Warning: Permanently added '10.128.0.203' (ED25519) to the list of known hosts. executing program executing program executing program executing program [ 58.193698][ T11] [ 58.196177][ T11] ====================================================== [ 58.203624][ T11] WARNING: possible circular locking dependency detected [ 58.211160][ T11] 6.1.83-syzkaller #0 Not tainted [ 58.216448][ T11] ------------------------------------------------------ [ 58.224079][ T11] kworker/u4:1/11 is trying to acquire lock: [ 58.230430][ T11] ffff8880b9928118 (krc.lock){....}-{2:2}, at: kvfree_call_rcu+0x1b2/0x8c0 [ 58.239338][ T11] [ 58.239338][ T11] but task is already holding lock: [ 58.246968][ T11] ffff888077510a38 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x90/0x690 [ 58.256281][ T11] [ 58.256281][ T11] which lock already depends on the new lock. [ 58.256281][ T11] [ 58.266951][ T11] [ 58.266951][ T11] the existing dependency chain (in reverse order) is: [ 58.276067][ T11] [ 58.276067][ T11] -> #2 (&trie->lock){....}-{2:2}: [ 58.283474][ T11] lock_acquire+0x1f8/0x5a0 [ 58.288495][ T11] _raw_spin_lock_irqsave+0xd1/0x120 [ 58.294389][ T11] trie_delete_elem+0x90/0x690 [ 58.299769][ T11] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 58.306023][ T11] bpf_trace_run3+0x231/0x440 [ 58.311910][ T11] enqueue_timer+0x440/0x600 [ 58.317446][ T11] __mod_timer+0x92b/0xee0 [ 58.322470][ T11] queue_delayed_work_on+0x156/0x250 [ 58.328524][ T11] toggle_allocation_gate+0x427/0x480 [ 58.334582][ T11] process_one_work+0x8a9/0x11d0 [ 58.340114][ T11] worker_thread+0xa47/0x1200 [ 58.345770][ T11] kthread+0x28d/0x320 [ 58.350748][ T11] ret_from_fork+0x1f/0x30 [ 58.355708][ T11] [ 58.355708][ T11] -> #1 (&base->lock){-.-.}-{2:2}: [ 58.363803][ T11] lock_acquire+0x1f8/0x5a0 [ 58.368994][ T11] _raw_spin_lock_irqsave+0xd1/0x120 [ 58.375074][ T11] lock_timer_base+0x120/0x260 [ 58.380556][ T11] __mod_timer+0x1cb/0xee0 [ 58.385711][ T11] queue_delayed_work_on+0x156/0x250 [ 58.391699][ T11] kvfree_call_rcu+0x520/0x8c0 [ 58.397244][ T11] rtnl_register_internal+0x489/0x580 [ 58.403477][ T11] rtnl_register+0x32/0x70 [ 58.408494][ T11] ip_rt_init+0x335/0x3c7 [ 58.413702][ T11] ip_init+0xa/0x14 [ 58.418207][ T11] inet_init+0x2ae/0x3c0 [ 58.422963][ T11] do_one_initcall+0x265/0x8f0 [ 58.428719][ T11] do_initcall_level+0x157/0x207 [ 58.434536][ T11] do_initcalls+0x49/0x86 [ 58.439669][ T11] kernel_init_freeable+0x45c/0x60f [ 58.445555][ T11] kernel_init+0x19/0x290 [ 58.450479][ T11] ret_from_fork+0x1f/0x30 [ 58.455760][ T11] [ 58.455760][ T11] -> #0 (krc.lock){....}-{2:2}: [ 58.463327][ T11] validate_chain+0x1661/0x5950 [ 58.468777][ T11] __lock_acquire+0x125b/0x1f80 [ 58.474140][ T11] lock_acquire+0x1f8/0x5a0 [ 58.479421][ T11] _raw_spin_lock+0x2a/0x40 [ 58.484714][ T11] kvfree_call_rcu+0x1b2/0x8c0 [ 58.490105][ T11] trie_delete_elem+0x520/0x690 [ 58.495850][ T11] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 58.501904][ T11] bpf_trace_run3+0x231/0x440 [ 58.507272][ T11] enqueue_timer+0x440/0x600 [ 58.512721][ T11] __mod_timer+0x92b/0xee0 [ 58.517914][ T11] queue_delayed_work_on+0x156/0x250 [ 58.523885][ T11] toggle_allocation_gate+0x427/0x480 [ 58.530373][ T11] process_one_work+0x8a9/0x11d0 [ 58.536456][ T11] worker_thread+0xa47/0x1200 [ 58.542075][ T11] kthread+0x28d/0x320 [ 58.546658][ T11] ret_from_fork+0x1f/0x30 [ 58.551679][ T11] [ 58.551679][ T11] other info that might help us debug this: [ 58.551679][ T11] [ 58.562239][ T11] Chain exists of: [ 58.562239][ T11] krc.lock --> &base->lock --> &trie->lock [ 58.562239][ T11] [ 58.574130][ T11] Possible unsafe locking scenario: [ 58.574130][ T11] [ 58.581569][ T11] CPU0 CPU1 [ 58.587005][ T11] ---- ---- [ 58.592364][ T11] lock(&trie->lock); [ 58.596422][ T11] lock(&base->lock); [ 58.603081][ T11] lock(&trie->lock); [ 58.610624][ T11] lock(krc.lock); [ 58.614526][ T11] [ 58.614526][ T11] *** DEADLOCK *** [ 58.614526][ T11] [ 58.622656][ T11] 5 locks held by kworker/u4:1/11: [ 58.627938][ T11] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 58.639086][ T11] #1: ffffc90000107d20 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 58.651871][ T11] #2: ffff8880b9928358 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 58.661465][ T11] #3: ffffffff8d12a940 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0x146/0x440 [ 58.671415][ T11] #4: ffff888077510a38 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x90/0x690 [ 58.681104][ T11] [ 58.681104][ T11] stack backtrace: [ 58.687095][ T11] CPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted 6.1.83-syzkaller #0 [ 58.695432][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 58.705862][ T11] Workqueue: events_unbound toggle_allocation_gate [ 58.712410][ T11] Call Trace: [ 58.715744][ T11] [ 58.718683][ T11] dump_stack_lvl+0x1e3/0x2cb [ 58.723430][ T11] ? nf_tcp_handle_invalid+0x642/0x642 [ 58.729021][ T11] ? print_circular_bug+0x12b/0x1a0 [ 58.734324][ T11] check_noncircular+0x2fa/0x3b0 [ 58.739476][ T11] ? add_lock_to_list+0x1de/0x2e0 [ 58.745054][ T11] ? add_chain_block+0x850/0x850 [ 58.750036][ T11] ? lockdep_lock+0x11f/0x2a0 [ 58.754921][ T11] ? _find_first_zero_bit+0xd0/0x100 [ 58.760247][ T11] validate_chain+0x1661/0x5950 [ 58.765171][ T11] ? reacquire_held_locks+0x660/0x660 [ 58.771000][ T11] ? mark_lock+0x9a/0x340 [ 58.775449][ T11] ? __lock_acquire+0x125b/0x1f80 [ 58.780502][ T11] ? mark_lock+0x9a/0x340 [ 58.785038][ T11] ? mark_lock+0x9a/0x340 [ 58.789746][ T11] __lock_acquire+0x125b/0x1f80 [ 58.794602][ T11] lock_acquire+0x1f8/0x5a0 [ 58.800758][ T11] ? kvfree_call_rcu+0x1b2/0x8c0 [ 58.806052][ T11] ? read_lock_is_recursive+0x10/0x10 [ 58.811941][ T11] ? do_raw_spin_unlock+0x137/0x8a0 [ 58.817307][ T11] ? __virt_addr_valid+0x17f/0x520 [ 58.822586][ T11] ? __virt_addr_valid+0x17f/0x520 [ 58.827746][ T11] ? __virt_addr_valid+0x44a/0x520 [ 58.833463][ T11] ? __phys_addr+0xb6/0x170 [ 58.838155][ T11] _raw_spin_lock+0x2a/0x40 [ 58.842838][ T11] ? kvfree_call_rcu+0x1b2/0x8c0 [ 58.847936][ T11] kvfree_call_rcu+0x1b2/0x8c0 [ 58.852781][ T11] ? rcu_leak_callback+0x10/0x10 [ 58.857791][ T11] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 58.863413][ T11] ? _raw_spin_lock+0x40/0x40 [ 58.868686][ T11] ? longest_prefix_match+0x318/0x640 [ 58.874057][ T11] trie_delete_elem+0x520/0x690 [ 58.879818][ T11] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 58.885561][ T11] bpf_trace_run3+0x231/0x440 [ 58.890267][ T11] ? bpf_trace_run3+0x146/0x440 [ 58.895309][ T11] ? bpf_trace_run2+0x410/0x410 [ 58.900237][ T11] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 58.907309][ T11] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 58.912889][ T11] ? _raw_spin_lock+0x40/0x40 [ 58.917675][ T11] enqueue_timer+0x440/0x600 [ 58.922352][ T11] __mod_timer+0x92b/0xee0 [ 58.926795][ T11] ? mod_timer_pending+0x20/0x20 [ 58.931733][ T11] ? queue_delayed_work_on+0xfc/0x250 [ 58.937194][ T11] ? __queue_delayed_work+0x16b/0x210 [ 58.942892][ T11] queue_delayed_work_on+0x156/0x250 [ 58.948516][ T11] ? delayed_work_timer_fn+0x80/0x80 [ 58.953820][ T11] ? rcu_read_lock_any_held+0xb3/0x160 [ 58.959402][ T11] ? rcu_read_lock_bh_held+0x110/0x110 [ 58.965204][ T11] toggle_allocation_gate+0x427/0x480 [ 58.970626][ T11] ? show_object+0xa0/0xa0 [ 58.975152][ T11] ? wake_bit_function+0x210/0x210 [ 58.980470][ T11] ? print_irqtrace_events+0x210/0x210 [ 58.985954][ T11] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 58.991954][ T11] ? do_raw_spin_unlock+0x137/0x8a0 [ 58.997331][ T11] ? process_one_work+0x7a9/0x11d0 [ 59.002478][ T11] process_one_work+0x8a9/0x11d0 [ 59.007463][ T11] ? worker_detach_from_pool+0x260/0x260 [ 59.013285][ T11] ? _raw_spin_lock_irqsave+0x120/0x120 [ 59.018941][ T11] ? kthread_data+0x4e/0xc0 [ 59.023644][ T11] ? wq_worker_running+0x97/0x190 [ 59.028906][ T11] worker_thread+0xa47/0x1200 [ 59.033612][ T11] kthread+0x28d/0x320 [ 59.037776][ T11] ? worker_clr_flags+0x190/0x190 [ 59.042980][ T11] ? kthread_blkcg+0xd0/0xd0 [ 59.047695][ T11] ret_from_fork+0x1f/0x30 [ 59.052112][ T11]