BUG: stack guard page was hit at ffffc9000075ffd8 (stack is ffffc90000760000..ffffc90000767fff) kernel stack overflow (double-fault): 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 417 Comm: syz-executor970 Not tainted 5.10.94-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:stack_trace_save+0x1f/0xc0 kernel/stacktrace.c:113 Code: 66 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 55 83 c2 01 31 c9 48 89 e5 53 48 8d 9d 78 ff ff ff 48 83 c4 80 <48> c7 85 78 ff ff ff b3 8a b5 41 48 c1 eb 03 48 c7 45 80 6e d6 29 RSP: 0018:ffffc9000075ffe0 EFLAGS: 00010283 RAX: dffffc0000000000 RBX: ffffc9000075ffe0 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000040 RDI: ffffc90000760078 RBP: ffffc90000760068 R08: ffff8881197c8cc0 R09: ffffed10232f9198 R10: fffff520000ec09a R11: 0000000000000079 R12: 0000000000000cc0 R13: ffff88810017be00 R14: 0000000000000cc0 R15: 0000000000000001 FS: 0000555556c60300(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffc9000075ffd8 CR3: 000000010b4bb000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: Modules linked in: ---[ end trace 8f6e0cdd362d8b80 ]--- RIP: 0010:stack_trace_save+0x1f/0xc0 kernel/stacktrace.c:113 Code: 66 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 55 83 c2 01 31 c9 48 89 e5 53 48 8d 9d 78 ff ff ff 48 83 c4 80 <48> c7 85 78 ff ff ff b3 8a b5 41 48 c1 eb 03 48 c7 45 80 6e d6 29 RSP: 0018:ffffc9000075ffe0 EFLAGS: 00010283 RAX: dffffc0000000000 RBX: ffffc9000075ffe0 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000040 RDI: ffffc90000760078 RBP: ffffc90000760068 R08: ffff8881197c8cc0 R09: ffffed10232f9198 R10: fffff520000ec09a R11: 0000000000000079 R12: 0000000000000cc0 R13: ffff88810017be00 R14: 0000000000000cc0 R15: 0000000000000001 FS: 0000555556c60300(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffc9000075ffd8 CR3: 000000010b4bb000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1) 7: 00 00 00 00 b: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 12: fc ff df 15: 55 push %rbp 16: 83 c2 01 add $0x1,%edx 19: 31 c9 xor %ecx,%ecx 1b: 48 89 e5 mov %rsp,%rbp 1e: 53 push %rbx 1f: 48 8d 9d 78 ff ff ff lea -0x88(%rbp),%rbx 26: 48 83 c4 80 add $0xffffffffffffff80,%rsp * 2a: 48 c7 85 78 ff ff ff movq $0x41b58ab3,-0x88(%rbp) <-- trapping instruction 31: b3 8a b5 41 35: 48 c1 eb 03 shr $0x3,%rbx 39: 48 rex.W 3a: c7 .byte 0xc7 3b: 45 80 6e d6 29 rex.RB subb $0x29,-0x2a(%r14)