Warning: Permanently added '10.128.0.155' (ECDSA) to the list of known hosts.
syzkaller login: [ 1162.958001] IPVS: ftp: loaded support on port[0] = 21
[ 1162.958664] IPVS: ftp: loaded support on port[0] = 21
[ 1162.985734] IPVS: ftp: loaded support on port[0] = 21
[ 1162.998749] IPVS: ftp: loaded support on port[0] = 21
[ 1163.010615] IPVS: ftp: loaded support on port[0] = 21
[ 1163.030839] IPVS: ftp: loaded support on port[0] = 21
[ 1163.316324] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 1163.326879] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.334574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.344204] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1163.412180] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
[ 1163.439158] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 1163.483243] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.499408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.508019] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.520586] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[ 1163.534915] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1163.543054] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1163.554252] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 1163.567506] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 1163.596036] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 1163.605827] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 1163.618417] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.638841] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.648881] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1163.674859] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.686707] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.707031] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
[ 1163.725653] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1163.736017] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
executing program
[ 1163.766255] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.773352] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1163.782180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.791087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.816490] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1163.831455] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
[ 1163.838554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.841179] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
[ 1163.856800] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
[ 1163.865972] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
[ 1163.868853] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.875200] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.886465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.898626] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.907607] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
[ 1163.908465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.934359] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1163.934665] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.949322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.953522] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
[ 1163.970467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1163.978538] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1163.996499] hrtimer: interrupt took 55401 ns
[ 1164.006560] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
[ 1164.070851] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1165.059835] Bluetooth: hci3: command 0x0409 tx timeout
[ 1165.067161] Bluetooth: hci5: command 0x0409 tx timeout
[ 1165.073710] Bluetooth: hci0: command 0x0409 tx timeout
[ 1165.110029] Bluetooth: hci1: command 0x0409 tx timeout
executing program
[ 1165.167041] Bluetooth: hci2: command 0x0409 tx timeout
executing program
[ 1165.289224] Bluetooth: hci4: command 0x0409 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1167.100932] Bluetooth: hci0: command 0x041b tx timeout
[ 1167.107372] Bluetooth: hci3: command 0x041b tx timeout
executing program
executing program
executing program
[ 1167.228753] Bluetooth: hci1: command 0x041b tx timeout
[ 1167.266962] Bluetooth: hci5: command 0x041b tx timeout
executing program
[ 1167.340431] Bluetooth: hci4: command 0x041b tx timeout
executing program
[ 1167.453310] Bluetooth: hci2: command 0x041b tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1169.181063] Bluetooth: hci3: command 0x040f tx timeout
[ 1169.186651] Bluetooth: hci0: command 0x040f tx timeout
[ 1169.340913] Bluetooth: hci5: command 0x040f tx timeout
[ 1169.375042] Bluetooth: hci1: command 0x040f tx timeout
executing program
executing program
[ 1169.501447] Bluetooth: hci4: command 0x040f tx timeout
executing program
executing program
[ 1169.583315] Bluetooth: hci2: command 0x040f tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1171.327932] Bluetooth: hci3: command 0x0419 tx timeout
[ 1171.341151] Bluetooth: hci0: command 0x0419 tx timeout
executing program
executing program
executing program
[ 1171.424579] Bluetooth: hci1: command 0x0419 tx timeout
executing program
executing program
[ 1171.497365] Bluetooth: hci5: command 0x0419 tx timeout
[ 1171.638671] Bluetooth: hci4: command 0x0419 tx timeout
executing program
[ 1171.741467] Bluetooth: hci2: command 0x0419 tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1247.290078] watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor105:11330]
[ 1247.298144] Modules linked in:
[ 1247.301338] irq event stamp: 2990029
[ 1247.305064] hardirqs last  enabled at (2990028): [<ffffffff81003ce4>] trace_hardirqs_on_thunk+0x1a/0x1c
[ 1247.314791] hardirqs last disabled at (2990029): [<ffffffff81003d00>] trace_hardirqs_off_thunk+0x1a/0x1c
[ 1247.324434] softirqs last  enabled at (2979448): [<ffffffff88400678>] __do_softirq+0x678/0x980
[ 1247.333207] softirqs last disabled at (2979453): [<ffffffff813926d5>] irq_exit+0x215/0x260
[ 1247.342325] CPU: 0 PID: 11330 Comm: syz-executor105 Not tainted 4.19.189-syzkaller #0
[ 1247.350302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1247.359681] RIP: 0010:unwind_next_frame+0xace/0x1400
[ 1247.364818] Code: 35 00 48 8b 4c 24 20 4c 89 c0 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 0f b6 04 10 48 89 ce 48 c1 ee 03 0f b6 14 16 4c 89 c6 <83> e6 07 40 38 f0 40 0f 9e c6 84 c0 0f 95 c0 40 84 c6 0f 85 13 07
[ 1247.384896] RSP: 0018:ffff8880ba007758 EFLAGS: 00000a06 ORIG_RAX: ffffffffffffff13
[ 1247.392623] RAX: 0000000000000000 RBX: 1ffff11017400ef4 RCX: ffffffff8c119969
[ 1247.399905] RDX: 0000000000000000 RSI: ffffffff8c119968 RDI: ffff8880ba0078e0
[ 1247.407195] RBP: 0000000000000001 R08: ffffffff8c119968 R09: ffffffff8c119952
[ 1247.414496] R10: ffff8880ba0078e7 R11: 0000000000074071 R12: ffff88809c0ff8c8
[ 1247.421779] R13: ffff8880ba0078bd R14: ffff8880ba007888 R15: ffffffff8c119964
[ 1247.429064] FS:  00007f67ee372700(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
[ 1247.437303] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1247.443194] CR2: 00000000004de4a0 CR3: 000000009b256000 CR4: 00000000001406f0
[ 1247.450480] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1247.457780] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1247.465146] Call Trace:
[ 1247.467737]  <IRQ>
[ 1247.469910]  ? _raw_spin_unlock_irqrestore+0xa3/0xe0
[ 1247.475032]  ? rcu_nmi_exit+0xb3/0x180
[ 1247.478965]  ? deref_stack_reg+0x1d0/0x1d0
[ 1247.483232]  ? mac80211_hwsim_beacon_tx+0x3f8/0x680
[ 1247.488288]  ? _raw_spin_unlock_irqrestore+0xa3/0xe0
[ 1247.493412]  __save_stack_trace+0x9f/0x190
[ 1247.497667]  ? debug_check_no_obj_freed+0x201/0x490
[ 1247.502817]  kasan_kmalloc+0xeb/0x160
[ 1247.506631]  ? kmem_cache_alloc_node+0x146/0x3b0
[ 1247.511393]  ? __alloc_skb+0x71/0x560
[ 1247.515196]  ? skb_copy+0x139/0x2f0
[ 1247.518829]  ? mac80211_hwsim_tx_frame_no_nl.isra.0+0xb8a/0x1330
[ 1247.524993]  ? mac80211_hwsim_tx_frame+0x12b/0x210
[ 1247.529931]  ? mac80211_hwsim_beacon_tx+0x3f8/0x680
[ 1247.534959]  ? __iterate_interfaces+0x2e1/0x4a0
[ 1247.539649]  ? ieee80211_iterate_active_interfaces_atomic+0x8d/0x170
[ 1247.546159]  ? mac80211_hwsim_beacon+0xc9/0x190
[ 1247.550846]  ? __tasklet_hrtimer_trampoline+0x29/0xa0
[ 1247.556054]  ? tasklet_action_common.constprop.0+0x265/0x360
[ 1247.561869]  ? __do_softirq+0x265/0x980
[ 1247.565856]  ? irq_exit+0x215/0x260
[ 1247.569505]  ? smp_apic_timer_interrupt+0x136/0x550
[ 1247.574540]  ? apic_timer_interrupt+0xf/0x20
[ 1247.578973]  ? _raw_spin_unlock_irqrestore+0xa3/0xe0
[ 1247.584102]  ? debug_check_no_obj_freed+0x201/0x490
[ 1247.589138]  ? __free_pages_ok+0x22d/0xd30
[ 1247.593392]  ? update_and_free_page+0x839/0xb70
[ 1247.598078]  ? free_huge_page+0x877/0xd20
[ 1247.602241]  ? __put_page+0xe2/0x3a0
[ 1247.605975]  ? hugetlb_acct_memory+0x77f/0xba0
[ 1247.610574]  ? hugetlb_reserve_pages+0x47f/0x650
[ 1247.615381]  ? hugetlbfs_file_mmap+0x2e4/0x4a0
[ 1247.620065]  ? mmap_region+0xc94/0x16b0
[ 1247.624052]  ? do_mmap+0x8e8/0x1080
[ 1247.627690]  ? vm_mmap_pgoff+0x197/0x200
[ 1247.631761]  ? ksys_mmap_pgoff+0x42e/0x5a0
[ 1247.636003]  ? do_syscall_64+0xf9/0x620
[ 1247.639989]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1247.645374]  ? lockdep_hardirqs_on+0x288/0x5c0
[ 1247.649968]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1247.654741]  ? rcu_nmi_exit+0xb3/0x180
[ 1247.658663]  ? retint_kernel+0x2d/0x2d
[ 1247.662572]  kmem_cache_alloc_node+0x146/0x3b0
[ 1247.667174]  __alloc_skb+0x71/0x560
[ 1247.670814]  skb_copy+0x139/0x2f0
[ 1247.674272]  ? do_raw_spin_lock+0xcb/0x220
[ 1247.678523]  mac80211_hwsim_tx_frame_no_nl.isra.0+0xb8a/0x1330
[ 1247.684519]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1247.689339]  ? mac80211_hwsim_add_chanctx+0x220/0x220
[ 1247.694545]  ? lockdep_hardirqs_on+0x288/0x5c0
[ 1247.699238]  ? retint_kernel+0x2d/0x2d
[ 1247.703143]  ? mac80211_hwsim_monitor_rx.isra.0+0x127/0x7c0
[ 1247.708875]  mac80211_hwsim_tx_frame+0x12b/0x210
[ 1247.713666]  mac80211_hwsim_beacon_tx+0x3f8/0x680
[ 1247.718537]  __iterate_interfaces+0x2e1/0x4a0
[ 1247.723053]  ? hwsim_send_ps_poll+0x510/0x510
[ 1247.727570]  ? hwsim_send_ps_poll+0x510/0x510
[ 1247.732084]  ieee80211_iterate_active_interfaces_atomic+0x8d/0x170
[ 1247.738427]  mac80211_hwsim_beacon+0xc9/0x190
[ 1247.742941]  __tasklet_hrtimer_trampoline+0x29/0xa0
[ 1247.747973]  tasklet_action_common.constprop.0+0x265/0x360
[ 1247.753627]  __do_softirq+0x265/0x980
[ 1247.757455]  irq_exit+0x215/0x260
[ 1247.760930]  smp_apic_timer_interrupt+0x136/0x550
[ 1247.765812]  apic_timer_interrupt+0xf/0x20
[ 1247.770054]  </IRQ>
[ 1247.772332] RIP: 0010:_raw_spin_unlock_irqrestore+0xa3/0xe0
[ 1247.778060] Code: 48 c7 c0 48 82 f1 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 2f 48 83 3d dc 88 d9 01 00 74 15 48 89 df 57 9d <0f> 1f 44 00 00 eb b2 e8 9b 43 e8 f8 eb c0 0f 0b 0f 0b 48 c7 c7 48
[ 1247.796997] RSP: 0018:ffff88809c0ff8b0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 1247.804727] RAX: 1ffffffff13e3049 RBX: 0000000000000282 RCX: 1ffff11014279977
[ 1247.812011] RDX: dffffc0000000000 RSI: ffff8880a13ccb98 RDI: 0000000000000282
[ 1247.819296] RBP: ffffffff8d41d308 R08: 0000000000000000 R09: 0000000000000000
[ 1247.826580] R10: 0000000000000000 R11: 0000000000000000 R12: dead000000000200
[ 1247.833863] R13: ffff88808a800000 R14: 0000000000000000 R15: dffffc0000000000
[ 1247.841179]  debug_check_no_obj_freed+0x201/0x490
[ 1247.846052]  __free_pages_ok+0x22d/0xd30
[ 1247.850141]  update_and_free_page+0x839/0xb70
[ 1247.854672]  free_huge_page+0x877/0xd20
[ 1247.858670]  ? PageHuge+0xc7/0x160
[ 1247.862229]  __put_page+0xe2/0x3a0
[ 1247.865787]  hugetlb_acct_memory+0x77f/0xba0
[ 1247.870218]  ? alloc_surplus_huge_page+0x4e0/0x4e0
[ 1247.875201]  hugetlb_reserve_pages+0x47f/0x650
[ 1247.879807]  hugetlbfs_file_mmap+0x2e4/0x4a0
[ 1247.884234]  mmap_region+0xc94/0x16b0
[ 1247.888058]  ? vm_munmap+0x140/0x140
[ 1247.891928]  ? do_mmap+0xb17/0x1080
[ 1247.895582]  ? do_mmap+0xb4b/0x1080
[ 1247.899224]  do_mmap+0x8e8/0x1080
[ 1247.902703]  vm_mmap_pgoff+0x197/0x200
[ 1247.906611]  ? vma_is_stack_for_current+0xc0/0xc0
[ 1247.911478]  ? hugetlb_file_setup+0x40c/0x670
[ 1247.916002]  ksys_mmap_pgoff+0x42e/0x5a0
[ 1247.920110]  ? find_mergeable_anon_vma+0x260/0x260
[ 1247.925060]  ? trace_hardirqs_off_caller+0x6e/0x210
[ 1247.930091]  ? do_syscall_64+0x21/0x620
[ 1247.934084]  do_syscall_64+0xf9/0x620
[ 1247.937903]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1247.943107] RIP: 0033:0x452d69
[ 1247.946336] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1247.965253] RSP: 002b:00007f67ee3721f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1247.972975] RAX: ffffffffffffffda RBX: 00000000004d7268 RCX: 0000000000452d69
[ 1247.980256] RDX: 0000000000000000 RSI: 0000000000e7e000 RDI: 0000000020000000
[ 1247.987536] RBP: 00000000004d7260 R08: 00000000ffffffff R09: 0000000000000000
[ 1247.994818] R10: 0000000000040031 R11: 0000000000000246 R12: 00000000004d726c
[ 1248.002107] R13: 00007ffc8b4b29cf R14: 00007f67ee372300 R15: 0000000000022000
[ 1248.009406] Sending NMI from CPU 0 to CPUs 1:
[ 1248.014389] NMI backtrace for cpu 1
[ 1248.014396] CPU: 1 PID: 11329 Comm: syz-executor105 Not tainted 4.19.189-syzkaller #0
[ 1248.014402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1248.014407] RIP: 0010:__pv_queued_spin_lock_slowpath+0x3b0/0xae0
[ 1248.014418] Code: 00 48 c1 e9 03 83 e3 07 41 be 01 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8d 2c 01 eb 0c f3 90 41 83 ec 01 0f 84 38 04 00 00 <41> 0f b6 45 00 38 d8 7f 08 84 c0 0f 85 75 05 00 00 0f b6 45 00 84
[ 1248.014422] RSP: 0018:ffff88809c71f980 EFLAGS: 00000202
[ 1248.014430] RAX: 0000000000000003 RBX: 0000000000000000 RCX: 1ffffffff1404194
[ 1248.014435] RDX: 0000000000000001 RSI: ffffffff81678725 RDI: 0000000000000282
[ 1248.014441] RBP: ffffffff8a020ca0 R08: 0000000000000001 R09: 0000000000000000
[ 1248.014446] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000002b0e
[ 1248.014451] R13: fffffbfff1404194 R14: 0000000000000001 R15: ffff8880ba12bd80
[ 1248.014457] FS:  00007f67ee372700(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000
[ 1248.014462] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1248.014467] CR2: 0000000020000040 CR3: 000000009b7b1000 CR4: 00000000001406e0
[ 1248.014472] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1248.014478] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1248.014481] Call Trace:
[ 1248.014484]  ? pv_hash+0xe0/0xe0
[ 1248.014488]  do_raw_spin_lock+0x189/0x220
[ 1248.014492]  hugetlb_acct_memory+0x997/0xba0
[ 1248.014496]  ? alloc_surplus_huge_page+0x4e0/0x4e0
[ 1248.014500]  ? hugetlb_reserve_pages+0x1b2/0x650
[ 1248.014505]  hugetlb_reserve_pages+0x47f/0x650
[ 1248.014509]  ? hugetlbfs_file_mmap+0x25b/0x4a0
[ 1248.014513]  hugetlbfs_file_mmap+0x2e4/0x4a0
[ 1248.014516]  mmap_region+0xc94/0x16b0
[ 1248.014520]  ? vm_munmap+0x140/0x140
[ 1248.014523]  ? do_mmap+0x7fb/0x1080
[ 1248.014527]  do_mmap+0x8e8/0x1080
[ 1248.014531]  vm_mmap_pgoff+0x197/0x200
[ 1248.014535]  ? vma_is_stack_for_current+0xc0/0xc0
[ 1248.014539]  ? hugetlb_reserve_pages+0x36b/0x650
[ 1248.014543]  ? hugetlbfs_get_inode+0x2dd/0x4a0
[ 1248.014547]  ? hugetlb_file_setup+0xbf/0x670
[ 1248.014551]  ? hugetlb_file_setup+0x40c/0x670
[ 1248.014555]  ksys_mmap_pgoff+0x42e/0x5a0
[ 1248.014559]  ? find_mergeable_anon_vma+0x260/0x260
[ 1248.014563]  ? __x64_sys_mmap+0xdd/0x1b0
[ 1248.014567]  do_syscall_64+0xf9/0x620
[ 1248.014571]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1248.014574] RIP: 0033:0x452d69
[ 1248.014585] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1248.014589] RSP: 002b:00007f67ee3721f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1248.014598] RAX: ffffffffffffffda RBX: 00000000004d7268 RCX: 0000000000452d69
[ 1248.014604] RDX: 0000000000000000 RSI: 0000000000e7e000 RDI: 0000000020000000
[ 1248.014609] RBP: 00000000004d7260 R08: 00000000ffffffff R09: 0000000000000000
[ 1248.014614] R10: 0000000000040031 R11: 0000000000000246 R12: 00000000004d726c
[ 1248.014620] R13: 00007ffc8b4b29cf R14: 00007f67ee372300 R15: 0000000000022000
[ 1248.014942] Kernel panic - not syncing: softlockup: hung tasks
[ 1248.311613] CPU: 0 PID: 11330 Comm: syz-executor105 Tainted: G             L    4.19.189-syzkaller #0
[ 1248.321002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1248.330367] Call Trace:
[ 1248.332953]  <IRQ>
[ 1248.335112]  dump_stack+0x1fc/0x2ef
[ 1248.338757]  panic+0x26a/0x50e
[ 1248.341992]  ? __warn_printk+0xf3/0xf3
[ 1248.345899]  ? cpumask_next+0x3c/0x40
[ 1248.349710]  ? printk_safe_flush+0xd6/0x120
[ 1248.354054]  ? watchdog_timer_fn.cold+0x5/0x25
[ 1248.358650]  ? watchdog_timer_fn+0x53e/0x580
[ 1248.363075]  watchdog_timer_fn.cold+0x16/0x25
[ 1248.367595]  __hrtimer_run_queues+0x3f6/0xe60
[ 1248.372149]  ? softlockup_fn+0xb0/0xb0
[ 1248.376069]  ? hrtimer_fixup_init+0xa0/0xa0
[ 1248.380406]  ? kvm_clock_get_cycles+0x14/0x30
[ 1248.384945]  ? ktime_get_update_offsets_now+0x2ec/0x460
[ 1248.390343]  hrtimer_interrupt+0x326/0x9e0
[ 1248.394645]  smp_apic_timer_interrupt+0x10c/0x550
[ 1248.399523]  apic_timer_interrupt+0xf/0x20
[ 1248.403778] RIP: 0010:unwind_next_frame+0xace/0x1400
[ 1248.408897] Code: 35 00 48 8b 4c 24 20 4c 89 c0 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 0f b6 04 10 48 89 ce 48 c1 ee 03 0f b6 14 16 4c 89 c6 <83> e6 07 40 38 f0 40 0f 9e c6 84 c0 0f 95 c0 40 84 c6 0f 85 13 07
[ 1248.427816] RSP: 0018:ffff8880ba007758 EFLAGS: 00000a06 ORIG_RAX: ffffffffffffff13
[ 1248.435536] RAX: 0000000000000000 RBX: 1ffff11017400ef4 RCX: ffffffff8c119969
[ 1248.442819] RDX: 0000000000000000 RSI: ffffffff8c119968 RDI: ffff8880ba0078e0
[ 1248.450099] RBP: 0000000000000001 R08: ffffffff8c119968 R09: ffffffff8c119952
[ 1248.457398] R10: ffff8880ba0078e7 R11: 0000000000074071 R12: ffff88809c0ff8c8
[ 1248.464700] R13: ffff8880ba0078bd R14: ffff8880ba007888 R15: ffffffff8c119964
[ 1248.472003]  ? apic_timer_interrupt+0xa/0x20
[ 1248.476487]  ? unwind_next_frame+0x9fc/0x1400
[ 1248.481012]  ? _raw_spin_unlock_irqrestore+0xa3/0xe0
[ 1248.486157]  ? rcu_nmi_exit+0xb3/0x180
[ 1248.490070]  ? deref_stack_reg+0x1d0/0x1d0
[ 1248.494331]  ? mac80211_hwsim_beacon_tx+0x3f8/0x680
[ 1248.499407]  ? _raw_spin_unlock_irqrestore+0xa3/0xe0
[ 1248.504559]  __save_stack_trace+0x9f/0x190
[ 1248.508823]  ? debug_check_no_obj_freed+0x201/0x490
[ 1248.513869]  kasan_kmalloc+0xeb/0x160
[ 1248.517690]  ? kmem_cache_alloc_node+0x146/0x3b0
[ 1248.522469]  ? __alloc_skb+0x71/0x560
[ 1248.526287]  ? skb_copy+0x139/0x2f0
[ 1248.529927]  ? mac80211_hwsim_tx_frame_no_nl.isra.0+0xb8a/0x1330
[ 1248.536115]  ? mac80211_hwsim_tx_frame+0x12b/0x210
[ 1248.541079]  ? mac80211_hwsim_beacon_tx+0x3f8/0x680
[ 1248.546116]  ? __iterate_interfaces+0x2e1/0x4a0
[ 1248.550806]  ? ieee80211_iterate_active_interfaces_atomic+0x8d/0x170
[ 1248.557324]  ? mac80211_hwsim_beacon+0xc9/0x190
[ 1248.562016]  ? __tasklet_hrtimer_trampoline+0x29/0xa0
[ 1248.567230]  ? tasklet_action_common.constprop.0+0x265/0x360
[ 1248.573049]  ? __do_softirq+0x265/0x980
[ 1248.577039]  ? irq_exit+0x215/0x260
[ 1248.580684]  ? smp_apic_timer_interrupt+0x136/0x550
[ 1248.585731]  ? apic_timer_interrupt+0xf/0x20
[ 1248.590166]  ? _raw_spin_unlock_irqrestore+0xa3/0xe0
[ 1248.595286]  ? debug_check_no_obj_freed+0x201/0x490
[ 1248.600323]  ? __free_pages_ok+0x22d/0xd30
[ 1248.604600]  ? update_and_free_page+0x839/0xb70
[ 1248.609281]  ? free_huge_page+0x877/0xd20
[ 1248.613438]  ? __put_page+0xe2/0x3a0
[ 1248.617170]  ? hugetlb_acct_memory+0x77f/0xba0
[ 1248.621772]  ? hugetlb_reserve_pages+0x47f/0x650
[ 1248.626548]  ? hugetlbfs_file_mmap+0x2e4/0x4a0
[ 1248.631145]  ? mmap_region+0xc94/0x16b0
[ 1248.635144]  ? do_mmap+0x8e8/0x1080
[ 1248.638809]  ? vm_mmap_pgoff+0x197/0x200
[ 1248.642969]  ? ksys_mmap_pgoff+0x42e/0x5a0
[ 1248.647214]  ? do_syscall_64+0xf9/0x620
[ 1248.651237]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1248.656652]  ? lockdep_hardirqs_on+0x288/0x5c0
[ 1248.661274]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1248.666079]  ? rcu_nmi_exit+0xb3/0x180
[ 1248.669988]  ? retint_kernel+0x2d/0x2d
[ 1248.673901]  kmem_cache_alloc_node+0x146/0x3b0
[ 1248.678514]  __alloc_skb+0x71/0x560
[ 1248.682163]  skb_copy+0x139/0x2f0
[ 1248.685631]  ? do_raw_spin_lock+0xcb/0x220
[ 1248.689892]  mac80211_hwsim_tx_frame_no_nl.isra.0+0xb8a/0x1330
[ 1248.695908]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1248.700699]  ? mac80211_hwsim_add_chanctx+0x220/0x220
[ 1248.705914]  ? lockdep_hardirqs_on+0x288/0x5c0
[ 1248.710542]  ? retint_kernel+0x2d/0x2d
[ 1248.714454]  ? mac80211_hwsim_monitor_rx.isra.0+0x127/0x7c0
[ 1248.720208]  mac80211_hwsim_tx_frame+0x12b/0x210
[ 1248.724991]  mac80211_hwsim_beacon_tx+0x3f8/0x680
[ 1248.729866]  __iterate_interfaces+0x2e1/0x4a0
[ 1248.734381]  ? hwsim_send_ps_poll+0x510/0x510
[ 1248.738905]  ? hwsim_send_ps_poll+0x510/0x510
[ 1248.743423]  ieee80211_iterate_active_interfaces_atomic+0x8d/0x170
[ 1248.749788]  mac80211_hwsim_beacon+0xc9/0x190
[ 1248.754314]  __tasklet_hrtimer_trampoline+0x29/0xa0
[ 1248.759356]  tasklet_action_common.constprop.0+0x265/0x360
[ 1248.765014]  __do_softirq+0x265/0x980
[ 1248.768844]  irq_exit+0x215/0x260
[ 1248.772317]  smp_apic_timer_interrupt+0x136/0x550
[ 1248.777184]  apic_timer_interrupt+0xf/0x20
[ 1248.781426]  </IRQ>
[ 1248.783681] RIP: 0010:_raw_spin_unlock_irqrestore+0xa3/0xe0
[ 1248.789408] Code: 48 c7 c0 48 82 f1 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 2f 48 83 3d dc 88 d9 01 00 74 15 48 89 df 57 9d <0f> 1f 44 00 00 eb b2 e8 9b 43 e8 f8 eb c0 0f 0b 0f 0b 48 c7 c7 48
[ 1248.808319] RSP: 0018:ffff88809c0ff8b0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 1248.816044] RAX: 1ffffffff13e3049 RBX: 0000000000000282 RCX: 1ffff11014279977
[ 1248.823326] RDX: dffffc0000000000 RSI: ffff8880a13ccb98 RDI: 0000000000000282
[ 1248.830616] RBP: ffffffff8d41d308 R08: 0000000000000000 R09: 0000000000000000
[ 1248.837906] R10: 0000000000000000 R11: 0000000000000000 R12: dead000000000200
[ 1248.845575] R13: ffff88808a800000 R14: 0000000000000000 R15: dffffc0000000000
[ 1248.852889]  debug_check_no_obj_freed+0x201/0x490
[ 1248.857772]  __free_pages_ok+0x22d/0xd30
[ 1248.861855]  update_and_free_page+0x839/0xb70
[ 1248.866375]  free_huge_page+0x877/0xd20
[ 1248.870452]  ? PageHuge+0xc7/0x160
[ 1248.874007]  __put_page+0xe2/0x3a0
[ 1248.877569]  hugetlb_acct_memory+0x77f/0xba0
[ 1248.882002]  ? alloc_surplus_huge_page+0x4e0/0x4e0
[ 1248.886954]  hugetlb_reserve_pages+0x47f/0x650
[ 1248.891556]  hugetlbfs_file_mmap+0x2e4/0x4a0
[ 1248.896002]  mmap_region+0xc94/0x16b0
[ 1248.899819]  ? vm_munmap+0x140/0x140
[ 1248.903548]  ? do_mmap+0xb17/0x1080
[ 1248.907178]  ? do_mmap+0xb4b/0x1080
[ 1248.910809]  do_mmap+0x8e8/0x1080
[ 1248.914272]  vm_mmap_pgoff+0x197/0x200
[ 1248.918174]  ? vma_is_stack_for_current+0xc0/0xc0
[ 1248.923033]  ? hugetlb_file_setup+0x40c/0x670
[ 1248.927544]  ksys_mmap_pgoff+0x42e/0x5a0
[ 1248.931617]  ? find_mergeable_anon_vma+0x260/0x260
[ 1248.936568]  ? trace_hardirqs_off_caller+0x6e/0x210
[ 1248.941632]  ? do_syscall_64+0x21/0x620
[ 1248.945626]  do_syscall_64+0xf9/0x620
[ 1248.949445]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1248.954644] RIP: 0033:0x452d69
[ 1248.957842] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1248.976756] RSP: 002b:00007f67ee3721f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1248.984477] RAX: ffffffffffffffda RBX: 00000000004d7268 RCX: 0000000000452d69
[ 1248.991760] RDX: 0000000000000000 RSI: 0000000000e7e000 RDI: 0000000020000000
[ 1248.999042] RBP: 00000000004d7260 R08: 00000000ffffffff R09: 0000000000000000
[ 1249.006318] R10: 0000000000040031 R11: 0000000000000246 R12: 00000000004d726c
[ 1249.013596] R13: 00007ffc8b4b29cf R14: 00007f67ee372300 R15: 0000000000022000
[ 1249.021394] Kernel Offset: disabled
[ 1249.025092] Rebooting in 86400 seconds..