============================================
WARNING: possible recursive locking detected
6.9.0-rc5-syzkaller-01160-g2bd87951de65 #0 Not tainted
--------------------------------------------
syz-executor326/5077 is trying to acquire lock:
ffff88807840d1f8 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x96/0x6a0 kernel/bpf/lpm_trie.c:459

but task is already holding lock:
ffff88807840d9f8 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x96/0x6a0 kernel/bpf/lpm_trie.c:459

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&trie->lock);
  lock(&trie->lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

10 locks held by syz-executor326/5077:
 #0: ffff88802b6f1ec8 (&vma->vm_lock->lock){++++}-{3:3}, at: vma_start_read include/linux/mm.h:677 [inline]
 #0: ffff88802b6f1ec8 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x730 mm/memory.c:5762
 #1: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
 #1: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline]
 #1: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: do_fault_around mm/memory.c:4851 [inline]
 #1: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: do_read_fault mm/memory.c:4885 [inline]
 #1: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: do_fault mm/memory.c:5024 [inline]
 #1: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: do_pte_missing mm/memory.c:3880 [inline]
 #1: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: handle_pte_fault mm/memory.c:5300 [inline]
 #1: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: __handle_mm_fault+0x3048/0x7240 mm/memory.c:5441
 #2: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
 #2: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline]
 #2: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: filemap_map_pages+0x23f/0x1830 mm/filemap.c:3576
 #3: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
 #3: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline]
 #3: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: __pte_offset_map+0x82/0x380 mm/pgtable-generic.c:285
 #4: ffff888023311498 (ptlock_ptr(ptdesc)#2){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline]
 #4: ffff888023311498 (ptlock_ptr(ptdesc)#2){+.+.}-{2:2}, at: __pte_offset_map_lock+0x1ba/0x300 mm/pgtable-generic.c:373
 #5: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
 #5: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline]
 #5: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2395 [inline]
 #5: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1fc/0x530 kernel/trace/bpf_trace.c:2437
 #6: ffff88807840d9f8 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x96/0x6a0 kernel/bpf/lpm_trie.c:459
 #7: ffff8880b9429430 (krc.lock){....}-{2:2}, at: krc_this_cpu_lock kernel/rcu/tree.c:2960 [inline]
 #7: ffff8880b9429430 (krc.lock){....}-{2:2}, at: add_ptr_to_bulk_krc_lock kernel/rcu/tree.c:3359 [inline]
 #7: ffff8880b9429430 (krc.lock){....}-{2:2}, at: kvfree_call_rcu+0x18a/0x790 kernel/rcu/tree.c:3444
 #8: ffff8880b942a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240 kernel/time/timer.c:1052
 #9: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
 #9: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline]
 #9: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2395 [inline]
 #9: ffffffff8e334d20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1fc/0x530 kernel/trace/bpf_trace.c:2437

stack backtrace:
CPU: 0 PID: 5077 Comm: syz-executor326 Not tainted 6.9.0-rc5-syzkaller-01160-g2bd87951de65 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114
 check_deadlock kernel/locking/lockdep.c:3062 [inline]
 validate_chain+0x15c1/0x58e0 kernel/locking/lockdep.c:3856
 __lock_acquire+0x1346/0x1fd0 kernel/locking/lockdep.c:5137
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162
 trie_delete_elem+0x96/0x6a0 kernel/bpf/lpm_trie.c:459
 bpf_prog_2c29ac5cdc6b1842+0x42/0x46
 bpf_dispatcher_nop_func include/linux/bpf.h:1233 [inline]
 __bpf_prog_run include/linux/filter.h:667 [inline]
 bpf_prog_run include/linux/filter.h:674 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2396 [inline]
 bpf_trace_run2+0x2ec/0x530 kernel/trace/bpf_trace.c:2437
 trace_timer_start include/trace/events/timer.h:52 [inline]
 enqueue_timer+0x3ce/0x570 kernel/time/timer.c:664
 internal_add_timer kernel/time/timer.c:689 [inline]
 __mod_timer+0xa0e/0xeb0 kernel/time/timer.c:1184
 queue_delayed_work_on+0x15a/0x260 kernel/workqueue.c:2595
 kvfree_call_rcu+0x47f/0x790 kernel/rcu/tree.c:3472
 trie_delete_elem+0x52c/0x6a0
 bpf_prog_2c29ac5cdc6b1842+0x42/0x46
 bpf_dispatcher_nop_func include/linux/bpf.h:1233 [inline]
 __bpf_prog_run include/linux/filter.h:667 [inline]
 bpf_prog_run include/linux/filter.h:674 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2396 [inline]
 bpf_trace_run2+0x2ec/0x530 kernel/trace/bpf_trace.c:2437
 trace_rss_stat include/trace/events/kmem.h:384 [inline]
 mm_trace_rss_stat+0x1b9/0x220 mm/memory.c:180
 add_mm_counter include/linux/mm.h:2601 [inline]
 set_pte_range+0x478/0xa80 mm/memory.c:4681
 filemap_map_order0_folio mm/filemap.c:3557 [inline]
 filemap_map_pages+0xee2/0x1830 mm/filemap.c:3603
 do_fault_around mm/memory.c:4852 [inline]
 do_read_fault mm/memory.c:4885 [inline]
 do_fault mm/memory.c:5024 [inline]
 do_pte_missing mm/memory.c:3880 [inline]
 handle_pte_fault mm/memory.c:5300 [inline]
 __handle_mm_fault+0x446e/0x7240 mm/memory.c:5441
 handle_mm_fault+0x3c2/0x8a0 mm/memory.c:5606
 do_user_addr_fault arch/x86/mm/fault.c:1362 [inline]
 handle_page_fault arch/x86/mm/fault.c:1505 [inline]
 exc_page_fault+0x446/0x8e0 arch/x86/mm/fault.c:1563
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0033:0x7fd408de05b8
Code: Unable to access opcode bytes at 0x7fd408de058e.
RSP: 002b:00007fffb40921a8 EFLAGS: 00010202
RAX: 00007fd408e10af8 RBX: 0000000000000000 RCX: 0000000000000004
RDX: 00007fd408e11d20 RSI: 0000000000000000 RDI: 00007fd408e10af8
RBP: 00007fd408e0f138 R08: 0000000000000006 R09: 0000000000000006
R10: 0000000000000006 R11: 0000000000000246 R12: 00007fd408e11d08
R13: 0000000000000000 R14: 00007fd408e11d20 R15: 00007fd408d67580
 </TASK>