Warning: Permanently added '10.128.0.25' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program [ 56.989677][ T4169] [ 56.992044][ T4169] ====================================================== [ 56.999045][ T4169] WARNING: possible circular locking dependency detected [ 57.006042][ T4169] 5.15.173-syzkaller #0 Not tainted [ 57.011219][ T4169] ------------------------------------------------------ [ 57.018244][ T4169] syz-executor203/4169 is trying to acquire lock: [ 57.024704][ T4169] ffff888022f56020 (&htab->lockdep_key#2){....}-{2:2}, at: htab_map_delete_elem+0x1bd/0x560 [ 57.034808][ T4169] [ 57.034808][ T4169] but task is already holding lock: [ 57.042156][ T4169] ffff888022f560a0 (&htab->lockdep_key#3){....}-{2:2}, at: htab_map_update_elem+0x245/0x9c0 [ 57.052234][ T4169] [ 57.052234][ T4169] which lock already depends on the new lock. [ 57.052234][ T4169] [ 57.062615][ T4169] [ 57.062615][ T4169] the existing dependency chain (in reverse order) is: [ 57.071609][ T4169] [ 57.071609][ T4169] -> #1 (&htab->lockdep_key#3){....}-{2:2}: [ 57.079672][ T4169] lock_acquire+0x1db/0x4f0 [ 57.084689][ T4169] _raw_spin_lock_irqsave+0xd1/0x120 [ 57.090487][ T4169] htab_map_delete_elem+0x1bd/0x560 [ 57.096199][ T4169] bpf_prog_2c29ac5cdc6b1842+0x3a/0xd34 [ 57.102247][ T4169] bpf_trace_run4+0x1ea/0x390 [ 57.107427][ T4169] __bpf_trace_mm_page_alloc+0xba/0xe0 [ 57.113399][ T4169] __traceiter_mm_page_alloc+0x35/0x50 [ 57.119363][ T4169] __alloc_pages+0x6e0/0x700 [ 57.124459][ T4169] kmalloc_large_node+0x7c/0x180 [ 57.129907][ T4169] __kmalloc_node+0x22d/0x390 [ 57.135092][ T4169] bpf_map_kmalloc_node+0xdb/0x160 [ 57.140706][ T4169] alloc_htab_elem+0x28b/0x920 [ 57.145976][ T4169] htab_map_update_elem+0x3cb/0x9c0 [ 57.151679][ T4169] bpf_map_update_value+0x5d7/0x6c0 [ 57.157394][ T4169] map_update_elem+0x6a0/0x7c0 [ 57.162659][ T4169] __sys_bpf+0x2fd/0x670 [ 57.167406][ T4169] __x64_sys_bpf+0x78/0x90 [ 57.172327][ T4169] do_syscall_64+0x3b/0xb0 [ 57.177269][ T4169] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 57.183670][ T4169] [ 57.183670][ T4169] -> #0 (&htab->lockdep_key#2){....}-{2:2}: [ 57.191909][ T4169] validate_chain+0x1649/0x5930 [ 57.197265][ T4169] __lock_acquire+0x1295/0x1ff0 [ 57.202620][ T4169] lock_acquire+0x1db/0x4f0 [ 57.207629][ T4169] _raw_spin_lock_irqsave+0xd1/0x120 [ 57.213420][ T4169] htab_map_delete_elem+0x1bd/0x560 [ 57.219148][ T4169] bpf_prog_2c29ac5cdc6b1842+0x3a/0x6b8 [ 57.225200][ T4169] bpf_trace_run4+0x1ea/0x390 [ 57.230387][ T4169] __bpf_trace_mm_page_alloc+0xba/0xe0 [ 57.236356][ T4169] __traceiter_mm_page_alloc+0x35/0x50 [ 57.242322][ T4169] __alloc_pages+0x6e0/0x700 [ 57.247418][ T4169] kmalloc_large_node+0x7c/0x180 [ 57.252865][ T4169] __kmalloc_node+0x22d/0x390 [ 57.258049][ T4169] bpf_map_kmalloc_node+0xdb/0x160 [ 57.263664][ T4169] alloc_htab_elem+0x28b/0x920 [ 57.268929][ T4169] htab_map_update_elem+0x3cb/0x9c0 [ 57.274630][ T4169] bpf_map_update_value+0x5d7/0x6c0 [ 57.280356][ T4169] map_update_elem+0x6a0/0x7c0 [ 57.285617][ T4169] __sys_bpf+0x2fd/0x670 [ 57.290391][ T4169] __x64_sys_bpf+0x78/0x90 [ 57.295311][ T4169] do_syscall_64+0x3b/0xb0 [ 57.300234][ T4169] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 57.306635][ T4169] [ 57.306635][ T4169] other info that might help us debug this: [ 57.306635][ T4169] [ 57.316842][ T4169] Possible unsafe locking scenario: [ 57.316842][ T4169] [ 57.324268][ T4169] CPU0 CPU1 [ 57.329616][ T4169] ---- ---- [ 57.334960][ T4169] lock(&htab->lockdep_key#3); [ 57.339800][ T4169] lock(&htab->lockdep_key#2); [ 57.347158][ T4169] lock(&htab->lockdep_key#3); [ 57.354517][ T4169] lock(&htab->lockdep_key#2); [ 57.359356][ T4169] [ 57.359356][ T4169] *** DEADLOCK *** [ 57.359356][ T4169] [ 57.367599][ T4169] 3 locks held by syz-executor203/4169: [ 57.373140][ T4169] #0: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 57.382453][ T4169] #1: ffff888022f560a0 (&htab->lockdep_key#3){....}-{2:2}, at: htab_map_update_elem+0x245/0x9c0 [ 57.393011][ T4169] #2: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 57.402362][ T4169] [ 57.402362][ T4169] stack backtrace: [ 57.408252][ T4169] CPU: 0 PID: 4169 Comm: syz-executor203 Not tainted 5.15.173-syzkaller #0 [ 57.416864][ T4169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 57.427051][ T4169] Call Trace: [ 57.430453][ T4169] [ 57.433384][ T4169] dump_stack_lvl+0x1e3/0x2d0 [ 57.438070][ T4169] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 57.443702][ T4169] ? print_circular_bug+0x12b/0x1a0 [ 57.448983][ T4169] check_noncircular+0x2f8/0x3b0 [ 57.453930][ T4169] ? add_chain_block+0x850/0x850 [ 57.458869][ T4169] ? lockdep_lock+0x11f/0x2a0 [ 57.463536][ T4169] validate_chain+0x1649/0x5930 [ 57.468382][ T4169] ? reacquire_held_locks+0x660/0x660 [ 57.473739][ T4169] ? is_bpf_text_address+0x24f/0x260 [ 57.479009][ T4169] ? stack_trace_save+0x1c0/0x1c0 [ 57.484027][ T4169] ? unwind_get_return_address+0x49/0x80 [ 57.489656][ T4169] ? reacquire_held_locks+0x660/0x660 [ 57.495016][ T4169] ? mark_lock+0x98/0x340 [ 57.499331][ T4169] __lock_acquire+0x1295/0x1ff0 [ 57.504171][ T4169] lock_acquire+0x1db/0x4f0 [ 57.508674][ T4169] ? htab_map_delete_elem+0x1bd/0x560 [ 57.514033][ T4169] ? bpf_map_kmalloc_node+0xdb/0x160 [ 57.519313][ T4169] ? read_lock_is_recursive+0x10/0x10 [ 57.524676][ T4169] _raw_spin_lock_irqsave+0xd1/0x120 [ 57.529955][ T4169] ? htab_map_delete_elem+0x1bd/0x560 [ 57.535313][ T4169] ? _raw_spin_lock+0x40/0x40 [ 57.539993][ T4169] ? htab_map_hash+0x267/0x6c0 [ 57.544739][ T4169] htab_map_delete_elem+0x1bd/0x560 [ 57.549924][ T4169] bpf_prog_2c29ac5cdc6b1842+0x3a/0x6b8 [ 57.555456][ T4169] bpf_trace_run4+0x1ea/0x390 [ 57.560142][ T4169] ? bpf_trace_run3+0x380/0x380 [ 57.564976][ T4169] ? __alloc_pages+0x700/0x700 [ 57.569727][ T4169] __bpf_trace_mm_page_alloc+0xba/0xe0 [ 57.575174][ T4169] __traceiter_mm_page_alloc+0x35/0x50 [ 57.580621][ T4169] __alloc_pages+0x6e0/0x700 [ 57.585197][ T4169] ? __rmqueue_pcplist+0x23a0/0x23a0 [ 57.590469][ T4169] ? mark_lock+0x98/0x340 [ 57.594806][ T4169] kmalloc_large_node+0x7c/0x180 [ 57.599731][ T4169] __kmalloc_node+0x22d/0x390 [ 57.604390][ T4169] ? __rwlock_init+0x140/0x140 [ 57.609158][ T4169] bpf_map_kmalloc_node+0xdb/0x160 [ 57.614282][ T4169] alloc_htab_elem+0x28b/0x920 [ 57.619035][ T4169] htab_map_update_elem+0x3cb/0x9c0 [ 57.624221][ T4169] bpf_map_update_value+0x5d7/0x6c0 [ 57.629405][ T4169] map_update_elem+0x6a0/0x7c0 [ 57.634158][ T4169] __sys_bpf+0x2fd/0x670 [ 57.638389][ T4169] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 57.643753][ T4169] ? syscall_enter_from_user_mode+0x2e/0x240 [ 57.649725][ T4169] ? lockdep_hardirqs_on+0x94/0x130 [ 57.654911][ T4169] __x64_sys_bpf+0x78/0x90 [ 57.659317][ T4169] do_syscall_64+0x3b/0xb0 [ 57.663716][ T4169] ? clear_bhb_loop+0x15/0x70 [ 57.668378][ T4169] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 57.674260][ T4169] RIP: 0033:0x7ff2c8e36029 executing program executing program executing program executing program executing program [ 57.678661][ T4169] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 57.698336][ T4169] RSP: 002b:00007ffd165a5538 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 57.706750][ T4169] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff2c8e36029 [ 57.714725][ T4169] RDX: 0000000000000020 RSI: 0000000020000280 RDI: 0000000000000002 [ 57.722702][ T4169] RBP: 0000000000000000 R08: 00000000000000a0 R09: 00000000000000a0 [ 57.730655][ T4169] R10: 00000000000000a0 R11: 0000000000000246 R12: 0000000000000000 executing program executing program [ 57.738613][ T4169] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 57.746577][ T4169] executing program executing program executing program executing program executing program