Warning: Permanently added '10.128.1.75' (ED25519) to the list of known hosts.
2026/01/18 12:10:35 parsed 1 programs
[ 71.189282][ T4189] cgroup: Unknown subsys name 'net'
[ 71.329026][ T4189] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 72.810548][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 74.714662][ T4217] syz-executor (4217) used greatest stack depth: 21136 bytes left
[ 75.121639][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 75.140427][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 75.157763][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 75.180262][ T4238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 75.188351][ T4238] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 75.197389][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 76.088466][ T4251] chnl_net:caif_netlink_parms(): no params data found
[ 76.135476][ T4251] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.143599][ T4251] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.151554][ T4251] device bridge_slave_0 entered promiscuous mode
[ 76.160657][ T4251] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.167820][ T4251] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.176902][ T4251] device bridge_slave_1 entered promiscuous mode
[ 76.204375][ T4251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 76.215571][ T4251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 76.240982][ T4251] team0: Port device team_slave_0 added
[ 76.254135][ T4251] team0: Port device team_slave_1 added
[ 76.275903][ T4251] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.282898][ T4251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.310548][ T4251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.329896][ T4251] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.338252][ T4251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.365828][ T4251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.447887][ T4251] device hsr_slave_0 entered promiscuous mode
[ 76.455327][ T4251] device hsr_slave_1 entered promiscuous mode
[ 76.588468][ T4251] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 76.598995][ T4251] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 76.608954][ T4251] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 76.618687][ T4251] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 76.667936][ T4251] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.675169][ T4251] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 76.682864][ T4251] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.689993][ T4251] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 76.751467][ T4251] 8021q: adding VLAN 0 to HW filter on device bond0
[ 76.765123][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 76.775245][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.783331][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.791440][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 76.823362][ T4251] 8021q: adding VLAN 0 to HW filter on device team0
[ 76.834260][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 76.843776][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.850844][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 76.863487][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 76.873247][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.880305][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 76.916483][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 76.925063][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 76.936788][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 76.948693][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 76.961186][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 76.995068][ T4251] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 77.090223][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 77.098365][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 77.112146][ T4251] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 77.152740][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 77.162087][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 77.197505][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 77.206232][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 77.214946][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 77.222608][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 77.232269][ T4251] device veth0_vlan entered promiscuous mode
[ 77.261681][ T4251] device veth1_vlan entered promiscuous mode
[ 77.280326][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 77.288547][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 77.297191][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 77.306591][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 77.316765][ T4251] device veth0_macvtap entered promiscuous mode
[ 77.328199][ T4251] device veth1_macvtap entered promiscuous mode
[ 77.365419][ T4251] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 77.374484][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 77.382594][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 77.391292][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 77.400310][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 77.424002][ T4251] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 77.431522][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 77.440332][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 77.474279][ T4251] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.483817][ T4251] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.492513][ T4251] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.501351][ T4251] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.654186][ T4251] syz-executor (4251) used greatest stack depth: 20432 bytes left
2026/01/18 12:10:45 executed programs: 0
[ 78.754285][ T4303] chnl_net:caif_netlink_parms(): no params data found
[ 78.813861][ T4303] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.821034][ T4303] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.829331][ T4303] device bridge_slave_0 entered promiscuous mode
[ 78.839199][ T4303] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.846396][ T4303] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.854606][ T4303] device bridge_slave_1 entered promiscuous mode
[ 78.878945][ T4303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 78.890495][ T4303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 78.915172][ T4303] team0: Port device team_slave_0 added
[ 78.923532][ T4303] team0: Port device team_slave_1 added
[ 78.944579][ T4303] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 78.951558][ T4303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.977650][ T4303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 78.993217][ T4303] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 79.000183][ T4303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.026495][ T4303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 79.058495][ T4303] device hsr_slave_0 entered promiscuous mode
[ 79.066704][ T4303] device hsr_slave_1 entered promiscuous mode
[ 79.073933][ T4303] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 79.081725][ T4303] Cannot create hsr debugfs directory
[ 79.178888][ T4303] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.664028][ T4270] Bluetooth: hci0: command 0x0409 tx timeout
[ 82.509343][ T4303] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 82.743340][ T4288] Bluetooth: hci0: command 0x041b tx timeout
[ 82.818263][ T4303] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 82.858832][ T4303] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 83.014393][ T4303] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 83.024360][ T4303] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 83.034444][ T4303] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 83.045232][ T4303] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 83.106272][ T4303] 8021q: adding VLAN 0 to HW filter on device bond0
[ 83.131546][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 83.139446][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 83.150842][ T4303] 8021q: adding VLAN 0 to HW filter on device team0
[ 83.160684][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 83.170824][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 83.179306][ T155] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.186374][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.195769][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 83.206310][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 83.215417][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 83.225626][ T155] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.232677][ T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.257305][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 83.269103][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 83.281048][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 83.290604][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 83.299710][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 83.322157][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 83.331106][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 83.347036][ T4303] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 83.357588][ T4303] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 83.370382][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 83.379895][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 83.391869][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 83.400521][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 83.408944][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 83.488902][ T154] device hsr_slave_0 left promiscuous mode
[ 83.495944][ T154] device hsr_slave_1 left promiscuous mode
[ 83.502764][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 83.514112][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 83.522346][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 83.529958][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 83.539370][ T154] device bridge_slave_1 left promiscuous mode
[ 83.546671][ T154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.560518][ T154] device bridge_slave_0 left promiscuous mode
[ 83.567856][ T154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.585185][ T154] device veth1_macvtap left promiscuous mode
[ 83.591444][ T154] device veth0_macvtap left promiscuous mode
[ 83.597614][ T154] device veth1_vlan left promiscuous mode
[ 83.603678][ T154] device veth0_vlan left promiscuous mode
[ 83.768256][ T154] team0 (unregistering): Port device team_slave_1 removed
[ 83.781343][ T154] team0 (unregistering): Port device team_slave_0 removed
[ 83.795936][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 83.809847][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 83.865030][ T154] bond0 (unregistering): Released all slaves
[ 83.965798][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 83.973338][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 83.987558][ T4303] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 84.010439][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 84.020179][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 84.043629][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 84.051906][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 84.061570][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 84.069376][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 84.079754][ T4303] device veth0_vlan entered promiscuous mode
[ 84.099655][ T4303] device veth1_vlan entered promiscuous mode
[ 84.122686][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 84.132035][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 84.140595][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 84.149459][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 84.161208][ T4303] device veth0_macvtap entered promiscuous mode
[ 84.172036][ T4303] device veth1_macvtap entered promiscuous mode
[ 84.190139][ T4303] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 84.202472][ T4303] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 84.210425][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 84.219027][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 84.228152][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 84.237074][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 84.248579][ T4303] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.258042][ T4303] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.267559][ T4303] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.276819][ T4303] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.324856][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.332812][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.365188][ T4283] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.371044][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 84.380896][ T4283] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.390103][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 84.478367][ T4322]
[ 84.480884][ T4322] =============================
[ 84.487634][ T4322] WARNING: suspicious RCU usage
[ 84.492509][ T4322] syzkaller #0 Not tainted
[ 84.497835][ T4322] -----------------------------
[ 84.502731][ T4322] kernel/events/callchain.c:161 suspicious rcu_dereference_check() usage!
[ 84.514192][ T4322]
[ 84.514192][ T4322] other info that might help us debug this:
[ 84.514192][ T4322]
[ 84.524839][ T4322]
[ 84.524839][ T4322] rcu_scheduler_active = 2, debug_locks = 1
[ 84.533352][ T4322] 1 lock held by syz.0.17/4322:
[ 84.538233][ T4322] #0: ffffffff8c31c8a0 (rcu_read_lock_trace){....}-{0:0}, at: rcu_lock_acquire+0x9/0x30
[ 84.550397][ T4322]
[ 84.550397][ T4322] stack backtrace:
[ 84.557050][ T4322] CPU: 0 PID: 4322 Comm: syz.0.17 Not tainted syzkaller #0
[ 84.564294][ T4322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 84.574373][ T4322] Call Trace:
[ 84.577679][ T4322]
[ 84.580638][ T4322] dump_stack_lvl+0x188/0x250
[ 84.585337][ T4322] ? load_image+0x400/0x400
[ 84.589863][ T4322] ? show_regs_print_info+0x20/0x20
[ 84.595076][ T4322] ? print_tainted+0x148/0x170
[ 84.599873][ T4322] ? lockdep_rcu_suspicious+0x110/0x180
[ 84.605439][ T4322] get_callchain_entry+0x2a5/0x3b0
[ 84.610569][ T4322] get_perf_callchain+0xab/0x460
[ 84.615536][ T4322] ? put_callchain_entry+0xb0/0xb0
[ 84.620689][ T4322] ? mark_lock+0x94/0x320
[ 84.625073][ T4322] ? verify_lock_unused+0x140/0x140
[ 84.630288][ T4322] ? __lock_acquire+0x13bc/0x7d10
[ 84.635345][ T4322] __bpf_get_stack+0x2db/0x530
[ 84.640175][ T4322] ? stack_map_get_build_id_offset+0x860/0x860
[ 84.646366][ T4322] ? __cant_sleep+0x220/0x220
[ 84.651107][ T4322] ? bpf_prog_14d9fb3786f83342+0x3d/0x844
[ 84.656863][ T4322] bpf_get_stack_raw_tp+0x189/0x1c0
[ 84.662093][ T4322] bpf_prog_14d9fb3786f83342+0x3d/0x844
[ 84.667671][ T4322] bpf_prog_run_pin_on_cpu+0x63/0x140
[ 84.673075][ T4322] bpf_prog_test_run_syscall+0x35a/0x4f0
[ 84.678741][ T4322] ? sock_gen_cookie+0x60/0x60
[ 84.683534][ T4322] ? __fdget+0x150/0x210
[ 84.687795][ T4322] ? sock_gen_cookie+0x60/0x60
[ 84.692585][ T4322] bpf_prog_test_run+0x31e/0x390
[ 84.697561][ T4322] __sys_bpf+0x5a5/0x6f0
[ 84.701828][ T4322] ? bpf_link_show_fdinfo+0x380/0x380
[ 84.707235][ T4322] ? vtime_user_exit+0x2c8/0x3e0
[ 84.712210][ T4322] __x64_sys_bpf+0x78/0x90
[ 84.716690][ T4322] do_syscall_64+0x4c/0xa0
[ 84.721141][ T4322] ? clear_bhb_loop+0x30/0x80
[ 84.725846][ T4322] ? clear_bhb_loop+0x30/0x80
[ 84.730582][ T4322] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.736517][ T4322] RIP: 0033:0x7f9e2ac23cb9
[ 84.740968][ T4322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 84.760600][ T4322] RSP: 002b:00007ffdef3c2728 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 84.769072][ T4322] RAX: ffffffffffffffda RBX: 00007f9e2ae9efa0 RCX: 00007f9e2ac23cb9
[ 84.777098][ T4322] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a
[ 84.785113][ T4322] RBP: 00007f9e2ac91bf7 R08: 0000000000000000 R09: 0000000000000000
[ 84.793101][ T4322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 84.801086][ T4322] R13: 00007f9e2ae9efac R14: 00007f9e2ae9efa0 R15: 00007f9e2ae9efa0
[ 84.809084][ T4322]
[ 84.818376][ T4322]
[ 84.820738][ T4322] =============================
[ 84.826216][ T4273] Bluetooth: hci0: command 0x040f tx timeout
[ 84.833342][ T4322] WARNING: suspicious RCU usage
[ 84.838316][ T4322] syzkaller #0 Not tainted
[ 84.842739][ T4322] -----------------------------
[ 84.848789][ T4322] include/linux/perf_event.h:1274 suspicious rcu_dereference_check() usage!
[ 84.857735][ T4322]
[ 84.857735][ T4322] other info that might help us debug this:
[ 84.857735][ T4322]
[ 84.868337][ T4322]
[ 84.868337][ T4322] rcu_scheduler_active = 2, debug_locks = 1
[ 84.876803][ T4322] 1 lock held by syz.0.17/4322:
[ 84.881684][ T4322] #0: ffffffff8c31c8a0 (rcu_read_lock_trace){....}-{0:0}, at: rcu_lock_acquire+0x9/0x30
[ 84.892044][ T4322]
[ 84.892044][ T4322] stack backtrace:
[ 84.898390][ T4322] CPU: 0 PID: 4322 Comm: syz.0.17 Not tainted syzkaller #0
[ 84.905618][ T4322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 84.915705][ T4322] Call Trace:
[ 84.919014][ T4322]
[ 84.921993][ T4322] dump_stack_lvl+0x188/0x250
[ 84.926702][ T4322] ? load_image+0x400/0x400
[ 84.931246][ T4322] ? show_regs_print_info+0x20/0x20
[ 84.936489][ T4322] ? lockdep_rcu_suspicious+0x110/0x180
[ 84.942067][ T4322] perf_callchain_kernel+0x5f1/0x720
[ 84.947376][ T4322] ? load_image+0x400/0x400
[ 84.951907][ T4322] ? show_regs_print_info+0x20/0x20
[ 84.957149][ T4322] ? print_tainted+0x148/0x170
[ 84.961944][ T4322] ? arch_perf_update_userpage+0x3c0/0x3c0
[ 84.967789][ T4322] ? get_callchain_entry+0x181/0x3b0
[ 84.973096][ T4322] get_perf_callchain+0x356/0x460
[ 84.978166][ T4322] ? put_callchain_entry+0xb0/0xb0
[ 84.983306][ T4322] ? mark_lock+0x94/0x320
[ 84.987660][ T4322] ? verify_lock_unused+0x140/0x140
[ 84.992895][ T4322] ? __lock_acquire+0x13bc/0x7d10
[ 84.997962][ T4322] __bpf_get_stack+0x2db/0x530
[ 85.002759][ T4322] ? stack_map_get_build_id_offset+0x860/0x860
[ 85.008943][ T4322] ? __cant_sleep+0x220/0x220
[ 85.013651][ T4322] ? bpf_prog_14d9fb3786f83342+0x3d/0x844
[ 85.019388][ T4322] bpf_get_stack_raw_tp+0x189/0x1c0
[ 85.024609][ T4322] bpf_prog_14d9fb3786f83342+0x3d/0x844
[ 85.030168][ T4322] bpf_prog_run_pin_on_cpu+0x63/0x140
[ 85.035562][ T4322] bpf_prog_test_run_syscall+0x35a/0x4f0
[ 85.041237][ T4322] ? sock_gen_cookie+0x60/0x60
[ 85.046030][ T4322] ? __fdget+0x150/0x210
[ 85.050299][ T4322] ? sock_gen_cookie+0x60/0x60
[ 85.055085][ T4322] bpf_prog_test_run+0x31e/0x390
[ 85.060139][ T4322] __sys_bpf+0x5a5/0x6f0
[ 85.064401][ T4322] ? bpf_link_show_fdinfo+0x380/0x380
[ 85.069819][ T4322] ? vtime_user_exit+0x2c8/0x3e0
[ 85.074818][ T4322] __x64_sys_bpf+0x78/0x90
[ 85.079260][ T4322] do_syscall_64+0x4c/0xa0
[ 85.083706][ T4322] ? clear_bhb_loop+0x30/0x80
[ 85.088398][ T4322] ? clear_bhb_loop+0x30/0x80
[ 85.093097][ T4322] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 85.099010][ T4322] RIP: 0033:0x7f9e2ac23cb9
[ 85.103440][ T4322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 85.123101][ T4322] RSP: 002b:00007ffdef3c2728 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 85.131535][ T4322] RAX: ffffffffffffffda RBX: 00007f9e2ae9efa0 RCX: 00007f9e2ac23cb9
[ 85.139530][ T4322] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a
[ 85.147540][ T4322] RBP: 00007f9e2ac91bf7 R08: 0000000000000000 R09: 0000000000000000
[ 85.155544][ T4322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.163538][ T4322] R13: 00007f9e2ae9efac R14: 00007f9e2ae9efa0 R15: 00007f9e2ae9efa0
[ 85.171583][ T4322]