------------[ cut here ]------------
BUG: unable to handle page fault for address: ffff88801826f000
DEBUG_LOCKS_WARN_ON(chain_key != INITIAL_CHAIN_KEY)
WARNING: CPU: 0 PID: 0 at kernel/locking/lockdep.c:5066 __lock_acquire+0x1d71/0x5f30 kernel/locking/lockdep.c:5066
#PF: supervisor write access in kernel mode
Modules linked in:
#PF: error_code(0x0003) - permissions violation
CPU: 0 PID: 0 Comm:  Not tainted 6.4.0-rc6-syzkaller #0
PGD 11201067 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
P4D 11201067 
RIP: 0010:__lock_acquire+0x1d71/0x5f30 kernel/locking/lockdep.c:5066
PUD 11202067 
Code: d2 0f 85 c5 39 00 00 44 8b 35 b7 a0 0c 0c 45 85 f6 0f 85 13 f1 ff ff 48 c7 c6 80 d6 6b 89 48 c7 c7 a0 a5 6b 89 e8 bf 2c e8 ff <0f> 0b e9 fc f0 ff ff 48 c7 c2 00 34 cc 90 48 b8 00 00 00 00 00 fc
PMD 114f0063 
RSP: 0018:ffffc9000444fa50 EFLAGS: 00010086PTE 800000001826f161
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001

general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000001
KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
RBP: ffff888017f41dc0 R08: 0000000000000001 R09: ffff8880b9a289cb
CPU: 1 PID: 0 Comm:  Not tainted 6.4.0-rc6-syzkaller #0
R10: ffffed1017345139 R11: 284e4f5f4e524157 R12: 0000000000000000
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
R13: 0000000000000000 R14: 0000000000000000 R15: ffff888017f42888
RIP: 0010:page_fault_oops+0x215/0x800 arch/x86/mm/fault.c:699
FS:  00007f3e93f93380(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 fb 04 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 7f 20 4c 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 cf 04 00 00 49 81 3f 9d 6e ac 57 0f 85 85 00 00
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
RSP: 0018:ffffc9000449f908 EFLAGS: 00010046
CR2: 00007f3e9406b897 CR3: 000000007cdad000 CR4: 00000000003506f0

RAX: dffffc0000000000 RBX: 1ffff92000893f25 RCX: 0000000000000001
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff888017f0d960
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
RBP: ffffc9000449fa68 R08: 0000000000000001 R09: ffff8880b9b289cb
Call Trace:
----------------
Code disassembly (best guess), 3 bytes skipped:
   0:	df 48 89             	fisttps -0x77(%rax)
   3:	fa                   	cli
   4:	48 c1 ea 03          	shr    $0x3,%rdx
   8:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   c:	0f 85 fb 04 00 00    	jne    0x50d
  12:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  19:	fc ff df
  1c:	4d 8b 7f 20          	mov    0x20(%r15),%r15
  20:	4c 89 fa             	mov    %r15,%rdx
  23:	48 c1 ea 03          	shr    $0x3,%rdx
* 27:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1) <-- trapping instruction
  2b:	0f 85 cf 04 00 00    	jne    0x500
  31:	49 81 3f 9d 6e ac 57 	cmpq   $0x57ac6e9d,(%r15)
  38:	0f                   	.byte 0xf
  39:	85                   	.byte 0x85
  3a:	85 00                	test   %eax,(%rax)