------------[ cut here ]------------
WARNING: CPU: 1 PID: 31825 at mm/page_table_check.c:191 page_table_check_pte_flags mm/page_table_check.c:191 [inline]
WARNING: CPU: 1 PID: 31825 at mm/page_table_check.c:191 __page_table_check_ptes_set+0x13e/0x2f0 mm/page_table_check.c:204
Modules linked in:
CPU: 1 UID: 0 PID: 31825 Comm: syz.4.7647 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:page_table_check_pte_flags mm/page_table_check.c:191 [inline]
RIP: 0010:__page_table_check_ptes_set+0x13e/0x2f0 mm/page_table_check.c:204
Code: b8 00 00 00 00 00 00 00 70 49 39 c7 74 21 48 b8 00 00 00 00 00 00 00 6c 49 39 c7 75 1d e8 9a 1c 8f ff eb 10 e8 93 1c 8f ff 90 <0f> 0b 90 eb 10 e8 88 1c 8f ff 90 0f 0b 90 eb 05 e8 7d 1c 8f ff 31
RSP: 0000:ffffc90004757990 EFLAGS: 00010283
RAX: ffffffff8230e71d RBX: 0000000043507c67 RCX: 0000000000080000
RDX: ffffc9000e0c1000 RSI: 0000000000004153 RDI: 0000000000004154
RBP: 0000000000000001 R08: ffffea00010d41c7 R09: 1ffffd400021a838
R10: dffffc0000000000 R11: fffff9400021a839 R12: 0000000000000002
R13: 0000000043507c67 R14: ffff888066fd0ff0 R15: ffff888024250a00
FS:  0000000000000000(0000) GS:ffff888126239000(0063) knlGS:00000000f548db40
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: 0000000080ffe000 CR3: 000000001cacc000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 page_table_check_ptes_set include/linux/page_table_check.h:76 [inline]
 set_ptes include/linux/pgtable.h:292 [inline]
 do_swap_page+0x5248/0x5b20 mm/memory.c:4971
 handle_pte_fault mm/memory.c:6198 [inline]
 __handle_mm_fault+0xe55/0x5400 mm/memory.c:6336
 handle_mm_fault+0x40a/0x8e0 mm/memory.c:6505
 do_user_addr_fault+0xa7c/0x1380 arch/x86/mm/fault.c:1336
 handle_page_fault arch/x86/mm/fault.c:1476 [inline]
 exc_page_fault+0x82/0x100 arch/x86/mm/fault.c:1532
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:618
RIP: 0023:0xf70bf1f0
Code: 50 6a 00 e8 c2 10 14 00 8b 5c 24 2c 8b 4c 24 28 83 c4 20 8b 55 40 89 03 03 11 85 f6 74 18 31 c0 8d b4 26 00 00 00 00 8d 76 00 <89> 02 83 c0 01 83 c2 04 39 c6 75 f4 83 c4 1c 89 f8 5b 5e 5f 5d c3
RSP: 002b:00000000f548d540 EFLAGS: 00010202
RAX: 0000000000000800 RBX: 0000000080000240 RCX: 00000000800002c0
RDX: 0000000080ffdfff RSI: 0000000000000efe RDI: 0000000000000006
RBP: 0000000080000140 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
----------------
Code disassembly (best guess):
   0:	50                   	push   %rax
   1:	6a 00                	push   $0x0
   3:	e8 c2 10 14 00       	call   0x1410ca
   8:	8b 5c 24 2c          	mov    0x2c(%rsp),%ebx
   c:	8b 4c 24 28          	mov    0x28(%rsp),%ecx
  10:	83 c4 20             	add    $0x20,%esp
  13:	8b 55 40             	mov    0x40(%rbp),%edx
  16:	89 03                	mov    %eax,(%rbx)
  18:	03 11                	add    (%rcx),%edx
  1a:	85 f6                	test   %esi,%esi
  1c:	74 18                	je     0x36
  1e:	31 c0                	xor    %eax,%eax
  20:	8d b4 26 00 00 00 00 	lea    0x0(%rsi,%riz,1),%esi
  27:	8d 76 00             	lea    0x0(%rsi),%esi
* 2a:	89 02                	mov    %eax,(%rdx) <-- trapping instruction
  2c:	83 c0 01             	add    $0x1,%eax
  2f:	83 c2 04             	add    $0x4,%edx
  32:	39 c6                	cmp    %eax,%esi
  34:	75 f4                	jne    0x2a
  36:	83 c4 1c             	add    $0x1c,%esp
  39:	89 f8                	mov    %edi,%eax
  3b:	5b                   	pop    %rbx
  3c:	5e                   	pop    %rsi
  3d:	5f                   	pop    %rdi
  3e:	5d                   	pop    %rbp
  3f:	c3                   	ret