------------[ cut here ]------------
WARNING: CPU: 0 PID: 27540 at mm/memory.c:1520 zap_pte_range mm/memory.c:1524 [inline]
WARNING: CPU: 0 PID: 27540 at mm/memory.c:1520 zap_pmd_range mm/memory.c:1582 [inline]
WARNING: CPU: 0 PID: 27540 at mm/memory.c:1520 zap_pud_range mm/memory.c:1611 [inline]
WARNING: CPU: 0 PID: 27540 at mm/memory.c:1520 zap_p4d_range mm/memory.c:1632 [inline]
WARNING: CPU: 0 PID: 27540 at mm/memory.c:1520 unmap_page_range+0x7f0/0xae8 mm/memory.c:1653
Modules linked in:
CPU: 0 PID: 27540 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller-00039-g9ace34a8e446 #0
Hardware name: linux,dummy-virt (DT)
pstate: 21400009 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : zap_pte_range mm/memory.c:1520 [inline]
pc : zap_pmd_range mm/memory.c:1582 [inline]
pc : zap_pud_range mm/memory.c:1611 [inline]
pc : zap_p4d_range mm/memory.c:1632 [inline]
pc : unmap_page_range+0x7f0/0xae8 mm/memory.c:1653
lr : __tlb_remove_page include/asm-generic/tlb.h:471 [inline]
lr : zap_pte_range mm/memory.c:1469 [inline]
lr : zap_pmd_range mm/memory.c:1582 [inline]
lr : zap_pud_range mm/memory.c:1611 [inline]
lr : zap_p4d_range mm/memory.c:1632 [inline]
lr : unmap_page_range+0x5b8/0xae8 mm/memory.c:1653
sp : ffff80008817b8d0
x29: ffff80008817b8d0 x28: ffff80008817ba40 x27: 0000000020200000
x26: f7ff00003c8e3780 x25: 0000000020001000 x24: f5ff0000034faf40
x23: ffff000029669008 x22: ffff80008817bb18 x21: 0000000020002000
x20: 00000000000001f8 x19: ffff80008817b9b8 x18: ffff80008817bad8
x17: 0000000000000000 x16: ffff800081d6f910 x15: 0000ffffa62edfff
x14: 000000000000000a x13: 1effe00000aa94e1 x12: ffff80008817bad8
x11: 0000000000000001 x10: f7ff00000554a70c x9 : 0000000060000000
x8 : fffffc00006fd340 x7 : 00a800005bf4df43 x6 : ffff80008817b810
x5 : 0000000000000088 x4 : ffffffffffffffff x3 : 0000000000000002
x2 : 7c00000000000001 x1 : 0000000000000007 x0 : 000000000000001f
Call trace:
 zap_pte_range mm/memory.c:1524 [inline]
 zap_pmd_range mm/memory.c:1582 [inline]
 zap_pud_range mm/memory.c:1611 [inline]
 zap_p4d_range mm/memory.c:1632 [inline]
 unmap_page_range+0x7f0/0xae8 mm/memory.c:1653
 unmap_single_vma.constprop.0+0x4c/0x84 mm/memory.c:1699
 unmap_vmas+0x7c/0x160 mm/memory.c:1743
 exit_mmap+0xc0/0x258 mm/mmap.c:3308
 __mmput+0x3c/0x170 kernel/fork.c:1349
 mmput+0x50/0x5c kernel/fork.c:1371
 exit_mm kernel/exit.c:567 [inline]
 do_exit+0x288/0x960 kernel/exit.c:858
 do_group_exit+0x34/0x90 kernel/exit.c:1021
 get_signal+0x884/0x894 kernel/signal.c:2904
 do_signal arch/arm64/kernel/signal.c:1249 [inline]
 do_notify_resume+0x328/0x1474 arch/arm64/kernel/signal.c:1302
 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline]
 el0_svc+0xd4/0xd8 arch/arm64/kernel/entry-common.c:679
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:696
 el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:595
---[ end trace 0000000000000000 ]---