------------[ cut here ]------------
kernel BUG at mm/memory.c:2218!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 3030 Comm: syz-executor931 Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : vmf_insert_pfn_prot+0x288/0x29c mm/memory.c:2218
lr : vmf_insert_pfn_prot+0x288/0x29c mm/memory.c:2218
sp : ffff80000fb6b860
x29: ffff80000fb6b870 x28: ffff0000c568cf80 x27: 0c00000000000001
x26: 0000000000000001 x25: 0000000010000400 x24: 0000000004040471
x23: 0000000000000420 x22: ffff0000cbf03898 x21: 0000000020000000
x20: 0060000000000fc3 x19: 00000000001047e7 x18: 00000000000000c0
x17: ffff80000dd0b198 x16: 0000000000000000 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000010000400 x12: ffff80000d465540
x11: ff80800008462320 x10: 0000000000000000 x9 : ffff800008462320
x8 : ffff0000c568cf80 x7 : ffff8000099c82b0 x6 : 0000000000000000
x5 : ffff80000e01a0a0 x4 : 0000000000000002 x3 : 0060000000000fc3
x2 : 00000000001047e7 x1 : 0000000000000420 x0 : 0000000000000420
Call trace:
 vmf_insert_pfn_prot+0x288/0x29c mm/memory.c:2218
 vmf_insert_pfn+0x38/0x4c mm/memory.c:2257
 drm_gem_shmem_fault+0xb4/0x100 drivers/gpu/drm/drm_gem_shmem_helper.c:562
 __do_fault+0x60/0x358 mm/memory.c:4173
 do_read_fault mm/memory.c:4518 [inline]
 do_fault+0x338/0x550 mm/memory.c:4647
 handle_pte_fault mm/memory.c:4911 [inline]
 __handle_mm_fault mm/memory.c:5053 [inline]
 handle_mm_fault+0x784/0xa40 mm/memory.c:5151
 __do_page_fault arch/arm64/mm/fault.c:502 [inline]
 do_page_fault+0x428/0x79c arch/arm64/mm/fault.c:602
 do_translation_fault+0x78/0x194 arch/arm64/mm/fault.c:685
 do_mem_abort+0x54/0x130 arch/arm64/mm/fault.c:821
 el1_abort+0x3c/0x5c arch/arm64/kernel/entry-common.c:366
 el1h_64_sync_handler+0x60/0xac arch/arm64/kernel/entry-common.c:426
 el1h_64_sync+0x64/0x68 arch/arm64/kernel/entry.S:576
 __arch_copy_from_user+0xa4/0x230 arch/arm64/lib/copy_template.S:94
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl fs/ioctl.c:856 [inline]
 __arm64_sys_ioctl+0xd0/0x140 fs/ioctl.c:856
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall arch/arm64/kernel/syscall.c:52 [inline]
 el0_svc_common+0x138/0x220 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x48/0x164 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x150 arch/arm64/kernel/entry-common.c:636
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:654
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
Code: d4210000 97f8f640 d4210000 97f8f63e (d4210000) 
---[ end trace 0000000000000000 ]---