ T3964] ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 44.917005][ T3964] which would create a new lock dependency: [ 44.918615][ T3964] (noop_qdisc.q.lock){+.-.}-{2:2} -> (fs_reclaim){+.+.}-{0:0} [ 44.920714][ T3964] [ 44.920714][ T3964] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 44.923272][ T3964] (noop_qdisc.q.lock){+.-.}-{2:2} [ 44.923290][ T3964] [ 44.923290][ T3964] ... which became SOFTIRQ-irq-safe at: [ 44.926775][ T3964] lock_acquire+0x240/0x77c [ 44.928019][ T3964] _raw_spin_lock+0xb0/0x10c [ 44.929303][ T3964] net_tx_action+0x634/0x884 [ 44.930567][ T3964] __do_softirq+0x344/0xe20 [ 44.931854][ T3964] run_ksoftirqd+0x68/0x258 [ 44.933110][ T3964] smpboot_thread_fn+0x4b0/0x920 [ 44.934472][ T3964] kthread+0x37c/0x45c [ 44.935594][ T3964] ret_from_fork+0x10/0x20 [ 44.936850][ T3964] [ 44.936850][ T3964] to a SOFTIRQ-irq-unsafe lock: [ 44.938825][ T3964] (fs_reclaim){+.+.}-{0:0} [ 44.938843][ T3964] [ 44.938843][ T3964] ... which became SOFTIRQ-irq-unsafe at: [ 44.942132][ T3964] ... [ 44.942138][ T3964] lock_acquire+0x240/0x77c [ 44.944052][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 44.945388][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 44.946746][ T3964] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 44.948313][ T3964] init_rescuer+0xa4/0x264 [ 44.949492][ T3964] workqueue_init+0x2b4/0x640 [ 44.950786][ T3964] kernel_init_freeable+0x448/0x650 [ 44.952236][ T3964] kernel_init+0x24/0x294 [ 44.953459][ T3964] ret_from_fork+0x10/0x20 [ 44.954661][ T3964] [ 44.954661][ T3964] other info that might help us debug this: [ 44.954661][ T3964] [ 44.957458][ T3964] Possible interrupt unsafe locking scenario: [ 44.957458][ T3964] [ 44.959685][ T3964] CPU0 CPU1 [ 44.961145][ T3964] ---- ---- [ 44.962575][ T3964] lock(fs_reclaim); [ 44.963646][ T3964] local_irq_disable(); [ 44.965493][ T3964] lock(noop_qdisc.q.lock); [ 44.967404][ T3964] lock(fs_reclaim); [ 44.969156][ T3964] [ 44.970123][ T3964] lock(noop_qdisc.q.lock); [ 44.971405][ T3964] [ 44.971405][ T3964] *** DEADLOCK *** [ 44.971405][ T3964] [ 44.973648][ T3964] 2 locks held by syz-executor411/3964: [ 44.975157][ T3964] #0: ffff8000169e74a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac [ 44.977705][ T3964] #1: ffff800016a26e08 (noop_qdisc.q.lock){+.-.}-{2:2}, at: netem_change+0x22c/0x1a90 [ 44.980372][ T3964] [ 44.980372][ T3964] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 44.983220][ T3964] -> (noop_qdisc.q.lock){+.-.}-{2:2} { [ 44.984710][ T3964] HARDIRQ-ON-W at: [ 44.985771][ T3964] lock_acquire+0x240/0x77c [ 44.987444][ T3964] _raw_spin_lock+0xb0/0x10c [ 44.989136][ T3964] __dev_queue_xmit+0x8d0/0x2a6c [ 44.990898][ T3964] dev_queue_xmit+0x24/0x34 [ 44.992589][ T3964] tx+0x8c/0x130 [ 44.994004][ T3964] kthread+0x1ac/0x374 [ 44.995669][ T3964] kthread+0x37c/0x45c [ 44.997281][ T3964] ret_from_fork+0x10/0x20 [ 44.998913][ T3964] IN-SOFTIRQ-W at: [ 44.999960][ T3964] lock_acquire+0x240/0x77c [ 45.001629][ T3964] _raw_spin_lock+0xb0/0x10c [ 45.003348][ T3964] net_tx_action+0x634/0x884 [ 45.005010][ T3964] __do_softirq+0x344/0xe20 [ 45.006657][ T3964] run_ksoftirqd+0x68/0x258 [ 45.008351][ T3964] smpboot_thread_fn+0x4b0/0x920 [ 45.010127][ T3964] kthread+0x37c/0x45c [ 45.011637][ T3964] ret_from_fork+0x10/0x20 [ 45.013165][ T3964] INITIAL USE at: [ 45.014237][ T3964] lock_acquire+0x240/0x77c [ 45.015876][ T3964] _raw_spin_lock+0xb0/0x10c [ 45.017567][ T3964] __dev_queue_xmit+0x8d0/0x2a6c [ 45.019370][ T3964] dev_queue_xmit+0x24/0x34 [ 45.021107][ T3964] tx+0x8c/0x130 [ 45.022467][ T3964] kthread+0x1ac/0x374 [ 45.023960][ T3964] kthread+0x37c/0x45c [ 45.025523][ T3964] ret_from_fork+0x10/0x20 [ 45.027174][ T3964] } [ 45.027823][ T3964] ... key at: [] noop_qdisc+0x108/0x320 [ 45.029939][ T3964] [ 45.029939][ T3964] the dependencies between the lock to be acquired [ 45.029946][ T3964] and SOFTIRQ-irq-unsafe lock: [ 45.033684][ T3964] -> (fs_reclaim){+.+.}-{0:0} { [ 45.035020][ T3964] HARDIRQ-ON-W at: [ 45.036114][ T3964] lock_acquire+0x240/0x77c [ 45.037810][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.039620][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.041376][ T3964] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.043398][ T3964] init_rescuer+0xa4/0x264 [ 45.045022][ T3964] workqueue_init+0x2b4/0x640 [ 45.046735][ T3964] kernel_init_freeable+0x448/0x650 [ 45.048684][ T3964] kernel_init+0x24/0x294 [ 45.050347][ T3964] ret_from_fork+0x10/0x20 [ 45.051950][ T3964] SOFTIRQ-ON-W at: [ 45.053009][ T3964] lock_acquire+0x240/0x77c [ 45.054682][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.056479][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.058265][ T3964] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.060265][ T3964] init_rescuer+0xa4/0x264 [ 45.061891][ T3964] workqueue_init+0x2b4/0x640 [ 45.063592][ T3964] kernel_init_freeable+0x448/0x650 [ 45.065428][ T3964] kernel_init+0x24/0x294 [ 45.067003][ T3964] ret_from_fork+0x10/0x20 [ 45.068691][ T3964] INITIAL USE at: [ 45.069735][ T3964] lock_acquire+0x240/0x77c [ 45.071356][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.073152][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.074915][ T3964] kmem_cache_alloc_node_trace+0xa0/0x4c4 [ 45.076843][ T3964] init_rescuer+0xa4/0x264 [ 45.078482][ T3964] workqueue_init+0x2b4/0x640 [ 45.080191][ T3964] kernel_init_freeable+0x448/0x650 [ 45.082006][ T3964] kernel_init+0x24/0x294 [ 45.083557][ T3964] ret_from_fork+0x10/0x20 [ 45.085218][ T3964] } [ 45.085885][ T3964] ... key at: [] __fs_reclaim_map+0x0/0x200 [ 45.088060][ T3964] ... acquired at: [ 45.089082][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.090476][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.091863][ T3964] __kmalloc_node+0xbc/0x5b8 [ 45.093130][ T3964] kvmalloc_node+0x88/0x204 [ 45.094436][ T3964] get_dist_table+0x9c/0x2a4 [ 45.095763][ T3964] netem_change+0x820/0x1a90 [ 45.097043][ T3964] netem_init+0x54/0xb8 [ 45.098173][ T3964] qdisc_create+0x6fc/0xf44 [ 45.099423][ T3964] tc_modify_qdisc+0x8dc/0x1344 [ 45.100789][ T3964] rtnetlink_rcv_msg+0xa74/0xdac [ 45.102137][ T3964] netlink_rcv_skb+0x20c/0x3b8 [ 45.103450][ T3964] rtnetlink_rcv+0x28/0x38 [ 45.104700][ T3964] netlink_unicast+0x664/0x938 [ 45.106029][ T3964] netlink_sendmsg+0x844/0xb38 [ 45.107392][ T3964] ____sys_sendmsg+0x584/0x870 [ 45.108729][ T3964] ___sys_sendmsg+0x214/0x294 [ 45.110081][ T3964] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.111479][ T3964] invoke_syscall+0x98/0x2b8 [ 45.112744][ T3964] el0_svc_common+0x138/0x258 [ 45.114109][ T3964] do_el0_svc+0x58/0x14c [ 45.115308][ T3964] el0_svc+0x7c/0x1f0 [ 45.116424][ T3964] el0t_64_sync_handler+0x84/0xe4 [ 45.117854][ T3964] el0t_64_sync+0x1a0/0x1a4 [ 45.119121][ T3964] [ 45.119714][ T3964] [ 45.119714][ T3964] stack backtrace: [ 45.121337][ T3964] CPU: 0 PID: 3964 Comm: syz-executor411 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 45.124061][ T3964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 45.126783][ T3964] Call trace: [ 45.127631][ T3964] dump_backtrace+0x0/0x530 [ 45.128805][ T3964] show_stack+0x2c/0x3c [ 45.129932][ T3964] dump_stack_lvl+0x108/0x170 [ 45.131249][ T3964] dump_stack+0x1c/0x58 [ 45.132384][ T3964] __lock_acquire+0x62b4/0x7620 [ 45.133716][ T3964] lock_acquire+0x240/0x77c [ 45.134948][ T3964] fs_reclaim_acquire+0xf0/0x1d0 [ 45.136277][ T3964] slab_pre_alloc_hook+0x38/0xe8 [ 45.137621][ T3964] __kmalloc_node+0xbc/0x5b8 [ 45.138892][ T3964] kvmalloc_node+0x88/0x204 [ 45.140112][ T3964] get_dist_table+0x9c/0x2a4 [ 45.141461][ T3964] netem_change+0x820/0x1a90 [ 45.142694][ T3964] netem_init+0x54/0xb8 [ 45.143863][ T3964] qdisc_create+0x6fc/0xf44 [ 45.145122][ T3964] tc_modify_qdisc+0x8dc/0x1344 [ 45.146398][ T3964] rtnetlink_rcv_msg+0xa74/0xdac [ 45.147779][ T3964] netlink_rcv_skb+0x20c/0x3b8 [ 45.149125][ T3964] rtnetlink_rcv+0x28/0x38 [ 45.150313][ T3964] netlink_unicast+0x664/0x938 [ 45.151582][ T3964] netlink_sendmsg+0x844/0xb38 [ 45.152867][ T3964] ____sys_sendmsg+0x584/0x870 [ 45.154190][ T3964] ___sys_sendmsg+0x214/0x294 [ 45.155501][ T3964] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.156924][ T3964] invoke_syscall+0x98/0x2b8 [ 45.158187][ T3964] el0_svc_common+0x138/0x258 [ 45.159484][ T3964] do_el0_svc+0x58/0x14c [ 45.160631][ T3964] el0_svc+0x7c/0x1f0 [ 45.161683][ T3964] el0t_64_sync_handler+0x84/0xe4 [ 45.163039][ T3964] el0t_64_sync+0x1a0/0x1a4 [ 45.164325][ T3964] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209 [ 45.166798][ T3964] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3964, name: syz-executor411 [ 45.169229][ T3964] INFO: lockdep is turned off. [ 45.170459][ T3964] Preemption disabled at: [ 45.170470][ T3964] [] netem_change+0x22c/0x1a90 [ 45.173239][ T3964] CPU: 0 PID: 3964 Comm: syz-executor411 Not tainted 5.15.126-syzkaller-00092-g24c4de4069cb #0 [ 45.175869][ T3964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 45.178425][ T3964] Call trace: [ 45.179239][ T3964] dump_backtrace+0x0/0x530 [ 45.180444][ T3964] show_stack+0x2c/0x3c [ 45.181551][ T3964] dump_stack_lvl+0x108/0x170 [ 45.182725][ T3964] dump_stack+0x1c/0x58 [ 45.183841][ T3964] ___might_sleep+0x380/0x4dc [ 45.185105][ T3964] __might_sleep+0x98/0xf0 [ 45.186294][ T3964] slab_pre_alloc_hook+0x58/0xe8 [ 45.187567][ T3964] __kmalloc_node+0xbc/0x5b8 [ 45.188798][ T3964] kvmalloc_node+0x88/0x204 [ 45.190034][ T3964] get_dist_table+0x9c/0x2a4 [ 45.191273][ T3964] netem_change+0x820/0x1a90 [ 45.192520][ T3964] netem_init+0x54/0xb8 [ 45.193626][ T3964] qdisc_create+0x6fc/0xf44 [ 45.194824][ T3964] tc_modify_qdisc+0x8dc/0x1344 [ 45.196125][ T3964] rtnetlink_rcv_msg+0xa74/0xdac [ 45.197443][ T3964] netlink_rcv_skb+0x20c/0x3b8 [ 45.198684][ T3964] rtnetlink_rcv+0x28/0x38 [ 45.199875][ T3964] netlink_unicast+0x664/0x938 [ 45.201207][ T3964] netlink_sendmsg+0x844/0xb38 [ 45.202519][ T3964] ____sys_sendmsg+0x584/0x870 [ 45.203798][ T3964] ___sys_sendmsg+0x214/0x294 [ 45.205032][ T3964] __arm64_sys_sendmsg+0x1ac/0x25c [ 45.206408][ T3964] invoke_syscall+0x98/0x2b8 [ 45.207615][ T3964] el0_svc_common+0x138/0x258 [ 45.208819][ T3964] do_el0_svc+0x58/0x14c [ 45.209944][ T3964] el0_svc+0x7c/0x1f0 [ 45.211024][ T3964] el0t_64_sync_handler+0x84/0xe4 [ 45.212327][ T3964] el0t_64_sync+0x1a0/0x1a4