Hi Steven, I can produce this in 3.5.0-rc6 as well as in 3.2. Basically it's the rcu_dereference_raw(ftrace_ops_list) call that triggered the __rcu_dereference_check()/lock_is_held()/check_flags() warning. [ 3.500806] Testing dynamic ftrace: PASSED [ 3.910268] Testing dynamic ftrace ops #1: (1 0 1 1 0) (1 1 2 1 0) (2 1 3 1 36) (2 2 4 1 164) [ 4.000026] ------------[ cut here ]-- ---------- [ 4.000026] WARNING: at /c/wfg/linux/kernel/lockdep.c:3506 check_flags+0x140/0x177() [ 4.000026] Hardware name: Bochs [ 4.000026] Modules linked in: [ 4.000026] [ 4.000026] Pid: 0, comm: swapper/0 Not tainted 3.5.0-rc6-bisect #48 [ 4.000026] Call Trace: [ 4.000026] [] warn_slowpath_common+0x83/0x9c [ 4.000026] [] warn_slowpath_null+0x1a/0x1c [ 4.000026] [] check_flags+0x140/0x177 [ 4.000026] [] lock_is_held+0x3c/0xa7 [ 4.000026] [] ? sub_preempt_count+0x7/0xe0 [ 4.000026] [] ? __local_bh_enable+0xda/0x18f [ 4.000026] [] ftrace_ops_list_func+0xae/0xf2 [ 4.000026] [] ftrace_call+0x5/0x2b [ 4.000026] [] ? sub_preempt_count+0xc/0xe0 [ 4.000026] [] __local_bh_enable+0xda/0x18f [ 4.000026] [] _local_bh_enable+0x13/0x15 [ 4.000026] [] irq_enter+0x4f/0x74 [ 4.000026] [] smp_apic_timer_interrupt+0x3e/0x98 [ 4.000026] [] apic_timer_interrupt+0x6f/0x80 [ 4.000026] [] ? rcu_is_cpu_idle+0x67/0x78 [ 4.000026] [] ? native_safe_halt+0x6/0x8 [ 4.000026] [] ? trace_hardirqs_on+0xd/0xf [ 4.000026] [] default_idle+0x127/0x2cd [ 4.000026] [] cpu_idle+0x11d/0x1e7 [ 4.000026] [] rest_init+0x130/0x137 [ 4.000026] [] ? csum_partial_copy_generic+0x16c/0x16c [ 4.000026] [] start_kernel+0x3c8/0x3d5 [ 4.000026] [] ? repair_env_string+0x5a/0x5a [ 4.000026] [] x86_64_start_reservations+0xb1/0xb5 [ 4.000026] [] x86_64_start_kernel+0xfe/0x10b Thanks, Fengguang