------------[ cut here ]------------
WARNING: CPU: 1 PID: 10730 at mm/page_table_check.c:207 page_table_check_pte_flags mm/page_table_check.c:207 [inline]
WARNING: CPU: 1 PID: 10730 at mm/page_table_check.c:207 __page_table_check_ptes_set+0x2fa/0x3e0 mm/page_table_check.c:220
Modules linked in:
CPU: 1 UID: 0 PID: 10730 Comm: syz.2.1551 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:page_table_check_pte_flags mm/page_table_check.c:207 [inline]
RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 mm/page_table_check.c:220
Code: e9 91 fe ff ff e8 46 48 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 65 43 97 ff 48 85 ed 0f 84 85 00 00 00 e8 27 48 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 19 48 97 ff eb 69 cc cc cc e8 0f 48 97
RSP: 0018:ffffc90004abfa28 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff888049451000 RCX: ffffffff81f3ddfb
RDX: ffff888029ba2440 RSI: ffffffff81f3de09 RDI: 0000000000000007
RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001
R13: ffff8880259a0980 R14: 0000000000000001 R15: 1ffff92000957f47
FS:  0000000000000000(0000) GS:ffff88802c100000(0063) knlGS:00000000567eb440
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: 00000000200002c0 CR3: 000000001df5c000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 page_table_check_ptes_set include/linux/page_table_check.h:74 [inline]
 set_ptes.constprop.0+0x193/0x1d0 include/linux/pgtable.h:267
 do_swap_page+0x1214/0x3dc0 mm/memory.c:4357
 handle_pte_fault mm/memory.c:5525 [inline]
 __handle_mm_fault+0x146b/0x5360 mm/memory.c:5665
 handle_mm_fault+0x44e/0x7b0 mm/memory.c:5833
 do_user_addr_fault+0x7a3/0x13f0 arch/x86/mm/fault.c:1389
 handle_page_fault arch/x86/mm/fault.c:1481 [inline]
 exc_page_fault+0x5c/0xc0 arch/x86/mm/fault.c:1539
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0023:0xf729f7d6
Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
RSP: 002b:00000000ff90d758 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 00000000f742bff4 RCX: 0000000000000002
RDX: 0000000000000008 RSI: 00000000f6d60384 RDI: 00000000200002c0
RBP: 00000000ff90d9e8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
----------------
Code disassembly (best guess):
   0:	03 76 37             	add    0x37(%rsi),%esi
   3:	f7 c6 03 00 00 00    	test   $0x3,%esi
   9:	74 16                	je     0x21
   b:	a4                   	movsb  %ds:(%rsi),%es:(%rdi)
   c:	49 f7 c6 03 00 00 00 	test   $0x3,%r14
  13:	74 0c                	je     0x21
  15:	a4                   	movsb  %ds:(%rsi),%es:(%rdi)
  16:	49 f7 c6 03 00 00 00 	test   $0x3,%r14
  1d:	74 02                	je     0x21
  1f:	a4                   	movsb  %ds:(%rsi),%es:(%rdi)
  20:	49 50                	rex.WB push %r8
  22:	89 c8                	mov    %ecx,%eax
  24:	c1 e9 02             	shr    $0x2,%ecx
  27:	83 e0 03             	and    $0x3,%eax
* 2a:	f3 a5                	rep movsl %ds:(%rsi),%es:(%rdi) <-- trapping instruction
  2c:	89 c1                	mov    %eax,%ecx
  2e:	f3 a4                	rep movsb %ds:(%rsi),%es:(%rdi)
  30:	58                   	pop    %rax
  31:	89 c7                	mov    %eax,%edi
  33:	89 d6                	mov    %edx,%esi
  35:	8b 44 24 04          	mov    0x4(%rsp),%eax
  39:	c3                   	ret
  3a:	d1 e9                	shr    %ecx
  3c:	73 01                	jae    0x3f
  3e:	a4                   	movsb  %ds:(%rsi),%es:(%rdi)
  3f:	d1                   	.byte 0xd1