BUG: unable to handle page fault for address: ffffdc0000000fe9
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 11826067 P4D 11826067 PUD 0 
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 1086 Comm: kworker/u4:6 Not tainted 6.0.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
Workqueue: events_unbound call_usermodehelper_exec_work
RIP: 0010:copy_thread+0xc5/0xa00 arch/x86/kernel/process.c:148
Code: 48 b8 00 00 00 00 00 fc ff df 48 8b 7d 20 4c 8d bf 58 7f 00 00 4c 8d a7 20 7f 00 00 48 81 c7 48 7f 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 12 08 00 00 49 8d 7f f8 49 c7 47 f0 00 00 00 00
RSP: 0018:ffffc900052df8f0 EFLAGS: 00010212
RAX: dffffc0000000000 RBX: ffffc900052dfc10 RCX: 0000000000000000
RDX: 1fffe00000000fe9 RSI: ffffc900052dfc10 RDI: ffff000000007f48
RBP: ffff88801fcf0000 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff000000007f20
R13: 0000000000808100 R14: 0000000000000000 R15: ffff000000007f58
FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffdc0000000fe9 CR3: 000000000bc8e000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 copy_process+0x3ced/0x7090 kernel/fork.c:2265
 kernel_clone+0xe7/0xab0 kernel/fork.c:2673
 user_mode_thread+0xad/0xe0 kernel/fork.c:2742
 call_usermodehelper_exec_work kernel/umh.c:174 [inline]
 call_usermodehelper_exec_work+0xcc/0x180 kernel/umh.c:160
 process_one_work+0x991/0x1610 kernel/workqueue.c:2289
 worker_thread+0x665/0x1080 kernel/workqueue.c:2436
 kthread+0x2e4/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
 </TASK>
Modules linked in:
CR2: ffffdc0000000fe9
---[ end trace 0000000000000000 ]---
RIP: 0010:copy_thread+0xc5/0xa00 arch/x86/kernel/process.c:148
Code: 48 b8 00 00 00 00 00 fc ff df 48 8b 7d 20 4c 8d bf 58 7f 00 00 4c 8d a7 20 7f 00 00 48 81 c7 48 7f 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 12 08 00 00 49 8d 7f f8 49 c7 47 f0 00 00 00 00
RSP: 0018:ffffc900052df8f0 EFLAGS: 00010212
RAX: dffffc0000000000 RBX: ffffc900052dfc10 RCX: 0000000000000000
RDX: 1fffe00000000fe9 RSI: ffffc900052dfc10 RDI: ffff000000007f48
RBP: ffff88801fcf0000 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff000000007f20
R13: 0000000000808100 R14: 0000000000000000 R15: ffff000000007f58
FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffdc0000000fe9 CR3: 000000000bc8e000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess):
   0:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
   7:	fc ff df
   a:	48 8b 7d 20          	mov    0x20(%rbp),%rdi
   e:	4c 8d bf 58 7f 00 00 	lea    0x7f58(%rdi),%r15
  15:	4c 8d a7 20 7f 00 00 	lea    0x7f20(%rdi),%r12
  1c:	48 81 c7 48 7f 00 00 	add    $0x7f48,%rdi
  23:	48 89 fa             	mov    %rdi,%rdx
  26:	48 c1 ea 03          	shr    $0x3,%rdx
* 2a:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1) <-- trapping instruction
  2e:	0f 85 12 08 00 00    	jne    0x846
  34:	49 8d 7f f8          	lea    -0x8(%r15),%rdi
  38:	49 c7 47 f0 00 00 00 	movq   $0x0,-0x10(%r15)
  3f:	00