bridge0: port 1(bridge_slave_0) entered forwarding state
bridge0: topology change detected, propagating
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P4989/1:b..l P5283/1:b..l P16505/1:b..l P5284/1:b..l P5607/1:b..l
rcu: 	(detected by 1, t=10502 jiffies, g=106613, q=1261 ncpus=2)
task:syz-executor    state:R  running task     stack:21056 pid:5607  tgid:5607  ppid:5606   task_flags:0x400100 flags:0x00080800
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5387 [inline]
 __schedule+0x17b4/0x5680 kernel/sched/core.c:7188
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7512
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x14f/0x730 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:trace_lock_acquire include/trace/events/lock.h:24 [inline]
RIP: 0010:lock_acquire+0x58/0x350 kernel/locking/lockdep.c:5831
Code: 8b 05 ac 61 97 11 48 89 44 24 58 0f 1f 44 00 00 65 8b 05 af 61 97 11 83 f8 08 0f 83 83 01 00 00 89 c0 48 0f a3 05 58 05 8f 0e <73> 0d e8 11 28 09 00 84 c0 0f 84 ca 01 00 00 83 3d 12 38 8f 0e 00
RSP: 0018:ffffc900035e7598 EFLAGS: 00000297
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000002
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8e95cd60
RBP: ffffffff8176e256 R08: 0000000000000000 R09: 0000000000000000
R10: ffffc900035e7758 R11: ffffffff81b0d880 R12: 0000000000000002
R13: ffffffff8e95cd60 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:300 [inline]
 rcu_read_lock include/linux/rcupdate.h:838 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1181 [inline]
 unwind_next_frame+0xc3/0x2550 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1402 [inline]
 __free_frozen_pages+0xbc7/0xd30 mm/page_alloc.c:2943
 __slab_free+0x274/0x2c0 mm/slub.c:5608
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x99/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4569 [inline]
 slab_alloc_node mm/slub.c:4898 [inline]
 kmem_cache_alloc_noprof+0x2bc/0x650 mm/slub.c:4905
 lsm_file_alloc security/security.c:171 [inline]
 security_file_alloc+0x34/0x310 security/security.c:2406
 init_file+0x90/0x2b0 fs/file_table.c:184
 alloc_empty_file+0x74/0x1d0 fs/file_table.c:266
 alloc_file fs/file_table.c:396 [inline]
 alloc_file_pseudo+0x155/0x240 fs/file_table.c:425
 create_pipe_files+0x32a/0x7e0 fs/pipe.c:944
 __do_pipe_flags+0x46/0x1f0 fs/pipe.c:990
 do_pipe2+0xaa/0x190 fs/pipe.c:1038
 __do_sys_pipe2 fs/pipe.c:1056 [inline]
 __se_sys_pipe2 fs/pipe.c:1054 [inline]
 __x64_sys_pipe2+0x5a/0x70 fs/pipe.c:1054
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4cb519be09
RSP: 002b:00007ffed69efae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
RAX: ffffffffffffffda RBX: 0000555582ebec50 RCX: 00007f4cb519be09
RDX: 0000000000000005 RSI: 0000000000000000 RDI: 00007ffed69efb00
RBP: 00007ffed69f00c0 R08: 00000000000002e0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed69efc20
R13: 0000555582ebdb90 R14: 0000555582ebfa30 R15: 00007ffed69efc40
 </TASK>
task:dhcpcd          state:R  running task     stack:20376 pid:5284  tgid:5284  ppid:5283   task_flags:0x400140 flags:0x00080800
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5387 [inline]
 __schedule+0x17b4/0x5680 kernel/sched/core.c:7188
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7512
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x14f/0x730 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:27 [inline]
RIP: 0010:check_kcov_mode kernel/kcov.c:183 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x10/0x70 kernel/kcov.c:217
Code: de 5b e9 43 ea 5f 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 65 48 8b 0d c8 53 73 11 <65> 8b 15 e9 53 73 11 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75
RSP: 0018:ffffc900032c79b8 EFLAGS: 00000246
RAX: ffffffff823c69df RBX: 0000000000064159 RCX: ffff88802e495c40
RDX: 0000000000000000 RSI: ffffffff8c28abc0 RDI: 0000000000064159
RBP: dffffc0000000000 R08: ffffffff823c733a R09: ffffffff8e95cd60
R10: dffffc0000000000 R11: ffffed100691e7ee R12: 0000000000064159
R13: 0000000000064159 R14: 0000000000000000 R15: 0000000000000000
 _static_cpu_has arch/x86/include/asm/cpufeature.h:101 [inline]
 __nr_to_section include/linux/mmzone.h:2061 [inline]
 __pfn_to_section include/linux/mmzone.h:2198 [inline]
 lookup_page_ext mm/page_ext.c:255 [inline]
 page_ext_lookup+0x15f/0x180 mm/page_ext.c:513
 page_ext_iter_begin include/linux/page_ext.h:133 [inline]
 __page_table_check_zero+0x135/0x3e0 mm/page_table_check.c:139
 page_table_check_free include/linux/page_table_check.h:46 [inline]
 __free_pages_prepare mm/page_alloc.c:1403 [inline]
 __free_frozen_pages+0xbd7/0xd30 mm/page_alloc.c:2943
 __slab_free+0x274/0x2c0 mm/slub.c:5608
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x99/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4569 [inline]
 slab_alloc_node mm/slub.c:4898 [inline]
 __do_kmalloc_node mm/slub.c:5294 [inline]
 __kmalloc_noprof+0x316/0x760 mm/slub.c:5307
 kmalloc_noprof include/linux/slab.h:954 [inline]
 kzalloc_noprof include/linux/slab.h:1188 [inline]
 lsm_blob_alloc security/security.c:218 [inline]
 lsm_sock_alloc security/security.c:4478 [inline]
 security_sk_alloc+0x52/0x360 security/security.c:4494
 sk_prot_alloc+0x101/0x210 net/core/sock.c:2250
 sk_alloc+0x3a/0x390 net/core/sock.c:2303
 unix_create1+0xb0/0x7d0 net/unix/af_unix.c:-1
 unix_create+0x16b/0x210 net/unix/af_unix.c:1169
 __sock_create+0x4b2/0x9d0 net/socket.c:1664
 sock_create net/socket.c:1722 [inline]
 __sys_socketpair+0x1c4/0x560 net/socket.c:1869
 __do_sys_socketpair net/socket.c:1922 [inline]
 __se_sys_socketpair net/socket.c:1919 [inline]
 __x64_sys_socketpair+0x9b/0xb0 net/socket.c:1919
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3983f6773a
RSP: 002b:00007ffcb3de6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 000055f63cb97710 RCX: 00007f3983f6773a
RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000001
RBP: 00007ffcb3e07090 R08: 0000000000000000 R09: 0000000000000001
R10: 00007ffcb3de6c80 R11: 0000000000000246 R12: 00007ffcb3de6c80
R13: 0000000000000001 R14: 0000000000000000 R15: 000055f62cad9ac0
 </TASK>
task:syz-executor    state:R  running task     stack:22280 pid:16505 tgid:16505 ppid:16482  task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5387 [inline]
 __schedule+0x17b4/0x5680 kernel/sched/core.c:7188
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7512
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x14f/0x730 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_acquire+0x221/0x350 kernel/locking/lockdep.c:5872
Code: ff ff ff e8 e1 94 06 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 cb 5f 97 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 58 61 92
RSP: 0018:ffffc9000d28ef78 EFLAGS: 00000286
RAX: 04a1a649f2581300 RBX: 0000000000000000 RCX: 0000000000000046
RDX: 00000000227b56dc RSI: ffffffff8e21bc35 RDI: ffffffff8c28abe0
RBP: ffffffff8176e256 R08: ffffffff8176e256 R09: ffffffff8e95cd60
R10: ffffc9000d28f0d8 R11: ffffffff81b0d880 R12: 0000000000000002
R13: ffffffff8e95cd60 R14: 0000000000000000 R15: 0000000000000246
 rcu_lock_acquire include/linux/rcupdate.h:300 [inline]
 rcu_read_lock include/linux/rcupdate.h:838 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1181 [inline]
 unwind_next_frame+0xc3/0x2550 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1402 [inline]
 __free_frozen_pages+0xbc7/0xd30 mm/page_alloc.c:2943
 __slab_free+0x274/0x2c0 mm/slub.c:5608
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x99/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x22/0xb0 mm/kasan/common.c:406
 kasan_kmalloc include/linux/kasan.h:263 [inline]
 __do_kmalloc_node mm/slub.c:5295 [inline]
 __kmalloc_node_noprof+0x4e0/0x7c0 mm/slub.c:5301
 kmalloc_node_noprof include/linux/slab.h:1081 [inline]
 __vmalloc_area_node mm/vmalloc.c:3857 [inline]
 __vmalloc_node_range_noprof+0x5ef/0x1750 mm/vmalloc.c:4064
 __vmalloc_node_noprof mm/vmalloc.c:4124 [inline]
 vzalloc_noprof+0xb2/0xe0 mm/vmalloc.c:4202
 alloc_counters+0x64/0x5d0 net/ipv4/netfilter/ip_tables.c:799
 copy_entries_to_user net/ipv4/netfilter/ip_tables.c:821 [inline]
 get_entries net/ipv4/netfilter/ip_tables.c:1022 [inline]
 do_ipt_get_ctl+0xada/0x1240 net/ipv4/netfilter/ip_tables.c:1668
 nf_getsockopt+0x26e/0x290 net/netfilter/nf_sockopt.c:116
 ip_getsockopt+0x19e/0x230 net/ipv4/ip_sockglue.c:1777
 do_sock_getsockopt+0x51d/0x7e0 net/socket.c:2487
 __sys_getsockopt net/socket.c:2518 [inline]
 __do_sys_getsockopt net/socket.c:2525 [inline]
 __se_sys_getsockopt net/socket.c:2522 [inline]
 __x64_sys_getsockopt+0x1a4/0x240 net/socket.c:2522
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa872d9e5aa
RSP: 002b:00007fff264e3d88 EFLAGS: 00000202 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00007fff264e3e10 RCX: 00007fa872d9e5aa
RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000003 R08: 00007fff264e3dac R09: 0000000000000000
R10: 00007fff264e3e10 R11: 0000000000000202 R12: 00007fa872feb680
R13: 00007fff264e3dac R14: 0000000000000000 R15: 00007fa872fed180
 </TASK>
task:dhcpcd          state:R  running task     stack:24472 pid:5283  tgid:5283  ppid:1      task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5387 [inline]
 __schedule+0x17b4/0x5680 kernel/sched/core.c:7188
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7512
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x14f/0x730 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:native_irq_disable arch/x86/include/asm/irqflags.h:37 [inline]
RIP: 0010:arch_local_irq_disable arch/x86/include/asm/irqflags.h:114 [inline]
RIP: 0010:arch_local_irq_save arch/x86/include/asm/irqflags.h:128 [inline]
RIP: 0010:lock_release+0x94/0x3c0 kernel/locking/lockdep.c:5885
Code: 85 0d 02 00 00 65 4c 8b 3d 71 30 97 11 41 83 bf 8c 0b 00 00 00 0f 85 f7 01 00 00 49 81 3e 80 d3 fc 93 0f 84 ea 01 00 00 9c 5b <fa> 48 c7 c7 0f 27 fc 8d e8 9f 81 06 0a 65 ff 05 e8 75 97 11 c7 44
RSP: 0018:ffffc900032b6f90 EFLAGS: 00000202
RAX: 0000000000000000 RBX: 0000000000000202 RCX: 0000000080000001
RDX: ffffc900032b7101 RSI: ffffffff8c28abc0 RDI: ffffffff8c28ab80
RBP: dffffc0000000000 R08: ffffc900032b73d0 R09: 0000000000000000
R10: ffffc900032b7118 R11: fffff52000656e25 R12: ffffc900032b73e0
R13: ffffffff8176e256 R14: ffffffff8e95cd60 R15: ffff88802e283d80
 rcu_lock_release include/linux/rcupdate.h:310 [inline]
 rcu_read_unlock include/linux/rcupdate.h:869 [inline]
 class_rcu_destructor include/linux/rcupdate.h:1181 [inline]
 unwind_next_frame+0x1bba/0x2550 arch/x86/kernel/unwind_orc.c:709
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1402 [inline]
 __free_frozen_pages+0xbc7/0xd30 mm/page_alloc.c:2943
 __slab_free+0x274/0x2c0 mm/slub.c:5608
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x99/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x22/0xb0 mm/kasan/common.c:406
 kasan_kmalloc include/linux/kasan.h:263 [inline]
 __do_kmalloc_node mm/slub.c:5295 [inline]
 __kmalloc_node_track_caller_noprof+0x4db/0x7b0 mm/slub.c:5403
 kmalloc_reserve net/core/skbuff.c:635 [inline]
 __alloc_skb+0x2c1/0x7d0 net/core/skbuff.c:713
 alloc_skb include/linux/skbuff.h:1383 [inline]
 alloc_skb_with_frags+0xc8/0x760 net/core/skbuff.c:6734
 sock_alloc_send_pskb+0x878/0x990 net/core/sock.c:2998
 unix_dgram_sendmsg+0x460/0x18d0 net/unix/af_unix.c:2141
 sock_sendmsg_nosec net/socket.c:787 [inline]
 __sock_sendmsg net/socket.c:802 [inline]
 sock_write_iter+0x49b/0x4f0 net/socket.c:1254
 do_iter_readv_writev+0x619/0x8c0 fs/read_write.c:-1
 vfs_writev+0x33c/0x990 fs/read_write.c:1059
 do_writev+0x154/0x2e0 fs/read_write.c:1105
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3983eec407
RSP: 002b:00007ffcb3e06d30 EFLAGS: 00000202 ORIG_RAX: 0000000000000014
RAX: ffffffffffffffda RBX: 00007f3983e62780 RCX: 00007f3983eec407
RDX: 0000000000000005 RSI: 00007ffcb3e06d90 RDI: 000000000000000a
RBP: 000055f62cabf870 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 000055f63cb773c0
R13: 000000000000012c R14: 0000000000004801 R15: 000055f63cb724d4
 </TASK>
task:udevd           state:R  running task     stack:22664 pid:4989  tgid:4989  ppid:1      task_flags:0x400140 flags:0x00080800
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5387 [inline]
 __schedule+0x17b4/0x5680 kernel/sched/core.c:7188
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7512
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x14f/0x730 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_release+0x2d7/0x3c0 kernel/locking/lockdep.c:5893
Code: 73 97 11 00 00 00 00 eb b5 e8 45 63 06 0a f7 c3 00 02 00 00 74 b9 65 48 8b 05 35 2e 97 11 48 3b 44 24 28 75 44 fb 48 83 c4 30 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 9a 55 09 0a cc 48 8d 3d 32 33 92
RSP: 0018:ffffc90002f76f80 EFLAGS: 00000282
RAX: 640859a4e0dabe00 RBX: 0000000000000202 RCX: 0000000000000046
RDX: 0000000000000002 RSI: ffffffff8e21bc35 RDI: ffffffff8c28abe0
RBP: ffff88807ea7aaa0 R08: ffffc90002f770d8 R09: 0000000000000000
R10: ffffc90002f77138 R11: fffff520005eee29 R12: 0000000000000002
R13: 0000000000000002 R14: ffffffff8e95cd60 R15: ffff88807ea79ec0
 rcu_lock_release include/linux/rcupdate.h:310 [inline]
 rcu_read_unlock include/linux/rcupdate.h:869 [inline]
 class_rcu_destructor include/linux/rcupdate.h:1181 [inline]
 unwind_next_frame+0x1bba/0x2550 arch/x86/kernel/unwind_orc.c:709
 __unwind_start+0x5b8/0x760 arch/x86/kernel/unwind_orc.c:787
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0xe3/0x150 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1402 [inline]
 __free_frozen_pages+0xbc7/0xd30 mm/page_alloc.c:2943
 __slab_free+0x274/0x2c0 mm/slub.c:5608
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x99/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4569 [inline]
 slab_alloc_node mm/slub.c:4898 [inline]
 __do_kmalloc_node mm/slub.c:5294 [inline]
 __kmalloc_noprof+0x316/0x760 mm/slub.c:5307
 kmalloc_noprof include/linux/slab.h:954 [inline]
 tomoyo_realpath_from_path+0xe3/0x5d0 security/tomoyo/realpath.c:251
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_check_open_permission+0x229/0x470 security/tomoyo/file.c:776
 security_file_open+0xa9/0x240 security/security.c:2739
 do_dentry_open+0x384/0x14e0 fs/open.c:924
 vfs_open+0x3b/0x340 fs/open.c:1079
 do_open fs/namei.c:4699 [inline]
 path_openat+0x2e08/0x3860 fs/namei.c:4858
 do_file_open+0x23e/0x4a0 fs/namei.c:4887
 do_sys_openat2+0x113/0x200 fs/open.c:1364
 do_sys_open fs/open.c:1370 [inline]
 __do_sys_openat fs/open.c:1386 [inline]
 __se_sys_openat fs/open.c:1381 [inline]
 __x64_sys_openat+0x138/0x170 fs/open.c:1381
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4a9fea7407
RSP: 002b:00007ffc43a0a810 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f4aa0561880 RCX: 00007f4a9fea7407
RDX: 0000000000080000 RSI: 00007ffc43a0a990 RDI: ffffffffffffff9c
RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 000055ce409a67f5
R13: 000055ce409a67f5 R14: 0000000000000001 R15: 00007ffc43a0efe0
 </TASK>
rcu: rcu_preempt kthread starved for 9162 jiffies! g106613 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27536 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5387 [inline]
 __schedule+0x17b4/0x5680 kernel/sched/core.c:7188
 __schedule_loop kernel/sched/core.c:7267 [inline]
 schedule+0x164/0x360 kernel/sched/core.c:7282
 schedule_timeout+0x158/0x2c0 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x312/0x11d0 kernel/rcu/tree.c:2095
 rcu_gp_kthread+0x9e/0x2b0 kernel/rcu/tree.c:2297
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 3226 Comm: kworker/R-bat_e Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
Workqueue: bat_events batadv_tt_purge
RIP: 0010:lock_acquire+0x221/0x350 kernel/locking/lockdep.c:5872
Code: ff ff ff e8 e1 94 06 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 cb 5f 97 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 58 61 92
RSP: 0018:ffffc90000a07198 EFLAGS: 00000282
RAX: 5385eff7bafd9400 RBX: 0000000000000000 RCX: 0000000080000301
RDX: 00000000ecf7569c RSI: ffffffff8e21bc35 RDI: ffffffff8c28abe0
RBP: ffffffff8176e256 R08: ffffffff8176e256 R09: ffffffff8e95cd60
R10: ffffc90000a072f8 R11: ffffffff81b0d880 R12: 0000000000000002
R13: ffffffff8e95cd60 R14: 0000000000000000 R15: 0000000000000246
FS:  0000000000000000(0000) GS:ffff888125390000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000089000 CR3: 00000000779e4000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 rcu_lock_acquire include/linux/rcupdate.h:300 [inline]
 rcu_read_lock include/linux/rcupdate.h:838 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1181 [inline]
 unwind_next_frame+0xc3/0x2550 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:57 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
 kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:584
 poison_slab_object mm/kasan/common.c:253 [inline]
 __kasan_slab_free+0x5c/0x80 mm/kasan/common.c:285
 kasan_slab_free include/linux/kasan.h:235 [inline]
 slab_free_hook mm/slub.c:2689 [inline]
 slab_free mm/slub.c:6246 [inline]
 kmem_cache_free+0x182/0x650 mm/slub.c:6373
 skb_ext_reset include/linux/skbuff.h:5116 [inline]
 skb_scrub_packet+0x2c8/0x3d0 net/core/skbuff.c:6243
 ____dev_forward_skb include/linux/netdevice.h:4426 [inline]
 __dev_forward_skb2+0x28f/0x740 net/core/dev.c:2440
 veth_forward_skb drivers/net/veth.c:323 [inline]
 veth_xmit+0x469/0xdb0 drivers/net/veth.c:379
 __netdev_start_xmit include/linux/netdevice.h:5368 [inline]
 netdev_start_xmit include/linux/netdevice.h:5377 [inline]
 xmit_one net/core/dev.c:3888 [inline]
 dev_hard_start_xmit+0x2cd/0x830 net/core/dev.c:3904
 __dev_queue_xmit+0x14d9/0x3950 net/core/dev.c:4870
 dev_queue_xmit include/linux/netdevice.h:3418 [inline]
 br_dev_queue_push_xmit+0x370/0x4b0 net/bridge/br_forward.c:53
 NF_HOOK+0x64e/0x6e0 include/linux/netfilter.h:318
 br_nf_post_routing+0xb66/0xfe0 net/bridge/br_netfilter_hooks.c:960
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_slow+0xc5/0x220 net/netfilter/core.c:619
 nf_hook include/linux/netfilter.h:273 [inline]
 NF_HOOK+0x23e/0x3f0 include/linux/netfilter.h:316
 br_forward_finish+0xd3/0x130 net/bridge/br_forward.c:66
 br_nf_hook_thresh net/bridge/br_netfilter_hooks.c:1161 [inline]
 br_nf_forward_finish+0xa5e/0xe90 net/bridge/br_netfilter_hooks.c:663
 NF_HOOK+0x64e/0x6e0 include/linux/netfilter.h:318
 br_nf_forward_ip+0x7ef/0xa30 net/bridge/br_netfilter_hooks.c:717
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_slow+0xc5/0x220 net/netfilter/core.c:619
 nf_hook include/linux/netfilter.h:273 [inline]
 NF_HOOK+0x23e/0x3f0 include/linux/netfilter.h:316
 __br_forward+0x397/0x540 net/bridge/br_forward.c:115
 br_handle_frame_finish+0x1521/0x1c80 net/bridge/br_input.c:229
 br_nf_hook_thresh+0x3dd/0x4c0 net/bridge/br_netfilter_hooks.c:-1
 br_nf_pre_routing_finish_ipv6+0x91f/0xc30 net/bridge/br_netfilter_ipv6.c:-1
 NF_HOOK include/linux/netfilter.h:318 [inline]
 br_nf_pre_routing_ipv6+0x374/0x6f0 net/bridge/br_netfilter_ipv6.c:183
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_bridge_pre net/bridge/br_input.c:291 [inline]
 br_handle_frame+0x1277/0x1510 net/bridge/br_input.c:442
 __netif_receive_skb_core+0x98f/0x3170 net/core/dev.c:6089
 __netif_receive_skb_one_core net/core/dev.c:6200 [inline]
 __netif_receive_skb net/core/dev.c:6315 [inline]
 process_backlog+0x76d/0x1950 net/core/dev.c:6666
 __napi_poll+0xae/0x340 net/core/dev.c:7730
 napi_poll net/core/dev.c:7793 [inline]
 net_rx_action+0x627/0xf70 net/core/dev.c:7950
 handle_softirqs+0x22a/0x840 kernel/softirq.c:622
 do_softirq+0x76/0xd0 kernel/softirq.c:523
 </IRQ>
 <TASK>
 __local_bh_enable_ip+0xf8/0x130 kernel/softirq.c:450
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 batadv_tt_local_purge+0x2a7/0x340 net/batman-adv/translation-table.c:1320
 batadv_tt_purge+0x35/0x9e0 net/batman-adv/translation-table.c:3514
 process_one_work kernel/workqueue.c:3302 [inline]
 process_scheduled_works+0xb5d/0x1860 kernel/workqueue.c:3385
 rescuer_thread+0x827/0x1130 kernel/workqueue.c:3609
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>