------------[ cut here ]------------
WARNING: CPU: 1 PID: 7296 at mm/gup.c:229 __ll_sc_atomic_add arch/arm64/include/asm/atomic_ll_sc.h:95 [inline]
WARNING: CPU: 1 PID: 7296 at mm/gup.c:229 arch_atomic_add arch/arm64/include/asm/atomic.h:28 [inline]
WARNING: CPU: 1 PID: 7296 at mm/gup.c:229 raw_atomic_add include/linux/atomic/atomic-arch-fallback.h:537 [inline]
WARNING: CPU: 1 PID: 7296 at mm/gup.c:229 raw_atomic_inc include/linux/atomic/atomic-arch-fallback.h:985 [inline]
WARNING: CPU: 1 PID: 7296 at mm/gup.c:229 atomic_inc include/linux/atomic/atomic-instrumented.h:436 [inline]
WARNING: CPU: 1 PID: 7296 at mm/gup.c:229 page_ref_inc include/linux/page_ref.h:158 [inline]
WARNING: CPU: 1 PID: 7296 at mm/gup.c:229 folio_ref_inc include/linux/page_ref.h:165 [inline]
WARNING: CPU: 1 PID: 7296 at mm/gup.c:229 try_grab_page+0x194/0x2dc mm/gup.c:236
Modules linked in:
CPU: 1 PID: 7296 Comm: syz-executor.1 Not tainted 6.5.0-rc5-syzkaller-00063-g374a7f47bf40 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : try_grab_page+0x194/0x2dc mm/gup.c:229
lr : instrument_atomic_read include/linux/instrumented.h:68 [inline]
lr : atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline]
lr : page_ref_count include/linux/page_ref.h:67 [inline]
lr : folio_ref_count include/linux/page_ref.h:89 [inline]
lr : try_grab_page+0x54/0x2dc mm/gup.c:229
sp : ffff80008a626e50
x29: ffff80008a626e50 x28: fffffc00001f3580 x27: 0000000000047cd6
x26: 0120000047cd6fc3 x25: 1fffe00001f24202 x24: fffffc00001f3588
x23: 1ffff000114c4de0 x22: fffffc00001f35b4 x21: 0000000000290000
x20: fffffc00001f3580 x19: fffffc00001f3580 x18: ffff000011ab5da0
x17: 0000000000000000 x16: 0000000000000002 x15: 1fffe00002356bb3
x14: 00000000000001e3 x13: 1fffe00002356bb0 x12: ffff7f800003e6b7
x11: 1fffff800003e6b6 x10: ffff7f800003e6b6 x9 : dfff800000000000
x8 : 0000807ffffc194a x7 : fffffc00001f35b7 x6 : 0000000000000001
x5 : fffffc00001f35b4 x4 : ffff7f800003e6b7 x3 : ffff80008073d71c
x2 : 1fffff800003e6b6 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 __ll_sc_atomic_add arch/arm64/include/asm/atomic_ll_sc.h:95 [inline]
 arch_atomic_add arch/arm64/include/asm/atomic.h:28 [inline]
 raw_atomic_add include/linux/atomic/atomic-arch-fallback.h:537 [inline]
 raw_atomic_inc include/linux/atomic/atomic-arch-fallback.h:985 [inline]
 atomic_inc include/linux/atomic/atomic-instrumented.h:436 [inline]
 page_ref_inc include/linux/page_ref.h:158 [inline]
 folio_ref_inc include/linux/page_ref.h:165 [inline]
 try_grab_page+0x194/0x2dc mm/gup.c:236
 follow_page_pte+0x140/0xbf4 mm/gup.c:651
 follow_pmd_mask mm/gup.c:734 [inline]
 follow_pud_mask mm/gup.c:765 [inline]
 follow_p4d_mask mm/gup.c:782 [inline]
 follow_page_mask+0x468/0x89c mm/gup.c:839
 __get_user_pages+0x2c0/0x598 mm/gup.c:1256
 __get_user_pages_locked mm/gup.c:1487 [inline]
 __gup_longterm_locked+0x1a8/0x1784 mm/gup.c:2181
 internal_get_user_pages_fast+0xdb4/0x1938 mm/gup.c:3179
 pin_user_pages_fast+0xb0/0xf4 mm/gup.c:3285
 iov_iter_extract_user_pages lib/iov_iter.c:1768 [inline]
 iov_iter_extract_pages+0x1d0/0xdac lib/iov_iter.c:1831
 extract_user_to_sg lib/scatterlist.c:1123 [inline]
 extract_iter_to_sg lib/scatterlist.c:1349 [inline]
 extract_iter_to_sg+0x60c/0x134c lib/scatterlist.c:1339
 hash_sendmsg+0x23c/0xf78 crypto/algif_hash.c:119
 sock_sendmsg_nosec net/socket.c:725 [inline]
 sock_sendmsg+0xc8/0x168 net/socket.c:748
 ____sys_sendmsg+0x550/0x6e0 net/socket.c:2494
 ___sys_sendmsg+0x11c/0x19c net/socket.c:2548
 __sys_sendmsg+0xe0/0x174 net/socket.c:2577
 __do_sys_sendmsg net/socket.c:2586 [inline]
 __se_sys_sendmsg net/socket.c:2584 [inline]
 __arm64_sys_sendmsg+0x70/0xa0 net/socket.c:2584
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x6c/0x258 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0xc4/0x244 arch/arm64/kernel/syscall.c:139
 do_el0_svc+0x50/0x11c arch/arm64/kernel/syscall.c:188
 el0_svc+0x4c/0x134 arch/arm64/kernel/entry-common.c:647
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:665
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591
irq event stamp: 598
hardirqs last  enabled at (597): [<ffff80008074a68c>] count_memcg_events include/linux/memcontrol.h:1076 [inline]
hardirqs last  enabled at (597): [<ffff80008074a68c>] count_memcg_event_mm.part.0+0x1c4/0x1d8 include/linux/memcontrol.h:1108
hardirqs last disabled at (598): [<ffff800084c03f04>] el1_dbg+0x24/0x9c arch/arm64/kernel/entry-common.c:407
softirqs last  enabled at (558): [<ffff800080011028>] softirq_handle_end kernel/softirq.c:399 [inline]
softirqs last  enabled at (558): [<ffff800080011028>] __do_softirq+0x888/0xe1c kernel/softirq.c:582
softirqs last disabled at (505): [<ffff80008001961c>] ____do_softirq+0x10/0x1c arch/arm64/kernel/irq.c:80
---[ end trace 0000000000000000 ]---