BUG: stack guard page was hit at ffffc9000085ffa8 (stack is ffffc90000860000..ffffc90000867fff)
kernel stack overflow (double-fault): 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 406 Comm: syz-executor235 Not tainted 5.10.81-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:stack_trace_save+0x1f/0xc0 kernel/stacktrace.c:113
Code: 66 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 55 83 c2 01 31 c9 48 89 e5 53 48 8d 9d 78 ff ff ff 48 83 c4 80 <48> c7 85 78 ff ff ff b3 8a b5 41 48 c1 eb 03 48 c7 45 80 e6 6f 29
RSP: 0018:ffffc9000085ffb8 EFLAGS: 00010287
RAX: dffffc0000000000 RBX: ffffc9000085ffb8 RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000040 RDI: ffffc90000860050
RBP: ffffc90000860040 R08: ffff888120007660 R09: ffffed1024000ecc
R10: fffff5200010c095 R11: 0000000000000079 R12: 0000000000000cc0
R13: ffff88810017d080 R14: 0000000000000cc0 R15: 0000000000000001
FS:  0000555555b71300(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc9000085ffa8 CR3: 000000011f425000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
Modules linked in:
---[ end trace 4cf84a829174a972 ]---
RIP: 0010:stack_trace_save+0x1f/0xc0 kernel/stacktrace.c:113
Code: 66 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 55 83 c2 01 31 c9 48 89 e5 53 48 8d 9d 78 ff ff ff 48 83 c4 80 <48> c7 85 78 ff ff ff b3 8a b5 41 48 c1 eb 03 48 c7 45 80 e6 6f 29
RSP: 0018:ffffc9000085ffb8 EFLAGS: 00010287
RAX: dffffc0000000000 RBX: ffffc9000085ffb8 RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000040 RDI: ffffc90000860050
RBP: ffffc90000860040 R08: ffff888120007660 R09: ffffed1024000ecc
R10: fffff5200010c095 R11: 0000000000000079 R12: 0000000000000cc0
R13: ffff88810017d080 R14: 0000000000000cc0 R15: 0000000000000001
FS:  0000555555b71300(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc9000085ffa8 CR3: 000000011f425000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
   7:	00 00 00 00
   b:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  12:	fc ff df
  15:	55                   	push   %rbp
  16:	83 c2 01             	add    $0x1,%edx
  19:	31 c9                	xor    %ecx,%ecx
  1b:	48 89 e5             	mov    %rsp,%rbp
  1e:	53                   	push   %rbx
  1f:	48 8d 9d 78 ff ff ff 	lea    -0x88(%rbp),%rbx
  26:	48 83 c4 80          	add    $0xffffffffffffff80,%rsp
* 2a:	48 c7 85 78 ff ff ff 	movq   $0x41b58ab3,-0x88(%rbp) <-- trapping instruction
  31:	b3 8a b5 41
  35:	48 c1 eb 03          	shr    $0x3,%rbx
  39:	48                   	rex.W
  3a:	c7                   	.byte 0xc7
  3b:	45 80 e6 6f          	rex.RB and $0x6f,%r14b
  3f:	29                   	.byte 0x29