program: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) [ 76.187808][ T45] Bluetooth: hci0: command tx timeout [ 76.248335][ T5333] [ 76.249552][ T5333] ============================= [ 76.251749][ T5333] WARNING: suspicious RCU usage [ 76.254059][ T5333] 6.16.0-syzkaller-08685-g260f6f4fda93 #0 Not tainted [ 76.257520][ T5333] ----------------------------- [ 76.260031][ T5333] kernel/events/callchain.c:163 suspicious rcu_dereference_check() usage! [ 76.264618][ T5333] [ 76.264618][ T5333] other info that might help us debug this: [ 76.264618][ T5333] [ 76.269647][ T5333] [ 76.269647][ T5333] rcu_scheduler_active = 2, debug_locks = 1 [ 76.273231][ T5333] 1 lock held by syz.0.0/5333: [ 76.275390][ T5333] #0: ffffffff8e139fc0 (rcu_read_lock_trace){....}-{0:0}, at: rcu_read_lock_trace+0x38/0x80 [ 76.280481][ T5333] [ 76.280481][ T5333] stack backtrace: [ 76.283427][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 76.283442][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.283450][ T5333] Call Trace: [ 76.283458][ T5333] [ 76.283467][ T5333] dump_stack_lvl+0x189/0x250 [ 76.283489][ T5333] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.283502][ T5333] ? __pfx__printk+0x10/0x10 [ 76.283529][ T5333] lockdep_rcu_suspicious+0x140/0x1d0 [ 76.283550][ T5333] get_callchain_entry+0x2b6/0x3c0 [ 76.283608][ T5333] get_perf_callchain+0xa1/0x6b0 [ 76.283624][ T5333] ? __pfx_get_perf_callchain+0x10/0x10 [ 76.283640][ T5333] ? preempt_schedule+0xae/0xc0 [ 76.283683][ T5333] __bpf_get_stack+0x3fc/0xa60 [ 76.283732][ T5333] ? __pfx___bpf_get_stack+0x10/0x10 [ 76.283749][ T5333] ? __lock_acquire+0xab9/0xd20 [ 76.283768][ T5333] bpf_get_stack+0x33/0x50 [ 76.283785][ T5333] ? bpf_prog_b8a90dd1efcc4ad9+0x46/0x4e [ 76.283797][ T5333] bpf_get_stack_raw_tp+0x1a9/0x220 [ 76.283813][ T5333] bpf_prog_b8a90dd1efcc4ad9+0x46/0x4e [ 76.283824][ T5333] bpf_prog_run_pin_on_cpu+0xbc/0x150 [ 76.283839][ T5333] bpf_prog_test_run_syscall+0x312/0x4b0 [ 76.283855][ T5333] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 76.283867][ T5333] ? __fget_files+0x2a/0x420 [ 76.283882][ T5333] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 76.283895][ T5333] bpf_prog_test_run+0x2c7/0x340 [ 76.283915][ T5333] __sys_bpf+0x581/0x870 [ 76.283929][ T5333] ? __pfx___sys_bpf+0x10/0x10 [ 76.283939][ T5333] ? rcu_is_watching+0x15/0xb0 [ 76.283967][ T5333] ? rcu_is_watching+0x15/0xb0 [ 76.283985][ T5333] __x64_sys_bpf+0x7c/0x90 [ 76.283998][ T5333] do_syscall_64+0xfa/0x3b0 [ 76.284010][ T5333] ? lockdep_hardirqs_on+0x9c/0x150 [ 76.284022][ T5333] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.284033][ T5333] ? clear_bhb_loop+0x60/0xb0 [ 76.284048][ T5333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.284059][ T5333] RIP: 0033:0x7ff1a778e9a9 [ 76.284071][ T5333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.284081][ T5333] RSP: 002b:00007ff1a85ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 76.284095][ T5333] RAX: ffffffffffffffda RBX: 00007ff1a79b5fa0 RCX: 00007ff1a778e9a9 [ 76.284103][ T5333] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a [ 76.284111][ T5333] RBP: 00007ff1a7810d69 R08: 0000000000000000 R09: 0000000000000000 [ 76.284118][ T5333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.284126][ T5333] R13: 0000000000000000 R14: 00007ff1a79b5fa0 R15: 00007fff97246008 [ 76.284143][ T5333]