------------[ cut here ]------------
sk->sk_forward_alloc
WARNING: net/ipv4/af_inet.c:163 at inet_sock_destruct+0x653/0x800 net/ipv4/af_inet.c:163, CPU#2: kcompactd0/44
Modules linked in:
CPU: 2 UID: 0 PID: 44 Comm: kcompactd0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:inet_sock_destruct+0x653/0x800 net/ipv4/af_inet.c:163
Code: e3 4e ff e9 06 fd ff ff e8 7a 49 ff f7 90 0f 0b 90 e9 35 fe ff ff e8 6c 49 ff f7 90 0f 0b 90 e9 c5 fe ff ff e8 5e 49 ff f7 90 <0f> 0b 90 e9 04 ff ff ff e8 50 49 ff f7 90 0f 0b 90 e9 65 fe ff ff
RSP: 0000:ffffc90000648d98 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888038524c80 RCX: ffffffff8a09b2c7
RDX: ffff88801d300000 RSI: ffffffff8a09b3c2 RDI: ffff88801d300000
RBP: 0000000000000f70 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000f70 R11: 0000000000000000 R12: ffff888038524c80
R13: ffff888038524d10 R14: ffffffff81eebc9d R15: 0000000000000002
FS:  0000000000000000(0000) GS:ffff8880d653c000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f6788c0d1f0 CR3: 000000000e598000 CR4: 0000000000352ef0
Call Trace:
 <IRQ>
 __sk_destruct+0x85/0xbb0 net/core/sock.c:2350
 rcu_do_batch kernel/rcu/tree.c:2617 [inline]
 rcu_core+0x5a2/0x10d0 kernel/rcu/tree.c:2869
 handle_softirqs+0x1eb/0x9e0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xef/0x150 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa3/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:isolate_migratepages_block+0x55a/0x6870 mm/compaction.c:887
Code: 48 c7 44 24 30 00 00 00 00 48 c7 44 24 18 00 00 00 00 48 89 44 24 60 e8 a4 c2 b4 ff 0f b6 5c 24 17 31 ff 89 de e8 e6 bc b4 ff <84> db 0f 84 a4 00 00 00 e8 89 c2 b4 ff 48 8b 5c 24 20 4c 89 fe 48
RSP: 0000:ffffc900007cf7f8 EFLAGS: 00000293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff82543a8a
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88801d300000
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffffc900007cfb60
R13: ffffea00002466c0 R14: dffffc0000000000 R15: 000000000000919c
 isolate_migratepages mm/compaction.c:2131 [inline]
 compact_zone+0xf9f/0x44c0 mm/compaction.c:2617
 compact_node+0x17f/0x2c0 mm/compaction.c:2916
 kcompactd+0x74f/0xe00 mm/compaction.c:3214
 kthread+0x370/0x450 kernel/kthread.c:436
 ret_from_fork+0x754/0xd80 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
----------------
Code disassembly (best guess):
   0:	48 c7 44 24 30 00 00 	movq   $0x0,0x30(%rsp)
   7:	00 00
   9:	48 c7 44 24 18 00 00 	movq   $0x0,0x18(%rsp)
  10:	00 00
  12:	48 89 44 24 60       	mov    %rax,0x60(%rsp)
  17:	e8 a4 c2 b4 ff       	call   0xffb4c2c0
  1c:	0f b6 5c 24 17       	movzbl 0x17(%rsp),%ebx
  21:	31 ff                	xor    %edi,%edi
  23:	89 de                	mov    %ebx,%esi
  25:	e8 e6 bc b4 ff       	call   0xffb4bd10
* 2a:	84 db                	test   %bl,%bl <-- trapping instruction
  2c:	0f 84 a4 00 00 00    	je     0xd6
  32:	e8 89 c2 b4 ff       	call   0xffb4c2c0
  37:	48 8b 5c 24 20       	mov    0x20(%rsp),%rbx
  3c:	4c 89 fe             	mov    %r15,%rsi
  3f:	48                   	rex.W