BUG: TASK stack guard page was hit at ffffc9000b767fb8 (stack is ffffc9000b768000..ffffc9000b770000)
Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 1 UID: 0 PID: 324 Comm: syz.3.4 Not tainted syzkaller #0 e03fbc6124da4a57803765f8722a1660bebc163f
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
RIP: 0010:update_stack_state+0xf4/0x4b0 arch/x86/kernel/unwind_frame.c:-1
Code: 84 c0 0f 85 89 03 00 00 41 c6 06 01 b8 a8 00 00 00 49 89 d7 eb 05 b8 10 00 00 00 4c 8d 73 08 48 8d 4b 10 4c 89 7d b0 4c 01 f8 <48> 89 85 78 ff ff ff 48 8d 53 18 48 8d 43 28 48 8d 73 20 48 89 b5
RSP: 0018:ffffc9000b767fc0 EFLAGS: 00010282
RAX: ffffc9000b768220 RBX: ffffc9000b768188 RCX: ffffc9000b768198
RDX: ffffc9000b768210 RSI: ffffc9000b768210 RDI: ffffc9000b7681e0
RBP: ffffc9000b768080 R08: ffffc9000b768101 R09: 0000000000000000
R10: ffffc9000b768188 R11: fffff520016ed03d R12: 0000000000000000
R13: dffffc0000000000 R14: ffffc9000b768190 R15: ffffc9000b768210
FS:  00007fb3ddfb56c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc9000b767fb8 CR3: 000000010f3da000 CR4: 00000000003526b0
Call Trace:
 <TASK>
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:update_stack_state+0xf4/0x4b0 arch/x86/kernel/unwind_frame.c:-1
Code: 84 c0 0f 85 89 03 00 00 41 c6 06 01 b8 a8 00 00 00 49 89 d7 eb 05 b8 10 00 00 00 4c 8d 73 08 48 8d 4b 10 4c 89 7d b0 4c 01 f8 <48> 89 85 78 ff ff ff 48 8d 53 18 48 8d 43 28 48 8d 73 20 48 89 b5
RSP: 0018:ffffc9000b767fc0 EFLAGS: 00010282
RAX: ffffc9000b768220 RBX: ffffc9000b768188 RCX: ffffc9000b768198
RDX: ffffc9000b768210 RSI: ffffc9000b768210 RDI: ffffc9000b7681e0
RBP: ffffc9000b768080 R08: ffffc9000b768101 R09: 0000000000000000
R10: ffffc9000b768188 R11: fffff520016ed03d R12: 0000000000000000
R13: dffffc0000000000 R14: ffffc9000b768190 R15: ffffc9000b768210
FS:  00007fb3ddfb56c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc9000b767fb8 CR3: 000000010f3da000 CR4: 00000000003526b0
----------------
Code disassembly (best guess):
   0:	84 c0                	test   %al,%al
   2:	0f 85 89 03 00 00    	jne    0x391
   8:	41 c6 06 01          	movb   $0x1,(%r14)
   c:	b8 a8 00 00 00       	mov    $0xa8,%eax
  11:	49 89 d7             	mov    %rdx,%r15
  14:	eb 05                	jmp    0x1b
  16:	b8 10 00 00 00       	mov    $0x10,%eax
  1b:	4c 8d 73 08          	lea    0x8(%rbx),%r14
  1f:	48 8d 4b 10          	lea    0x10(%rbx),%rcx
  23:	4c 89 7d b0          	mov    %r15,-0x50(%rbp)
  27:	4c 01 f8             	add    %r15,%rax
* 2a:	48 89 85 78 ff ff ff 	mov    %rax,-0x88(%rbp) <-- trapping instruction
  31:	48 8d 53 18          	lea    0x18(%rbx),%rdx
  35:	48 8d 43 28          	lea    0x28(%rbx),%rax
  39:	48 8d 73 20          	lea    0x20(%rbx),%rsi
  3d:	48                   	rex.W
  3e:	89                   	.byte 0x89
  3f:	b5                   	.byte 0xb5