============================================
WARNING: possible recursive locking detected
6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 Not tainted
--------------------------------------------
syz-executor307/5968 is trying to acquire lock:
ffff88802ad9c1e0 (&qs->lock){-.-.}-{2:2}, at: queue_stack_map_push_elem+0x353/0x420 kernel/bpf/queue_stack_maps.c:210

but task is already holding lock:
ffff888029af51e0 (&qs->lock){-.-.}-{2:2}, at: queue_stack_map_push_elem+0x353/0x420 kernel/bpf/queue_stack_maps.c:210

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&qs->lock);
  lock(&qs->lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

6 locks held by syz-executor307/5968:
 #0: ffff888025a89f20 (&mm->mmap_lock){++++}-{4:4}, at: mmap_read_lock include/linux/mmap_lock.h:144 [inline]
 #0: ffff888025a89f20 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x10c/0xb20 mm/mmap.c:1652
 #1: ffff88806a838000 (lock#4){+.+.}-{3:3}, at: local_lock_acquire include/linux/local_lock_internal.h:29 [inline]
 #1: ffff88806a838000 (lock#4){+.+.}-{3:3}, at: lru_add_drain+0x6e/0x440 mm/swap.c:697
 #2: ffff88801b0b30b0 (&lruvec->lru_lock){....}-{3:3}, at: folio_lruvec_lock_irqsave+0x1b4/0x320 mm/memcontrol.c:1260
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2361 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 kernel/trace/bpf_trace.c:2403
 #4: ffff888029af51e0 (&qs->lock){-.-.}-{2:2}, at: queue_stack_map_push_elem+0x353/0x420 kernel/bpf/queue_stack_maps.c:210
 #5: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #5: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #5: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2361 [inline]
 #5: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 kernel/trace/bpf_trace.c:2403

stack backtrace:
CPU: 2 UID: 0 PID: 5968 Comm: syz-executor307 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_deadlock_bug+0x2e3/0x410 kernel/locking/lockdep.c:3037
 check_deadlock kernel/locking/lockdep.c:3089 [inline]
 validate_chain kernel/locking/lockdep.c:3891 [inline]
 __lock_acquire+0x2117/0x3c40 kernel/locking/lockdep.c:5226
 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5849
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162
 queue_stack_map_push_elem+0x353/0x420 kernel/bpf/queue_stack_maps.c:210
 bpf_prog_216c997a1f42e404+0x40/0x44
 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline]
 __bpf_prog_run include/linux/filter.h:701 [inline]
 bpf_prog_run include/linux/filter.h:708 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2362 [inline]
 bpf_trace_run2+0x231/0x590 kernel/trace/bpf_trace.c:2403
 __bpf_trace_contention_end+0xca/0x110 include/trace/events/lock.h:122
 __traceiter_contention_end+0x5a/0xa0 include/trace/events/lock.h:122
 trace_contention_end.constprop.0+0xf0/0x170 include/trace/events/lock.h:122
 __pv_queued_spin_lock_slowpath+0x27e/0xc90 kernel/locking/qspinlock.c:557
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:584 [inline]
 queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x210/0x2c0 kernel/locking/spinlock_debug.c:116
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0x42/0x60 kernel/locking/spinlock.c:162
 queue_stack_map_push_elem+0x353/0x420 kernel/bpf/queue_stack_maps.c:210
 bpf_prog_216c997a1f42e404+0x40/0x44
 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline]
 __bpf_prog_run include/linux/filter.h:701 [inline]
 bpf_prog_run include/linux/filter.h:708 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2362 [inline]
 bpf_trace_run2+0x231/0x590 kernel/trace/bpf_trace.c:2403
 __bpf_trace_contention_end+0xca/0x110 include/trace/events/lock.h:122
 __traceiter_contention_end+0x5a/0xa0 include/trace/events/lock.h:122
 trace_contention_end.constprop.0+0xf0/0x170 include/trace/events/lock.h:122
 __pv_queued_spin_lock_slowpath+0x27e/0xc90 kernel/locking/qspinlock.c:557
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:584 [inline]
 queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x210/0x2c0 kernel/locking/spinlock_debug.c:116
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0x42/0x60 kernel/locking/spinlock.c:162
 folio_lruvec_lock_irqsave+0x1b4/0x320 mm/memcontrol.c:1260
 folio_lruvec_relock_irqsave include/linux/memcontrol.h:1556 [inline]
 folio_lruvec_relock_irqsave include/linux/memcontrol.h:1546 [inline]
 folio_batch_move_lru+0xfe/0x3b0 mm/swap.c:167
 lru_add_drain_cpu+0x521/0x810 mm/swap.c:616
 lru_add_drain+0x109/0x440 mm/swap.c:698
 exit_mmap+0x199/0xb20 mm/mmap.c:1663
 __mmput+0x12a/0x4c0 kernel/fork.c:1348
 mmput+0x62/0x70 kernel/fork.c:1370
 exit_mm kernel/exit.c:570 [inline]
 do_exit+0x9ba/0x2d70 kernel/exit.c:925
 do_group_exit+0xd3/0x2a0 kernel/exit.c:1087
 __do_sys_exit_group kernel/exit.c:1098 [inline]
 __se_sys_exit_group kernel/exit.c:1096 [inline]
 __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1096
 x64_sys_call+0x151f/0x1720 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe0a46fb0f9
Code: Unable to access opcode bytes at 0x7fe0a46fb0cf.
RSP: 002b:00007fffe19bdc88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe0a46fb0f9
RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
RBP: 00007fe0a47762b0 R08: ffffffffffffffb8 R09: 00000000000000a0
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe0a47762b0
R13: 0000000000000000 R14: 00007fe0a4776d20 R15: 00007fe0a46cc2a0
 </TASK>