============================================
WARNING: possible recursive locking detected
6.1.128-syzkaller #0 Not tainted
--------------------------------------------
swapper/1/0 is trying to acquire lock:
ffffc90003d590d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1e6/0x600 kernel/bpf/ringbuf.c:413

but task is already holding lock:
ffffc900049510d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1e6/0x600 kernel/bpf/ringbuf.c:413

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&rb->spinlock);
  lock(&rb->spinlock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

4 locks held by swapper/1/0:
 #0: ffffffff8d32e740 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 #0: ffffffff8d32e740 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2291 [inline]
 #0: ffffffff8d32e740 (rcu_callback){....}-{0:0}, at: rcu_core+0xa6b/0x1820 kernel/rcu/tree.c:2557
 #1: ffffffff8d32e680 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 #1: ffffffff8d32e680 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:791 [inline]
 #1: ffffffff8d32e680 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2283 [inline]
 #1: ffffffff8d32e680 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0x146/0x440 kernel/trace/bpf_trace.c:2324
 #2: ffffc900049510d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1e6/0x600 kernel/bpf/ringbuf.c:413
 #3: ffffffff8d32e680 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 #3: ffffffff8d32e680 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:791 [inline]
 #3: ffffffff8d32e680 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2283 [inline]
 #3: ffffffff8d32e680 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x110/0x410 kernel/trace/bpf_trace.c:2323

stack backtrace:
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.1.128-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 print_deadlock_bug kernel/locking/lockdep.c:2983 [inline]
 check_deadlock kernel/locking/lockdep.c:3026 [inline]
 validate_chain+0x4711/0x5950 kernel/locking/lockdep.c:3812
 __lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5049
 lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
 __bpf_ringbuf_reserve+0x1e6/0x600 kernel/bpf/ringbuf.c:413
 ____bpf_ringbuf_output kernel/bpf/ringbuf.c:539 [inline]
 bpf_ringbuf_output+0x63/0x1e0 kernel/bpf/ringbuf.c:529
 bpf_prog_044b88d9c832e6f0+0x45/0x49
 bpf_dispatcher_nop_func include/linux/bpf.h:1000 [inline]
 __bpf_prog_run include/linux/filter.h:603 [inline]
 bpf_prog_run include/linux/filter.h:610 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2284 [inline]
 bpf_trace_run2+0x1fd/0x410 kernel/trace/bpf_trace.c:2323
 trace_contention_end+0x14c/0x190 include/trace/events/lock.h:122
 __pv_queued_spin_lock_slowpath+0x935/0xc50 kernel/locking/qspinlock.c:560
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:591 [inline]
 queued_spin_lock_slowpath+0x42/0x50 arch/x86/include/asm/qspinlock.h:51
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x269/0x370 kernel/locking/spinlock_debug.c:115
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0xdd/0x120 kernel/locking/spinlock.c:162
 __bpf_ringbuf_reserve+0x1e6/0x600 kernel/bpf/ringbuf.c:413
 ____bpf_ringbuf_reserve kernel/bpf/ringbuf.c:464 [inline]
 bpf_ringbuf_reserve+0x58/0x70 kernel/bpf/ringbuf.c:456
 bpf_prog_fe0ed97373b08409+0x25/0x42
 bpf_dispatcher_nop_func include/linux/bpf.h:1000 [inline]
 __bpf_prog_run include/linux/filter.h:603 [inline]
 bpf_prog_run include/linux/filter.h:610 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2284 [inline]
 bpf_trace_run3+0x231/0x440 kernel/trace/bpf_trace.c:2324
 __bpf_trace_kmem_cache_free+0x99/0xc0 include/trace/events/kmem.h:114
 trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 kmem_cache_free+0x418/0x510 mm/slub.c:3682
 rcu_do_batch kernel/rcu/tree.c:2297 [inline]
 rcu_core+0xade/0x1820 kernel/rcu/tree.c:2557
 handle_softirqs+0x2ee/0xa40 kernel/softirq.c:578
 __do_softirq kernel/softirq.c:612 [inline]
 invoke_softirq kernel/softirq.c:452 [inline]
 __irq_exit_rcu+0x157/0x240 kernel/softirq.c:661
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:673
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1118 [inline]
 sysvec_apic_timer_interrupt+0xa0/0xc0 arch/x86/kernel/apic/apic.c:1118
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:691
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:22 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:70 [inline]
RIP: 0010:arch_irqs_disabled arch/x86/include/asm/irqflags.h:130 [inline]
RIP: 0010:acpi_safe_halt drivers/acpi/processor_idle.c:112 [inline]
RIP: 0010:acpi_idle_do_entry+0x10f/0x340 drivers/acpi/processor_idle.c:567
Code: 91 cf f6 48 83 e3 08 0f 85 0b 01 00 00 4c 8d 74 24 20 e8 44 4e d6 f6 0f 1f 44 00 00 e8 7a 8d cf f6 0f 00 2d 63 b0 ae 00 fb f4 <4c> 89 f3 48 c1 eb 03 42 80 3c 3b 00 74 08 4c 89 f7 e8 6b e4 26 f7
RSP: 0018:ffffc90000177b80 EFLAGS: 000002d3
RAX: ffffffff8abb0576 RBX: 0000000000000000 RCX: ffff888018c01dc0
RDX: 0000000000000000 RSI: ffffffff8b0c1d20 RDI: ffffffff8b5f6d00
RBP: ffffc90000177c10 R08: ffffffff8abb0558 R09: ffffed10031803b9
R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff9200002ef70
R13: ffff888141b29804 R14: ffffc90000177ba0 R15: dffffc0000000000
 acpi_idle_enter+0x352/0x4f0 drivers/acpi/processor_idle.c:704
 cpuidle_enter_state+0x516/0xf80 drivers/cpuidle/cpuidle.c:239
 cpuidle_enter+0x59/0x90 drivers/cpuidle/cpuidle.c:356
 call_cpuidle kernel/sched/idle.c:155 [inline]
 cpuidle_idle_call kernel/sched/idle.c:236 [inline]
 do_idle+0x3ce/0x680 kernel/sched/idle.c:303
 cpu_startup_entry+0x3d/0x60 kernel/sched/idle.c:401
 start_secondary+0xe4/0xf0 arch/x86/kernel/smpboot.c:281
 secondary_startup_64_no_verify+0xcf/0xdb
 </TASK>
----------------
Code disassembly (best guess):
   0:	91                   	xchg   %eax,%ecx
   1:	cf                   	iret
   2:	f6 48 83 e3          	testb  $0xe3,-0x7d(%rax)
   6:	08 0f                	or     %cl,(%rdi)
   8:	85 0b                	test   %ecx,(%rbx)
   a:	01 00                	add    %eax,(%rax)
   c:	00 4c 8d 74          	add    %cl,0x74(%rbp,%rcx,4)
  10:	24 20                	and    $0x20,%al
  12:	e8 44 4e d6 f6       	call   0xf6d64e5b
  17:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  1c:	e8 7a 8d cf f6       	call   0xf6cf8d9b
  21:	0f 00 2d 63 b0 ae 00 	verw   0xaeb063(%rip)        # 0xaeb08b
  28:	fb                   	sti
  29:	f4                   	hlt
* 2a:	4c 89 f3             	mov    %r14,%rbx <-- trapping instruction
  2d:	48 c1 eb 03          	shr    $0x3,%rbx
  31:	42 80 3c 3b 00       	cmpb   $0x0,(%rbx,%r15,1)
  36:	74 08                	je     0x40
  38:	4c 89 f7             	mov    %r14,%rdi
  3b:	e8 6b e4 26 f7       	call   0xf726e4ab