next ffff88805c7e5738 prev ffff88805c7e5a50 mm ffff88804fa93940
prot 8000000000000025 anon_vma           (null) vm_ops ffffffff86b0c920
pgoff 0 file ffff8880928435c0 private_data           (null)
flags: 0xfa(write|shared|mayread|maywrite|mayexec|mayshare)
------------[ cut here ]------------
kernel BUG at mm/memory.c:3895!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 10186 Comm: syz-executor.3 Not tainted 4.14.193-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff888057e9a180 task.stack: ffff888081d20000
RIP: 0010:wp_huge_pmd mm/memory.c:3895 [inline]
RIP: 0010:__handle_mm_fault+0x259a/0x4620 mm/memory.c:4103
RSP: 0018:ffff888081d27d28 EFLAGS: 00010287
RAX: 0000000000000140 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff86ac0dc0 RDI: ffffed10103a4f84
RBP: 1ffff110103a4fab R08: 0000000000000140 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 8000000023a000e5
R13: ffff88808265cc60 R14: 00000000000000e5 R15: ffffffff879d2758
FS:  00000000032c3940(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000200 CR3: 000000004d3ee000 CR4: 00000000001426f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 handle_mm_fault+0x306/0x7a0 mm/memory.c:4150
 __do_page_fault+0x578/0xb50 arch/x86/mm/fault.c:1442
 page_fault+0x45/0x50 arch/x86/entry/entry_64.S:1123
RIP: ac9de:0xfffffffffffffffe
RSP: 0000:00000000011905c0 EFLAGS: 011905c8
Code: 6d fe f6 ff e9 de e9 ff ff e8 e3 8b df ff 4c 89 ef e8 4b 3c 02 00 45 31 f6 e9 88 f5 ff ff e8 ce 8b df ff 4c 89 ef e8 02 d1 fd ff <0f> 0b e8 bf 8b df ff 49 8d bc 24 88 00 00 00 48 b8 00 00 00 00 
RIP: wp_huge_pmd mm/memory.c:3895 [inline] RSP: ffff888081d27d28
RIP: __handle_mm_fault+0x259a/0x4620 mm/memory.c:4103 RSP: ffff888081d27d28
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
---[ end trace f93aecb212163201 ]---