------------[ cut here ]------------
WARNING: CPU: 0 PID: 30552 at mm/memory.c:1520 zap_pmd_range mm/memory.c:1578 [inline]
WARNING: CPU: 0 PID: 30552 at mm/memory.c:1520 zap_pud_range mm/memory.c:1611 [inline]
WARNING: CPU: 0 PID: 30552 at mm/memory.c:1520 zap_p4d_range mm/memory.c:1632 [inline]
WARNING: CPU: 0 PID: 30552 at mm/memory.c:1520 unmap_page_range+0xfb4/0x1a7c mm/memory.c:1653
Modules linked in:
CPU: 0 PID: 30552 Comm: syz-executor.1 Not tainted 6.7.0-rc4-syzkaller #0
Hardware name: linux,dummy-virt (DT)
pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : zap_pte_range mm/memory.c:1520 [inline]
pc : zap_pmd_range mm/memory.c:1582 [inline]
pc : zap_pud_range mm/memory.c:1611 [inline]
pc : zap_p4d_range mm/memory.c:1632 [inline]
pc : unmap_page_range+0xfb4/0x1a7c mm/memory.c:1653
lr : __tlb_remove_page include/asm-generic/tlb.h:471 [inline]
lr : zap_pte_range mm/memory.c:1469 [inline]
lr : zap_pmd_range mm/memory.c:1582 [inline]
lr : zap_pud_range mm/memory.c:1611 [inline]
lr : zap_p4d_range mm/memory.c:1632 [inline]
lr : unmap_page_range+0x998/0x1a7c mm/memory.c:1653
sp : ffff80008c5c7400
x29: ffff80008c5c7400 x28: 00000000200ab000 x27: ffff80008c5c76e0
x26: 0000000000000004 x25: ffff80008c5c7860 x24: 00000000200aa000
x23: ffff000013b36550 x22: dfff800000000000 x21: 0000000000000000
x20: 1fffe00002766caa x19: 0000000020200000 x18: ffff0000136cdd98
x17: ffff7fffe43ad000 x16: 0000000000000002 x15: 1fffe000026d9bb2
x14: 1fffe000026d9bc6 x13: 1fffe000026d9baf x12: ffff7f80001800d7
x11: 1fffff80001800d6 x10: ffff7f80001800d6 x9 : dfff800000000000
x8 : 1fffff80001800d1 x7 : 0000000000000000 x6 : 0000000000000001
x5 : fffffc0000c006b0 x4 : ffff7f80001800d7 x3 : 00000000000001f8
x2 : 7c00000000000001 x1 : 0000000000000007 x0 : 000000000000001f
Call trace:
 zap_pmd_range mm/memory.c:1578 [inline]
 zap_pud_range mm/memory.c:1611 [inline]
 zap_p4d_range mm/memory.c:1632 [inline]
 unmap_page_range+0xfb4/0x1a7c mm/memory.c:1653
 unmap_single_vma.constprop.0+0xb4/0x188 mm/memory.c:1699
 unmap_vmas+0x194/0x308 mm/memory.c:1743
 exit_mmap+0x12c/0x91c mm/mmap.c:3308
 __mmput+0xa8/0x3a0 kernel/fork.c:1349
 mmput+0x88/0x98 kernel/fork.c:1371
 exit_mm kernel/exit.c:567 [inline]
 do_exit+0x6ac/0x1f64 kernel/exit.c:858
 do_group_exit+0xa4/0x208 kernel/exit.c:1021
 get_signal+0x19a0/0x1ae4 kernel/signal.c:2904
 do_signal arch/arm64/kernel/signal.c:1249 [inline]
 do_notify_resume+0x26c/0x3208 arch/arm64/kernel/signal.c:1302
 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline]
 el0_svc_compat+0x118/0x13c arch/arm64/kernel/entry-common.c:819
 el0t_32_sync_handler+0x98/0x13c arch/arm64/kernel/entry-common.c:828
 el0t_32_sync+0x194/0x198 arch/arm64/kernel/entry.S:600
irq event stamp: 350
hardirqs last  enabled at (349): [<ffff8000814ae91c>] percpu_counter_add_batch+0x228/0x2a4 lib/percpu_counter.c:102
hardirqs last disabled at (350): [<ffff800084d29ef0>] el1_dbg+0x24/0x9c arch/arm64/kernel/entry-common.c:436
softirqs last  enabled at (300): [<ffff80008001d258>] fpsimd_restore_current_state+0x38/0xdc arch/arm64/kernel/fpsimd.c:1741
softirqs last disabled at (298): [<ffff80008001a9ac>] get_cpu_fpsimd_context+0x0/0xa0 arch/arm64/kernel/fpsimd.c:1889
---[ end trace 0000000000000000 ]---