Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: pointer+0x1202/0x1210
Oops: general protection fault, probably for non-canonical address 0xdffffbff8c60646b: 0000 [#2] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 5505 Comm: syz.4.46 Tainted: G    B D            6.11.0-rc4-next-20240822-syzkaller #0
Tainted: [B]=BAD_PAGE, [D]=DIE
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
RIP: 0010:vsnprintf+0x1d0e/0x1da0 lib/vsprintf.c:2905
Code: 42 0f b6 04 28 84 c0 0f 85 8f 00 00 00 41 c6 06 00 eb 0a e8 a4 89 db f5 48 8b 5c 24 28 2b 5c 24 58 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 65 48 8b 04 25 28 00 00 00 48 3b 84 24
RSP: 0018:ffffc90004856b20 EFLAGS: 00010006
RAX: 0000000000000000 RBX: 0000000004856e63 RCX: ffff888024fe9e00
RDX: 0000000000000000 RSI: 0000000000000902 RDI: 0000000000000903
RBP: ffffc90004856c10 R08: ffffffff817527bc R09: ffffffff81752091
R10: 0000000000000003 R11: ffff888024fe9e00 R12: ffffffff8c60646b
R13: dffffc0000000000 R14: ffffc90004856e63 R15: ffffc90004856ea3
FS:  0000555560ed8500(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020404030 CR3: 00000000125e6000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:panic_cpu+0x0/0x60
Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
RSP: 0018:ffffc90004857510 EFLAGS: 00010046
RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff888024fe9e00
RDX: 0000000000000000 RSI: 0000000000000030 RDI: 0000000000000030
RBP: 0000000000000001 R08: ffffffff819a9516 R09: 1ffffffff203825d
R10: dffffc0000000000 R11: ffffffff819a94f0 R12: 1ffffffff1d31434
R13: 00000000fffffffe R14: dffffc0000000000 R15: ffffffff8e98a1a0
FS:  0000555560ed8500(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020404030 CR3: 00000000125e6000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	42 0f b6 04 28       	movzbl (%rax,%r13,1),%eax
   5:	84 c0                	test   %al,%al
   7:	0f 85 8f 00 00 00    	jne    0x9c
   d:	41 c6 06 00          	movb   $0x0,(%r14)
  11:	eb 0a                	jmp    0x1d
  13:	e8 a4 89 db f5       	call   0xf5db89bc
  18:	48 8b 5c 24 28       	mov    0x28(%rsp),%rbx
  1d:	2b 5c 24 58          	sub    0x58(%rsp),%ebx
  21:	48 c7 44 24 60 0e 36 	movq   $0x45e0360e,0x60(%rsp)
  28:	e0 45
* 2a:	4b c7 44 25 00 00 00 	movq   $0x0,0x0(%r13,%r12,1) <-- trapping instruction
  31:	00 00
  33:	65 48 8b 04 25 28 00 	mov    %gs:0x28,%rax
  3a:	00 00
  3c:	48                   	rex.W
  3d:	3b                   	.byte 0x3b
  3e:	84                   	.byte 0x84
  3f:	24                   	.byte 0x24