inconsistent lock state in trie_delete

Date	Name	Commit	Repro	Result
2025/12/05	linux-5.15.y (ToT)	cc5ec8769306	C	[report] inconsistent lock state in trie_delete_elem
2025/12/05	upstream (ToT)	7203ca412fc8	C	Didn't crash

Date

Name

Commit

Repro

Result

2025/12/05

linux-5.15.y (ToT)

cc5ec8769306

[report] inconsistent lock state in trie_delete_elem

2025/12/05

upstream (ToT)

7203ca412fc8

Didn't crash

Kernel	Title	Rank 🛈	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
linux-6.1	inconsistent lock state in trie_delete_elem origin:lts-only	4	C		error	6	9d12h	123d	0/3	upstream: reported C repro on 2025/12/04 16:53
linux-6.6	inconsistent lock state in trie_delete_elem origin:lts-only	4	C		error	8	80d	122d	0/2	upstream: reported C repro on 2025/12/04 20:31

Rank 🛈

linux-6.1

inconsistent lock state in trie_delete_elem origin:lts-only

error

9d12h

123d

0/3

upstream: reported C repro on 2025/12/04 16:53

linux-6.6

inconsistent lock state in trie_delete_elem origin:lts-only

error

80d

122d

0/2

upstream: reported C repro on 2025/12/04 20:31


Created	Duration	User	Repo	Result
2026/03/24 00:20	1h30m	fix candidate	upstream	error job log
2026/02/21 07:21	7m	fix candidate	upstream	error job log
2026/01/21 17:52	3m	fix candidate	upstream	error job log

================================ WARNING: inconsistent lock state syzkaller #0 Not tainted -------------------------------- inconsistent {INITIAL USE} -> {IN-NMI} usage. syz.0.17/4308 [HC1[1]:SC0[0]:HE0:SE1] takes: ffff88801eb3e238 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x90/0x710 kernel/bpf/lpm_trie.c:467 {INITIAL USE} state was registered at: lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0xa4/0xf0 kernel/locking/spinlock.c:162 trie_delete_elem+0x90/0x710 kernel/bpf/lpm_trie.c:467 bpf_prog_2c29ac5cdc6b1842+0x3a/0x97c bpf_dispatcher_nop_func include/linux/bpf.h:888 [inline] __bpf_prog_run include/linux/filter.h:628 [inline] bpf_prog_run include/linux/filter.h:635 [inline] bpf_overflow_handler+0x1c4/0x4c0 kernel/events/core.c:10297 __perf_event_overflow+0x364/0x530 kernel/events/core.c:9515 perf_swevent_overflow kernel/events/core.c:9591 [inline] perf_swevent_event+0x4ad/0x530 kernel/events/core.c:9629 perf_bp_event+0x224/0x290 kernel/events/core.c:10484 hw_breakpoint_handler arch/x86/kernel/hw_breakpoint.c:555 [inline] hw_breakpoint_exceptions_notify+0x152/0x470 arch/x86/kernel/hw_breakpoint.c:586 notifier_call_chain kernel/notifier.c:83 [inline] atomic_notifier_call_chain+0x15d/0x280 kernel/notifier.c:198 notify_die+0x12d/0x180 kernel/notifier.c:529 notify_debug+0x20/0x30 arch/x86/kernel/traps.c:872 exc_debug_user arch/x86/kernel/traps.c:998 [inline] noist_exc_debug+0x73/0x120 arch/x86/kernel/traps.c:1035 asm_exc_debug+0x2f/0x40 arch/x86/include/asm/idtentry.h:642 irq event stamp: 2470 hardirqs last enabled at (2469): [<ffffffff89a1c366>] exc_debug_kernel arch/x86/kernel/traps.c:947 [inline] hardirqs last enabled at (2469): [<ffffffff89a1c366>] exc_debug+0xe6/0x130 arch/x86/kernel/traps.c:1029 hardirqs last disabled at (2470): [<ffffffff89a1c2ee>] exc_debug_kernel arch/x86/kernel/traps.c:893 [inline] hardirqs last disabled at (2470): [<ffffffff89a1c2ee>] exc_debug+0x6e/0x130 arch/x86/kernel/traps.c:1029 softirqs last enabled at (2268): [<ffffffff81856560>] bpf_prog_load+0x1150/0x1550 kernel/bpf/syscall.c:2380 softirqs last disabled at (2266): [<ffffffff8183c969>] spin_lock_bh include/linux/spinlock.h:369 [inline] softirqs last disabled at (2266): [<ffffffff8183c969>] bpf_ksym_add+0x29/0x340 kernel/bpf/core.c:633 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&trie->lock); <Interrupt> lock(&trie->lock); *** DEADLOCK *** no locks held by syz.0.17/4308. stack backtrace: CPU: 0 PID: 4308 Comm: syz.0.17 Not tainted syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 Call Trace: <#DB> dump_stack_lvl+0x168/0x230 lib/dump_stack.c:106 lock_acquire+0x2b2/0x3f0 kernel/locking/lockdep.c:5614 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0xa4/0xf0 kernel/locking/spinlock.c:162 trie_delete_elem+0x90/0x710 kernel/bpf/lpm_trie.c:467 bpf_prog_2c29ac5cdc6b1842+0x3a/0x97c bpf_dispatcher_nop_func include/linux/bpf.h:888 [inline] __bpf_prog_run include/linux/filter.h:628 [inline] bpf_prog_run include/linux/filter.h:635 [inline] bpf_overflow_handler+0x1c4/0x4c0 kernel/events/core.c:10297 __perf_event_overflow+0x364/0x530 kernel/events/core.c:9515 perf_swevent_overflow kernel/events/core.c:9591 [inline] perf_swevent_event+0x4ad/0x530 kernel/events/core.c:9629 perf_bp_event+0x224/0x290 kernel/events/core.c:10484 hw_breakpoint_handler arch/x86/kernel/hw_breakpoint.c:555 [inline] hw_breakpoint_exceptions_notify+0x152/0x470 arch/x86/kernel/hw_breakpoint.c:586 notifier_call_chain kernel/notifier.c:83 [inline] atomic_notifier_call_chain+0x15d/0x280 kernel/notifier.c:198 notify_die+0x12d/0x180 kernel/notifier.c:529 notify_debug+0x20/0x30 arch/x86/kernel/traps.c:872 exc_debug_kernel arch/x86/kernel/traps.c:929 [inline] exc_debug+0xcf/0x130 arch/x86/kernel/traps.c:1029 asm_exc_debug+0x1a/0x40 arch/x86/include/asm/idtentry.h:642 RIP: 0010:copy_user_generic_unrolled+0xa0/0xc0 arch/x86/lib/copy_user_64.S:101 Code: 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a 06 <88> 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 01 ca c3 90 90 90 90 RSP: 0018:ffffc9000313fd08 EFLAGS: 00040206 RAX: ffffffff83dae000 RBX: 0000000000000004 RCX: 0000000000000003 RDX: 0000000000000004 RSI: 0000200000000301 RDI: ffff888141da7691 RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000003 R10: ffffed10283b4ed2 R11: 1ffff110283b4ed2 R12: 00007ffffffff000 R13: 0000200000000304 R14: ffff888141da7690 R15: 0000200000000300 </#DB> <TASK> copy_user_generic arch/x86/include/asm/uaccess_64.h:37 [inline] raw_copy_from_user arch/x86/include/asm/uaccess_64.h:52 [inline] _copy_from_user+0xfa/0x170 lib/usercopy.c:23 copy_from_user include/linux/uaccess.h:192 [inline] copy_from_bpfptr_offset include/linux/bpfptr.h:52 [inline] copy_from_bpfptr include/linux/bpfptr.h:58 [inline] kvmemdup_bpfptr include/linux/bpfptr.h:73 [inline] ___bpf_copy_key kernel/bpf/syscall.c:1069 [inline] map_update_elem+0x3c3/0x770 kernel/bpf/syscall.c:1177 __sys_bpf+0x3fb/0x670 kernel/bpf/syscall.c:4645 __do_sys_bpf kernel/bpf/syscall.c:4761 [inline] __se_sys_bpf kernel/bpf/syscall.c:4759 [inline] __x64_sys_bpf+0x78/0x90 kernel/bpf/syscall.c:4759 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x66/0xd0 RIP: 0033:0x7fae5a3f6749 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffc52da6718 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: ffffffffffffffda RBX: 00007fae5a64cfa0 RCX: 00007fae5a3f6749 RDX: 0000000000000020 RSI: 0000200000004080 RDI: 0000000000000002 RBP: 00007fae5a47af91 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fae5a64cfa0 R14: 00007fae5a64cfa0 R15: 0000000000000003 </TASK> ---------------- Code disassembly (best guess): 0: 7f 40 jg 0x42 2: ff c9 dec %ecx 4: 75 b6 jne 0xffffffbc 6: 89 d1 mov %edx,%ecx 8: 83 e2 07 and $0x7,%edx b: c1 e9 03 shr $0x3,%ecx e: 74 12 je 0x22 10: 4c 8b 06 mov (%rsi),%r8 13: 4c 89 07 mov %r8,(%rdi) 16: 48 8d 76 08 lea 0x8(%rsi),%rsi 1a: 48 8d 7f 08 lea 0x8(%rdi),%rdi 1e: ff c9 dec %ecx 20: 75 ee jne 0x10 22: 21 d2 and %edx,%edx 24: 74 10 je 0x36 26: 89 d1 mov %edx,%ecx 28: 8a 06 mov (%rsi),%al * 2a: 88 07 mov %al,(%rdi) <-- trapping instruction 2c: 48 ff c6 inc %rsi 2f: 48 ff c7 inc %rdi 32: ff c9 dec %ecx 34: 75 f2 jne 0x28 36: 31 c0 xor %eax,%eax 38: 0f 01 ca clac 3b: c3 ret 3c: 90 nop 3d: 90 nop 3e: 90 nop 3f: 90 nop

Crashes (348):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2026/01/16 16:01	linux-5.15.y	68efe5a6c16a	d6526ea3	.config	console log	report	syz / log	C		[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2025/12/04 19:07	linux-5.15.y	cc5ec8769306	d6526ea3	.config	console log	report	syz / log	C		[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2025/12/04 17:54	linux-5.15.y	cc5ec8769306	d6526ea3	.config	console log	report	syz / log	C		[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/01/15 14:20	linux-5.15.y	68efe5a6c16a	d6526ea3	.config	console log	report	syz / log			[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/06 17:01	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/06 12:37	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/06 09:16	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/06 06:13	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/06 05:04	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/06 03:44	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/05 18:13	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/05 16:08	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/05 01:56	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/04 23:13	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/04 15:24	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/04 07:55	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/04 02:24	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/04 00:31	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/03 22:00	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/03 12:52	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/03 11:47	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/03 05:56	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/03 04:29	linux-5.15.y	91d48252ad4b	4440e7c2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/02 07:16	linux-5.15.y	91d48252ad4b	0cb124d5	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/02 06:10	linux-5.15.y	91d48252ad4b	0cb124d5	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/02 03:54	linux-5.15.y	91d48252ad4b	0cb124d5	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/01 18:26	linux-5.15.y	91d48252ad4b	9a1f7828	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/01 16:17	linux-5.15.y	91d48252ad4b	9a1f7828	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/01 14:16	linux-5.15.y	91d48252ad4b	9a1f7828	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/01 12:31	linux-5.15.y	91d48252ad4b	9a1f7828	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/01 09:21	linux-5.15.y	91d48252ad4b	fb8b2c26	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/01 07:46	linux-5.15.y	91d48252ad4b	fb8b2c26	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/04/01 05:00	linux-5.15.y	91d48252ad4b	fb8b2c26	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/31 16:55	linux-5.15.y	91d48252ad4b	aeea1c72	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/31 14:48	linux-5.15.y	91d48252ad4b	aeea1c72	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/31 00:04	linux-5.15.y	91d48252ad4b	d0af506e	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/30 17:51	linux-5.15.y	91d48252ad4b	dcaebc52	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/30 14:59	linux-5.15.y	91d48252ad4b	dcaebc52	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/30 13:42	linux-5.15.y	91d48252ad4b	dcaebc52	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/30 07:53	linux-5.15.y	91d48252ad4b	b5ceaad2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/29 23:23	linux-5.15.y	91d48252ad4b	b5ceaad2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/29 21:40	linux-5.15.y	91d48252ad4b	b5ceaad2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/29 18:24	linux-5.15.y	91d48252ad4b	b5ceaad2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/29 17:05	linux-5.15.y	91d48252ad4b	b5ceaad2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/29 09:37	linux-5.15.y	91d48252ad4b	b5ceaad2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/29 07:55	linux-5.15.y	91d48252ad4b	b5ceaad2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/29 06:41	linux-5.15.y	91d48252ad4b	b5ceaad2	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/28 12:52	linux-5.15.y	91d48252ad4b	356bdfc9	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/28 11:17	linux-5.15.y	91d48252ad4b	356bdfc9	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem
2026/03/28 08:24	linux-5.15.y	91d48252ad4b	356bdfc9	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-5-15-kasan-perf	inconsistent lock state in trie_delete_elem

Crashes (348):

Assets (help?)

2026/01/16 16:01

linux-5.15.y