Warning: Permanently added '10.128.0.98' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program [ 51.345057][ T34] [ 51.347452][ T34] ====================================================== [ 51.354992][ T34] WARNING: possible circular locking dependency detected [ 51.362173][ T34] 6.1.83-syzkaller #0 Not tainted [ 51.367957][ T34] ------------------------------------------------------ [ 51.375339][ T34] kworker/u4:2/34 is trying to acquire lock: [ 51.381949][ T34] ffff8880b9928118 (krc.lock){....}-{2:2}, at: kvfree_call_rcu+0x1b2/0x8c0 [ 51.391062][ T34] [ 51.391062][ T34] but task is already holding lock: [ 51.398511][ T34] ffff888075c46a38 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x90/0x690 [ 51.407406][ T34] [ 51.407406][ T34] which lock already depends on the new lock. [ 51.407406][ T34] [ 51.418228][ T34] [ 51.418228][ T34] the existing dependency chain (in reverse order) is: [ 51.427836][ T34] [ 51.427836][ T34] -> #2 (&trie->lock){....}-{2:2}: [ 51.435302][ T34] lock_acquire+0x1f8/0x5a0 [ 51.440409][ T34] _raw_spin_lock_irqsave+0xd1/0x120 [ 51.446396][ T34] trie_delete_elem+0x90/0x690 [ 51.451768][ T34] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 51.457768][ T34] bpf_trace_run3+0x231/0x440 [ 51.462960][ T34] enqueue_timer+0x440/0x600 [ 51.468144][ T34] __mod_timer+0x92b/0xee0 [ 51.473252][ T34] queue_delayed_work_on+0x156/0x250 [ 51.479412][ T34] toggle_allocation_gate+0x427/0x480 [ 51.485596][ T34] process_one_work+0x8a9/0x11d0 [ 51.491242][ T34] worker_thread+0xa47/0x1200 [ 51.496612][ T34] kthread+0x28d/0x320 [ 51.501195][ T34] ret_from_fork+0x1f/0x30 [ 51.506128][ T34] [ 51.506128][ T34] -> #1 (&base->lock){-.-.}-{2:2}: [ 51.513690][ T34] lock_acquire+0x1f8/0x5a0 [ 51.519260][ T34] _raw_spin_lock_irqsave+0xd1/0x120 [ 51.525450][ T34] lock_timer_base+0x120/0x260 [ 51.530766][ T34] __mod_timer+0x1cb/0xee0 [ 51.535895][ T34] queue_delayed_work_on+0x156/0x250 [ 51.542161][ T34] kvfree_call_rcu+0x520/0x8c0 [ 51.547534][ T34] rtnl_register_internal+0x489/0x580 [ 51.553710][ T34] rtnl_register+0x32/0x70 [ 51.558860][ T34] ip_rt_init+0x335/0x3c7 [ 51.563741][ T34] ip_init+0xa/0x14 [ 51.568247][ T34] inet_init+0x2ae/0x3c0 [ 51.573395][ T34] do_one_initcall+0x265/0x8f0 [ 51.579296][ T34] do_initcall_level+0x157/0x207 [ 51.585365][ T34] do_initcalls+0x49/0x86 [ 51.590290][ T34] kernel_init_freeable+0x45c/0x60f [ 51.596527][ T34] kernel_init+0x19/0x290 [ 51.601457][ T34] ret_from_fork+0x1f/0x30 [ 51.606561][ T34] [ 51.606561][ T34] -> #0 (krc.lock){....}-{2:2}: [ 51.614831][ T34] validate_chain+0x1661/0x5950 [ 51.620508][ T34] __lock_acquire+0x125b/0x1f80 [ 51.626578][ T34] lock_acquire+0x1f8/0x5a0 [ 51.632300][ T34] _raw_spin_lock+0x2a/0x40 [ 51.637499][ T34] kvfree_call_rcu+0x1b2/0x8c0 [ 51.643230][ T34] trie_delete_elem+0x520/0x690 [ 51.648642][ T34] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 51.654643][ T34] bpf_trace_run3+0x231/0x440 [ 51.660016][ T34] enqueue_timer+0x440/0x600 [ 51.665595][ T34] __mod_timer+0x92b/0xee0 [ 51.671021][ T34] queue_delayed_work_on+0x156/0x250 [ 51.677890][ T34] toggle_allocation_gate+0x427/0x480 [ 51.684321][ T34] process_one_work+0x8a9/0x11d0 [ 51.689860][ T34] worker_thread+0xa47/0x1200 [ 51.695044][ T34] kthread+0x28d/0x320 [ 51.699798][ T34] ret_from_fork+0x1f/0x30 [ 51.705419][ T34] [ 51.705419][ T34] other info that might help us debug this: [ 51.705419][ T34] [ 51.715987][ T34] Chain exists of: [ 51.715987][ T34] krc.lock --> &base->lock --> &trie->lock [ 51.715987][ T34] [ 51.727820][ T34] Possible unsafe locking scenario: [ 51.727820][ T34] [ 51.735340][ T34] CPU0 CPU1 [ 51.740783][ T34] ---- ---- [ 51.746393][ T34] lock(&trie->lock); [ 51.750459][ T34] lock(&base->lock); [ 51.757041][ T34] lock(&trie->lock); [ 51.763627][ T34] lock(krc.lock); [ 51.767437][ T34] [ 51.767437][ T34] *** DEADLOCK *** [ 51.767437][ T34] [ 51.776410][ T34] 5 locks held by kworker/u4:2/34: [ 51.781504][ T34] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 51.793068][ T34] #1: ffffc90000ab7d20 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 51.806279][ T34] #2: ffff8880b9928358 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x62d/0xee0 [ 51.816020][ T34] #3: ffffffff8d12a940 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0x146/0x440 [ 51.826021][ T34] #4: ffff888075c46a38 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x90/0x690 [ 51.835698][ T34] [ 51.835698][ T34] stack backtrace: [ 51.841747][ T34] CPU: 1 PID: 34 Comm: kworker/u4:2 Not tainted 6.1.83-syzkaller #0 [ 51.849801][ T34] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 51.859847][ T34] Workqueue: events_unbound toggle_allocation_gate [ 51.866985][ T34] Call Trace: [ 51.870362][ T34] [ 51.873473][ T34] dump_stack_lvl+0x1e3/0x2cb [ 51.878468][ T34] ? nf_tcp_handle_invalid+0x642/0x642 [ 51.884043][ T34] ? print_circular_bug+0x12b/0x1a0 [ 51.889453][ T34] check_noncircular+0x2fa/0x3b0 [ 51.894411][ T34] ? add_chain_block+0x850/0x850 [ 51.899451][ T34] ? lockdep_lock+0x11f/0x2a0 [ 51.904131][ T34] ? __lock_acquire+0x125b/0x1f80 [ 51.910191][ T34] ? _find_first_zero_bit+0xd0/0x100 [ 51.916110][ T34] validate_chain+0x1661/0x5950 [ 51.921021][ T34] ? __stack_depot_save+0x3f5/0x470 [ 51.926233][ T34] ? reacquire_held_locks+0x660/0x660 [ 51.932135][ T34] ? do_raw_spin_unlock+0x137/0x8a0 [ 51.937327][ T34] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 51.943219][ T34] ? _raw_spin_unlock+0x40/0x40 [ 51.948067][ T34] ? stack_trace_save+0x113/0x1c0 [ 51.953434][ T34] ? stack_trace_snprint+0xe0/0xe0 [ 51.958538][ T34] ? mark_lock+0x9a/0x340 [ 51.962986][ T34] __lock_acquire+0x125b/0x1f80 [ 51.967890][ T34] lock_acquire+0x1f8/0x5a0 [ 51.972525][ T34] ? kvfree_call_rcu+0x1b2/0x8c0 [ 51.977681][ T34] ? read_lock_is_recursive+0x10/0x10 [ 51.983230][ T34] ? __phys_addr+0xb6/0x170 [ 51.987949][ T34] _raw_spin_lock+0x2a/0x40 [ 51.992664][ T34] ? kvfree_call_rcu+0x1b2/0x8c0 [ 51.997638][ T34] kvfree_call_rcu+0x1b2/0x8c0 [ 52.002436][ T34] ? rcu_leak_callback+0x10/0x10 [ 52.007790][ T34] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 52.013421][ T34] ? _raw_spin_lock+0x40/0x40 [ 52.018200][ T34] ? longest_prefix_match+0x4a5/0x640 [ 52.023572][ T34] trie_delete_elem+0x520/0x690 [ 52.029293][ T34] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 52.034744][ T34] bpf_trace_run3+0x231/0x440 [ 52.040246][ T34] ? bpf_trace_run3+0x146/0x440 [ 52.045108][ T34] ? bpf_trace_run2+0x410/0x410 [ 52.050019][ T34] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 52.056031][ T34] ? do_raw_spin_lock+0x14a/0x370 [ 52.061580][ T34] enqueue_timer+0x440/0x600 [ 52.066255][ T34] __mod_timer+0x92b/0xee0 [ 52.070981][ T34] ? mod_timer_pending+0x20/0x20 [ 52.076138][ T34] ? queue_delayed_work_on+0xfc/0x250 [ 52.082079][ T34] ? __queue_delayed_work+0x16b/0x210 [ 52.087599][ T34] queue_delayed_work_on+0x156/0x250 [ 52.092966][ T34] ? delayed_work_timer_fn+0x80/0x80 [ 52.098253][ T34] ? rcu_read_lock_any_held+0xb3/0x160 [ 52.103764][ T34] ? rcu_read_lock_bh_held+0x110/0x110 [ 52.109277][ T34] toggle_allocation_gate+0x427/0x480 [ 52.114919][ T34] ? show_object+0xa0/0xa0 [ 52.119818][ T34] ? wake_bit_function+0x210/0x210 [ 52.125454][ T34] ? print_irqtrace_events+0x210/0x210 [ 52.130939][ T34] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 52.137359][ T34] ? do_raw_spin_unlock+0x137/0x8a0 [ 52.142788][ T34] ? process_one_work+0x7a9/0x11d0 [ 52.147966][ T34] process_one_work+0x8a9/0x11d0 [ 52.153114][ T34] ? worker_detach_from_pool+0x260/0x260 [ 52.159069][ T34] ? _raw_spin_lock_irqsave+0x120/0x120 [ 52.165521][ T34] ? kthread_data+0x4e/0xc0 [ 52.170212][ T34] ? wq_worker_running+0x97/0x190 [ 52.176628][ T34] worker_thread+0xa47/0x1200 [ 52.181657][ T34] kthread+0x28d/0x320 [ 52.186089][ T34] ? worker_clr_flags+0x190/0x190 [ 52.191281][ T34] ? kthread_blkcg+0xd0/0xd0 [ 52.195870][ T34] ret_from_fork+0x1f/0x30 [ 52.200370][ T34]