BUG: unable to handle page fault for address: ffffc90009208000
Oops: general protection fault, probably for non-canonical address 0x1ffff92001241581: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 1 UID: 0 PID: 5621 Comm: syz.3.61 Not tainted 6.11.0-rc4-next-20240820-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
RIP: 0010:memcpy_orig+0x124/0x140 arch/x86/lib/memcpy_64.S:164
Code: 16 fc 89 0f 44 89 44 17 fc c3 cc cc cc cc 0f 1f 84 00 00 00 00 00 83 ea 01 72 19 0f b6 0e 74 12 4c 0f b6 46 01 4c 0f b6 0c 16 <44> 88 47 01 44 88 0c 17 88 0f c3 cc cc cc cc 66 2e 0f 1f 84 00 00
RSP: 0000:ffffc90009206838 EFLAGS: 00010002
RAX: 1ffff92001241580 RBX: 0000000000000003 RCX: 000000000000002a
RDX: 0000000000000002 RSI: ffffffff8c0b8a20 RDI: 1ffff92001241580
RBP: ffffc90009206930 R08: 000000000000002a R09: 0000000000000020
R10: dffffc0000000000 R11: fffffbfff1817145 R12: ffffffff8c0b8a23
R13: dffffc0000000000 R14: 1ffff92001241580 R15: ffffffff8c0b8a20
FS:  000055557f8ee500(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90009208000 CR3: 00000000740a4000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 vsnprintf+0x948/0x1da0 lib/vsprintf.c:2786
 vscnprintf lib/vsprintf.c:2930 [inline]
 scnprintf+0xee/0x170 lib/vsprintf.c:2983
 console_prepend_dropped kernel/printk/printk.c:2829 [inline]
 console_emit_next_record kernel/printk/printk.c:2962 [inline]
 console_flush_all+0x52f/0xfd0 kernel/printk/printk.c:3049
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:memcpy_orig+0x124/0x140 arch/x86/lib/memcpy_64.S:164
Code: 16 fc 89 0f 44 89 44 17 fc c3 cc cc cc cc 0f 1f 84 00 00 00 00 00 83 ea 01 72 19 0f b6 0e 74 12 4c 0f b6 46 01 4c 0f b6 0c 16 <44> 88 47 01 44 88 0c 17 88 0f c3 cc cc cc cc 66 2e 0f 1f 84 00 00
RSP: 0000:ffffc90009206838 EFLAGS: 00010002
RAX: 1ffff92001241580 RBX: 0000000000000003 RCX: 000000000000002a
RDX: 0000000000000002 RSI: ffffffff8c0b8a20 RDI: 1ffff92001241580
RBP: ffffc90009206930 R08: 000000000000002a R09: 0000000000000020
R10: dffffc0000000000 R11: fffffbfff1817145 R12: ffffffff8c0b8a23
R13: dffffc0000000000 R14: 1ffff92001241580 R15: ffffffff8c0b8a20
FS:  000055557f8ee500(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90009208000 CR3: 00000000740a4000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	fc                   	cld
   1:	89 0f                	mov    %ecx,(%rdi)
   3:	44 89 44 17 fc       	mov    %r8d,-0x4(%rdi,%rdx,1)
   8:	c3                   	ret
   9:	cc                   	int3
   a:	cc                   	int3
   b:	cc                   	int3
   c:	cc                   	int3
   d:	0f 1f 84 00 00 00 00 	nopl   0x0(%rax,%rax,1)
  14:	00
  15:	83 ea 01             	sub    $0x1,%edx
  18:	72 19                	jb     0x33
  1a:	0f b6 0e             	movzbl (%rsi),%ecx
  1d:	74 12                	je     0x31
  1f:	4c 0f b6 46 01       	movzbq 0x1(%rsi),%r8
  24:	4c 0f b6 0c 16       	movzbq (%rsi,%rdx,1),%r9
* 29:	44 88 47 01          	mov    %r8b,0x1(%rdi) <-- trapping instruction
  2d:	44 88 0c 17          	mov    %r9b,(%rdi,%rdx,1)
  31:	88 0f                	mov    %cl,(%rdi)
  33:	c3                   	ret
  34:	cc                   	int3
  35:	cc                   	int3
  36:	cc                   	int3
  37:	cc                   	int3
  38:	66                   	data16
  39:	2e                   	cs
  3a:	0f                   	.byte 0xf
  3b:	1f                   	(bad)
  3c:	84 00                	test   %al,(%rax)