================================
WARNING: inconsistent lock state
syzkaller #0 Not tainted
--------------------------------
inconsistent {INITIAL USE} -> {IN-NMI} usage.
syz.0.1219/7975 [HC1[1]:SC0[0]:HE0:SE1] takes:
ffff88805ed6b238 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0x8f/0x690 kernel/bpf/lpm_trie.c:467
{INITIAL USE} state was registered at:
  lock_acquire+0x19e/0x400 kernel/locking/lockdep.c:5623
  __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
  _raw_spin_lock_irqsave+0xb0/0x100 kernel/locking/spinlock.c:162
  trie_update_elem+0xc0/0xd50 kernel/bpf/lpm_trie.c:323
  bpf_map_update_value+0x57c/0x650 kernel/bpf/syscall.c:223
  generic_map_update_batch+0x52c/0x7d0 kernel/bpf/syscall.c:1430
  bpf_map_do_batch+0x475/0x5f0 kernel/bpf/syscall.c:-1
  __sys_bpf+0x671/0x6f0 kernel/bpf/syscall.c:-1
  __do_sys_bpf kernel/bpf/syscall.c:4761 [inline]
  __se_sys_bpf kernel/bpf/syscall.c:4759 [inline]
  __x64_sys_bpf+0x78/0x90 kernel/bpf/syscall.c:4759
  do_syscall_x64 arch/x86/entry/common.c:50 [inline]
  do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
  entry_SYSCALL_64_after_hwframe+0x66/0xd0
irq event stamp: 1264
hardirqs last  enabled at (1263): [<ffffffff89b99f38>] do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:86
hardirqs last disabled at (1264): [<ffffffff89b9b339>] exc_debug_user arch/x86/kernel/traps.c:972 [inline]
hardirqs last disabled at (1264): [<ffffffff89b9b339>] noist_exc_debug+0x49/0x120 arch/x86/kernel/traps.c:1035
softirqs last  enabled at (1220): [<ffffffff8186a2de>] bpf_prog_load+0x10ee/0x14e0 kernel/bpf/syscall.c:2380
softirqs last disabled at (1218): [<ffffffff818505a8>] spin_lock_bh include/linux/spinlock.h:369 [inline]
softirqs last disabled at (1218): [<ffffffff818505a8>] bpf_ksym_add+0x28/0x330 kernel/bpf/core.c:633

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&trie->lock);
  <Interrupt>
    lock(&trie->lock);

 *** DEADLOCK ***

2 locks held by syz.0.1219/7975:
 #0: ffffffff8c31ef20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x9/0x30 include/linux/rcupdate.h:313
 #1: ffffffff8c31ef20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x9/0x30 include/linux/rcupdate.h:313

stack backtrace:
CPU: 1 PID: 7975 Comm: syz.0.1219 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
Call Trace:
 <#DB>
 dump_stack_lvl+0x188/0x250 lib/dump_stack.c:106
 lock_acquire+0x2c3/0x400 kernel/locking/lockdep.c:5614
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0xb0/0x100 kernel/locking/spinlock.c:162
 trie_delete_elem+0x8f/0x690 kernel/bpf/lpm_trie.c:467
 bpf_prog_dd9ec7ccafdb8ba4+0x3d/0x5ac
 bpf_dispatcher_nop_func include/linux/bpf.h:888 [inline]
 __bpf_prog_run include/linux/filter.h:621 [inline]
 bpf_prog_run include/linux/filter.h:635 [inline]
 bpf_overflow_handler+0x3fd/0x4a0 kernel/events/core.c:10297
 __perf_event_overflow+0x35f/0x550 kernel/events/core.c:9515
 perf_swevent_overflow kernel/events/core.c:9591 [inline]
 perf_swevent_event+0x4b8/0x540 kernel/events/core.c:9629
 perf_bp_event+0x276/0x320 kernel/events/core.c:10484
 hw_breakpoint_handler arch/x86/kernel/hw_breakpoint.c:555 [inline]
 hw_breakpoint_exceptions_notify+0x2d7/0x470 arch/x86/kernel/hw_breakpoint.c:586
 notifier_call_chain kernel/notifier.c:83 [inline]
 atomic_notifier_call_chain+0x15d/0x280 kernel/notifier.c:198
 notify_die+0x141/0x1a0 kernel/notifier.c:529
 notify_debug+0x20/0x30 arch/x86/kernel/traps.c:872
 exc_debug_kernel arch/x86/kernel/traps.c:929 [inline]
 exc_debug+0xcf/0x130 arch/x86/kernel/traps.c:1029
 asm_exc_debug+0x1a/0x40 arch/x86/include/asm/idtentry.h:642
RIP: 0010:__get_user_nocheck_8+0x9/0x13 arch/x86/lib/getuser.S:160
Code: 90 0f 01 cb 0f ae e8 0f b7 10 31 c0 0f 01 ca c3 90 0f 01 cb 0f ae e8 8b 10 31 c0 0f 01 ca c3 90 90 0f 01 cb 0f ae e8 48 8b 10 <31> c0 0f 01 ca c3 90 0f 01 ca 31 d2 48 c7 c0 f2 ff ff ff c3 00 00
RSP: 0000:ffffc9000306f740 EFLAGS: 00040802
RAX: 0000200000000300 RBX: dffffc0000000000 RCX: ffff8880215d9dc0
RDX: 00006370692f736e RSI: 0000200000000300 RDI: 00007fffffffeff0
RBP: 0000000000000000 R08: 000000000000007f R09: 0000000000000000
R10: dffffc0000000000 R11: fffff5200060df47 R12: ffff8880215db548
R13: 00000000ffffffff R14: 0000200000000300 R15: 000000000000007f
 </#DB>
 <TASK>
 perf_callchain_user+0x423/0xf80 arch/x86/events/core.c:2900
 get_perf_callchain+0x33d/0x460 kernel/events/callchain.c:221
 perf_callchain kernel/events/core.c:7606 [inline]
 perf_prepare_sample+0x352/0x1cb0 kernel/events/core.c:7633
 __perf_event_output kernel/events/core.c:7802 [inline]
 perf_event_output_forward+0x185/0x2e0 kernel/events/core.c:7822
 __perf_event_overflow+0x35f/0x550 kernel/events/core.c:9515
 perf_bp_event+0x276/0x320 kernel/events/core.c:10484
 hw_breakpoint_handler arch/x86/kernel/hw_breakpoint.c:555 [inline]
 hw_breakpoint_exceptions_notify+0x14d/0x470 arch/x86/kernel/hw_breakpoint.c:586
 notifier_call_chain kernel/notifier.c:83 [inline]
 atomic_notifier_call_chain+0x15d/0x280 kernel/notifier.c:198
 notify_die+0x141/0x1a0 kernel/notifier.c:529
 notify_debug+0x20/0x30 arch/x86/kernel/traps.c:872
 exc_debug_user arch/x86/kernel/traps.c:998 [inline]
 noist_exc_debug+0x73/0x120 arch/x86/kernel/traps.c:1035
 asm_exc_debug+0x2f/0x40 arch/x86/include/asm/idtentry.h:642
RIP: 0033:0x7f95b9596bfd
Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 c5 fd 74 0f <c5> fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66 90 f3 0f bc
RSP: 002b:00007f95b78108a8 EFLAGS: 00000283
RAX: 0000000000000300 RBX: 00007f95b7810de0 RCX: 2f666c65732f636f
RDX: 0000200000000300 RSI: 00007f95b9678260 RDI: 0000200000000300
RBP: 0000200000000300 R08: 00007f95b7811010 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000073 R14: 00007f95b964d1dd R15: 00007f95b7810ea0
 </TASK>
----------------
Code disassembly (best guess):
   0:	90                   	nop
   1:	0f 01 cb             	stac
   4:	0f ae e8             	lfence
   7:	0f b7 10             	movzwl (%rax),%edx
   a:	31 c0                	xor    %eax,%eax
   c:	0f 01 ca             	clac
   f:	c3                   	ret
  10:	90                   	nop
  11:	0f 01 cb             	stac
  14:	0f ae e8             	lfence
  17:	8b 10                	mov    (%rax),%edx
  19:	31 c0                	xor    %eax,%eax
  1b:	0f 01 ca             	clac
  1e:	c3                   	ret
  1f:	90                   	nop
  20:	90                   	nop
  21:	0f 01 cb             	stac
  24:	0f ae e8             	lfence
  27:	48 8b 10             	mov    (%rax),%rdx
* 2a:	31 c0                	xor    %eax,%eax <-- trapping instruction
  2c:	0f 01 ca             	clac
  2f:	c3                   	ret
  30:	90                   	nop
  31:	0f 01 ca             	clac
  34:	31 d2                	xor    %edx,%edx
  36:	48 c7 c0 f2 ff ff ff 	mov    $0xfffffffffffffff2,%rax
  3d:	c3                   	ret