program: bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000fdffffde18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000400)={'veth0_to_bond\x00', 0x3003}) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc) [ 152.874466][ T5343] [ 152.876425][ T5343] ============================= [ 152.878687][ T5343] WARNING: suspicious RCU usage [ 152.880908][ T5343] syzkaller #0 Not tainted [ 152.882825][ T5343] ----------------------------- [ 152.884970][ T5343] kernel/events/callchain.c:163 suspicious rcu_dereference_check() usage! [ 152.889660][ T5343] [ 152.889660][ T5343] other info that might help us debug this: [ 152.889660][ T5343] [ 152.894147][ T5343] [ 152.894147][ T5343] rcu_scheduler_active = 2, debug_locks = 1 [ 152.897729][ T5343] 1 lock held by syz.0.0/5343: [ 152.904988][ T5343] #0: ffffffff8e95cf58 (rcu_tasks_trace_srcu_struct){....}-{0:0}, at: rcu_read_lock_trace+0x25/0x110 [ 152.911395][ T5343] [ 152.911395][ T5343] stack backtrace: [ 152.913965][ T5343] CPU: 0 UID: 0 PID: 5343 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 152.913980][ T5343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 152.913986][ T5343] Call Trace: [ 152.913993][ T5343] [ 152.913997][ T5343] dump_stack_lvl+0xe8/0x150 [ 152.914013][ T5343] lockdep_rcu_suspicious+0x13f/0x1d0 [ 152.914026][ T5343] get_callchain_entry+0x2b6/0x3c0 [ 152.914036][ T5343] get_perf_callchain+0xd5/0x880 [ 152.914047][ T5343] ? __pfx_get_perf_callchain+0x10/0x10 [ 152.914055][ T5343] ? futex_unqueue+0x22/0x240 [ 152.914065][ T5343] ? futex_unqueue+0x22/0x240 [ 152.914072][ T5343] ? futex_unqueue+0x22/0x240 [ 152.914083][ T5343] __bpf_get_stack+0x445/0xab0 [ 152.914100][ T5343] ? __pfx___bpf_get_stack+0x10/0x10 [ 152.914116][ T5343] ? __lock_acquire+0x6b5/0x2cf0 [ 152.914131][ T5343] bpf_get_stack+0x33/0x50 [ 152.914144][ T5343] ? bpf_prog_42db8cfdf50901c9+0x46/0x4e [ 152.914156][ T5343] bpf_get_stack_raw_tp+0x1a9/0x220 [ 152.914174][ T5343] bpf_prog_42db8cfdf50901c9+0x46/0x4e [ 152.914186][ T5343] bpf_prog_run_pin_on_cpu+0x142/0x470 [ 152.914201][ T5343] bpf_prog_test_run_syscall+0x318/0x4c0 [ 152.914213][ T5343] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 152.914222][ T5343] ? __fget_files+0x2a/0x420 [ 152.914231][ T5343] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 152.914241][ T5343] bpf_prog_test_run+0x2c7/0x340 [ 152.914250][ T5343] __sys_bpf+0x643/0x950 [ 152.914263][ T5343] ? __pfx___sys_bpf+0x10/0x10 [ 152.914281][ T5343] ? rcu_is_watching+0x15/0xb0 [ 152.914293][ T5343] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.914304][ T5343] __x64_sys_bpf+0x7c/0x90 [ 152.914320][ T5343] do_syscall_64+0x15f/0xf80 [ 152.914334][ T5343] ? trace_irq_disable+0x3b/0x140 [ 152.914351][ T5343] ? clear_bhb_loop+0x40/0x90 [ 152.914364][ T5343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.914372][ T5343] RIP: 0033:0x7fdd14b9cdd9 [ 152.914381][ T5343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 152.914387][ T5343] RSP: 002b:00007fdd159d8fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 152.914397][ T5343] RAX: ffffffffffffffda RBX: 00007fdd14e15fa0 RCX: 00007fdd14b9cdd9 [ 152.914403][ T5343] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a [ 152.914410][ T5343] RBP: 00007fdd14c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 152.914416][ T5343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.914423][ T5343] R13: 00007fdd14e16038 R14: 00007fdd14e15fa0 R15: 00007fff2a1acab8 [ 152.914441][ T5343] [ 153.054168][ T44] Bluetooth: hci0: command tx timeout