Warning: Permanently added '10.128.1.187' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 50.324979][ T15] [ 50.327354][ T15] ====================================================== [ 50.334384][ T15] WARNING: possible circular locking dependency detected [ 50.341403][ T15] 5.15.153-syzkaller #0 Not tainted [ 50.346600][ T15] ------------------------------------------------------ [ 50.353607][ T15] rcu_preempt/15 is trying to acquire lock: [ 50.359624][ T15] ffff8880b9b27e78 (krc.lock){....}-{2:2}, at: kvfree_call_rcu+0x1b5/0x8a0 [ 50.368365][ T15] [ 50.368365][ T15] but task is already holding lock: [ 50.375767][ T15] ffff88807a3f65b8 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x90/0x690 [ 50.384657][ T15] [ 50.384657][ T15] which lock already depends on the new lock. [ 50.384657][ T15] [ 50.395049][ T15] [ 50.395049][ T15] the existing dependency chain (in reverse order) is: [ 50.404059][ T15] [ 50.404059][ T15] -> #2 (&trie->lock){....}-{2:2}: [ 50.411353][ T15] lock_acquire+0x1db/0x4f0 [ 50.416374][ T15] _raw_spin_lock_irqsave+0xd1/0x120 [ 50.422178][ T15] trie_delete_elem+0x90/0x690 [ 50.427458][ T15] bpf_prog_2c29ac5cdc6b1842+0x3a/0x2e4 [ 50.433522][ T15] bpf_trace_run3+0x1d1/0x380 [ 50.438717][ T15] enqueue_timer+0x3ae/0x540 [ 50.443823][ T15] __mod_timer+0xa60/0xeb0 [ 50.448755][ T15] schedule_timeout+0x1b4/0x300 [ 50.454122][ T15] rcu_gp_fqs_loop+0x2bf/0x1080 [ 50.459489][ T15] rcu_gp_kthread+0xa4/0x360 [ 50.464602][ T15] kthread+0x3f6/0x4f0 [ 50.469185][ T15] ret_from_fork+0x1f/0x30 [ 50.474122][ T15] [ 50.474122][ T15] -> #1 (&base->lock){-.-.}-{2:2}: [ 50.481411][ T15] lock_acquire+0x1db/0x4f0 [ 50.486518][ T15] _raw_spin_lock_irqsave+0xd1/0x120 [ 50.492495][ T15] lock_timer_base+0x120/0x260 [ 50.497774][ T15] __mod_timer+0x1d6/0xeb0 [ 50.502710][ T15] queue_delayed_work_on+0x156/0x250 [ 50.508510][ T15] kvfree_call_rcu+0x50e/0x8a0 [ 50.513791][ T15] rtnl_register_internal+0x443/0x530 [ 50.519682][ T15] rtnl_register+0x32/0x70 [ 50.524814][ T15] ip_rt_init+0x2e6/0x390 [ 50.529677][ T15] ip_init+0xa/0x14 [ 50.534004][ T15] inet_init+0x27c/0x38e [ 50.538867][ T15] do_one_initcall+0x22b/0x7a0 [ 50.544147][ T15] do_initcall_level+0x157/0x207 [ 50.549601][ T15] do_initcalls+0x49/0x86 [ 50.554443][ T15] kernel_init_freeable+0x425/0x5b5 [ 50.560155][ T15] kernel_init+0x19/0x290 [ 50.564996][ T15] ret_from_fork+0x1f/0x30 [ 50.569930][ T15] [ 50.569930][ T15] -> #0 (krc.lock){....}-{2:2}: [ 50.576957][ T15] validate_chain+0x1649/0x5930 [ 50.582328][ T15] __lock_acquire+0x1295/0x1ff0 [ 50.587698][ T15] lock_acquire+0x1db/0x4f0 [ 50.592724][ T15] _raw_spin_lock+0x2a/0x40 [ 50.597765][ T15] kvfree_call_rcu+0x1b5/0x8a0 [ 50.603098][ T15] trie_delete_elem+0x520/0x690 [ 50.608472][ T15] bpf_prog_2c29ac5cdc6b1842+0x3a/0x2e4 [ 50.614569][ T15] bpf_trace_run3+0x1d1/0x380 [ 50.619763][ T15] enqueue_timer+0x3ae/0x540 [ 50.624870][ T15] __mod_timer+0xa60/0xeb0 [ 50.629802][ T15] schedule_timeout+0x1b4/0x300 [ 50.635167][ T15] rcu_gp_fqs_loop+0x2bf/0x1080 [ 50.640533][ T15] rcu_gp_kthread+0xa4/0x360 [ 50.645638][ T15] kthread+0x3f6/0x4f0 [ 50.650222][ T15] ret_from_fork+0x1f/0x30 [ 50.655154][ T15] [ 50.655154][ T15] other info that might help us debug this: [ 50.655154][ T15] [ 50.665369][ T15] Chain exists of: [ 50.665369][ T15] krc.lock --> &base->lock --> &trie->lock [ 50.665369][ T15] [ 50.677101][ T15] Possible unsafe locking scenario: [ 50.677101][ T15] [ 50.684545][ T15] CPU0 CPU1 [ 50.689900][ T15] ---- ---- [ 50.695256][ T15] lock(&trie->lock); [ 50.699319][ T15] lock(&base->lock); [ 50.705897][ T15] lock(&trie->lock); [ 50.712478][ T15] lock(krc.lock); [ 50.716276][ T15] [ 50.716276][ T15] *** DEADLOCK *** [ 50.716276][ T15] [ 50.724407][ T15] 3 locks held by rcu_preempt/15: [ 50.729423][ T15] #0: ffff8880b9b28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 50.738739][ T15] #1: ffffffff8c91f720 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 50.748053][ T15] #2: ffff88807a3f65b8 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x90/0x690 [ 50.757362][ T15] [ 50.757362][ T15] stack backtrace: [ 50.763271][ T15] CPU: 1 PID: 15 Comm: rcu_preempt Not tainted 5.15.153-syzkaller #0 [ 50.771334][ T15] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 50.781514][ T15] Call Trace: [ 50.784804][ T15] [ 50.787878][ T15] dump_stack_lvl+0x1e3/0x2cb [ 50.792566][ T15] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 50.798326][ T15] ? print_circular_bug+0x12b/0x1a0 [ 50.803541][ T15] check_noncircular+0x2f8/0x3b0 [ 50.808660][ T15] ? add_chain_block+0x850/0x850 [ 50.813595][ T15] ? lockdep_lock+0x11f/0x2a0 [ 50.818281][ T15] validate_chain+0x1649/0x5930 [ 50.823156][ T15] ? reacquire_held_locks+0x660/0x660 [ 50.828528][ T15] ? mark_lock+0x98/0x340 [ 50.832877][ T15] ? __lock_acquire+0x1295/0x1ff0 [ 50.838114][ T15] ? mark_lock+0x98/0x340 [ 50.842553][ T15] __lock_acquire+0x1295/0x1ff0 [ 50.847422][ T15] lock_acquire+0x1db/0x4f0 [ 50.851936][ T15] ? kvfree_call_rcu+0x1b5/0x8a0 [ 50.856911][ T15] ? __lock_acquire+0x1ff0/0x1ff0 [ 50.861963][ T15] ? read_lock_is_recursive+0x10/0x10 [ 50.867334][ T15] ? do_raw_spin_unlock+0x137/0x8b0 [ 50.872543][ T15] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 50.878443][ T15] ? _raw_spin_unlock+0x40/0x40 [ 50.883296][ T15] ? debug_object_active_state+0x6b/0x380 [ 50.889013][ T15] _raw_spin_lock+0x2a/0x40 [ 50.893513][ T15] ? kvfree_call_rcu+0x1b5/0x8a0 [ 50.898448][ T15] kvfree_call_rcu+0x1b5/0x8a0 [ 50.903224][ T15] ? call_rcu+0xa70/0xa70 [ 50.907743][ T15] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 50.913210][ T15] ? _raw_spin_lock+0x40/0x40 [ 50.917897][ T15] ? read_lock_is_recursive+0x10/0x10 [ 50.923294][ T15] ? longest_prefix_match+0x318/0x640 [ 50.928670][ T15] trie_delete_elem+0x520/0x690 [ 50.933527][ T15] bpf_prog_2c29ac5cdc6b1842+0x3a/0x2e4 [ 50.939067][ T15] bpf_trace_run3+0x1d1/0x380 [ 50.943745][ T15] ? bpf_trace_run2+0x340/0x340 [ 50.948600][ T15] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 50.954495][ T15] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 50.959951][ T15] ? _raw_spin_lock+0x40/0x40 [ 50.964628][ T15] ? __debug_object_init+0x258/0xd30 [ 50.969912][ T15] enqueue_timer+0x3ae/0x540 [ 50.974509][ T15] __mod_timer+0xa60/0xeb0 [ 50.978928][ T15] ? mod_timer_pending+0x20/0x20 [ 50.983860][ T15] ? lockdep_softirqs_off+0x420/0x420 [ 50.989229][ T15] ? do_raw_spin_unlock+0x137/0x8b0 [ 50.994445][ T15] schedule_timeout+0x1b4/0x300 [ 50.999292][ T15] ? console_conditional_schedule+0x40/0x40 [ 51.005183][ T15] ? update_process_times+0x200/0x200 [ 51.010555][ T15] ? prepare_to_swait_event+0x321/0x340 [ 51.016096][ T15] rcu_gp_fqs_loop+0x2bf/0x1080 [ 51.020971][ T15] ? _raw_spin_unlock_irq+0x1f/0x40 [ 51.026267][ T15] ? lockdep_hardirqs_on+0x94/0x130 [ 51.031461][ T15] ? rcu_gp_init+0xdae/0x1140 [ 51.036174][ T15] ? rcu_gp_init+0x1140/0x1140 [ 51.040934][ T15] ? finish_swait+0xc5/0x1d0 [ 51.045527][ T15] rcu_gp_kthread+0xa4/0x360 [ 51.050128][ T15] ? _raw_spin_unlock+0x40/0x40 [ 51.054975][ T15] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 51.060081][ T15] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 51.065974][ T15] ? __kthread_parkme+0x15c/0x1c0 [ 51.071010][ T15] kthread+0x3f6/0x4f0 [ 51.075071][ T15] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 51.080182][ T15] ? kthread_blkcg+0xd0/0xd0 [ 51.084855][ T15] ret_from_fork+0x1f/0x30 [ 51.089273][ T15]