Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
IPVS: ftp: loaded support on port[0] = 21
hfs: unable to locate alternate MDB
hfs: continuing without an alternate MDB
BUG: unable to handle kernel paging request at ffffffffffffffd0
PGD 2a67067 P4D 2a67067 PUD 2a69067 PMD 0 
Oops: 0000 [#1] SMP
CPU: 1 PID: 2 Comm: kthreadd Not tainted 4.19.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
RIP: 0010:alloc_vmap_area+0x265/0x350 mm/vmalloc.c:487
Code: c0 49 39 c2 40 0f 93 c7 41 20 f8 0f 84 79 ff ff ff 48 8b 3d 8d 03 5b 02 45 31 c9 eb 1f 48 8b 52 30 48 81 fa 30 6f ac 82 74 4b <48> 8b 72 d0 48 83 ea 30 48 39 f0 76 3e 4c 39 d0 77 39 48 8d 04 0f
RSP: 0018:ffffc90000c5fc30 EFLAGS: 00010203
RAX: 0000000000005000 RBX: 0000000000005000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
RBP: ffffc90000c5fc88 R08: 0000000000000001 R09: 0000000000000000
R10: ffffe8ffffffffff R11: 0000000000000000 R12: ffffc90000000000
R13: ffffc90000000000 R14: ffffffffffffc000 R15: 0000000000003fff
FS:  0000000000000000(0000) GS:ffff880237b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd0 CR3: 0000000002a66000 CR4: 0000000000340ee0
Call Trace:
 __get_vm_area_node+0xac/0x160 mm/vmalloc.c:1396
 __vmalloc_node_range+0x65/0x260 mm/vmalloc.c:1741
 alloc_thread_stack_node kernel/fork.c:226 [inline]
 dup_task_struct kernel/fork.c:806 [inline]
 copy_process.part.3+0x71e/0x1df0 kernel/fork.c:1707
 copy_process kernel/fork.c:1664 [inline]
 _do_fork+0xe6/0x450 kernel/fork.c:2166
 kernel_thread+0x24/0x30 kernel/fork.c:2225
 create_kthread kernel/kthread.c:269 [inline]
 kthreadd+0x1b7/0x200 kernel/kthread.c:587
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:413
Modules linked in:
CR2: ffffffffffffffd0
---[ end trace dfc1c567a6f02e40 ]---
RIP: 0010:alloc_vmap_area+0x265/0x350 mm/vmalloc.c:487
Code: c0 49 39 c2 40 0f 93 c7 41 20 f8 0f 84 79 ff ff ff 48 8b 3d 8d 03 5b 02 45 31 c9 eb 1f 48 8b 52 30 48 81 fa 30 6f ac 82 74 4b <48> 8b 72 d0 48 83 ea 30 48 39 f0 76 3e 4c 39 d0 77 39 48 8d 04 0f
RSP: 0018:ffffc90000c5fc30 EFLAGS: 00010203
RAX: 0000000000005000 RBX: 0000000000005000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
RBP: ffffc90000c5fc88 R08: 0000000000000001 R09: 0000000000000000
R10: ffffe8ffffffffff R11: 0000000000000000 R12: ffffc90000000000
R13: ffffc90000000000 R14: ffffffffffffc000 R15: 0000000000003fff
FS:  0000000000000000(0000) GS:ffff880237b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd0 CR3: 0000000002a66000 CR4: 0000000000340ee0
----------------
Code disassembly (best guess):
   0:	c0 49 39 c2          	rorb   $0xc2,0x39(%rcx)
   4:	40 0f 93 c7          	setae  %dil
   8:	41 20 f8             	and    %dil,%r8b
   b:	0f 84 79 ff ff ff    	je     0xffffff8a
  11:	48 8b 3d 8d 03 5b 02 	mov    0x25b038d(%rip),%rdi        # 0x25b03a5
  18:	45 31 c9             	xor    %r9d,%r9d
  1b:	eb 1f                	jmp    0x3c
  1d:	48 8b 52 30          	mov    0x30(%rdx),%rdx
  21:	48 81 fa 30 6f ac 82 	cmp    $0xffffffff82ac6f30,%rdx
  28:	74 4b                	je     0x75
* 2a:	48 8b 72 d0          	mov    -0x30(%rdx),%rsi <-- trapping instruction
  2e:	48 83 ea 30          	sub    $0x30,%rdx
  32:	48 39 f0             	cmp    %rsi,%rax
  35:	76 3e                	jbe    0x75
  37:	4c 39 d0             	cmp    %r10,%rax
  3a:	77 39                	ja     0x75
  3c:	48 8d 04 0f          	lea    (%rdi,%rcx,1),%rax